Topic: [ANN][Pool][Profit-Switch][Optional Auto-Exchange per Coin][Vardiff] ~ Hashcows - page 95. (Read 347329 times)
December 26, 2013, 01:42:51 PM
yeah i didnt know because i have the coin balances page favorated and its only on the homepage
December 26, 2013, 01:42:39 PM
This thread is starting to sound like this:
1. The color is red.
2. Official Admin Post - Yeah the color is red. We're looking into it after Xmas.
3. Hey, did anyone know the color is red?
4. Just wanted to check here, did anyone notice the color is red.
5. I hate that the color is red.
6. Does anyone know what color it is?
7. *Bangs Head on table* - don't you all read, the color is red dammit!!!
8. Hey, I read every post and couldn't find the answer... Is the color red?
...snip...
10003029. Read my blog post: " the color red vs the color blue, a retrospective"
10003030. You know what, I think... Yes.. It seems the color is red.
10003031. Can someone tell me if the color is red or not?
1. The color is red.
2. Official Admin Post - Yeah the color is red. We're looking into it after Xmas.
3. Hey, did anyone know the color is red?
4. Just wanted to check here, did anyone notice the color is red.
5. I hate that the color is red.
6. Does anyone know what color it is?
7. *Bangs Head on table* - don't you all read, the color is red dammit!!!
8. Hey, I read every post and couldn't find the answer... Is the color red?
...snip...
10003029. Read my blog post: " the color red vs the color blue, a retrospective"
10003030. You know what, I think... Yes.. It seems the color is red.
10003031. Can someone tell me if the color is red or not?
December 26, 2013, 01:35:55 PM
Well just an FYI i am still loged in on my Ipad (not on computer) and can check my account balances/etc and shocker they didn't mess with my account address or payout , but i always have payout set at .001.. and i don't mine here anymore.. guess that helped a bit too 
But i do hope you guys come back up.. competition is always a good thing.
Icon
But i do hope you guys come back up.. competition is always a good thing.
Icon
December 26, 2013, 01:35:10 PM
My guess is SQL injection via unsanitized inputs... I'd imagine if you can get unfettered access to the database that's all you need to accomplish what they did.
December 26, 2013, 01:33:04 PM
is anyones manual payouts working? it says it ques them and they just never send.
Um.... Seriously? There have been pages upon pages upon pages saying the site is on lockdown due to the hack and stolen balances... There's a big message on the Hashcow's site as well. I think you need to do some reading.
Maybe this will stem the tide of people asking the same questions again and again without taking the time to read even one post before they post. But I doubt it....
December 26, 2013, 01:11:33 PM
is anyones manual payouts working? it says it ques them and they just never send.
December 26, 2013, 12:44:13 PM
There should be a nice red bolded announcement on website saying that login is temporarily disabled, so we can get rid of this users spamming forum with "omg, I can´t login".
I thinks it's a lot less "Omg I can't log in" vs "Omg why can't I have access to my account to even see what happened". That is truly annoying since some of you obviously still can. I hope the admins fix this soon now that X -mas is over, because I know if there was a major breach like this at my own business X - mas wouldn't matter, my clients finances are very important so I would have spent Xmas at the office fixing this as a business I can't spend even a day down losing my clients trust.
The only way I would disagree with this is if the admins were doing this as a hobby that doesn't pay much. If this is their business and main source of income, the way they have responded thus far makes me wonder if this was an inside job.
Instead of "we'll get around to it in the next few days" they should have already answered questions of whether miners should continue mining, whether they will eat the loss since it was someone's fault and it sure as hell wasn't the miners, and wth is going on with passwords and addresses.
December 26, 2013, 12:39:00 PM
I've got 14 CPU cores hashing away in their spare time... Not going to cry over a lost $8. 
But if the servers are actually rooted, how can we guarantee that the site is truly 'locked down'? Depending on how much access they have, can't they just take it out of read-only mode and drain more accounts?
But if the servers are actually rooted, how can we guarantee that the site is truly 'locked down'? Depending on how much access they have, can't they just take it out of read-only mode and drain more accounts?
December 26, 2013, 12:33:58 PM
Question for the devs:
Are you guys aware that you have had session issues this entire time? Just wondering. I get logged out but still see a live hash rate.
Are you guys aware that you have had session issues this entire time? Just wondering. I get logged out but still see a live hash rate.
Yip! The same for me!
Yea I've always wondered about this. Assuming it wasn't an inside job, it could have been the entry for the exploit.
December 26, 2013, 12:23:18 PM
Question for the devs:
Are you guys aware that you have had session issues this entire time? Just wondering. I get logged out but still see a live hash rate.
Are you guys aware that you have had session issues this entire time? Just wondering. I get logged out but still see a live hash rate.
Yip! The same for me!
December 26, 2013, 11:07:05 AM
There should be a nice red bolded announcement on website saying that login is temporarily disabled, so we can get rid of this users spamming forum with "omg, I can´t login".
I thinks it's a lot less "Omg I can't log in" vs "Omg why can't I have access to my account to even see what happened". That is truly annoying since some of you obviously still can. I hope the admins fix this soon now that X -mas is over, because I know if there was a major breach like this at my own business X - mas wouldn't matter, my clients finances are very important so I would have spent Xmas at the office fixing this as a business I can't spend even a day down losing my clients trust.
December 26, 2013, 11:02:40 AM
Am I the only one that wants to login and see if I have any coins left, but gets:
Account match found.
Followed by:
Database Failure - Unable to change password
It seems that the new random password gets sent to my email, but it doesn't change it in the database, therefore I cant use my old password and I cant set the new password to login and see if any coins are left.
Wondering if I should continue mining, not knowing what is happening in my account as far as earnings :/
Account match found.
Followed by:
Database Failure - Unable to change password
It seems that the new random password gets sent to my email, but it doesn't change it in the database, therefore I cant use my old password and I cant set the new password to login and see if any coins are left.
Wondering if I should continue mining, not knowing what is happening in my account as far as earnings :/
That's kind if where I'm at. I have and want to continue mining here through these issues as nearmiss has been a great guy but I can't even log in to see "if" I lost something. I never leave much BTC here for just this kind of incident but being locked out is kind of annoying since I can't even see if my headless miners are still mining correctly.
December 26, 2013, 08:49:53 AM
There should be a nice red bolded announcement on website saying that login is temporarily disabled, so we can get rid of this users spamming forum with "omg, I can´t login".
December 26, 2013, 07:54:19 AM
Question for the devs:
Are you guys aware that you have had session issues this entire time? Just wondering. I get logged out but still see a live hash rate.
Are you guys aware that you have had session issues this entire time? Just wondering. I get logged out but still see a live hash rate.
December 26, 2013, 07:52:21 AM
Am I the only one that wants to login and see if I have any coins left, but gets:
Account match found.
Followed by:
Database Failure - Unable to change password
It seems that the new random password gets sent to my email, but it doesn't change it in the database, therefore I cant use my old password and I cant set the new password to login and see if any coins are left.
Wondering if I should continue mining, not knowing what is happening in my account as far as earnings :/
Account match found.
Followed by:
Database Failure - Unable to change password
It seems that the new random password gets sent to my email, but it doesn't change it in the database, therefore I cant use my old password and I cant set the new password to login and see if any coins are left.
Wondering if I should continue mining, not knowing what is happening in my account as far as earnings :/
Do you guys even read?
December 26, 2013, 07:18:52 AM
I have a similar situation to some others in the Hashcows community, that is, I was logged in when the hack occurred, so I can now still see the various pages on the site and I can see quite clearly that the hacker has managed to change my bitcoin address and has managed to withdraw the total balance in my account.
I'm happy to keep mining and support the pool as the admin guys work through this difficult situation.
Good luck with the fix and please make sure to take your time, enjoy the Christmas holidays, take time with your families and don't worry, it will all be fine in the next couple of weeks.
I'm happy to keep mining and support the pool as the admin guys work through this difficult situation.
Good luck with the fix and please make sure to take your time, enjoy the Christmas holidays, take time with your families and don't worry, it will all be fine in the next couple of weeks.
December 26, 2013, 06:52:52 AM
Am I the only one that wants to login and see if I have any coins left, but gets:
Account match found.
Followed by:
Database Failure - Unable to change password
It seems that the new random password gets sent to my email, but it doesn't change it in the database, therefore I cant use my old password and I cant set the new password to login and see if any coins are left.
Wondering if I should continue mining, not knowing what is happening in my account as far as earnings :/
Account match found.
Followed by:
Database Failure - Unable to change password
It seems that the new random password gets sent to my email, but it doesn't change it in the database, therefore I cant use my old password and I cant set the new password to login and see if any coins are left.
Wondering if I should continue mining, not knowing what is happening in my account as far as earnings :/
December 26, 2013, 06:22:12 AM
BTC 101 Trust no one, assume nothing
BTC 102 You are responsible for your financial affairs
BTC 102 You are responsible for your financial affairs
December 26, 2013, 06:09:44 AM
Report from the Mineshaft - The Cost Of Success (Middlecoin and Hashcows)
http://www.devtome.com/doku.php?id=report_from_the_mineshaft-the_cost_of_success
http://www.devtome.com/doku.php?id=report_from_the_mineshaft-the_cost_of_success
Let me get this straight. According to this opinion piece, ANY balance above a daily payout treshold (whatever that might be) is "fair game" to hackers and we have no right to complain about it being stolen or demand reimbursement?
Well I don't agree. Hypotethically, you could have been mining on Cows for just one day (e.g. the 23rd of December) and just before your automatic daily payout occurs on the 24th, the site is hacked and you lose everything. Hypothetically. Are you still not allowed to complain? How could you have prevented any of this? Manual payouts every hour? WTF do you draw the line??
Well, loosing one day of mining is not so big deal at all, unless You have 1THS
The whole point is that to say anything like that is quite arbitrary and no one's business really. In principle, even losing 0.001BTC to the hack is not the miner's fault, so why should I not demand a compensation?
December 26, 2013, 06:02:16 AM
Report from the Mineshaft - The Cost Of Success (Middlecoin and Hashcows)
http://www.devtome.com/doku.php?id=report_from_the_mineshaft-the_cost_of_success
http://www.devtome.com/doku.php?id=report_from_the_mineshaft-the_cost_of_success
Let me get this straight. According to this opinion piece, ANY balance above a daily payout treshold (whatever that might be) is "fair game" to hackers and we have no right to complain about it being stolen or demand reimbursement?
Well I don't agree. Hypotethically, you could have been mining on Cows for just one day (e.g. the 23rd of December) and just before your automatic daily payout occurs on the 24th, the site is hacked and you lose everything. Hypothetically. Are you still not allowed to complain? How could you have prevented any of this? Manual payouts every hour? WTF do you draw the line??
Well, loosing one day of mining is not so big deal at all, unless You have 1THS
Jump to: