Pages:
Author

Topic: Re: [AXIOM] AxiomMemHash, Schnorr Sigs Implemented, APOS 3.0, AXH 2.0 Proposed - page 81. (Read 204903 times)

legendary
Activity: 2688
Merit: 1240
The strange thing to me was that one of the stollen wallets was unlocked only for staking. IDK how the thief got that one - it was fully encrypted ...

possibly a keylogger ...

windows is riddled with stuff like that ...

especially if you have punched the keyword / password in there recently ...

#crysx

a keylogger is not enough... you need to send the stuff somewhere, or at least open a remote port...

Still I think it is in the RPC interface somewhere. He had it open for the internet like me and with the same result. Does the wallet create logging of RPC commands?

Yes, in debug.log
copper member
Activity: 1024
Merit: 513
txbit.io - cryptocurrency exchange
The strange thing to me was that one of the stollen wallets was unlocked only for staking. IDK how the thief got that one - it was fully encrypted ...

possibly a keylogger ...

windows is riddled with stuff like that ...

especially if you have punched the keyword / password in there recently ...

#crysx

a keylogger is not enough... you need to send the stuff somewhere, or at least open a remote port...

Still I think it is in the RPC interface somewhere. He had it open for the internet like me and with the same result. Does the wallet create logging of RPC commands?
legendary
Activity: 1484
Merit: 1082
ccminer/cpuminer developer
The strange thing to me was that one of the stollen wallets was unlocked only for staking. IDK how the thief got that one - it was fully encrypted ...

possibly a keylogger ...

windows is riddled with stuff like that ...

especially if you have punched the keyword / password in there recently ...

#crysx

a keylogger is not enough... you need to send the stuff somewhere, or at least open a remote port...
copper member
Activity: 1024
Merit: 513
txbit.io - cryptocurrency exchange
better, and seems to allow https too... will try their free one first

I already have the free one and it is a perfect solution for personal ssl websites. On the other hand, the free version can not do code signing. (Technicaly possible, but restricted by the key usage)
legendary
Activity: 2912
Merit: 1091
--- ChainWorks Industries ---
maybe he got it before you encrypted it... else you can trust my personal windows builds (they are on github)... i might code sign them in the future...

if somebody know a cheap way to do it... (a place to buy signatures for personal users)

yup - can trust his compiles AND the mans word implicitly ...

not sure how you would do that epsylon3 ...

#crysx
legendary
Activity: 2912
Merit: 1091
--- ChainWorks Industries ---
The strange thing to me was that one of the stollen wallets was unlocked only for staking. IDK how the thief got that one - it was fully encrypted ...

possibly a keylogger ...

windows is riddled with stuff like that ...

especially if you have punched the keyword / password in there recently ...

#crysx
legendary
Activity: 1484
Merit: 1082
ccminer/cpuminer developer
better, and seems to allow https too... will try their free one first
copper member
Activity: 1024
Merit: 513
txbit.io - cryptocurrency exchange
even the apple store one is cheaper than that, paying 100$ is the max i can...

Maybe startssl is an option for 59 dollar per year: http://www.startssl.com/  check out "StartSSL™ Verified"
legendary
Activity: 1484
Merit: 1082
ccminer/cpuminer developer
even the apple store one is cheaper than that, paying 100$ is the max i can...
copper member
Activity: 1024
Merit: 513
txbit.io - cryptocurrency exchange
@Dev: Can you please tell what random generator you use for generating private keys? I can wrestle myself through code here, but it is more efficient to just ask.
copper member
Activity: 1024
Merit: 513
txbit.io - cryptocurrency exchange
yep, not really cheap... 330$/yr to be "trusted" by smartscreen pfff and ... not by antiviruses :;p

The main thing is that users can determine if it is from the original source. The smartscreen trust is not really worth something and antivirus is not dependend of digital signatures. And yes, it is very expensive for personal use.
legendary
Activity: 1484
Merit: 1082
ccminer/cpuminer developer
yep, not really cheap... 330$/yr to be "trusted" by smartscreen pfff and ... not by antiviruses :;p
legendary
Activity: 1484
Merit: 1082
ccminer/cpuminer developer
i never build linux binaries, source code is made for that... just built one for my shield tablet today ^^

for windows its another problem... i dont want to force users to install vstudio or mingw64
copper member
Activity: 1024
Merit: 513
txbit.io - cryptocurrency exchange
maybe he got it before you encrypted it... else you can trust my personal windows builds (they are on github)... i might code sign them in the future...

if somebody know a cheap way to do it... (a place to buy signatures for personal users)

You can use a PGP/GPG key pair to sign the binary. Then you must just make sure that someone trustworthy has signed your key. Perhaps you have gone through a key party in the past? You can generate a key pair with several tools eg. Kleopatra.

If you are willing to spend the money, you can buy a code signing certificate from one of the CSP's

https://www.digicert.com/code-signing/
legendary
Activity: 1638
Merit: 1013
maybe he got it before you encrypted it... else you can trust my personal windows builds (they are on github)... i might code sign them in the future...

if somebody know a cheap way to do it... (a place to buy signatures for personal users)

You can use a PGP/GPG key pair to sign the binary. Then you must just make sure that someone trustworthy has signed your key. Perhaps you have gone through a key party in the past? You can generate a key pair with several tools eg. Kleopatra.
copper member
Activity: 1024
Merit: 513
txbit.io - cryptocurrency exchange
I do know what I am talking about regarding cryptography, it is my job. Explain to me what is wrong with my explanation if you know it better.

Ok, answer the following for me:

1) Can you tell me the key length of the private key of a wallet?
2) Can you tell me who "chooses" the private key - the "wallet" or the user?
3) At which point does the redundancy of the language come into play - a) upon private key generation or b) when a user decides to encrypt his wallet with a password of his choosing?
4) After you have explained 1-3 can you explain the relevance of the users wallet password and redundancy of a language to the private key in the wallet and how you will derive the private key of the private/public key pair from the public key if you happen to obtain the users wallet password from a rainbow table of some sorts that you are referring to?

Sure I can:

1) The lenght is 256 bit or 32 bytes if you like
2) The input for the hash function that produces the private key can be from human input or from a (strong) random generator (that is built into the wallet)
3) If I understand this question right: In both situations
4) It is not about getting the users wallet password with a rainbow table. See answer 2 where it is possible to have human input (so called brain wallet) for the hash function that results in the private key. Also see the details of the sausage example.




It is only in the case of where a private key of a public/private key pair is a function of a human input, that the redundancy of the user's language could potentially cause a reduction of the key space. If you do the maths it is not feasible to create a rainbow table for 256bits and in addition there is not enough computing power in existence today to attempt that.

Of course that is true, but I did not say that a rainbow table is good for brute forcing the complete 256bit space. In fact it is pretty worthless in that case. (Although it might be fun to do it)
legendary
Activity: 1638
Merit: 1013
I do know what I am talking about regarding cryptography, it is my job. Explain to me what is wrong with my explanation if you know it better.

Ok, answer the following for me:

1) Can you tell me the key length of the private key of a wallet?
2) Can you tell me who "chooses" the private key - the "wallet" or the user?
3) At which point does the redundancy of the language come into play - a) upon private key generation or b) when a user decides to encrypt his wallet with a password of his choosing?
4) After you have explained 1-3 can you explain the relevance of the users wallet password and redundancy of a language to the private key in the wallet and how you will derive the private key of the private/public key pair from the public key if you happen to obtain the users wallet password from a rainbow table of some sorts that you are referring to?

Sure I can:

1) The lenght is 256 bit or 32 bytes if you like
2) The input for the hash function that produces the private key can be from human input or from a (strong) random generator (that is built into the wallet)
3) If I understand this question right: In both situations
4) It is not about getting the users wallet password with a rainbow table. See answer 2 where it is possible to have human input (so called brain wallet) for the hash function that results in the private key. Also see the details of the sausage example.




It is only in the case of where a private key of a public/private key pair is a function of a human input, that the redundancy of the user's language could potentially cause a reduction of the key space. If you do the maths it is not feasible to create a rainbow table for 256bits and in addition there is not enough computing power in existence today to attempt that.
legendary
Activity: 1512
Merit: 1000
quarkchain.io
maybe he got it before you encrypted it... else you can trust my personal windows builds (they are on github)... i might code sign them in the future...

if somebody know a cheap way to do it... (a place to buy signatures for personal users)

It were encrypted "ages ago" and the pass was strong , very strong. It was zipped and downloaded from my appdata folder....
EDIT: I know your releases are legit, following your work long time ago...
legendary
Activity: 1484
Merit: 1082
ccminer/cpuminer developer
maybe he got it before you encrypted it... else you can trust my personal windows builds (they are on github)... i might code sign them in the future...

if somebody know a cheap way to do it... (a place to buy signatures for personal users)
hero member
Activity: 798
Merit: 1000
which miner?
from the first page https://mega.co.nz/#!MQ8nkA7C!geDKX8ROONKzQrDYL96KLfJTwPNI3AK5SdtPxjz5E-8 ?
Pages:
Jump to: