Topic: [Beta] myB.TC short names for Bitcoin (Read 5852 times)

This one has less features, but it's quick and free: http://payb.tc

Nothing under 4 letters is cheap while in Beta. 
Once again, it's a deterrent, during Beta.

As I mentioned earlier, I pre-registered over 10,000 for freebies.

5 BTC?

You've lost the plot and gone money mad bro.

Thanks for the feedback. 
I see that you are relatively new to the forums (user number 17000 or so). 

What you may have missed is that I gave away short name registrations to all registered forum users whose names conformed to my naming constraints.  I used the list of forum users which was about 11000 users at the time.

I put the .1 BTC obstacle in place purely as a deterrent to keep people from registering a few hundred shortnames each, and it has worked.  Trust me, there's a plan here, including many more features.  Making .1 BTC off of shortnames wouldn't be a very good living - it's just a deterrent.

I'll probably grab the next 10,000 forum users' names one of these days - I've been reluctant to do that, since the forums are so slow lately - they don't need me to slow them down any!

Looks like a pretty cool idea, I immediately signed up

After looking at other peoples myb.tc links I though the pages looked pretty horrible and your service seems to offer no customisation options.

Then when I realised you were looking for 0.10btc to register a shortname I closed the tab

Without more features this service is worthless to me. Features such as customisable myb.tc pages. This could be changing the colour scheme from the horrid default.

And also maybe a pay now button and features to invoice or request money from other myb.tc users.

at the minute it looks like the site took < 1 hour to implement and could be easily recreated by someone else.


You've got the right domain name, the right idea, the right style. Just keep updating the site and make it worth the 0.1btc

ps. I liked the pun on the front page

1. I use django's auth module, which uses salted hash passwords.  See https://docs.djangoproject.com/en/dev/topics/auth/

2. I have a plan for 2-factor id, but wasn't planning on integrating Last Pass or Yubikey (not in the current plan).  I was thinking more along the lines of allowing users to "lock" their page, and the only way to change it is to unlock it, and the only way to unlock it is through additional authentication.  The easiest implementation would be to email the user an "unlock key"  to the email address that I have on file, that's good for an hour.  Not exactly 2-factor authentication - more like double security with 1-factor - requiring the hacker to have to have guessed the password on my system, as well as hacking the user's email system.

There are several weaknesses in the security right now, but #1 above,  isn't one of them.  Basically, you need to trust:

-  me  (I can be lying, above.  I may actually store the passwords in plaintext and post them on a bulletin board in Times Square.  You just don't know.  Also, I can change your wallet ID at any time, regardless of how I store passwords; it's just a SQL database!)
-  the security of my system (if someone hacks my database, or physically hacks the system in person, no matter what measures I have in place for user security, all bets are off)
-  the security measures I put in place (such as my plan on #2)
-  A bunch of stuff between you and me - network / middle men.
-  Basic user security (do you have a good password, for instance.  I have few requirements here).


Right now, there are many potential attack vectors, and no system is perfect.  But if the system gets popular, you can bet I'll be adding additional layers.

Without providing a roadmap for hackers, I can tell you that it's not a perfect system now.  I'll be taking steps that I feel are appropriate based on the popularity of the service.  The ones that come to mind immediately are: 

-  SSL
-  Account Lock-out on too many bad passwords
-  "locking" mechanism mentioned above
-  notification of users when their page changes
-  random verification of pages from an external source (to monitor for unexpected changes)

---

There are a lot of people (including you) who put their Wallet ID in their signature of their posts.  These people are essentially trusting the forum managers, the forum software itself, the server that the software is running on, etc.  It seems a hacker can come in a change all those ID's to their own, and no one would notice.

I'm thinking that I need to manage security so that I stay at least a step ahead of forum signatures.  I am not aiming for "Bank level security" at this point.  I do know something about security, as I have consulted with fortune 500 companies on their system security, and have given numerous presentations and papers on system security, and even acted as an expert witness in a reasonably highly publicized court case regarding matters of security.  One paper that I co-authored is (last time I checked) a foot note in Wikipedia on a Security-related article (on phishing for passwords, of all things!)

So I hope you find this somewhat comforting.

I'm sure you're a trustworthy guy and I can see a bunch of posts from you, but I'm concerned about security (as you are). In a way, what you're doing needs the same security as banking sites. So...

1. Will you be storing passwords in clear or as salted hashes?

2. 2 factor id: Think you can get Last Pass or Yubikey working on your site?

I hope I don't come off as paranoid, but what you're doing *will* catch on, and if someone hacks you (silently) all those fractions of bitcoins from donations will become a pretty bitpenny :p for someone.

I fully intend to sign up as soon as you can convince my fluttering nerves that my (prolly non-existent) donations will safe, and prevent me from swooning.

I don't mean to hijack the thread, but I built a similar service, but much simpler. No signup needed, just pick a URL and enter your address.

http://forum.bitcoin.org/index.php?topic=11838.0

I claim http://myB.TC/wahbasah (code=66326)

I claim http://myB.TC/clipse (code=47990)

I saw a post for shortco.in (a great idea), and I just wanted to remind folks that myB.TC has short URLs for you to put your wallet ID in a public place.

All yours.  Good till at least 2013....  http://myb.tc/foo/

Thanks again!

OpenID login worked fine now. I created the username foo, please assign the short name.

Gravatar - great idea.
OpenID login 404:  I think I fixed just now.


I really appreciate the bug report.  Let me know if you want the short name "foo", and I'll hook you up with it.  (For now, I've disabled registering 3-letter short names, but it's the least I can do for your bug report and idea.)  Set up an account, and I'll assign you "฿foo" (if you want it)

Don't reinvent the wheel, just use http://gravatar.com/.

BTW, OpenID login doesn't work, I got "Page not found (404)"...

Thanks indeed.

Yeah, you just have to make sure that your "claim" appears on the page that you are submitting to the website.  My website only checks the one webpage that is submitted.

Hey bitboy, thanks for the donation.  Really appreciate it.
By the way you have a minor typo on your personal Bitcoin webpage:      ฿bitboy


"Here's my Bitcoin Address. Thank for visiting."     (You might want "Thank" to be "Thanks" or "Thank you")

I manually assigned it to you, Xenland.

The issue was that your claim needs to be YOUR first message on the webpage.  Technically, I'm doing a regular expression, looking for your name at the beginning of a post, and the verification code, and making sure that there are no other "beginning of posts" in that match.    I'm struggling to figure out a Regular Expression that works exactly right.  Unfortunately it was finding your first post, and then later on the page (but not in the same post), your verification code.  I'm still working to improve that.  Sorry!


The work around is to make sure that you pick a forum topic that you haven't posted on, and claim it there.

It worked for me. Since this discussion has expanded into two pages long now, it is probably worth trying to key in the "all" link at the bottom left pagination link on this page. So instead of:
http://forum.bitcoin.org/index.php?topic=11303.0
try:
http://forum.bitcoin.org/index.php?topic=11303.0;all

I claim http://myB.TC/bitboy (code=99086)