Bitcoin Forum
November 10, 2024, 06:56:05 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Warning: One or more bitcointalk.org users have reported that they strongly believe that the creator of this topic is a scammer. (Login to see the detailed trust ratings.) While the bitcointalk.org administration does not verify such claims, you should proceed with extreme caution.
Pages: [1]
  Print  
Author Topic: CampBX a scam or just incompetent?  (Read 2742 times)
misterbigg (OP)
Legendary
*
Offline Offline

Activity: 1064
Merit: 1001



View Profile
August 03, 2012, 02:49:49 PM
Last edit: August 03, 2012, 03:07:29 PM by misterbigg
 #1

For a company that tries to position itself as a "Trusted Bitcoin Platform", I find these facts disturbing:

- Anyone can reset anyone else's password by knowing their user name

- The "change password" form only has one field for "New Password" instead of two, allowing for user error.
kiba
Legendary
*
Offline Offline

Activity: 980
Merit: 1020


View Profile
August 03, 2012, 02:54:36 PM
 #2

You shouldn't call it a scam based on merely bad security practice.

BadBear
v2.0
Legendary
*
Offline Offline

Activity: 1652
Merit: 1128



View Profile WWW
August 03, 2012, 02:55:26 PM
 #3

That doesn't make it a scam...

1Kz25jm6pjNTaz8bFezEYUeBYfEtpjuKRG | PGP: B5797C4F

Tired of annoying signature ads? Ad block for signatures
URSAY
Legendary
*
Offline Offline

Activity: 1974
Merit: 1010



View Profile
August 03, 2012, 02:57:08 PM
 #4

EVERYONE IS A SCAM.   Undecided

 Cry
John (John K.)
Global Troll-buster and
Legendary
*
Offline Offline

Activity: 1288
Merit: 1227


Away on an extended break


View Profile
August 03, 2012, 02:58:09 PM
 #5

For a company that tries to position itself as a "Trusted Bitcoin Platform", I find these facts disturbing:

- Anyone can reset anyone else's password by knowing their user name

- The "change password" form only has one field for "New Password" instead of two, allowing for user error.


Uh, I think rewording 'scam' to sloppy would be better in this case.
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1010


View Profile
August 03, 2012, 05:50:35 PM
 #6

For a company that tries to position itself as a "Trusted Bitcoin Platform", I find these facts disturbing:

- Anyone can reset anyone else's password by knowing their user name

- The "change password" form only has one field for "New Password" instead of two, allowing for user error.


They have two-factor authentication (using SMS text messaging).

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


finkleshnorts
Sr. Member
****
Offline Offline

Activity: 336
Merit: 250



View Profile
August 03, 2012, 05:52:50 PM
 #7

For a company that tries to position itself as a "Trusted Bitcoin Platform", I find these facts disturbing:

- Anyone can reset anyone else's password by knowing their user name

- The "change password" form only has one field for "New Password" instead of two, allowing for user error.


Uh, I think rewording 'scam' to sloppy would be better in this case.

CampBX is a sloppy?
John (John K.)
Global Troll-buster and
Legendary
*
Offline Offline

Activity: 1288
Merit: 1227


Away on an extended break


View Profile
August 04, 2012, 02:09:40 AM
 #8

For a company that tries to position itself as a "Trusted Bitcoin Platform", I find these facts disturbing:

- Anyone can reset anyone else's password by knowing their user name

- The "change password" form only has one field for "New Password" instead of two, allowing for user error.


Uh, I think rewording 'scam' to sloppy would be better in this case.

CampBX is a sloppy?

Oops, forgot about the a. Make it rewording 'a scam' to 'sloppy' instead.  Wink
Littleshop
Legendary
*
Offline Offline

Activity: 1386
Merit: 1004



View Profile WWW
August 06, 2012, 02:42:37 AM
 #9

For a company that tries to position itself as a "Trusted Bitcoin Platform", I find these facts disturbing:

- Anyone can reset anyone else's password by knowing their user name

- The "change password" form only has one field for "New Password" instead of two, allowing for user error.


They have two-factor authentication (using SMS text messaging).


I asked for this, they said it is not available currently though soon it should be.  Does anyone have this working?

Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1010


View Profile
August 06, 2012, 10:35:01 PM
 #10

I asked for this, they said it is not available currently though soon it should be.  Does anyone have this working?

Are you outside the U.S.?

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


URSAY
Legendary
*
Offline Offline

Activity: 1974
Merit: 1010



View Profile
August 06, 2012, 10:49:33 PM
 #11

I've used Camp BX a few times.  It was quick and easy.  Thanks Camp BX!   Smiley
smoothie
Legendary
*
Offline Offline

Activity: 2492
Merit: 1474


LEALANA Bitcoin Grim Reaper


View Profile
August 07, 2012, 02:56:36 AM
 #12

For a company that tries to position itself as a "Trusted Bitcoin Platform", I find these facts disturbing:

- Anyone can reset anyone else's password by knowing their user name

- The "change password" form only has one field for "New Password" instead of two, allowing for user error.


Really? So not only do you have to keep your password super secret you have to keep your username super extra mega secret?

Wow...just .... wow...

These guys were on "the bitcoin show" ....

No wonder...

 Cheesy

███████████████████████████████████████

            ,╓p@@███████@╗╖,           
        ,p████████████████████N,       
      d█████████████████████████b     
    d██████████████████████████████æ   
  ,████²█████████████████████████████, 
 ,█████  ╙████████████████████╨  █████y
 ██████    `████████████████`    ██████
║██████       Ñ███████████`      ███████
███████         ╩██████Ñ         ███████
███████    ▐▄     ²██╩     a▌    ███████
╢██████    ▐▓█▄          ▄█▓▌    ███████
 ██████    ▐▓▓▓▓▌,     ▄█▓▓▓▌    ██████─
           ▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌          
           ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌          
    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─  
     ²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩    
        ▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀       
           ²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀`          
                   ²²²                 
███████████████████████████████████████

. ★☆ WWW.LEALANA.COM        My PGP fingerprint is A764D833.                  History of Monero development Visualization ★☆ .
LEALANA BITCOIN GRIM REAPER SILVER COINS.
 
Keyur @ Camp BX
Sr. Member
****
Offline Offline

Activity: 299
Merit: 250



View Profile WWW
August 07, 2012, 07:23:15 PM
 #13

For a company that tries to position itself as a "Trusted Bitcoin Platform", I find these facts disturbing:

- Anyone can reset anyone else's password by knowing their user name

- The "change password" form only has one field for "New Password" instead of two, allowing for user error.


Hi Bigg,

I would like to clarify that this was never a security risk as the password goes to the original registered email address, and not displayed on screen.  Worst case scenario is that someone with too much time on their hands can annoy you with repeat password resets.

Point noted though - we are reworking the PW reset code to be annoyance-proof and will deploy the update shortly.

- Keyur

Please stay tuned to our news and announcements feeds at:
Twitter: https://twitter.com/CampBX
Facebook: https://facebook.com/CampBX
misterbigg (OP)
Legendary
*
Offline Offline

Activity: 1064
Merit: 1001



View Profile
August 19, 2012, 12:16:21 AM
 #14

I would like to clarify that this was never a security risk as the password goes to the original registered email address, and not displayed on screen.

The fact is that a programmer implemented the password reset incorrectly. Whoever was writing the code should have known better - this points to a management problem. It's a rookie mistake.

If a visible rookie mistake like this is possible at CampBX, who knows what other invisible mistakes were made?

URSAY
Legendary
*
Offline Offline

Activity: 1974
Merit: 1010



View Profile
August 22, 2012, 02:19:59 PM
 #15

I've been waiting for 48 hours on a support response of any kind.  How long do they usually take?
URSAY
Legendary
*
Offline Offline

Activity: 1974
Merit: 1010



View Profile
August 22, 2012, 06:23:52 PM
 #16

Just heard back from Camp BX.  Issue resolved.  Another win for Camp BX.  Thanks!   Wink
mikeh53
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
January 30, 2014, 08:52:27 AM
 #17

Dont know waht would you guys call this as.. 'Scam' or 'Just Incompetent' or 'Something Else'

CampBX scam mail going around again


Here's the text

    "Hello,

    We are making a maintenance on our servers due to a technical problem for the next 24 hours. So, as you can see CampBX.com is already offline, you will have to logging in on the following link:

    http://www.campbx.com.co/

    It is recommended that you activate your double authenticator before logging in. We are sorry for the inconvenience and doing our best to resolve this problem.

    If you have any questions, please contact us at https://CampBX.com/contact.php or refer to the FAQ page at https://CampBX.com/faq.php for >more information.

    Thank you, CampBX Team"

Obvious scam is obvious.

http://newsbitcoin.com/?p=34696

http://www.bitcoinregime.com/2014/01/24/campbx-scam-mail-going-around-again/
em23black
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
March 10, 2014, 02:21:17 AM
 #18

CampBX is an Indian Scam, not an American Site
http://www.bitcoinfeed.net/news/campbx-is-an-indian-scam-not-an-american-site
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!