Author

Topic: [BitcoinMax.com] Closed - page 114. (Read 190287 times)

donator
Activity: 490
Merit: 500
June 06, 2012, 03:59:21 PM
#82
Is anyone concerned, in terms of security, with the current website login of:

username:
password:

Just thinking out loud, but taking an example, let's say we know someone sent 45 BTC on or before a specific date/time. We know who it was because they posted 'whoa, I just sent 45 BTC!' here in this forum (I notice there are several members who have posted their deposit amounts looking back at the post history).

The blockchain can be easily searched for all 45 BTC transactions prior to that date (for, say, the period 2 or 3 days prior). There may be several matching hits, but likely not a huge number.

We know the user's bitcoinmax.com name from the forum here. We could then try a login at bitcoinmax.com using that name, and the various deposit addresses found from the blockchain that matched 45 BTC. Eventually the login would be successful and the 'imposter' would have access to the account.

I may be missing something (and I hope I am), but I'm asking for someone to convince me that the / system used by bitcoinmax.com is secure from a hack similar to what I've described above.

What is there to be concerned about?  So someone could possibly be able to see your deposit address, balance, and toggle whether to reinvest or not.  There is no access to your funds through the website.
legendary
Activity: 922
Merit: 1003
June 06, 2012, 03:54:01 PM
#81
Is anyone concerned, in terms of security, with the current website login of:

username:
password:

Just thinking out loud, but taking an example, let's say we know someone sent 45 BTC on or before a specific date/time. We know who it was because they posted 'whoa, I just sent 45 BTC!' here in this forum (I notice there are several members who have posted their deposit amounts looking back at the post history).

The blockchain can be easily searched for all 45 BTC transactions prior to that date (for, say, the period 2 or 3 days prior). There may be several matching hits, but likely not a huge number.

We know the user's bitcoinmax.com name from the forum here. We could then try a login at bitcoinmax.com using that name and the various deposit addresses found from the blockchain matching 45 BTC. Eventually the login would be successful and the 'imposter' would have access to the account.

I may be missing something (and I hope I am), but I'm asking for someone to convince me that the / system used by bitcoinmax.com is secure from a hack similar to what I've described above.
sr. member
Activity: 360
Merit: 250
June 06, 2012, 03:10:09 PM
#80
Hmm, just receive my deposite address via pm but can't login (wrong username or password).
Using my forum username as username and the deposite address as password. I've double checked everything.

Do I first have to transfer coins before I can login?

full member
Activity: 205
Merit: 100
June 06, 2012, 01:48:32 PM
#79
okay done...

...when you log in, it should auto-detect any new (confirmed) deposits.
It seems the auto-detection is not working

it works for me.

+1
donator
Activity: 229
Merit: 106
June 06, 2012, 11:01:48 AM
#78
okay done...

...when you log in, it should auto-detect any new (confirmed) deposits.
It seems the auto-detection is not working

it works for me.
aq
full member
Activity: 238
Merit: 100
June 06, 2012, 10:59:22 AM
#77
okay done...

...when you log in, it should auto-detect any new (confirmed) deposits.
It seems the auto-detection is not working
full member
Activity: 141
Merit: 111
June 06, 2012, 10:16:38 AM
#76
ygpm payb.tc
hero member
Activity: 686
Merit: 500
Wat
June 06, 2012, 08:07:54 AM
#75
no coins are kept on that server.

so withdraw will always just be a 'request' which i'll fill manually once a day.


^^^  This is one of the reasons I am in the process of moving my investments here.  payb.tc has a history on the forums and I believe can be tursted, he also thinks about security.

Thanks payb.tc!

+1
hero member
Activity: 560
Merit: 500
I am the one who knocks
June 06, 2012, 06:29:06 AM
#74
no coins are kept on that server.

so withdraw will always just be a 'request' which i'll fill manually once a day.


^^^  This is one of the reasons I am in the process of moving my investments here.  payb.tc has a history on the forums and I believe can be tursted, he also thinks about security.

Thanks payb.tc!
sr. member
Activity: 352
Merit: 250
June 06, 2012, 02:46:10 AM
#73
thanks bob.

lenders can now also change their own 'reinvest' settings via the bitcoinmax login area under 'settings'.


Awesome, thanks.  This is a rad service you have set up and I am a huge fan.

Yep, me too Smiley

Add an auto withdraw section to the site and it'll be perfect I reckon Smiley

no coins are kept on that server.

so withdraw will always just be a 'request' which i'll fill manually once a day.


Better option IMO. No change of hacking that way. Better safe and slow compared to fast but lose all our coins due to a hack.
sr. member
Activity: 350
Merit: 250
June 06, 2012, 02:21:56 AM
#72
thanks bob.

lenders can now also change their own 'reinvest' settings via the bitcoinmax login area under 'settings'.


Awesome, thanks.  This is a rad service you have set up and I am a huge fan.

Yep, me too Smiley

Add an auto withdraw section to the site and it'll be perfect I reckon Smiley
donator
Activity: 490
Merit: 500
June 06, 2012, 02:11:26 AM
#71
thanks bob.

lenders can now also change their own 'reinvest' settings via the bitcoinmax login area under 'settings'.


Awesome, thanks.  This is a rad service you have set up and I am a huge fan.
sr. member
Activity: 336
Merit: 250
June 06, 2012, 12:18:17 AM
#70
I can vouch for the reliability and trustworthiness of this service. I received three payouts, then withdrew all bitcoins without a problem, everything in a super-timely manner. (I also was unaware of the website, I just dealt with payb.tc va pm's)
hero member
Activity: 686
Merit: 500
Wat
June 05, 2012, 09:56:36 PM
#69
Made a deposit  Smiley

legendary
Activity: 1288
Merit: 1227
Away on an extended break
June 05, 2012, 09:48:51 PM
#68
working on parsing the json output from blockchain.info so that deposits show up automatically*

*semi-automatically: you'll have to log out / log in again, coz i don't want to hit their server on every page refresh.


Well, I did log out/ login again but there's no sign of my second deposit?  Huh
If you're updating it manually just take your time as there's no hurries.  Grin
legendary
Activity: 1288
Merit: 1227
Away on an extended break
June 05, 2012, 09:29:15 PM
#67
Made another additional deposit. Cheesy
member
Activity: 96
Merit: 10
June 05, 2012, 08:41:15 PM
#66
Debit: -39.00 BTC
Net amount: -39.00 BTC
Transaction ID: 51c3cc6e7b662055f2af163f68d28280660c7cbe454c9705eab49d730bed8c90
member
Activity: 108
Merit: 10
June 05, 2012, 10:03:04 AM
#65
Made an additional deposit Smiley
aq
full member
Activity: 238
Merit: 100
June 05, 2012, 09:48:06 AM
#64
I like the website - nice and clear.
Deposited more coins.
sr. member
Activity: 350
Merit: 250
June 05, 2012, 03:58:39 AM
#63
Do you have a limit where you'll stop accepting new deposits at all?
Jump to: