Topic: [ANN] MangoCoinz Official ANN Thread - Mine cryptocurrencies on you smart phone - page 60. (Read 164585 times)

What is preventing you on doing it exactly? nothing. But this is no different from these mining rigs. People who have money will invest more for a bigger return on the long term. It has always been this way and i don't see why would it change now the concept is the same multiple miners/multiple devices exactly the same.

doesnt matter if its completely legit. allowing a user to utilize multiple phones like this is blatently allowing him to abuse the system
there ultimately needs to be a limitation as to how many devices a single user can use with mangocoinz else it becomes unfair to the community as you are allowing this user to profit in mass as well as change the probability for other users to profit aka contributing to change in difficulty, etc

you are basically saying i can run out and grab 200 used phones to install the app on and mass mine mcz to dump and profit which SHOULD NOT BE PERMITTED

what is the rest of the communities view on this
im willing to bet a majority of the community will agree with this

There is no botting there, we have pictures showing dozens of pshysical phones. We suspended that user at first, but then we had him take pictures, and those clearly showed us what was going on, and it was completely legit.

Hey everybody,

We've found the problem with syncing issue that occurred a couple of days before and now everything is patched.

Sending will still be disabled until we suspend all the usernames that tried to do shady things.
If we made a mistake with some usernames they can tell us and we will check them out and un suspend them if they're legit.

We're working hard on securing MangoCoinz to be as safe and friendly as possible.

Best regards, Srele from MangoCoinz.

First of all, I'm not srele or Srele It's the same account, because we handle usernames lower case. Once upon time we didn't, but that was months ago. Only transaction that was that high was 8500 to a user that bought those coins fair and square. Those coins were from our personal wallets for development fees. We needed the BTC to get on the exchange

How come we can't see that transaction anywhere?

you have two usernames

srele, and Srele with a capitol s, atleast according to the transaction logs provided by another user, and from monitoring your blockchain

transaction specifically shows Srele sending 8000 mcz to micto

as much as id like to think this is incorrect, this is coming from information that was pulled directly from your blockchain in the beginning, and directly from the transaction logs from the aforementioned account so i doubt its incorrect

That account has never even received 8000 coins in total during it's existence. We just checked at. And what is mine username, since you are so eager to point fingers.

This is untrue for situations such as beta testing. No real product has yet reached the market. And ToS can be added, removed, changed or anything else at any time.

you cant just throw out a tos after your service has been initiated because none of your existing users were given terms of service to abide by when first registering for your service, this is considered very bad practice and any rules put up after this point are not valid to users because they were allowed to register for your services and use them from the start without being given rules to follow, especially since this is a service from which monetary value is involved

as per the no coins from your fee account...
thats just the fee account
what about for example, the 8000 coins you sent to a user named micto, where did those come from, because theres no plausible way with the date on that transaction that you were able to mine/sync 8000 coins at that point in time, this is just one example

ok so you are admitting to allow an individual to bot your system by controlling mass acounts
can you explain to the community how this is fair to the rest of the users since you are obviously letting this single user pump and dump with no reprocussions

Hey blackwat3r,

feel free to take as many looks as you like We appreciate if you inform us of what you find.

OK. Since you are obviously new to this thread, first of all, we are NOT making any profit from MangoCoinz yet. No coins from our fee account has been sold anywhere. If you take your time and read all of the past 36 pages of this thread, you will see that we are honest folk here.

About the terms of service. We will have that in the future, as soon as the app gets remade for iPhones. Thanks for noticing that.

The 3 letter accounts. These are made and run by a certain individual that has a large number of phones, who's legitimacy we have confirmed numerous times. We have all the data that confirms that his syncs are all legit. We can't put that information public.

sent by sms would be highly unreliable especially for the users whom are using an old phone or a phone without service

another thing that comes to my mind which is very questionable
what is to say that the devs arent easily able to dump arbitrary amounts of mcz themselves to profit as well
once the greed factor sets in thats all it will take for them to easily abuse this to profit

[edit]
ive just taken a quick look at the app and i was suprised to find that there isnt even any method providing proof of work for mcz mined
so this system can be easily abused 100% to sync coins which users have not even done the work to mine
major fucking fail

[edit2]
apparently there isnt even a simple ToS for mangocoinz
so the devs have not even taken the time to set rules for users using this service
which leaves me to question their view on banning people using this service
as they have set no rules or guidelines there is nothing stating users cannot abuse their services in mass
which means that the devs banning users for doing something like this is not justified because they have not stated it is wrong to do so.

in order to enforce rules against users you firstly have to provide them rules to agree to which you have failed to do
so with this in mind you cant just make up rules as you go along and attempt to openly enforce them when you have not provided them to your users from the start

moreover when they begin trying to ban users, all its going to take is someone to file a complaint for abuse to digital ocean and show how they were banned for abuse from a service that doesnt even provide terms of service appropriately stating what rules to abide by and mcz will either have to find a new host or die
fail # i lost count

as fast as they pushed this out without even considering to provide a terms of service, and as much as they speak about reaching out to a specific market in the first post in their thread, i believe they are just trying to use this to make profits

i leave this as an open opportunity for them to discuss this with us and prove that wrong.
how about an answer in regards to this SvonioneFromMangoCoinz

heres a few more of the 3 letter accounts
Sync: sony amount 20.3924504 MCZ on 2015-02-12 17:24:46
Sync: net amount 21 MCZ on 2015-02-12 17:37:19
Sync: day amount 21 MCZ on 2015-02-12 17:28:50
Sync: sun amount 20.3158655 MCZ on 2015-02-12 17:22:00

its seems like a script or bot perhaps in android emulator?  set to continuously farm and automatically create new accounts.

What if after install or a reinstall of app the user needs to be issued a "key" which is generated by server using some crypto magic that involves the phone number/imei/deviceid and sent to them via sms before they are allowed to mine or sync.  The key cant be faked and once used is linked to their account permanent to prevent any attempt to reuse the key more then one account.  Wouldn't something like that prevent these types of exploits?  

Sync: tian amount 21 MCZ on 2015-02-12 16:49:32
Sync: xiao amount 21 MCZ on 2015-02-12 16:50:34
Sync: hong amount 20.9675358 MCZ on 2015-02-12 16:43:53
Sync: mtv amount 20.2209547 MCZ on 2015-02-12 16:35:09
Sync: google amount 20.2325336 MCZ on 2015-02-12 16:32:38
Sync: zhan amount 20.6961818 MCZ on 2015-02-12 16:28:45
Sync: dou amount 20.1261588 MCZ on 2015-02-12 16:25:41
Sync: chu amount 20.8044744 MCZ on 2015-02-12 16:25:05
Sync: cau amount 20.526383 MCZ on 2015-02-12 16:52:13
Sync: want amount 20.7362227 MCZ on 2015-02-12 16:53:03
Sync: hes amount 20.3776005 MCZ on 2015-02-12 16:54:18

this user is most definitely abusing the system
i have been monitoring the blockchain over the past few days
he always syncs these accounts within moments of each other
they always sync high amounts
most of these accounts send the mcz to the same two accounts when they do send
the devs have said this is just someone with a bunch of phones however
he is obviously abusing the system and something should be done about that
it is definitely unfair to all of the other users
if you ask me, i say he should be banned, and all the coins in his possesion currently should be added back to the system


[edit]
simple dirty mangocoin blockchain sync parser for those who would like to monitor this themselves

https://gist.github.com/anonymous/3a9dbd180bde3ce4735f

this must have been from the api's used prior to the 0.5.2 because i can vouch that the apiv2 did not accept requests with a lower version than 0.5.2, a majority of the fixes in that release were bugs and issues i reported to the developers privately, i havent bothered to look at any of this in about 2 weeks but with the permission of the devs ill gladly take a look again if they would like

In regards to the recent hack this is what I remember seeing posted from the DEV

Hey everybody,

We've just published MangoCoinz v0.5.2 and it will be available to update in a few hours.
This is a security update, and updating from v0.5.1 will not result in coin loss.

A short time after the update is available, it will be the only version able to interact with the system.

Best regards, Srele from MangoCoinz.

Notice that he says "A short time after the update is available, it will be the only version able to interact with the system."

Meaning that when I explained about how you could earn heaps of MangoCoinz on the older app versions and then when choosing to you can update to the latest version and sync it up with no limit or a very high sync limit for 1 day since those coins were earn't on different kinds of settings.

I was told this is not possible by the DEV yet he has said in the latest release "A short time after the update is available, it will be the only version able to interact with the system"

I think we have a bit of a hiccup here.

Which user and usernames are you reffering to?

how exactly would you go about banning those users...
you can ban their usernames but they can always register new usernames
you cant ban by ip because ips can be changed, proxied, or hidden behind a vpn
you can try to ban their imei's but imei's can be spoofed/faked eliminating your ability to do this
you would have to re-think your entire system to try to combat something such as this as you will not be able to stop them from re-registering and evading any attempt to ban them

the point is this system is fundamentally broken and its going to take alot of time and effort to fix it so that it is not easily abusable by any party willing to spend enough time to look into it

btw what about the user with all the 3 character accounts who seems to be botting the system somehow

We are really sorry for what happened, those users will be banned. We are all over it

Glad to hear you noticed and are on it  having bought MCZ last month at the higher price, and continuing to buy as it dropped it was a bit of shock to see the supply shoot up like that.