Who was it who cried wolf about Bitcoinica? Would you call them "rita repulsa?"
There comes a point when you are obviously wrong and you just like to keep on going with it. For fuck sakes nimda, what is your point, exactly?
My point is that you should get your cert signed.
Hmm... I notice that unlike me, you are only taking select pieces of my post out of context to reply to them. I'd prefer if you did what I do and reply to the whole message. Wasn't it you who accused me of "ignoring what people say?"
That's right, you have a rep for ignoring what people say and justifying your own behavior and ideas.
If you say so. I hope you'll notice, however, that instead of ignoring what you're saying, I am splitting up the quote and responding to every last bit of it.
HTTPS does not even prevent man in the middle attacks; this was shown years ago and you still drone on about it.
HTTPS is certainly useful, however. It makes attacks more difficult and mitigates many threats.
Get a yubikey and go away.
Honestly, this is a little off-topic, but a yubikey is not much more secure than 2-factor auth with a cellphone, and I already own a cellphone. Coinbase does this correctly.
If hotwallet becomes popular I'll spend the bitcoin it takes to buy a certificate.
I hope that end-users are smart enough to not make hotwallet popular without a cert.
But for now, please just stop being annoying.
I'll try.
A public sign means jack shit.
Yeah, that's why Google, MtGox, Microsoft, Bitcointalk.org don't have public signs either, because they're useless. Oh, wait...
I might as well post the public key right here. If you trust that I am usagi then you would have to trust the public key I post. I could sign it with my GPG. Then what would you say?
It's better than nothing, but it probably won't help traffic to your site very much. A big, red warning is a turnoff for the non-technical.
As for not signing Theymos's public key, who cares? When you said that you sounded like a nitpicking idiot.
It was an example. I'm not signing theymos' public key, and I'm certainly not signing Hotwallet's. Especially given that I consider theymos more trustworthy than Hotwallet.
You wanna talk security? There are dozens of people trying to crack hotwallet right now, not flapping their lips queefing on a forum just talking about it. I've had over 50 SSL injection attacks in the last 3 days on the login page alone. What's the point of getting an independently certified SSL certificate if you can be hacked in some other way or of there's some other gaping security flaw? I loved it when you said that you were wondering what other security holes there were. Yeah I can imagine. All you do is wonder. Like the guy that said he doesn't see any evidence that it's secure. Well frankly I'm not surprised.
I'll come back to this last bit; I g2g.
If you can't point out an actual security flaw, please just stop posting on this thread. In fact please delete your posts so far. You've pretty much ruined it already.
[/quote]
Dozens? That's impressive. How many dozen?
No, I will not delete my posts. Especially given the fact that you've only quoted parts of them.