[4+ EH] Slush Pool (slushpool.com); Overt AsicBoost; World First Mining Pool - page 819.

p0rkbelly

newbie

Activity: 8

Merit: 0

Quote from: phelix on April 24, 2013, 10:03:02 AM

Quote from: nybbler905 on April 24, 2013, 01:43:31 AM

Quote from: phelix on April 24, 2013, 01:26:36 AM

Quote from: slush on April 23, 2013, 08:33:55 PM

Quote from: gbx on April 23, 2013, 08:24:28 PM

What about the user database? Was it compromised? I'd hate to see bitcoins sent to the wrong address.

I have a database snapshot taken before bad guys overtook the database. So there's no reason to think payout addresses have been modified. Any change of wallet on pool profile requires email confirmation by account owner so I think we're on safe side here.

Unfortunately the user database can be considered as compromised, so the attacker knows user's emails :-(.

How were the passwords hashed?

never answer that!!!

let me rephrase: were the passwords securely hashed?

And salted?

Not to preach to you, but this is a perfect example why everyone should use unique passwords on every website.

I personally use 20+ character randomly generated passwords thanks to LastPass. Makes secure password management so easy.

phelix

legendary

Activity: 1708

Merit: 1020

Quote from: nybbler905 on April 24, 2013, 01:43:31 AM

Quote from: phelix on April 24, 2013, 01:26:36 AM

Quote from: slush on April 23, 2013, 08:33:55 PM

Quote from: gbx on April 23, 2013, 08:24:28 PM

What about the user database? Was it compromised? I'd hate to see bitcoins sent to the wrong address.

I have a database snapshot taken before bad guys overtook the database. So there's no reason to think payout addresses have been modified. Any change of wallet on pool profile requires email confirmation by account owner so I think we're on safe side here.

Unfortunately the user database can be considered as compromised, so the attacker knows user's emails :-(.

How were the passwords hashed?

never answer that!!!

let me rephrase: were the passwords securely hashed?

wigsgiw

newbie

Activity: 18

Merit: 0

Quote from: joolzg on April 24, 2013, 09:24:51 AM

Slush, is mining on the pool working as there has been no block in over 4 hours, so its either a git block, or something amisss

Sounds like you may still be mining for the old server. Blocks are being found regularly for me here, and the slowdown you're seeing will be because most have switched over the the new.

Check that stratum.bitcoin.cz resolves to 54.214.x.x for you, and then restart your mining processes and you should be up and running on the new

Lucko

hero member

Activity: 826

Merit: 1000

Quote from: digital on April 24, 2013, 09:38:00 AM

I'm sure you can understand, he doesn't want any payouts happening until we are all confident they will be correct. That benefits us all.

Totally understand but I have a ebay action that is happening now and it ends in litel more them 3 hours and I will pay in bitcoins... That is a problem... I only have 0,2 bitcoins in wallet and estimated 0,8 coin on pool... You can see my problem...

mikesheadroom

member

Activity: 72

Merit: 10

Quote from: joolzg on April 24, 2013, 09:24:51 AM

there has been no block in over 4 hours

Slush just found a block.

jerethdaminer

member

Activity: 84

Merit: 10

slush is a good pool manager and thanks to whoever reminded me about nslook up it resolves to a 54.0210.10.xxx address thats right inst it

digital

hero member

Activity: 490

Merit: 500

Slush has said that the database is down. Only the mining back end is working.

Which means we are all still working to find blocks. But the rewards are currently not being calculated. And he can't make any payouts until the database is back up. Once the database is back up, he will calculate all the blocks that have been found since the attack and everyone will get credited what they are owed.

Then when that's done and he's sure everything is in good working order, he will re-enable payouts.

I'm sure you can understand, he doesn't want any payouts happening until we are all confident they will be correct. That benefits us all.

SkyNet

member

Activity: 80

Merit: 10

I am expecting a payout as well.
Does it actually work or do we need to wait for the website to come back up?

joolzg

member

Activity: 76

Merit: 10

Slush, is mining on the pool working as there has been no block in over 4 hours, so its either a git block, or something amisss

joolz
ps. any timescale for coming online?

p0rkbelly

newbie

Activity: 8

Merit: 0

I was expecting my first payout about (was just waiting for the last final confirmations to finish up) the time the servers were taken down.

Does the website need to be back up for that to happen?

limit

member

Activity: 87

Merit: 10

Quote from: beenjammin on April 24, 2013, 09:13:46 AM

THANK YOU Slush from a 4 day old miner noob. Your handling off this recent server attack shows me that I chose the correct pool. And for my fellow miners ... I too miss the account and statistics pages. I am a big fan of those. Keep on rocking Slush.

+1

beenjammin

newbie

Activity: 13

Merit: 0

THANK YOU Slush from a 4 day old miner noob. Your handling off this recent server attack shows me that I chose the correct pool. And for my fellow miners ... I too miss the account and statistics pages. I am a big fan of those. Keep on rocking Slush.

ntgrac

newbie

Activity: 14

Merit: 0

Quote from: claxdog on April 24, 2013, 08:54:37 AM

I am like a cat in a room full of rocking chairs.I need my stats page.lol. good job keeping us mining slush.

You are not alone :-D

Thanks to slush too.

claxdog

newbie

Activity: 21

Merit: 0

I am like a cat in a room full of rocking chairs.I need my stats page.lol. good job keeping us mining slush.

Kruncha

sr. member

Activity: 644

Merit: 250

Quote from: Camello_AR on April 24, 2013, 08:24:20 AM

Quote from: soundasleep on April 24, 2013, 08:04:17 AM

Quote from: melvster on April 24, 2013, 04:53:01 AM

2. Passwords are generally low entropy. If you've used your mining pw elsewhere change it now.

I use a securely generated random password for every slave and every pool. Even if the passwords aren't hashed there's no way any attacker can get into any other pool account.

Is not necesary to have a high secure worker pass. Even when pass is so simple (but diferent as other passwords you use in your life) the only use that it has is mine. Then, if somebody knows your worker/pass combination, the only can do is mine for you

I have simply workname/passwords combinations, but not related to other pass used, to get easy remembers when setup diferents workers

That is true.

OFF TOPIC: You speak better English than some English people I know, certainly better than I speak Spanish (I lived there for 5 years)

K.

hugheser

newbie

Activity: 8

Merit: 0

I cant function without an account page to refresh every 5 minutes. I might just chalk today up as a personal day.

gbx

full member

Activity: 226

Merit: 100

Quote from: jerethdaminer on April 24, 2013, 08:43:01 AM

how do you check address resolution in gui miner?

In Windows > Start > Run (or Windows Key + R)

Type CMD and hit Enter

type NSLOOKUP

enter in the name you want to resolve.

jerethdaminer

member

Activity: 84

Merit: 10

how do you check address resolution in gui miner?

Camello_AR

newbie

Activity: 43

Merit: 0

Quote from: soundasleep on April 24, 2013, 08:04:17 AM

Quote from: melvster on April 24, 2013, 04:53:01 AM

2. Passwords are generally low entropy. If you've used your mining pw elsewhere change it now.

I use a securely generated random password for every slave and every pool. Even if the passwords aren't hashed there's no way any attacker can get into any other pool account.

Is not necesary to have a high secure worker pass. Even when pass is so simple (but diferent as other passwords you use in your life) the only use that it has is mine. Then, if somebody knows your worker/pass combination, the only can do is mine for you

I have simply workname/passwords combinations, but not related to other pass used, to get easy remembers when setup diferents workers

Lucko

hero member

Activity: 826

Merit: 1000

Any estimation on complition? I need to take out some bitcoins at 20:00 (UTC +1)

Topic: [4+ EH] Slush Pool (slushpool.com); Overt AsicBoost; World First Mining Pool - page 819. (Read 4382671 times)