Pages:
Author

Topic: bit.co.in address shortener (Read 2234 times)

legendary
Activity: 1498
Merit: 1000
April 06, 2013, 04:58:25 PM
#25
I didn't spend much time on this so far

That is not a good idea, cause this is a type of site should have a very highly security software, not a site you throw together in a day. I don't think you understand what type of site you are trying to write. I would advise everyone not to use this!
legendary
Activity: 1498
Merit: 1000
April 06, 2013, 03:59:07 PM
#23
It would be pretty neat if we had a convention to store short address mappings in the blockchain, that way it's totally distributed and transparent.

Build it, you could use something like namecoin to get you started, and you would probably put every shortener out of business.

Also bitcaddy, looks to not talk about the securely they use and plus they charge for custom. Clearly and I hate to do self promotion but http://qcl.me is the currently aside from firstbits, is the most secure and verifiable shortener on the internet. It has been tried to be hacked many times and all attackers haven't gain access to anything. The database can't be changed by me or a 3rd party, the only thing that could happen is the database could be deleted, the site is self checking before displaying any address, and it includes litecoins address. I don't see any completion that does anything remotely to what my site is doing. If they are they don't talk about it.


Oh, "firstbits" seems to solve this problem nicely, except for the transaction spam problem, and you can't use custom names. My idea would suffer the same problem, unless we used a separate block chain like namecoin, but I don't particularly like that idea. In that case it would make more sense to just use namecoin with a different namespace.

The developer recommend from doing it, and I have to agree, but yeah it is a good way, then a new blockchain would be good too cause you could make a web front end for that.
full member
Activity: 147
Merit: 100
April 29, 2014, 05:26:44 PM
#22
By the way, on bit.co.in you can now opt in to get your address stored in the Namecoin blockchain instead of our server.
full member
Activity: 147
Merit: 100
May 02, 2013, 04:07:21 AM
#21
We have now added a fraud detection feature which you can embed independently on your end with completely verifiable javascript. If the address is changed it'll alert you accordingly.

See here for an example:

http://bit.co.in/ej

Best,
Nima
full member
Activity: 147
Merit: 100
April 11, 2013, 06:12:46 PM
#20
Also I just wanted to let you know that now all shortnames are one way hashed and addresses encrypted with the shortname, so there's no way for anyone even if he got into it to replace other shortlink's currency addresses with his own.

Thanks for the feedback.
Cheers!
full member
Activity: 147
Merit: 100
April 06, 2013, 08:01:04 PM
#19
I guess your the owner Roll Eyes you could have just said so Wink Also can you explain the security you employ? Are the address encrypted so you can't change them?
We employ the most up to date Cross-site Scripting Prevention, Cross-site Request Forgery Prevention, and Cookie Attack Prevention (even though there is no login capability yet) techniques.

Furthermore the server is only accessible through non 80 ports from one single undisclosed location.

If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something?
And do you know anything about security, or are you just copy/pasting a lot of bull**** ?

http://bit.co.in/123451 <-- woops?



OK, I added the appropriate validation now. I'm very sorry for missing this obvious shortcoming and I appreciate you pointing it out.
full member
Activity: 147
Merit: 100
April 06, 2013, 04:48:01 PM
#18

Another flaw in the system, what if someone hacks your email without you knowing it and collects some pins waits and then changes the addresses...

I sell the site, without the software, this is not looking good for you plus your getting ran over in the business.

The good news is that the software can be changed. I didn't spend much time on this so far and was doing this mostly to gather this kind of feedback and hear these kinds of concerns which I appreciate.

I have lots of ideas on how to improve things.
tlr
member
Activity: 86
Merit: 10
April 06, 2013, 03:52:06 PM
#17
It would be pretty neat if we had a convention to store short address mappings in the blockchain, that way it's totally distributed and transparent.

Build it, you could use something like namecoin to get you started, and you would probably put every shortener out of business.

Also bitcaddy, looks to not talk about the securely they use and plus they charge for custom. Clearly and I hate to do self promotion but http://qcl.me is the currently aside from firstbits, is the most secure and verifiable shortener on the internet. It has been tried to be hacked many times and all attackers haven't gain access to anything. The database can't be changed by me or a 3rd party, the only thing that could happen is the database could be deleted, the site is self checking before displaying any address, and it includes litecoins address. I don't see any completion that does anything remotely to what my site is doing. If they are they don't talk about it.


Oh, "firstbits" seems to solve this problem nicely, except for the transaction spam problem, and you can't use custom names. My idea would suffer the same problem, unless we used a separate block chain like namecoin, but I don't particularly like that idea. In that case it would make more sense to just use namecoin with a different namespace.
full member
Activity: 147
Merit: 100
April 06, 2013, 03:32:01 PM
#16
What is the 4 digit pin number?
Is it to allow the owner of it to change the link to another address later? That would be a nice feature

Yes, but it has to happen by emailing us and we'll then do it for you upon verification.
tlr
member
Activity: 86
Merit: 10
April 06, 2013, 03:21:37 PM
#15
Also saw this today: http://bitcaddy.com/

It would be pretty neat if we had a convention to store short address mappings in the blockchain, that way it's totally distributed and transparent.
full member
Activity: 147
Merit: 100
April 06, 2013, 03:11:41 PM
#14
That is a basic security for a web site...

Yes, I agree. It was an oversight on my part for which I aplologize.
legendary
Activity: 1498
Merit: 1000
April 06, 2013, 03:06:51 PM
#13
And do you know anything about security, or are you just copy/pasting a lot of bull**** ?

http://bit.co.in/123451 <-- woops?

No I was giving you my honest answer, doesn't mean we can't improve things of course.

That is a basic security for a web site...
full member
Activity: 147
Merit: 100
April 06, 2013, 03:04:47 PM
#12
And do you know anything about security, or are you just copy/pasting a lot of bull**** ?

http://bit.co.in/123451 <-- woops?

No I was giving you my honest answer, doesn't mean we can't improve things of course.
newbie
Activity: 39
Merit: 0
April 06, 2013, 02:50:58 PM
#11
I guess your the owner Roll Eyes you could have just said so Wink Also can you explain the security you employ? Are the address encrypted so you can't change them?
We employ the most up to date Cross-site Scripting Prevention, Cross-site Request Forgery Prevention, and Cookie Attack Prevention (even though there is no login capability yet) techniques.

Furthermore the server is only accessible through non 80 ports from one single undisclosed location.

If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something?
And do you know anything about security, or are you just copy/pasting a lot of bull**** ?

http://bit.co.in/123451 <-- woops?

https://i.imgur.com/wz7TKlY.png
newbie
Activity: 28
Merit: 0
April 06, 2013, 02:15:03 PM
#10
there is a high risk potential in this. I don't think people will use it overly, unless there is credible insurance against fraud by anybody.
rme
hero member
Activity: 756
Merit: 504
April 06, 2013, 12:42:08 PM
#9
If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something?

but what if a hacker gains access and changes the address how do protect against it?
If a hacker gains access can replace the entire website with a fake one and you can do nothing to stop it.
Just use a 64 character password for the ftp and do not login in a insecure pc.
legendary
Activity: 1498
Merit: 1000
April 06, 2013, 12:40:09 PM
#8
If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something?

but what if a hacker gains access and changes the address how do protect against it?
legendary
Activity: 1122
Merit: 1017
ASMR El Salvador
April 06, 2013, 11:53:28 AM
#7
What is the 4 digit pin number?
Is it to allow the owner of it to change the link to another address later? That would be a nice feature
full member
Activity: 147
Merit: 100
April 06, 2013, 11:39:08 AM
#6
I guess your the owner Roll Eyes you could have just said so Wink Also can you explain the security you employ? Are the address encrypted so you can't change them?

We employ the most up to date Cross-site Scripting Prevention, Cross-site Request Forgery Prevention, and Cookie Attack Prevention (even though there is no login capability yet) techniques.

Furthermore the server is only accessible through non 80 ports from one single undisclosed location.

If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something?
legendary
Activity: 1498
Merit: 1000
April 04, 2013, 02:31:42 AM
#5
Your Bitcoin Address is too short (minimum is 34 characters).

Thats a bug, "A Bitcoin address, or simply address, is an identifier of 27-34 alphanumeric characters, beginning with the number 1 or 3, that represents a possible destination for a Bitcoin payment."

My Bitcoin address is 32 characters long, please fix ASAP Wink

Try now Wink

I guess your the owner Roll Eyes you could have just said so Wink Also can you explain the security you employ? Are the address encrypted so you can't change them?
Pages:
Jump to: