Pages:
Author

Topic: Lendmecoin.com Released!! Now in Beta testing! (Read 1595 times)

legendary
Activity: 1498
Merit: 1000
your going to sit there and be like the only relation is that it autofills in your facebook info, IT IS FACEBOOK they want users like me who will never get a facebook js you know facebook sees the data.
member
Activity: 98
Merit: 10
(:firstbits => "1mantis")
I dont sign in to my bank using facebook connect  Smiley

Alright, I will switch it off facebook this weekend.  I work a lot so I should have it done by the end of the week.

I got your PM and I replied.

I am currently unemployed so I have more time than most. I do get contract jobs here and there and I am trying to get a stable 9to5 job but for now I got some time to put into your project.

Let me know.
full member
Activity: 148
Merit: 100
I dont sign in to my bank using facebook connect  Smiley

Alright, I will switch it off facebook this weekend.  I work a lot so I should have it done by the end of the week.
hero member
Activity: 686
Merit: 500
Wat
 I dont sign in to my bank using facebook connect  Smiley
full member
Activity: 148
Merit: 100
your going to sit there and be like the only relation is that it autofills in your facebook info, IT IS FACEBOOK they want users like me who will never get a facebook js you know facebook sees the data.

Well yeah Facebook sees it.  I wanted something user friendly and familiar to people.  If it is such a huge problem I can change it to a different verification system...

Does anyone else feel the same way?  Or is this an isolated incident?  I really do appreciate the feedback Gweedo, this is exactly what I need.
full member
Activity: 148
Merit: 100
Just an oversight.  I will fix it now, but I am using sha1 encryption for password storage.

use bcrypt it is the only hashing function I would use (it is impossible to have enough computer power to crack if used correctly), also you need at least a password salt something random. Get rid of the facebook stuff, there is so many other ways to do it person verification.

What do you recommend for person verification?

you can always do text verification, like send a text with a random string, and have that be able to be entered on the site. you can do something where they have to spend a certain amount of time on the site before making a transaction. Have people enter in their bitcoin username and you send them a pm and have them pm you back. I mean just think there are a lot of ways

That is certainly an idea.  The facebook thing actually has nothing to do with facebook.  If you are logged into facebook it automatically fills in the data for you.  That is the only relation between the two.  Is that a problem?
full member
Activity: 148
Merit: 100
Just an oversight.  I will fix it now, but I am using sha1 encryption for password storage.

use bcrypt it is the only hashing function I would use (it is impossible to have enough computer power to crack if used correctly), also you need at least a password salt something random. Get rid of the facebook stuff, there is so many other ways to do it person verification.

What do you recommend for person verification?
donator
Activity: 1218
Merit: 1079
Gerald Davis
Just an oversight.  I will fix it now, but I am using sha1 encryption for password storage.

I pointed out in the other thread SHA1 is pathetically weak for protecting passwords. 
full member
Activity: 148
Merit: 100
Just an oversight.  I will fix it now, but I am using sha1 encryption for password storage.
legendary
Activity: 1498
Merit: 1000
Don't get all emotional about it, it's not like it even has SSL either so meh. Also the login page has a password field, so probably just an oversight.

come on dude, oversight? it just leads me to question how these passwords are being stored? Are they salted? Using bcrypt? Right now if I did a sql injection would it work? He probably uses mysql_* functions, not even mysqli_* and I eat my hat if he used PDO. This also leads me to be like well now he has all these security issues, how can this site be taken serious as a lending central point. I want to lend, but there are too many scammers and I was hoping a cool site would fix that I guess my wait continues.
I guess I take it for granted that everyone uses a different random password on every site (thanks, LastPass!), and never trusts one without SSL. The all caps warning just struck me as emotional, although I can see how this site would effectively gather in the newbies so perhaps it was warranted.
exactly I just wanted to warn the newbies.
rjk
sr. member
Activity: 448
Merit: 250
1ngldh
Don't get all emotional about it, it's not like it even has SSL either so meh. Also the login page has a password field, so probably just an oversight.

come on dude, oversight? it just leads me to question how these passwords are being stored? Are they salted? Using bcrypt? Right now if I did a sql injection would it work? He probably uses mysql_* functions, not even mysqli_* and I eat my hat if he used PDO. This also leads me to be like well now he has all these security issues, how can this site be taken serious as a lending central point. I want to lend, but there are too many scammers and I was hoping a cool site would fix that I guess my wait continues.
I guess I take it for granted that everyone uses a different random password on every site (thanks, LastPass!), and never trusts one without SSL. The all caps warning just struck me as emotional, although I can see how this site would effectively gather in the newbies so perhaps it was warranted.
rjk
sr. member
Activity: 448
Merit: 250
1ngldh
Don't get all emotional about it, it's not like it even has SSL either so meh. Also the login page has a password field, so probably just an oversight.
member
Activity: 98
Merit: 10
(:firstbits => "1mantis")
Alright I forwarded port 81 and it should work now.

72.181.135:81 will take you there.  Unfortunately it takes 12 hours to update DNS.

I am not concerned about the money. Toss me a few bitcoins here and there if you want but I am in this thing for the long haul. Drop me a message. Let's build this thing up RIGHT. I have the experience to take your idea from brain, to concept to prototype to beta to launch!
member
Activity: 98
Merit: 10
(:firstbits => "1mantis")
Alright I forwarded port 81 and it should work now.

72.181.135:81 will take you there.  Unfortunately it takes 12 hours to update DNS.

Still not working Sad

full member
Activity: 148
Merit: 100
Alright I forwarded port 81 and it should work now.

72.181.135:81 will take you there.  Unfortunately it takes 12 hours to update DNS.
full member
Activity: 148
Merit: 100
Yeah something is wrong.  I think my ISP is blocking 80 that is why I am the only one who can access it.  I will fix it tomorrow after work.

I am a web developer / programmer with 25 years of experience looking for work. Do you need assistance with this project?

I would love a helping hand.  This is just a side project for me and I couldn't compensate you.  At least not until it became profitable...  I should really put this on a shared server, but I want to keep it relatively inexpensive until I know people will use it.  I will give you a shout when i get this port forward crap figured out.  Should be sometime tonight.  I did not want to do it last night because I spent 6 hours coding.
member
Activity: 98
Merit: 10
(:firstbits => "1mantis")
Yeah something is wrong.  I think my ISP is blocking 80 that is why I am the only one who can access it.  I will fix it tomorrow after work.

I am a web developer / programmer with 25 years of experience looking for work. Do you need assistance with this project?
full member
Activity: 148
Merit: 100
Yeah something is wrong.  I think my ISP is blocking 80 that is why I am the only one who can access it.  I will fix it tomorrow after work.
member
Activity: 98
Merit: 10
(:firstbits => "1mantis")
legendary
Activity: 1904
Merit: 1002
I'm not getting a DNS response for your domain.
Pages:
Jump to: