Bitcoin Forum>Alternate cryptocurrencies>Announcements (Altcoins)
Pages:
Author

Topic: NXT :: descendant of Bitcoin - Updated Information - page 1358. (Read 2761645 times)

Damelon
legendary
Activity: 1092
Merit: 1010
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:44:47 PM
#23987
Quote from: NxtChg on January 25, 2014, 03:41:57 PM
Quote from: Alias on January 25, 2014, 03:26:08 PM

There is a reason why I also wrote the following:

Quote
Perhaps a dedicated open source NXT password card generator would be a useful tool for the community.

Let's keep it brewing for awhile and then gather all the ideas, analyse them and create a concrete and detailed plan: Improving NXT Security.

And make it easy Wink
NxtChg
hero member
Activity: 840
Merit: 1002
Simcoin Developer
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:41:57 PM
#23986
Quote from: Alias on January 25, 2014, 03:26:08 PM

There is a reason why I also wrote the following:

Quote
Perhaps a dedicated open source NXT password card generator would be a useful tool for the community.

Let's keep it brewing for awhile and then gather all the ideas, analyse them and create a concrete and detailed plan: Improving NXT Security.
NxtChg
hero member
Activity: 840
Merit: 1002
Simcoin Developer
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:38:22 PM
#23985
Quote from: Anon136 on January 25, 2014, 02:37:20 PM
gotta side with your friend on this one. you could have a 200 character password and the nsa could still break in ezpz. heck they can even break into a computer thats turned off. here are some links just to touch the tip of the iceberg

http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html?_r=0

http://www.youtube.com/watch?v=vILAlhwUgIU

http://news.softpedia.com/news/Secret-3G-Radio-in-Every-Intel-vPro-CPU-Could-Steal-Your-Ideas-at-Any-Time-385194.shtml

However a piece of tape over the camera is simple and foolproof.

That was an entertaining talk to watch...
MtheK
newbie
Activity: 14
Merit: 0
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:29:48 PM
#23984
Quote from: MtheK on January 25, 2014, 10:13:21 AM
Quote from: MtheK on January 08, 2014, 04:49:27 AM
Hello Guys,
I published the first alpha version of my Android App "NXT Watcher".
See https://nextcoin.org/index.php/topic,2588.0.html for further details and install instructions.

Screenshot to get a first impression of how it looks like:
https://dl.dropboxusercontent.com/u/1304372/NXTWatcher/Screenshots/NXTWatcher2.png

I need a lot help testing on different devices, especially Gingerbread and Honeycomb!

So if you own an Android device, follow the link above and please provide some feedback Smiley

Additionally there is a 1k bounty for providing a good looking, Android-ready laucher logo for the app -- two guys working on it already.


And now the obligate NXT signature  Grin :
If you like it, you are welcome to donate a few NXT to keep me motivated Smiley
6887853321138092071

EMERGENCY UPDATE

NXT Watcher version 0.1.5. is out!
Please update to v0.1.5.
The DGEX API returns an invalid trade that caused the all-time chart to crash!


BTW: Stay tuned, there will be an bigger update today introducing new exchange markets (DGEX, Bter and NxtChg)   Wink


EXPERIMENTAL RELEASE

NXT Watcher version 0.2.0e is out!

This is an experimantal version: Please note that only the first of the markets you select in the main screen is shown in the chart. Give me one or two day more to publish the final version 0.2.0 which will make it possible to view multiple charts simultaneously (overlapping).


I added the exchanges Bter.com and NxtChg.com:
https://dl.dropboxusercontent.com/u/1304372/NXTWatcher/Screenshots/NXTWatcher1.png
Alias
full member
Activity: 127
Merit: 100
Money be green
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:26:08 PM
#23983
Quote from: Zahlen on January 25, 2014, 03:16:39 PM
Quote from: Alias on January 25, 2014, 03:04:29 PM
Try this - www.passwordcard.org/en

Thanks for the suggestion. Smiley But, quoting from the site:

Quote from: https://www.passwordcard.org/en
Your PasswordCard has a unique grid of random letters and digits on it. The rows have different colors, and the columns different symbols. All you do is remember a combination of a symbol and a color, and then read the letters and digits from there. It couldn't be simpler!

That "unique grid" is supposedly generated by a code like ba625143531f714e that's chosen by the user. Sounds good, but what's the algo for generating the grid? If I were an attacker running the site, I would make resulting cards have only a limited number of different rows and columns. Still numerous enough to evade statistical analysis from buyers, but easy enough for an attacker to exhaust.


Van gens also introduce an attack vector: someone could upload a spoofed generator.


There is a reason why I also wrote the following:

Quote
Perhaps a dedicated open source NXT password card generator would be a useful tool for the community.
v39453
newbie
Activity: 22
Merit: 0
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:21:43 PM
#23982
Quote from: Alias on January 25, 2014, 03:04:29 PM
I'm not for trusting third party sites or software to do generation, though others may feel differently. I do welcome different views on the wiki Smiley Feel free to register (PM joefox, the wiki admin) and edit, or comment in the talk page.

The bitaddress.org page can be also saved and used in offline mode. To my knowledge it is one of the most popular methods of generating Bitcoin paper wallets. If there is something more popular in the Bitcoin world, then I would recommend using the same method also for your NXT password. There is no need to reinvent the wheel here.
Damelon
legendary
Activity: 1092
Merit: 1010
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:20:29 PM
#23981
Quote from: Ebrelus on January 25, 2014, 03:17:47 PM
Will there be a feature of freezing account for a given time and code a trigger to send it after that time into certain other accounts automaticly?
Looking for a possibility of safe storring NXTs owned by many holders in order to make group interest shares possible.

Yes Smiley

http://wiki.nxtcrypto.org/wiki/Account_Control
TwinWinNerD
legendary
Activity: 1680
Merit: 1001
CEO Bitpanda.com
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:18:23 PM
#23980
Quote from: coolmist on January 25, 2014, 03:15:32 PM
I don't think vanity generators are secure.

Since the number generation algorithms aren't truly random there will probably be a few addresses that are generated by two individuals with similar environmental variables. A hacker with a powerful computer could generate 1000 shortened addresses and try opening each one until he hits an active account.

have you used it? You can use your own passphrase prefix
Ebrelus
full member
Activity: 186
Merit: 100
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:17:47 PM
#23979
Will there be a feature of freezing account for a given time and code a trigger to send it after that time into certain other accounts automaticly?
Looking for a possibility of safe storring NXTs owned by many holders in order to make group interest shares possible.
kronicblazer
sr. member
Activity: 252
Merit: 250
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:17:31 PM
#23978
Hey guys... haven't checked NxT in awhile, but I had some giveaways before.  Was just wondering if a proper client is out yet? Or what is the easiest way for me to set up NxT properly.  I tried a few weeks ago, but I could not get the online site/client with java to sync.  Any help would be great.  Thx

I use windows 7
Zahlen
member
Activity: 98
Merit: 10
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:16:39 PM
#23977
Quote from: Alias on January 25, 2014, 03:04:29 PM
Try this - www.passwordcard.org/en

Thanks for the suggestion. Smiley But, quoting from the site:

Quote from: https://www.passwordcard.org/en
Your PasswordCard has a unique grid of random letters and digits on it. The rows have different colors, and the columns different symbols. All you do is remember a combination of a symbol and a color, and then read the letters and digits from there. It couldn't be simpler!

That "unique grid" is supposedly generated by a code like ba625143531f714e that's chosen by the user. Sounds good, but what's the algo for generating the grid? If I were an attacker running the site, I would make resulting cards have only a limited number of different rows and columns. Still numerous enough to evade statistical analysis from buyers, but easy enough for an attacker to exhaust.


Van gens also introduce an attack vector: someone could upload a spoofed generator.
coolmist
newbie
Activity: 56
Merit: 0
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:15:32 PM
#23976
I don't think vanity generators are secure.

Since the number generation algorithms aren't truly random there will probably be a few addresses that are generated by two individuals with similar environmental variables. A hacker with a powerful computer could generate 1000 shortened addresses and try opening each one until he hits an active account.
wastedbit
newbie
Activity: 10
Merit: 0
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:14:30 PM
#23975
Quote from: opticalcarrier on January 25, 2014, 02:57:05 PM
I modified jean-lucs java vanity generator to make it search for short accounts.  Im sure its safe since fromhim
Thanks!   That is what I was using too.  I'd suggest sending your changes to Jean-Lucs and asking him to create a source fork for short names (you probably just changed a few lines of code).  Then, you can post his link for your completion.
xyzzyx
sr. member
Activity: 490
Merit: 250
I don't really come from outer space.
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:13:42 PM
#23974
Quote from: wastedbit on January 25, 2014, 03:02:28 PM
This account also purchased aliases, albeit 4 days prior.  I'm wondering if a webpage can get a listing of your url history?

I don't know Javascript, but: http://www.w3schools.com/jsref/obj_history.asp

Quote
The history object contains the URLs visited by the user (within a browser window).

The history object is part of the window object and is accessed through the window.history property.

Note: There is no public standard that applies to the history object, but all major browsers support it.
TwinWinNerD
legendary
Activity: 1680
Merit: 1001
CEO Bitpanda.com
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:08:56 PM
#23973
http://www.bbc.co.uk/news/business-25861717

after reading this news, i am happy to have so much of my money in cryptos Smiley
Alias
full member
Activity: 127
Merit: 100
Money be green
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:04:29 PM
#23972
Quote from: Zahlen on January 25, 2014, 03:01:47 PM
Quote from: v39453 on January 25, 2014, 02:51:30 PM
Quote from: Zahlen on January 25, 2014, 02:19:15 PM
I need help with http://wiki.nxtcrypto.org/wiki/How-To:GenerateStrongPassword. I've looked at many sites that describe how to generate strong passwords. I find most unsatisfactory.

The example password "Tammy's#18bdayBIGpartyDroppedshibesweaterinpoolGMasonUsoon:(3yearsislong" on that page is weak.

Generating a NXT password is basically the same problem as creating a Bitcoin private key. bitaddress.org is to my knowledge a fairly trusted site. You can take the private key it generates and use it as your password.

The human brain should not be used to generate a password because it is not a good source of randomness.

KeePass estimates 324 bit entropy for that passphrase. That's more bits than a NXT account with public key.

I'm not for trusting third party sites or software to do generation, though others may feel differently. I do welcome different views on the wiki Smiley Feel free to register (PM joefox, the wiki admin) and edit, or comment in the talk page.

Try this - www.passwordcard.org/en

Perhaps a dedicated open source NXT password card generator would be a useful tool for the community.
wastedbit
newbie
Activity: 10
Merit: 0
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:02:28 PM
#23971
Quote from: BitcoinForumator on January 25, 2014, 12:13:02 PM
Quote from: TwinWinNerD on January 25, 2014, 12:11:13 PM
Quote from: pinarello on January 25, 2014, 12:07:23 PM
Quote from: NxtChg on January 25, 2014, 12:03:28 PM
Quote from: S3MKi on January 25, 2014, 11:56:15 AM
Client 0.5.10 stood on the local machine.
My purse number 378082518108298527.
Coin purse went to 13664022353450653976.
Password length of 32 characters (5 words).
Use uppercase and lowercase letters.
Client rocked by reference to the first village,
https://bitcointalksearch.org/topic/m.4690322 # msg4690322
Hash check.

This is getting more and more disturbing! What's happening?



Cracking 5 words is cracking 5 x 1 word

lol.... It isn't.

Other than that, i feel like this is appearing far too often for it to be random.
5xxk NXT stolen
108k NXT stolen
12,5k NXT stolen

All have the same pattern (thus being not related to EpicThomas)

Before we go into panic modes, wasn't the red line of them all that they used passwords that weren't really strong?
This account also purchased aliases, albeit 4 days prior.  I'm wondering if a webpage can get a listing of your url history?  When you register an alias, the secretphrase is in plain text in the URL.  Purging history after an alias purchase should always be done.  Also, don't buy alias on your main account.
Zahlen
member
Activity: 98
Merit: 10
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:01:47 PM
#23970
Quote from: v39453 on January 25, 2014, 02:51:30 PM
Quote from: Zahlen on January 25, 2014, 02:19:15 PM
I need help with http://wiki.nxtcrypto.org/wiki/How-To:GenerateStrongPassword. I've looked at many sites that describe how to generate strong passwords. I find most unsatisfactory.

The example password "Tammy's#18bdayBIGpartyDroppedshibesweaterinpoolGMasonUsoon:(3yearsislong" on that page is weak.

Generating a NXT password is basically the same problem as creating a Bitcoin private key. bitaddress.org is to my knowledge a fairly trusted site. You can take the private key it generates and use it as your password.

The human brain should not be used to generate a password because it is not a good source of randomness.

KeePass estimates 324 bit entropy for that passphrase. That's more bits than a NXT account with public key.

I'm not for trusting third party sites or software to do generation, though others may feel differently. I do welcome different views on the wiki Smiley Feel free to register (PM joefox, the wiki admin) and edit, or comment in the talk page.

EDIT: Well, now that we've talked so much about that phrase, it's certainly become weak  Cheesy
Passion_ltc
hero member
Activity: 714
Merit: 500
Crypti Community Manager
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:01:15 PM
#23969
Please vote which feature you want to see next on nxtion.com!


And thanks to the donator. THANK YOU very much! Smiley
opticalcarrier
full member
Activity: 238
Merit: 100
Re: NXT :: descendant of Bitcoin - Updated Information
January 25, 2014, 03:00:39 PM
#23968
Has anyone here contacted theymos yet about looking for that ip address that was on the thiefs digex acount?
Pages:
Bitcoin Forum>Alternate cryptocurrencies>Announcements (Altcoins)
Jump to: