Author

Topic: [DEAD] DeepBit.net PPS+Prop,instant payouts, we pay for INVALID BLOCKS too - page 295. (Read 1601419 times)

hero member
Activity: 742
Merit: 500
BTCDig - mining pool
Note that any risk of discovered passwords is mitigated by pools that have worker accounts (like slush's) and where users use random passwords, different from the main account password, for the worker accounts.

This standard was started by bitcoind, and is used outside of pools.  Furthermore, if I intercept a worker password, I can make an attack look like it's coming from another user, possibly getting them kicked off the pool server.

Such attack easily discovered by IP or if user usually use another miner.
hero member
Activity: 742
Merit: 500
BTCDig - mining pool
Sadly with current SSL certificate market and browser behavior, good certificate with "green bar" too expensive fro small project.
Or self-signed or cheap "blue" SSL certificate with fake 99% "browser compatibility" ($10-40/per year).
There are many companies giving SSL certs for free. And those are recognized by most browsers (IE7+).
And this isn't a small project Smiley
Actually the users who asked for SSL may not trust even the root authorities for 100%. The Comodo was already "hacked" a couple of weeks ago.
You a ready pay something like $400+ per year for complains from such not trusted users? Smiley
legendary
Activity: 1596
Merit: 1100
Related to HTTPS:  I am planning on adding support for HTTP Digest authentication, on top of current HTTP Basic auth.  While not perfect, and SSL is better, this will move community away from sending base64-encoded passwords (easily decoded) frequently over the 'net.
Note that any risk of discovered passwords is mitigated by pools that have worker accounts (like slush's) and where users use random passwords, different from the main account password, for the worker accounts.

This standard was started by bitcoind, and is used outside of pools.  Furthermore, if I intercept a worker password, I can make an attack look like it's coming from another user, possibly getting them kicked off the pool server.

full member
Activity: 182
Merit: 107
Related to HTTPS:  I am planning on adding support for HTTP Digest authentication, on top of current HTTP Basic auth.  While not perfect, and SSL is better, this will move community away from sending base64-encoded passwords (easily decoded) frequently over the 'net.
Note that any risk of discovered passwords is mitigated by pools that have worker accounts (like slush's) and where users use random passwords, different from the main account password, for the worker accounts.

The main account login should be secured with TLS, since the destination wallet can be changed with that password, but the worst you could do with a worker account password is request/submit work or try to screw around with the pool under someone else's name.  (And the pool operator would readily be able to tell that such requests were coming from another IP anyway.)
legendary
Activity: 1596
Merit: 1100
Related to HTTPS:  I am planning on adding support for HTTP Digest authentication, on top of current HTTP Basic auth.  While not perfect, and SSL is better, this will move community away from sending base64-encoded passwords (easily decoded) frequently over the 'net.

hero member
Activity: 742
Merit: 500
Have you considered CACert?  I use them for my certificates.  They're not trusted by most browsers by default, but it's pretty easy to install the root certs.
Thanks for your advice, but if i'm going to support HTTPS, i'd try to get something supported by at least IE7+, if possible :)
full member
Activity: 182
Merit: 107
There are many companies giving SSL certs for free. And those are recognized by most browsers (IE7+).
And this isn't a small project Smiley

Actually the users who asked for SSL may not trust even the root authorities for 100%. The Comodo was already "hacked" a couple of weeks ago.
Have you considered CACert?  I use them for my certificates.  They're not trusted by most browsers by default, but it's pretty easy to install the root certs.
hero member
Activity: 742
Merit: 500
Sadly with current SSL certificate market and browser behavior, good certificate with "green bar" too expensive fro small project.
Or self-signed or cheap "blue" SSL certificate with fake 99% "browser compatibility" ($10-40/per year).
There are many companies giving SSL certs for free. And those are recognized by most browsers (IE7+).
And this isn't a small project :)

Actually the users who asked for SSL may not trust even the root authorities for 100%. The Comodo was already "hacked" a couple of weeks ago.
hero member
Activity: 742
Merit: 500
BTCDig - mining pool
Yes, i know about demand for HTTPS. It will be added as soon as i get SSL certificate (a couple of days, i hope).
Sorry for delay.

Sadly with current SSL certificate market and browser behavior, good certificate with "green bar" too expensive fro small project.
Or self-signed or cheap "blue" SSL certificate with fake 99% "browser compatibility" ($10-40/per year).
hero member
Activity: 742
Merit: 500
What exactly are the benefits of HTTPS?
With HTTPS conection it's harder to intercept the information between browser and server.
full member
Activity: 126
Merit: 100
What exactly are the benefits of HTTPS?
hero member
Activity: 742
Merit: 500
Yes, i know about demand for HTTPS. It will be added as soon as i get SSL certificate (a couple of days, i hope).
Sorry for delay.
member
Activity: 82
Merit: 10
member
Activity: 78
Merit: 10
Nice service!  I have a request though.  It'd be nice if you offered https access.
full member
Activity: 226
Merit: 100
i mean from now on, not the previous ones Smiley
hero member
Activity: 742
Merit: 500
is it possible to have a column next to workers to show the amount of blocks that the worker has found?
Currently i don't have a complete history of this, sorry.
full member
Activity: 226
Merit: 100
is it possible to have a column next to workers to show the amount of blocks that the worker has found?
hero member
Activity: 742
Merit: 500
So I re-registered, used my old emailadress but changed my password. Now I can log on at the deepbit-site, but all coins i made are gone, and my miner can't login with my new userdata, but my miner can log in and is doing hash/s with my old userdata, but my new deepbit.account isnt makong a single cent.
Is it possible I was hacked? Or did I made some sort of mistake?
Thanks for help in advance
PM me your login name and we will find out what's happened.
newbie
Activity: 1
Merit: 0
Hi Folks!

I just started using Bitcoin and deepbit some days ago.

Everything was running fine, but today i could'nt log in at the deepbit-site, it said User_not_found

So I re-registered, used my old emailadress but changed my password. Now I can log on at the deepbit-site, but all coins i made are gone, and my miner can't login with my new userdata, but my miner can log in and is doing hash/s with my old userdata, but my new deepbit.account isnt makong a single cent.

Is it possible I was hacked? Or did I made some sort of mistake?

Thanks for help in advance


update: Problem was solved by [Tycho] in super short time, all BTC are back - Thanks very much !
full member
Activity: 238
Merit: 100
So that paypal thing was a joke or no?  I don't use paypal personally but just wondering.
PayPal mining is a joke. But setting your PayPal address is not.
Sorry for being dense but what is the point of entering a paypal email address if it does nothing are you planning on making a use for it in the future?
PayPal payouts are going to be available soon. Hope so Smiley

Oh nice I wouldn't use paypal but great for those who do your pool just keeps getting better.  Thanks for the dedication!
Jump to: