Pages:
Author

Topic: Deleted - page 4. (Read 16663 times)

full member
Activity: 271
Merit: 101
June 02, 2014, 09:37:40 AM
There's plenty of ways to purchase bitcoins in the UK without LBC. I can think of at least three where you can buy them for bank transfer instantly.

Admittedly it's all one way and there is no true "exchange"

but to keep repeating that there is no way to buy them in the UK is just a lie to promote your own business.

https://bitbargain.co.uk/

https://quickbitcoin.co.uk/

https://speedybitcoin.co.uk/

https://bittylicious.com/
sr. member
Activity: 322
Merit: 250
May 25, 2014, 07:42:10 PM
Sounds technically difficult and probably a scam.
Also looking at the member other 'dice' website - looks like a child has produced it and is still not working.

Will avoid.
For reference, he is upset because I questioned the fee levels of his service. (see here: https://bitcointalksearch.org/topic/bitcoin-investment-opportunity-624924 )

Disregard-able comment
newbie
Activity: 34
Merit: 0
May 25, 2014, 03:31:49 PM
Sounds technically difficult and probably a scam.
Also looking at the member other 'dice' website - looks like a child has produced it and is still not working.

Will avoid.
sr. member
Activity: 322
Merit: 250
May 23, 2014, 04:42:00 PM
Mikael,

I totally agree with you. We are not launching using this code, the majority of it will be our own. Also we are having security audits done prior to launch.

I've not had much of a look like at the API yet, but it most definitely will be coming under heavy scrutiny. Please may you post that on their git?
newbie
Activity: 29
Merit: 0
May 23, 2014, 04:38:38 PM
I only spent a couple of minutes looking at the code here..  I don't know much about PHP or db_update function, so I could be wrong, but this seems a bit suspect to me.

Can you verify whether this is accepting a POST request from a user and then directly including the user input in a database update with the only validation performed being a check for whether or not it begins with a number?

https://github.com/wlox/wlox-api/blob/master/htdocs/api.php#L9

https://github.com/wlox/wlox-api/blob/master/htdocs/api.php#L28

This seems dangerous, like a potential SQL injection.

While open source software is great for large projects that get lots of eyeballs on them, utilizing a smaller project like this exposes you to a lot of risk.  There are what, 2-3 contributors to safeguard how many users in your target market?  Once there is any amount of financial incentive behind inspecting the code base, such as this code going live somewhere, malicious users will spend countless hours peering through the code for the most miniscule errors that could lead to a compromise.  They'll setup testing environments locally so that their actions aren't detectable until the deed is done.

You should really investigate how the project is managed a bit more, as well.  There appears to be no testing methodology in place..  zero code coverage.   The repository is setup with only the single master branch, which means that any work on new features or changes aren't separated out until they can be confirmed as valid/secure/non-breaking before getting merged...

Just be careful here.. You're working with people's money.
sr. member
Activity: 322
Merit: 250
May 23, 2014, 03:51:11 PM
Equally, you could say it is unfinished.
full member
Activity: 173
Merit: 182
May 23, 2014, 03:43:15 PM
Protip:  When coding a currencies exchange, it is important to pay attention to security from the gitgo.

You know how to change permissions on Apache, right?



I guess you could say this exchange

(•_•)

( •_•)>⌐■-■

(⌐■_■)

is hacked together.

YEEEEEAAAAAAAAAAH
full member
Activity: 154
Merit: 100
May 23, 2014, 09:53:51 AM
...
Installation was not quite that simple...

Computers are hard...
sr. member
Activity: 378
Merit: 254
May 23, 2014, 09:51:32 AM
I admire your spunk and "can-do" attitude.  That, combined with good personal grooming (did you buy a new pair of socks like I've suggested?), is sure to propel you and your fine currencies exchange to dizzying heights!

sr. member
Activity: 322
Merit: 250
May 23, 2014, 09:35:07 AM
You're dangerous, d00d.  Make a few "Hello World" variants before diving into finance.

BankAccounts.php indeed Cheesy
http://188.226.254.53/frontend/lib/BankAccounts.php

Not a security concern...
full member
Activity: 154
Merit: 100
May 23, 2014, 09:32:04 AM
You're dangerous, d00d.  Make a few "Hello World" variants before diving into finance.

BankAccounts.php indeed Cheesy
sr. member
Activity: 322
Merit: 250
May 23, 2014, 09:28:32 AM
Protip:  When coding a currencies exchange, it is important to pay attention to security from the gitgo.


You know how to change permissions on Apache, right?


Yes, I do. This is the development machine, a VPS. ~not~ the servers it will be hosted on.
full member
Activity: 154
Merit: 100
May 23, 2014, 09:22:58 AM
Protip:  When coding a currencies exchange, it is important to pay attention to security from the gitgo.



You know how to change permissions on Apache, right?

sr. member
Activity: 322
Merit: 250
May 23, 2014, 09:21:17 AM
What is the demo supposed to demo?  Your ability to download and install plugins/scripts?
In that case, well done.

Installation was not quite that simple, but that is besides the point. Just to reiterate, this is so that progress can be followed, this is not to show off abilities. What it is showing off will become apparent as development progresses. This is just another way to follow progress as opposed to just the development blog. I promised transparency, that includes showing what happens from a very basic beginning.
full member
Activity: 154
Merit: 100
May 23, 2014, 09:15:10 AM
What is the demo supposed to demo?  Your ability to download and install plugins/scripts?
In that case, well done.
sr. member
Activity: 322
Merit: 250
May 23, 2014, 09:12:10 AM
Email now says Mimex, although not sure why that was even a problem for a site I simply linked to so you can follow the progress easily.
sr. member
Activity: 322
Merit: 250
May 23, 2014, 09:09:29 AM
Gotcha!  Tried a new one, works like a charm!

I see you put some serious work into this Smiley
We are not live, this is not an alpha, or a beta.
full member
Activity: 154
Merit: 100
May 23, 2014, 09:05:21 AM
Gotcha!  Tried a new one, works like a charm!


I see you put some serious work into this Smiley
sr. member
Activity: 322
Merit: 250
May 23, 2014, 08:57:41 AM
^In other words, the functionality of your demo is ...the login script? Cheesy
Excelsior!  
The demo was more to show that we're doing something, and to allow people to follow the progress. Not for you to be able to trade, or much else for that matter.

As stated, at the beginning/middle of next week we can show you the second set of draft designs.

Your login script doesn't work.  Insists that my email is invalid Sad
Working fine for me, PM me your email and I'll try it out.

EDIT: Your email probably contains a + sign or similar. That isn't supported.
sr. member
Activity: 378
Merit: 254
May 23, 2014, 08:55:27 AM
^In other words, the functionality of your demo is ...the login script? Cheesy
Excelsior! 
The demo was more to show that we're doing something, and to allow people to follow the progress. Not for you to be able to trade, or much else for that matter.

As stated, at the beginning/middle of next week we can show you the second set of draft designs.

Your login script doesn't work.  Insists that my email is invalid Sad
Pages:
Jump to: