Bitcoin Forum>Economy>Marketplace>Service Announcements
Pages:
Author

Topic: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities - page 40. (Read 103052 times)

exxe
full member
Activity: 187
Merit: 100
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
December 31, 2012, 08:27:19 AM
#25
I have thought really long about the Master Key logic and also noticed that libertyreserve.com uses a similar thing.

The advantages of the current system are:
  • Every user is forced to use it when withdrawing. From my experience most people don't use 2FA if it's an opt-in.
  • It is easy to understand and you don't need (smart)phones, a Google Account or whatever.
  • You can login and trade on insecure systems without risking that someone can withdraw everything a few minutes later.
  • After 3 failed attempts to withdraw the account gets locked for one day and triggers an email notification.
  • Lost Master Keys can be resetted (but with a waiting period, email notifications and a big warning message when you log in).
  • An attacker cannot withdraw Bitcoins if he manages to steal a session.

Downsides are:
  • If an attacker has access to the email account, 1Broker account and the user does not log in during the waiting period the 2FA mechanism fails. (Could be solved by increasing the waiting period)
  • Lazy users may store their Master Key at insecure places.

The current system is not set in stone however. I'm always open for changes and ideas are welcome. IMHO it's currently more secure than an opt-in GAuth. (for the average user)

Stephen Gornick
legendary
Activity: 2506
Merit: 1010
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
December 31, 2012, 03:10:07 AM
#24
Regarding this "Master Key" business.

From Wikipedia:

Quote
Two-factor authentication (TFA, T-FA or 2FA) is an approach to authentication which requires the presentation of two or more of the three authentication factors: a knowledge factor ("something the user knows"), a possession factor ("something the user has"), and an inherence factor ("something the user is").
- http://en.wikipedia.org/wiki/Two-factor_authentication

A "Master Key" is simply an additional password.  Passwords are extremely vulnerable to a replay attack.

Please consider adding true 2FA such as OTP / Google Authenticator.

If you do add 2FA, please implement it properly -- i.e., always require the OTP for each and every withdrawal request.

A plea to exchanges ... lets do 2 factor right!
 - https://bitcointalksearch.org/topic/a-plea-to-exchanges-lets-do-2-factor-right-109424

Also, there mgiht be a better resolution than "oops, all your coins belong to us" in the case where the OTP is lost.   For instance, allowing me to specify an exit address would allow for withdrawal should something happen, like let's say my house burns down and both my phone and the backup copy of my OTP secret are lost.
 - http://en.bitcoin.it/wiki/Exit_Address
exxe
full member
Activity: 187
Merit: 100
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
December 21, 2012, 09:01:53 AM
#23
Quote from: rini17 on December 20, 2012, 07:05:55 PM
Someday you'll have to learn to do business with people who make you uncomfortable, too.
I disagree.

Quote from: rini17 on December 20, 2012, 07:05:55 PM
Plus, devoting few of these thousands hours to doing deeper research about other market players (so at least you'll know the correct gender of people involved) instead of relying on bitcointalk drama won't hurt.
Well, the creator of MPEX is called Miracea right  Huh (Miracea is a male name I guess). And MPOE-PR is another person? However, this is really offtopic now.

Thanks for your critisism anyway.

Edit: I got it know I guess. Added an excuse to MPOE-PR to the post above.
rini17
sr. member
Activity: 340
Merit: 250
GO http://bitcointa.lk !!! My new nick: jurov
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
December 20, 2012, 07:05:55 PM
#22
Quote from: exxe on December 20, 2012, 03:14:12 PM
Without wanting to offend someone but I think MPOE-PR is not the right guy for me. I often feel uncomfortable when I read his posts in this forum.
Someday you'll have to learn to do business with people who make you uncomfortable, too. Plus, devoting few of these thousands hours to doing deeper research about other market players (so at least you'll know the correct gender of people involved) instead of relying on bitcointalk drama won't hurt.
exxe
full member
Activity: 187
Merit: 100
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
December 20, 2012, 03:14:12 PM
#21
Without wanting to offend someone but I think MPOE-PR is not the right guy for me. I often feel uncomfortable when I read his posts in this forum.

Edit: Sorry for assuming that you are male, MPOE-PR.
rini17
sr. member
Activity: 340
Merit: 250
GO http://bitcointa.lk !!! My new nick: jurov
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
December 18, 2012, 07:35:05 PM
#20
MPEx seeks market makers for its new X.* futures, wouldn't you be up to the task? Just sayin'.
exxe
full member
Activity: 187
Merit: 100
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
December 18, 2012, 11:42:13 AM
#19
The platform received a huge update yesterday.
We added some new markets:
  • BTC/USD
  • 5 FX majors
  • Microsoft Corp.
  • Facebook Inc.
  • S&P 500

We've also updated the SSL certificate which is now much better and added more information to our "security" page: https://1broker.com/?c=about_security

PS: I want to thank all users who tried out this platform and especially those who gave feedback.
augustocroppo
vip
Activity: 756
Merit: 503
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
December 06, 2012, 12:48:20 AM
#18
Quote from: exxe on November 23, 2012, 10:57:32 AM
He isn't a random idiot (>450 posts and VIP status). He just didn't write the report as promised but that's ok.
My data isn't something that needs to be protected at all. Everyone who seems to be established in the community can have it.
The reason why I'm not publishing my identity to everyone right now is that there are some open legal questions (and I have not spoken with a lawyer yet)

I am sorry for the delay Exxe, I told you that could take weeks to finish the evaluation. I have been quite busy with personal and professional matters. Unpredictable events had occupied my free time.

Quote from: exxe on November 23, 2012, 10:57:32 AM
To your link: I enjoyed reading your text on but you can't apply all of this on 1Broker. Personally I've traded quite big amounts of Bitcoins during the last year(s). I have used many great services, but I have not used WOT one time. Although it works and it is a good thing for trading with individuals I don't think having a WOT account would help the average bitcoin user, who wants to know if 1Broker is safe to use.

-exxe

I agree with you. The most important part is show willingness to communicate and delivery what you promise. That is the most necessary requirement to your business be successful.

exxe
full member
Activity: 187
Merit: 100
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
November 28, 2012, 01:15:26 PM
#17
I really don't know why I should get ID verified on BTCJAM. Maybe I overlooked something but this does not help users which are not using BTCJAM.

a) Yes this is right. I mainly used web platforms/services. Yes, having no reputation is bad, but I can't change it.
b) Why is this a vague statement. (Yes bitcoin services)
c) As stated above the SSL certificate will be improved. The main reason why I'm using StartCom is to avoid "not-trusted certificate warnings". The primary goal is to encrypt the connection between the user and the web-server. However, a higher-class certificate is must-have for a service like this, I agree. If you doubt that I spent 1000h+ on this platform I doubt that you used it.

Thanks for the info with the StartCom TOS, I will add a better cert as soon as I can.

PS: I sent all my real-life data to theymos.
rini17
sr. member
Activity: 340
Merit: 250
GO http://bitcointa.lk !!! My new nick: jurov
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
November 27, 2012, 04:39:57 PM
#16
Quote from: exxe on November 23, 2012, 10:57:32 AM
He isn't a random idiot (>450 posts and VIP status). He just didn't write the report as promised but that's ok.
My data isn't something that needs to be protected at all. Everyone who seems to be established in the community can have it.
The reason why I'm not publishing my identity to everyone right now is that there are some open legal questions (and I have not spoken with a lawyer yet)

To your link: I enjoyed reading your text on but you can't apply all of this on 1Broker. Personally I've traded quite big amounts of Bitcoins during the last year(s). I have used many great services, but I have not used WOT one time. Although it works and it is a good thing for trading with individuals I don't think having a WOT account would help the average bitcoin user, who wants to know if 1Broker is safe to use.

-exxe
If you really had some exposure to wider bitcoin market like you assert, you'd have noticed that for example BTCJAM allows for identity verification. Or you would find some other way to support your bold, but vague statements that:

a) you traded big amounts of bitcoins (like, nobody you traded with is on WoT neither here? )
b) you have used many great (I presume bitcoin?) services
c) you invested 1000h+ on creating this platform (but couldn't buy better SSL certificate?)

It's true I don't have any better SSL cert on coinbr.com, but that site is clearly labeled as beta. BTW, I think you are violating StartSSL policy. I don't find this a big issue, but I was rejected by StartSSL because supposedly they won't issue free certs for financial services. So beware, you may have a problem when they find out.
exxe
full member
Activity: 187
Merit: 100
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
November 23, 2012, 10:57:32 AM
#15
He isn't a random idiot (>450 posts and VIP status). He just didn't write the report as promised but that's ok.
My data isn't something that needs to be protected at all. Everyone who seems to be established in the community can have it.
The reason why I'm not publishing my identity to everyone right now is that there are some open legal questions (and I have not spoken with a lawyer yet)

To your link: I enjoyed reading your text on but you can't apply all of this on 1Broker. Personally I've traded quite big amounts of Bitcoins during the last year(s). I have used many great services, but I have not used WOT one time. Although it works and it is a good thing for trading with individuals I don't think having a WOT account would help the average bitcoin user, who wants to know if 1Broker is safe to use.

-exxe
MPOE-PR
hero member
Activity: 756
Merit: 522
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
November 23, 2012, 09:16:16 AM
#14
Quote from: exxe on November 23, 2012, 07:42:16 AM
After I've sent all my data plus a photo of my ID to "augustocroppo" he doesn't respond to my mails and he didn't write a report to this forum as promised in a mail.
Is anyone else willing to confirm my identity? I would prefer well known members with good reputation.

-exxe

This is why you don't send your data to random idiots on some forum.

See here.
exxe
full member
Activity: 187
Merit: 100
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
November 23, 2012, 07:42:16 AM
#13
After I've sent all my data plus a photo of my ID to "augustocroppo" he doesn't respond to my mails and he didn't write a report to this forum as promised in a mail.
Is anyone else willing to confirm my identity? I would prefer well known members with good reputation.

-exxe
exxe
full member
Activity: 187
Merit: 100
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
November 10, 2012, 06:35:24 AM
#12
@augustocroppo, I sent all my data to your email address.
augustocroppo
vip
Activity: 756
Merit: 503
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
November 10, 2012, 01:32:17 AM
#11
Quote from: exxe on November 09, 2012, 09:07:50 PM
@augustocroppo: Domains By Proxy isn't that bad, but I understand your post. Once the legal status is resolved I'll add appropriate WHOIS records and a better SSL cert.

I fully understand the mistrust against 1Broker ... I would love to prove that I have good intentions with this project. Any suggestions? (except selling it to a "professional team")

Disclose all pertinent information regarding who you are, who have access to the Internet page (partners, employee, etc) and where all you are established. You must forward this information to myself in a private message. I will verify the consistency of the information and require more data if necessary. Once I conclude the information provided is legitimate, I will encrypt all private messages you sent to me with an private key and publish the encrypted message in this thread. Then the private key will be shared with Theymos, the administrator of this forum. In the event where it becomes necessary to disclose the information contained in the encrypted format, I or Theymos will disclose the private key to decode the encryption.
2112
legendary
Activity: 2128
Merit: 1073
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
November 09, 2012, 09:57:31 PM
#10
Quote from: exxe on November 09, 2012, 09:07:50 PM
I would love to prove that I have good intentions with this project. Any suggestions?
1) testnet coins version
2) any alt-coin version

With the amount of hate that alt-coins are getting on this forum some people will start trading the regular bitcoins on your site just to spite the alt-coiners.
exxe
full member
Activity: 187
Merit: 100
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
November 09, 2012, 09:07:50 PM
#9
@augustocroppo: Domains By Proxy isn't that bad, but I understand your post. Once the legal status is resolved I'll add appropriate WHOIS records and a better SSL cert.

I fully understand the mistrust against 1Broker ... I would love to prove that I have good intentions with this project. Any suggestions? (except selling it to a "professional team")
augustocroppo
vip
Activity: 756
Merit: 503
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
November 09, 2012, 07:28:52 PM
#8
http://www.ewhois.com/1broker.com/

Quote
Registered through: GoDaddy.com, LLC (http://www.godaddy.com)
   Domain Name: 1BROKER.COM
      Created on: 01-May-00
      Expires on: 01-May-13
      Last Updated on: 28-Aug-12

   Registrant:
   Domains By Proxy, LLC
   DomainsByProxy.com
   14747 N Northsight Blvd Suite 111, PMB 309
   Scottsdale, Arizona 85260
   United States

   Administrative Contact:
      Private, Registration  @domainsbyproxy.com
      Domains By Proxy, LLC
      DomainsByProxy.com
      14747 N Northsight Blvd Suite 111, PMB 309
      Scottsdale, Arizona 85260
      United States
      (480) 624-2599      Fax -- (480) 624-2598

   Technical Contact:
      Private, Registration  @domainsbyproxy.com
      Domains By Proxy, LLC
      DomainsByProxy.com
      14747 N Northsight Blvd Suite 111, PMB 309
      Scottsdale, Arizona 85260
      United States
      (480) 624-2599      Fax -- (480) 624-2598

   Domain servers in listed order:
      NS1.CLOUDNS.NET
      NS2.CLOUDNS.NET
      NS3.CLOUDNS.NET
      NS4.CLOUDNS.NET
exxe
full member
Activity: 187
Merit: 100
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
November 09, 2012, 06:29:48 PM
#7
@thatbluedude: You are right. This and other legal things will hopefully be resolved in the next weeks.
But as we have seen before, this doesn't protect users at all. Bitcoin7, a Bitcoin exchange, stole 700$ from my account in 2011 although it was a perfectly registered company.
... and everyone knows other examples of "professional" companies suddenly disappearing.

Nevertheless, I want this project to become legally as transparent and clean as possible in the future.

PS: Providing my full identity to trusted members is no problem.

-exxe
thatbluedude
full member
Activity: 196
Merit: 100
Re: [ANN] 1Broker.com - Trade forex, indices, stocks and commodities
November 09, 2012, 05:24:03 PM
#6
Visited site, shouldn't you have one of those?
http://de.wikipedia.org/wiki/Impressumspflicht#Recht_in_.C3.96sterreich
(afaik Austrian/German websites need to publish a site notice with names and stuff by law)
I don't think you will be successful with a stock exchange with doubtful legal status so soon after GLBSE shutdown. Please surprise me with some good explanation for the absence of personal information but things don’t look trust inducing so far.
Pages:
Bitcoin Forum>Economy>Marketplace>Service Announcements
Jump to: