Author

Topic: are all severs displayed at the electrum software are safe and trusted? (Read 189 times)

legendary
Activity: 3472
Merit: 10611
Its great that the devs were smart enough to cause a DDOS and cause the clients to fail to connect.

the "devs" never performed any DDoS!
the Electrum servers did something which wasn't DDoS, it was an old bug that existed in older  clients which was found recently and it could be used to crash the network instance of Electrum clients. that was used to force upgrade.
legendary
Activity: 3808
Merit: 1723
The reason why most people got tricked is because the message was displayed inside the trusted Electrum software. This would be like an update popping up on your iPhone saying there is a mandatory updated needed to continue making phone calls, 99% would click and perform the upgrade. It was an elaborate attack and more people would of been tricked if it wasn't for the warnings posted all over this forum, Reddit and other forms of medium.

Its great that the devs were smart enough to cause a DDOS and cause the clients to fail to connect. Most people would come to the forum and read about the attack. So far the thieves have stolen over $3 million dollars with this phishing attack and sent the BTC over to Bitfinex and Binance, hopefully the exchanges will freeze the funds.
HCP
legendary
Activity: 2086
Merit: 4363
But the possibility of phishing is eliminated with latest 3.3.4 version
This is true.


Quote
and as OmegaStarScream say it is quite safe to say that all servers are safe for use.
This depends on your definition of "safe"... While the phishing possibility has been removed in the latest version of the client software, the servers can still do undesirable things (tracking IPs, tracking addresses/transactions, blocking outbound transactions, returning erroneous transaction data etc).


Quote
What is true in your statement that any bad server can not make any damage without users thoughtless actions.
Again, depends on your definition of "damage"... A bad server could be tracking your IP, your addresses and all your transactions... Building up a profile etc.

So, while none of these things may cause a direct loss of coins (as opposed to theft of seed mnemonics or private keys or  transactions manipulation etc like a bad client can)... It's still annoying and frustrating and has the potential to leak personal info... Which can "damage" your privacy.

But yes... Your "coins" should be safe, regardless of what server you end up connected to, as long as you don't install any bad clients!
legendary
Activity: 2730
Merit: 7065
Snip
The problem is that when users see these messages in Electrum they don't consider them to be fake or malicious. That is because other software we use on our computers display messages and pop-ups informing us there is a new update available. But when it comes to our finances we should be much more cautious and not trust everything we see and read. Unfortunately people only start doing that after they have some bad experience.   
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
~snip~
But the possibility of phishing is eliminated with latest 3.3.4 version, and as OmegaStarScream say it is quite safe to say that all servers are safe for use. What is true in your statement that any bad server can not make any damage without users thoughtless actions. Bad servers are only part of the problem, biggest problems are in users who do not understand how things work. We can see that even after months of explanations some users still ask questions which should already be completely clear to everyone.
sr. member
Activity: 1192
Merit: 260
Tryig to survive in this harsh world
are this servers displayed here are trusted and safe? without phising shit? http://prntscr.com/nefzcr

No, not at all as anyone can setup an Electrum server and inject any code he wants in it, that's how the recent attacks happened, of course they required some action from the users like clicking on a link to download a fake version of Electrum, but still the servers are the starting point of the attacks.
jr. member
Activity: 66
Merit: 2
you didnt answer my question directly. So is the servers (ALL) are safe to use now?

As long as you're using the latest version of Electrum (3.3.4), you shouldn't be exposed to any kind of error messages sent by the server, and that would make the servers safe, yes.

thanks bro.
staff
Activity: 3500
Merit: 6152
you didnt answer my question directly. So is the servers (ALL) are safe to use now?

As long as you're using the latest version of Electrum (3.3.4), you shouldn't be exposed to any kind of error messages sent by the server, and that would make the servers safe, yes.
jr. member
Activity: 66
Merit: 2
The servers are not run by the devs, they are run by the community. There was an exploit where server owners could make you see an error message where they ask you to download an update which should be fixed now. Regardless, you should always double check the website you're downloading the wallet from. (Electrum.org).

you didnt answer my question directly. So is the servers (ALL) are safe to use now?
staff
Activity: 3500
Merit: 6152
The servers are not run by the devs, they are run by the community. There was an exploit where server owners could make you see an error message where they ask you to download an update which should be fixed now. Regardless, you should always double check the website you're downloading the wallet from. (Electrum.org).
jr. member
Activity: 66
Merit: 2
are this servers displayed here are trusted and safe? without phising shit? http://prntscr.com/nefzcr
Jump to: