Private Project: Crypto-Safe.io | Bitcointalksearch.org

arabspaceship123

full member

Activity: 896

Merit: 193

web developer for hire

We don't know his intentions. It's just a random site that's it he hasn't history behind it. Even it's Microsoft or Apple who's putting their private keys on their servers?

We shouldn't trust only because he says it's safe to trust the encryption. It isn't safe we shouldn't trust it.

Quote from: Pmalek on June 19, 2022, 03:43:44 AM

That's a terrible idea. I have no idea what intentions you have, maybe they are bad, maybe they aren't, but there is no reason to trust a random site with personal information. There are many offline ways to secure seeds and passwords and they should never be stored on someone's server somewhere. Since when did your keys your coins become everyone's keys, but still only your coins?

Hopefully you can use the feedback from this thread to create something the community will find useful, not privacy and security invasive.

Pmalek

legendary

Activity: 2730

Merit: 7065

That's a terrible idea. I have no idea what intentions you have, maybe they are bad, maybe they aren't, but there is no reason to trust a random site with personal information. There are many offline ways to secure seeds and passwords and they should never be stored on someone's server somewhere. Since when did your keys your coins become everyone's keys, but still only your coins?

Hopefully you can use the feedback from this thread to create something the community will find useful, not privacy and security invasive.

arabspaceship123

full member

Activity: 896

Merit: 193

web developer for hire

He won't be able to make it successful so it's going to be dropped when his hosting deals expires. It isn't a business it's a hope he's feeling it'll make him money. I can't see him harvesting enough data for selling because it's not going to get far. How's he going to generate hits in the first step ?

Quote from: Kakmakr on June 17, 2022, 03:05:30 AM

Now, just for clarification ...

Are you still going to collect all of that information, even if you say that it was just a mistake by simply re-using a ToS from another site and not reading it?

Also... having the information online will have challenges on it's own... (Keyloggers on the user side, will grab the information when it is captured on your site or Malware can hijack the information when it is send back from your site) <== MITM attack

Are you planning to sell the site, once it is successful ? (Change of ownership will bring more challenges)

Kakmakr

legendary

Activity: 3542

Merit: 1965

Leading Crypto Sports Betting & Casino Platform

Now, just for clarification ...

Are you still going to collect all of that information, even if you say that it was just a mistake by simply re-using a ToS from another site and not reading it?

Also... having the information online will have challenges on it's own... (Keyloggers on the user side, will grab the information when it is captured on your site or Malware can hijack the information when it is send back from your site) <== MITM attack

Are you planning to sell the site, once it is successful ? (Change of ownership will bring more challenges)

arabspaceship123

full member

Activity: 896

Merit: 193

web developer for hire

Thanks you mentioned Bitwarden it's 3rd party audited. I didn't see it before. I'm agreeing closed source shouldn't be trusted.

Quote from: ?? on ??

First of all, who's the target of your project? Your project isn't suitable for those who have very serious security/privacy concern or bother use self-hosted software/separate offline computer.

Quote from: arabspaceship123 on June 09, 2022, 11:00:37 AM

Established password managers do the job well so what's different about yours ?

1Password
NordPass
Dashlane
LastPass

While those cloud password manager has been around for some time, take note all of them are closed-source. Consider BitWarden if you prefer self-hosted/cloud service with better transparency.

arabspaceship123

full member

Activity: 896

Merit: 193

web developer for hire

Established password managers do the job well so what's different about yours ?

1Password
NordPass
Dashlane
LastPass

I can't trust newbie password websites or established sites. I wouldn't do it but given choices I'd prefer using text files for my private keys. It's easy to upload on storage after it's encrypted on computer. Who'd trust your website it's risky business keeping keys and passwords on devices that don't belong to you.

Quote from: Crypto-Safe on June 03, 2022, 07:01:54 AM

Hello my friends,

Today I wanted to introduce you to a project I've been working on for a few months and it's finally time to go live with it. I would be happy if you take the time to look at the project

All in all, it's about a Crypto Safe that stores your data in encrypted form (AES-256 block cipher). This includes accounts, passwords, notes and soon also files and bitcoin wallets that you can generate with one click.
If you have any questions about the development or want to know more details, then let me know!

Long story short, here is the website (there is already an iPhone app - an Android app and a Chrome extension will be available soon):
https://crypto-safe.io

iPhone App: https://apps.apple.com/us/app/cryptosafe-your-secure-safe/id1624789739

Thanks and have a nice day!

BTC

hugeblack

legendary

Activity: 2702

Merit: 4002

What would happen if your site suddenly disappeared?

Quote

Every action on your account is logged
We take privacy and security very seriously.

Unfortunately your project will not be supported because you are talking about privacy data collection, storage and yet you don't have a legal/privacy team even you said you didn't write the privacy page yourself.

There is no policy to determine how data is shared, who can delete it, who can view it, what happens if there is a breach and so on.
Making it open source will not help much, but making it self-hosted and with the possibility of the user managing his data.

In general, focusing on privacy is not a commercially profitable thing, so if you are trying to make a profit from your project, it will be a difficult thing.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: dkbit98 on June 03, 2022, 08:35:04 AM

Sorry, but

I'm going to be less subtle.

Your entire website is a TERRIBLE idea! First thing I see:

Quote from: Crypto-Safe on June 03, 2022, 08:56:42 AM

I copied the privacy policy and terms of use from the Internet and did not write them myself Cheesy

Be honest: did you even read what you copied?

The Cryptovator

legendary

Activity: 2408

Merit: 2226

Signature space for rent

Not a good idea so far. I don't even store by password and seed phrase on any online device. So how will I use your site to store wallet credentials even its open source? Anything could happen at any time over the internet, so I can't trust a third-party website for storing credentials. Rather than I always use my notebook in real life to store everything related to crypto. So even if I forget credentials my notebook helps to recover my wallets or accounts.

And plagiarism content is an unprofessional move so far. It look like another red sign for users. I am not a fan of that kind of service.

Crypto-Safe

newbie

Activity: 3

Merit: 0

Quote from: dkbit98 on June 03, 2022, 09:02:56 AM

Sure, making it open source would be much better, but that doesn't mean it's automatically better just because it has open source code.

I'll start with that

But just because it's open source doesn't make it better, you're right! Let's see what that brings.

Quote from: dkbit98 on June 03, 2022, 09:02:56 AM

Amateur move Tongue

Now you could face accusations for plagiarism, so I would suggest that you change that and write your own terms and policy that matches services you are offering.
You can't just copy paste random text stuff found on internet, without single explanation how your service and wallets really works.
Having something like this fully centralized and controlled by single entity is a big NO for me.

Haha, yes I never read stuff like that myself. I'm actually just a developer and not a lawyer Grin

I'll update the terms of use and privacy policy.
Anyway, thanks for your input, I really appreciate it!

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: Crypto-Safe on June 03, 2022, 08:56:42 AM

What would you suggest as I can improve the whole thing? Make the code open source?

Sure, making it open source would be much better, but that doesn't mean it's automatically better just because it has open source code.

Quote from: Crypto-Safe on June 03, 2022, 08:56:42 AM

I copied the privacy policy and terms of use from the Internet and did not write them myself Cheesy

Amateur move Tongue

Now you could face accusations for plagiarism, so I would suggest that you change that and write your own terms and policy that matches services you are offering.
You can't just copy paste random text stuff found on internet, without single explanation how your service and wallets really works.
Having something like this fully centralized and controlled by single entity is a big NO for me.

Crypto-Safe

newbie

Activity: 3

Merit: 0

Quote from: dkbit98 on June 03, 2022, 08:35:04 AM

Sorry, but I would NEVER use your website for storing any of my passwords or bitcoin wallets, and I have good reason for that.
After reading your privacy policy and terms of use, I saw that you can at any time ask users for their personal information like Name, Date of birth, Social media profiles, Phone number, Home or Work address, payment information, etc.
You are collecting all those information along with users IP address and you can share with with any third parties you want...
There is no information about bitcoin wallets you are creating with Bitcoin Core node, but I suspect those wallets are custodial for users, or you have some control over keys.

If I need to use password generator there are great open source alternatives like KeePass and I don't have to send them any of my personal information, same goes for bitcoin wallets like Electrum or my own Bitcoin Core node.

Thanks for your reply and for checking out the website! Kiss

What would you suggest as I can improve the whole thing? Make the code open source?
I copied the privacy policy and terms of use from the Internet and did not write them myself Cheesy

dkbit98

legendary

Activity: 2212

Merit: 7064

Sorry, but I would NEVER use your website for storing any of my passwords or bitcoin wallets, and I have good reason for that.
After reading your privacy policy and terms of use, I saw that you can at any time ask users for their personal information like Name, Date of birth, Social media profiles, Phone number, Home or Work address, payment information, etc.
You are collecting all those information along with users IP address and you can share with with any third parties you want...
There is no information about bitcoin wallets you are creating with Bitcoin Core node, but I suspect those wallets are custodial for users, or you have some control over keys.

If I need to use password generator there are great open source alternatives like KeePass and I don't have to send them any of my personal information, same goes for bitcoin wallets like Electrum or my own Bitcoin Core node.

Crypto-Safe

newbie

Activity: 3

Merit: 0

Hello my friends,

Today I wanted to introduce you to a project I've been working on for a few months and it's finally time to go live with it. I would be happy if you take the time to look at the project

All in all, it's about a Crypto Safe that stores your data in encrypted form (AES-256 block cipher). This includes accounts, passwords, notes and soon also files and bitcoin wallets that you can generate with one click.
If you have any questions about the development or want to know more details, then let me know!

Long story short, here is the website (there is already an iPhone app - an Android app and a Chrome extension will be available soon):
https://crypto-safe.io

iPhone App: https://apps.apple.com/us/app/cryptosafe-your-secure-safe/id1624789739

Thanks and have a nice day!

BTC

Topic: Private Project: Crypto-Safe.io (Read 314 times)