Someone just got Nxt stolen on forum:
Edit:
https://nextcoin.org/index.php/topic,2014.0.html
Topic: NXT :: descendant of Bitcoin - Updated Information - page 1942. (Read 2761645 times)
wrong thread, you need to post this in the exchange support thread, dgex thread? or we have 2 exchanges now, please post there.
No I think he sent his BTC by mistake AFTER the fundraiser was over.
CfB pls advise.
Do I have to msg someone about it or it will be sent automatically to every address?
No I think he sent his BTC by mistake AFTER the fundraiser was over.
CfB pls advise.
CfB pls advise.
oh sorry, my bad, with a lot of ppl posting on exchange issues in this thread.
Guys, I just wanna remind about my BTC that I sent to 1BCN1ugdKdWd9pQ8Am9hMhtHZfmbXzxE8a
Am I supposed to get them back on 3rd January?
If so, I'd like to clarify:
0.0175 BTC
My BTC wallet: 1DTyh359GysoFaqeT7WYuZPUap77XpSLWn
TxID: 6e45a21c77349d6f314c1f023f4faf2c9f4a91bf2ad133b25d1c43cea5d2a7b8
Thanks.
Am I supposed to get them back on 3rd January?
If so, I'd like to clarify:
0.0175 BTC
My BTC wallet: 1DTyh359GysoFaqeT7WYuZPUap77XpSLWn
TxID: 6e45a21c77349d6f314c1f023f4faf2c9f4a91bf2ad133b25d1c43cea5d2a7b8
Thanks.
wrong thread, you need to post this in the exchange support thread, dgex thread? or we have 2 exchanges now, please post there.
No I think he sent his BTC by mistake AFTER the fundraiser was over.
CfB pls advise.
Guys, I just wanna remind about my BTC that I sent to 1BCN1ugdKdWd9pQ8Am9hMhtHZfmbXzxE8a
Am I supposed to get them back on 3rd January?
If so, I'd like to clarify:
0.0175 BTC
My BTC wallet: 1DTyh359GysoFaqeT7WYuZPUap77XpSLWn
TxID: 6e45a21c77349d6f314c1f023f4faf2c9f4a91bf2ad133b25d1c43cea5d2a7b8
Thanks.
Am I supposed to get them back on 3rd January?
If so, I'd like to clarify:
0.0175 BTC
My BTC wallet: 1DTyh359GysoFaqeT7WYuZPUap77XpSLWn
TxID: 6e45a21c77349d6f314c1f023f4faf2c9f4a91bf2ad133b25d1c43cea5d2a7b8
Thanks.
wrong thread, you need to post this in the exchange support thread, dgex thread? or we have 2 exchanges now, please post there.
Guys, I just wanna remind about my BTC that I sent to 1BCN1ugdKdWd9pQ8Am9hMhtHZfmbXzxE8a
Am I supposed to get them back on 3rd January?
If so, I'd like to clarify:
0.0175 BTC
My BTC wallet: 1DTyh359GysoFaqeT7WYuZPUap77XpSLWn
TxID: 6e45a21c77349d6f314c1f023f4faf2c9f4a91bf2ad133b25d1c43cea5d2a7b8
Thanks.
Am I supposed to get them back on 3rd January?
If so, I'd like to clarify:
0.0175 BTC
My BTC wallet: 1DTyh359GysoFaqeT7WYuZPUap77XpSLWn
TxID: 6e45a21c77349d6f314c1f023f4faf2c9f4a91bf2ad133b25d1c43cea5d2a7b8
Thanks.
REGARDING NXT CLIENT EXPLOIT
Be sure to check the sha256 hash of your download with the official sha256 hash of NRS from Come-from-Beyond. On the main page, I only list the sha256 hash of the official NRS version from Come-from-Beyond. MAKE SURE THE SHA256 HASH OF YOUR DOWNLOAD MATCHES! Even if you download it from the link I provide on the main page, CHECK THE HASH TO MAKE SURE IT MATCHES! Download links can be compromised! BE CAREFUL!
All links to download NRS should point to Come-from-Beyond's post on Bitcointalk.org. Having separate locations hosting the client is a bad idea. Too many people then have access to modify the download link. Please make sure to delete all references to other NRS downloads from the website, nxtcrypto.org, the forums and the wiki.
To determine which NRS version contains the exploit, you need to run the sha256 hash of the download and compare it to the official sha256 hash I have listed in the first post. Please, do this and report your findings to the community. THIS IS OF UTMOST IMPORTANCE!
On linux the command to check the sha256 hash is:
sha256sum 'path_to_NRS_download'
Be sure to check the sha256 hash of your download with the official sha256 hash of NRS from Come-from-Beyond. On the main page, I only list the sha256 hash of the official NRS version from Come-from-Beyond. MAKE SURE THE SHA256 HASH OF YOUR DOWNLOAD MATCHES! Even if you download it from the link I provide on the main page, CHECK THE HASH TO MAKE SURE IT MATCHES! Download links can be compromised! BE CAREFUL!
All links to download NRS should point to Come-from-Beyond's post on Bitcointalk.org. Having separate locations hosting the client is a bad idea. Too many people then have access to modify the download link. Please make sure to delete all references to other NRS downloads from the website, nxtcrypto.org, the forums and the wiki.
To determine which NRS version contains the exploit, you need to run the sha256 hash of the download and compare it to the official sha256 hash I have listed in the first post. Please, do this and report your findings to the community. THIS IS OF UTMOST IMPORTANCE!
On linux the command to check the sha256 hash is:
sha256sum 'path_to_NRS_download'
And EVERYBODY needs to create COMPLETELY NEW ACCOUNTS with NEW PASSWORDS. Because your old one *might* have been compromised. I myself can't remember whether I used the wrong client, so I created a new account and moved my funds - JUST TO BE SURE. EVERYONE SHOULD DO THIS.
2nd
I am pretty sure that I never used the bad client but I did this also just to be 100% safe. It is good advise.
intel, when PaulyC reported the theft, lots of people besides EvilDave were suggesting possibilities. The most commonly suggested was keylogger. I remember someone posted something like
1) SHA256 and Elliptic Curve algo broken: 0.0001%
2) Keylogger: 80%
3) Bogus client: 10%
4) Rogue node: 10%
1) SHA256 and Elliptic Curve algo broken: 0.0001%
2) Keylogger: 80%
3) Bogus client: 10%
4) Rogue node: 10%
yeah, so it was #3, I was leaning more towards #2, but oh well, #3 has a good chance too as it turned out, since all these automatic installation packages rolling out gave people a false sense of security, and they could download from any link that says 'nxt.zip' in it. Not all, but some do. It was a good lesson on security. It's good to know that SHA256 is still rock solid.
if you haven't already, don't forget to vote for Hash's logo here: https://nextcoin.org/index.php/topic,1927.0.html
Can we put in place a block on all previous clients (from inside blockchain) until the fresh secure client is release on an urgent basis?
Regarding the unclaimed coins: Tomorrow is the very last day when legit owners can claim them! Hurry up!
Hm, I wonder if target is going up because everyone is transferring to new accounts?
REGARDING NXT CLIENT EXPLOIT
Be sure to check the sha256 hash of your download with the official sha256 hash of NRS from Come-from-Beyond. On the main page, I only list the sha256 hash of the official NRS version from Come-from-Beyond. MAKE SURE THE SHA256 HASH OF YOUR DOWNLOAD MATCHES! Even if you download it from the link I provide on the main page, CHECK THE HASH TO MAKE SURE IT MATCHES! Download links can be compromised! BE CAREFUL!
All links to download NRS should point to Come-from-Beyond's post on Bitcointalk.org. Having separate locations hosting the client is a bad idea. Too many people then have access to modify the download link. Please make sure to delete all references to other NRS downloads from the website, nxtcrypto.org, the forums and the wiki.
To determine which NRS version contains the exploit, you need to run the sha256 hash of the download and compare it to the official sha256 hash I have listed in the first post. Please, do this and report your findings to the community. THIS IS OF UTMOST IMPORTANCE!
On linux the command to check the sha256 hash is:
sha256sum 'path_to_NRS_download'
Be sure to check the sha256 hash of your download with the official sha256 hash of NRS from Come-from-Beyond. On the main page, I only list the sha256 hash of the official NRS version from Come-from-Beyond. MAKE SURE THE SHA256 HASH OF YOUR DOWNLOAD MATCHES! Even if you download it from the link I provide on the main page, CHECK THE HASH TO MAKE SURE IT MATCHES! Download links can be compromised! BE CAREFUL!
All links to download NRS should point to Come-from-Beyond's post on Bitcointalk.org. Having separate locations hosting the client is a bad idea. Too many people then have access to modify the download link. Please make sure to delete all references to other NRS downloads from the website, nxtcrypto.org, the forums and the wiki.
To determine which NRS version contains the exploit, you need to run the sha256 hash of the download and compare it to the official sha256 hash I have listed in the first post. Please, do this and report your findings to the community. THIS IS OF UTMOST IMPORTANCE!
On linux the command to check the sha256 hash is:
sha256sum 'path_to_NRS_download'
And EVERYBODY needs to create COMPLETELY NEW ACCOUNTS with NEW PASSWORDS. Because your old one *might* have been compromised. I myself can't remember whether I used the wrong client, so I created a new account and moved my funds - JUST TO BE SURE. EVERYONE SHOULD DO THIS.
Block explorer gives me an error (yet works fine for my account), but 22k.io shows a 200 NXT transfer.
can anyone else see account # 14592641999125872769 on the explorer? if you search 408269093319763437 you will see the transaction that i used to send coins to it. But just an error when i try to look up the account.
REGARDING NXT CLIENT EXPLOIT
Be sure to check the sha256 hash of your download with the official sha256 hash of NRS from Come-from-Beyond. On the main page, I only list the sha256 hash of the official NRS version from Come-from-Beyond. MAKE SURE THE SHA256 HASH OF YOUR DOWNLOAD MATCHES! Even if you download it from the link I provide on the main page, CHECK THE HASH TO MAKE SURE IT MATCHES! Download links can be compromised! BE CAREFUL!
All links to download NRS should point to Come-from-Beyond's post on Bitcointalk.org. Having separate locations hosting the client is a bad idea. Too many people then have access to modify the download link. Please make sure to delete all references to other NRS downloads from the website, nxtcrypto.org, the forums and the wiki.
To determine which NRS version contains the exploit, you need to run the sha256 hash of the download and compare it to the official sha256 hash I have listed in the first post. Please, do this and report your findings to the community. THIS IS OF UTMOST IMPORTANCE!
On linux the command to check the sha256 hash is:
sha256sum 'path_to_NRS_download'
Be sure to check the sha256 hash of your download with the official sha256 hash of NRS from Come-from-Beyond. On the main page, I only list the sha256 hash of the official NRS version from Come-from-Beyond. MAKE SURE THE SHA256 HASH OF YOUR DOWNLOAD MATCHES! Even if you download it from the link I provide on the main page, CHECK THE HASH TO MAKE SURE IT MATCHES! Download links can be compromised! BE CAREFUL!
All links to download NRS should point to Come-from-Beyond's post on Bitcointalk.org. Having separate locations hosting the client is a bad idea. Too many people then have access to modify the download link. Please make sure to delete all references to other NRS downloads from the website, nxtcrypto.org, the forums and the wiki.
To determine which NRS version contains the exploit, you need to run the sha256 hash of the download and compare it to the official sha256 hash I have listed in the first post. Please, do this and report your findings to the community. THIS IS OF UTMOST IMPORTANCE!
On linux the command to check the sha256 hash is:
sha256sum 'path_to_NRS_download'
Can Windows Installer be trusted?
link: https://nextcoin.org/index.php/topic,1902.0.html
I didn't realize my dear Nxt could have been stolen easily until just now.
We can never be too cautious, right?
link: https://nextcoin.org/index.php/topic,1902.0.html
I didn't realize my dear Nxt could have been stolen easily until just now.
We can never be too cautious, right?
CfB
Architecture question.
All nodes run the same software, each maintaining synchronized copy of blockchain
Your reflex objection to any secondary authentication is that it can only be implemented using some sort of centralized method, defeating the robustness gained from the distributed nature.
I have been thinking about this at a high level this afternoon, so I am sure not all the details are right, but conceptually if we can implement a "centralized" type of action when all the nodes are running the same software and replicating the same dataset, then authentication could be implemented in a distributed context.
Correct or incorrect?
James
Architecture question.
All nodes run the same software, each maintaining synchronized copy of blockchain
Your reflex objection to any secondary authentication is that it can only be implemented using some sort of centralized method, defeating the robustness gained from the distributed nature.
I have been thinking about this at a high level this afternoon, so I am sure not all the details are right, but conceptually if we can implement a "centralized" type of action when all the nodes are running the same software and replicating the same dataset, then authentication could be implemented in a distributed context.
Correct or incorrect?
James
Maybe. Do u have an example of an authentication flow? The description is quite vague.
Looks like block explorer is back up!
http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=13891739725946840876
http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=13891739725946840876
Jump to: