Pages:
Author

Topic: China biggest bitcoin portal www.hxtop.com was hacked! - page 2. (Read 62095 times)

hero member
Activity: 1071
Merit: 500
Could this have anything to do with the recent sell off?   Huh

I very much doubt that - the volume on btcchina has been well under 1000 btc per day for quite a while.

By comparing last year's transaction data (btcchina.com)   1000 btc per day has been great progress.
That means the Chinese market gradually bigger .
dod't you think?
hero member
Activity: 1071
Merit: 500
I'm certain you could have public facing and searchable pages and use your encryption starting a log in.  Why would google need to index your protected pages as long as the public urls say where it is and what it does.

Yes - this is under development (just not a big priority yet).


That a good idea if got any progress please note me.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Could this have anything to do with the recent sell off?   Huh

I very much doubt that - the volume on btcchina has been well under 1000 btc per day for quite a while.
legendary
Activity: 1974
Merit: 1010
Could this have anything to do with the recent sell off?   Huh
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
I'm certain you could have public facing and searchable pages and use your encryption starting a log in.  Why would google need to index your protected pages as long as the public urls say where it is and what it does.

Yes - this is under development (just not a big priority yet).
hero member
Activity: 1071
Merit: 500
bitcoin has arrived in China long time just you never know it or less know it.

"Arrived" is also an American idiom that means, "has come of age" or "has come into its own".

It's a good thing.Smiley
China is a big market, any product can find business opportunities in China. BITCOIN precisely
hero member
Activity: 1071
Merit: 500
There's a way I learned in programming class that's much better and leaves your site google index-able.ably missing all service packs, lol.

Actually I am building CMS extensions that will generate real pages that can be indexed by Google, etc. (has just not been my priority).


My website is the use of CMS
base PHP and ASP
BCB
vip
Activity: 1078
Merit: 1002
BCJ
I'm certain you could have public facing and searchable pages and use your encryption starting a log in.  Why would google need to index your protected pages as long as the public urls say where it is and what it does.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
There's a way I learned in programming class that's much better and leaves your site google index-able.ably missing all service packs, lol.

Actually I am building CMS extensions that will generate real pages that can be indexed by Google, etc. (has just not been my priority).
sr. member
Activity: 392
Merit: 250
There's a way I learned in programming class that's much better and leaves your site google index-able.  It's called don't code it like a dumbass and don't leave it open to SQL injections.  Handle all characters related to SQL statement strings and they'll never hit the database!

Also, don't use server 03 lol.  Since this was china, I guarantee it was an illegal copy too so it was probably missing all service packs, lol.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
did you have any detail for me.thank you much

Sure - when you provide a password to "log in" then this is hashed along with a UUID to then encrypt an AJAX type request.

Your request will just look like rubbish to any MITM watcher and all content returned via the AJAX request (which is all the content and why Google can't see anything) is encrypted not with the same key but with another hash (determined client side from the original).

Due to the use of a UUID it is not possible to use a "replay" attack from watching the original login post (hope this makes sense).
sr. member
Activity: 476
Merit: 250
bitcoin has arrived in China long time just you never know it or less know it.

"Arrived" is also an American idiom that means, "has come of age" or "has come into its own".

It's a good thing.Smiley
hero member
Activity: 1071
Merit: 500
I'm sorry to hear it but to take a positive view, this means that bitcoin has arrived in China. Wink
bitcoin has arrived in China long time just you never know it or less know it.
hero member
Activity: 1071
Merit: 500
That's not a weakness. It's a deal breaker. Wink

For the website in question I'd guess so. Smiley

Am actually hoping to go up against the likes of Diaspora by having private content securely encrypted over plain HTTP (a feature recently developed).

(a feature recently developed)?

did you have any detail for me.thank you much
sr. member
Activity: 434
Merit: 250
100%
If you are interested in having a website that is SQL injection proof and cannot have source code stolen then you might be interested in the technology that I've developed (all back end code is compiled C++, all queries are via an abstraction layer that ensures SQL injection is impossible and all URLs cannot be tampered with due to checksum protection).

The one weakness at this stage with the technology is that Google can't even search your site (all queries are through the main website URL). Smiley


Don't lose your (worthy) time.

Care to explain?

hero member
Activity: 1071
Merit: 500
If you are interested in having a website that is SQL injection proof and cannot have source code stolen then you might be interested in the technology that I've developed (all back end code is compiled C++, all queries are via an abstraction layer that ensures SQL injection is impossible and all URLs cannot be tampered with due to checksum protection).

The one weakness at this stage with the technology is that Google can't even search your site (all queries are through the main website URL). Smiley


Don't lose your (worthy) time.


Thank you for reminding me
hero member
Activity: 1071
Merit: 500
SQL injection get the db rights and then got the admin password of the host?
In china more and more website gus like to  use the same Virtual host runing the website.
so the problem is each website code Not safe enough.
legendary
Activity: 1176
Merit: 1001
If you are interested in having a website that is SQL injection proof and cannot have source code stolen then you might be interested in the technology that I've developed (all back end code is compiled C++, all queries are via an abstraction layer that ensures SQL injection is impossible and all URLs cannot be tampered with due to checksum protection).

The one weakness at this stage with the technology is that Google can't even search your site (all queries are through the main website URL). Smiley


Don't lose your (worthy) time.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
That's not a weakness. It's a deal breaker. Wink

For the website in question I'd guess so. Smiley

Am actually hoping to go up against the likes of Diaspora by having private content securely encrypted over plain HTTP (a feature recently developed).
legendary
Activity: 1358
Merit: 1002

The one weakness at this stage with the technology is that Google can't even search your site (all queries are through the main website URL). Smiley


That's not a weakness. It's a deal breaker. Wink
Pages:
Jump to: