[BitcoinMax.com] Closed - page 114. | Bitcointalksearch.org

tgmarks

donator

Activity: 490

Merit: 500

Quote from: Epoch on June 06, 2012, 03:54:01 PM

Is anyone concerned, in terms of security, with the current website login of:

username:
password:

Just thinking out loud, but taking an example, let's say we know someone sent 45 BTC on or before a specific date/time. We know who it was because they posted 'whoa, I just sent 45 BTC!' here in this forum (I notice there are several members who have posted their deposit amounts looking back at the post history).

The blockchain can be easily searched for all 45 BTC transactions prior to that date (for, say, the period 2 or 3 days prior). There may be several matching hits, but likely not a huge number.

We know the user's bitcoinmax.com name from the forum here. We could then try a login at bitcoinmax.com using that name, and the various deposit addresses found from the blockchain that matched 45 BTC. Eventually the login would be successful and the 'imposter' would have access to the account.

I may be missing something (and I hope I am), but I'm asking for someone to convince me that the / system used by bitcoinmax.com is secure from a hack similar to what I've described above.

What is there to be concerned about? So someone could possibly be able to see your deposit address, balance, and toggle whether to reinvest or not. There is no access to your funds through the website.

Epoch

legendary

Activity: 922

Merit: 1003

Is anyone concerned, in terms of security, with the current website login of:

username:
password:

Just thinking out loud, but taking an example, let's say we know someone sent 45 BTC on or before a specific date/time. We know who it was because they posted 'whoa, I just sent 45 BTC!' here in this forum (I notice there are several members who have posted their deposit amounts looking back at the post history).

The blockchain can be easily searched for all 45 BTC transactions prior to that date (for, say, the period 2 or 3 days prior). There may be several matching hits, but likely not a huge number.

We know the user's bitcoinmax.com name from the forum here. We could then try a login at bitcoinmax.com using that name and the various deposit addresses found from the blockchain matching 45 BTC. Eventually the login would be successful and the 'imposter' would have access to the account.

I may be missing something (and I hope I am), but I'm asking for someone to convince me that the / system used by bitcoinmax.com is secure from a hack similar to what I've described above.

BTC-engineer

sr. member

Activity: 360

Merit: 250

Hmm, just receive my deposite address via pm but can't login (wrong username or password).
Using my forum username as username and the deposite address as password. I've double checked everything.

Do I first have to transfer coins before I can login?

fuxianhui888

full member

Activity: 205

Merit: 100

Quote from: chunglam on June 06, 2012, 11:01:48 AM

Quote from: aq on June 06, 2012, 10:59:22 AM

Quote from: ?? on ??

okay done...

...when you log in, it should auto-detect any new (confirmed) deposits.

It seems the auto-detection is not working

it works for me.

+1

chunglam

donator

Activity: 229

Merit: 106

Quote from: aq on June 06, 2012, 10:59:22 AM

Quote from: ?? on ??

okay done...

...when you log in, it should auto-detect any new (confirmed) deposits.

It seems the auto-detection is not working

it works for me.

aq

full member

Activity: 238

Merit: 100

Quote from: ?? on ??

okay done...

...when you log in, it should auto-detect any new (confirmed) deposits.

It seems the auto-detection is not working

xxaudioxx

full member

Activity: 141

Merit: 111

ygpm payb.tc

Bitcoin Oz

hero member

Activity: 686

Merit: 500

Wat

Quote from: ErebusBat on June 06, 2012, 06:29:06 AM

Quote from: ?? on ??

no coins are kept on that server.

so withdraw will always just be a 'request' which i'll fill manually once a day.

^^^ This is one of the reasons I am in the process of moving my investments here. payb.tc has a history on the forums and I believe can be tursted, he also thinks about security.

Thanks payb.tc!

+1

ErebusBat

hero member

Activity: 560

Merit: 500

I am the one who knocks

Quote from: ?? on ??

no coins are kept on that server.

so withdraw will always just be a 'request' which i'll fill manually once a day.

^^^ This is one of the reasons I am in the process of moving my investments here. payb.tc has a history on the forums and I believe can be tursted, he also thinks about security.

Thanks payb.tc!

Timbo925

sr. member

Activity: 352

Merit: 250

Quote from: ?? on ??

Quote from: RoloTonyBrownTown on June 06, 2012, 02:21:56 AM

Quote from: tgmarks on June 06, 2012, 02:11:26 AM

Quote from: ?? on ??

thanks bob.

lenders can now also change their own 'reinvest' settings via the bitcoinmax login area under 'settings'.

Awesome, thanks. This is a rad service you have set up and I am a huge fan.

Yep, me too

Add an auto withdraw section to the site and it'll be perfect I reckon

no coins are kept on that server.

so withdraw will always just be a 'request' which i'll fill manually once a day.

Better option IMO. No change of hacking that way. Better safe and slow compared to fast but lose all our coins due to a hack.

RoloTonyBrownTown

sr. member

Activity: 350

Merit: 250

Quote from: tgmarks on June 06, 2012, 02:11:26 AM

Quote from: ?? on ??

thanks bob.

lenders can now also change their own 'reinvest' settings via the bitcoinmax login area under 'settings'.

Awesome, thanks. This is a rad service you have set up and I am a huge fan.

Yep, me too

Add an auto withdraw section to the site and it'll be perfect I reckon

tgmarks

donator

Activity: 490

Merit: 500

Quote from: ?? on ??

thanks bob.

lenders can now also change their own 'reinvest' settings via the bitcoinmax login area under 'settings'.

Awesome, thanks. This is a rad service you have set up and I am a huge fan.

finkleshnorts

sr. member

Activity: 336

Merit: 250

I can vouch for the reliability and trustworthiness of this service. I received three payouts, then withdrew all bitcoins without a problem, everything in a super-timely manner. (I also was unaware of the website, I just dealt with payb.tc va pm's)

Bitcoin Oz

hero member

Activity: 686

Merit: 500

Wat

Made a deposit

John (John K.)

legendary

Activity: 1288

Merit: 1227

Away on an extended break

Quote from: ?? on ??

working on parsing the json output from blockchain.info so that deposits show up automatically*

*semi-automatically: you'll have to log out / log in again, coz i don't want to hit their server on every page refresh.

Well, I did log out/ login again but there's no sign of my second deposit? Huh

If you're updating it manually just take your time as there's no hurries. Grin

John (John K.)

legendary

Activity: 1288

Merit: 1227

Away on an extended break

Made another additional deposit. Cheesy

Snowpea

member

Activity: 96

Merit: 10

Debit: -39.00 BTC
Net amount: -39.00 BTC
Transaction ID: 51c3cc6e7b662055f2af163f68d28280660c7cbe454c9705eab49d730bed8c90

misternoodle

member

Activity: 108

Merit: 10

Made an additional deposit

aq

full member

Activity: 238

Merit: 100

I like the website - nice and clear.
Deposited more coins.

RoloTonyBrownTown

sr. member

Activity: 350

Merit: 250

Do you have a limit where you'll stop accepting new deposits at all?

Topic: [BitcoinMax.com] Closed - page 114. (Read 190275 times)