Pages:
Author

Topic: Ridiculous to send signed message to recover hacked account. (Read 732 times)

newbie
Activity: 51
Merit: 0
My account was hacked recently too. Luckily, since I have been here for years, I have BTC addresses in several threads, some of them locked (so the hacker could never edit them). And I could sign any of them.

I already sent proof to Cyrus a couple of days ago and now im waiting. I have objectively speaking all proof needed to prove the account "manselr" is me, so if the admins are legit (and I don't have a reason to think they aren't) they will recover my account (hopefully it doesn't take ages, because verifying the signed message takes 2 minutes to be honest). I will just wait, but im sure I will get it back.

Good luck to you.

At the current rate it's unlikely to be recovered. If you check the other threads in Meta even accounts with signed messages aren't getting restored or at best they have to wait weeks/months. Accounts could be restored by doing a bit of investigation on IPs etc but it's not foolproof and the forum currently doesn't have the manpower to do even that unfortunately.

On the new forum at least there will be multiple 2FA options to secure your account but I know that doesn't help you right now.

I have enough cryptographic proof for manselr being my account that not restoring it would be like claiming 2+2 isn't 4, so I will just wait. If by november I still don't have my account restored then I will need an explanation for it because that would be nonsense.
member
Activity: 420
Merit: 13
Okay, so I see this sshole Turkish hacker changed my password on October 11th from https://bitcointalk.org/seclog.php.
Fucking bad luck.
My computer got struck by lightning and had to go for repair just 1 day before.

I hope someone will lock that Dorky account down and make it unusable.

But I have a big hunch that someone will say, "Hey Dorky, I am never gonna fucking help you unless you send a signed bitcoin message. Because we accept Bitcoin only here. Fuck your email confirmation solution. Fuck your explanation about using the same email for both that hacked account and this. Fuck your explanation about Dorky's hidden signature before the hack. Fuck you, and fuck you hard. I fucking repeat myself, if you don't send me a signed bitcoin message, you are 100% guaranteed fucked."

Hey, man. Relax. The world was still doing fine before the blockchain existed. The world will still do fine if blockchain goes extinct. Your demand for just one and only solution for validation is outright ridiculous, man. And you even know it. But something tells me you have hidden vested interest in enforcing signed bitcoin messages. I never meet a man/woman/team that is honest in his/her/its business would be as rigid and inflexible as you.
member
Activity: 420
Merit: 13
My account was hacked recently too. Luckily, since I have been here for years, I have BTC addresses in several threads, some of them locked (so the hacker could never edit them). And I could sign any of them.

I already sent proof to Cyrus a couple of days ago and now im waiting. I have objectively speaking all proof needed to prove the account "manselr" is me, so if the admins are legit (and I don't have a reason to think they aren't) they will recover my account (hopefully it doesn't take ages, because verifying the signed message takes 2 minutes to be honest). I will just wait, but im sure I will get it back.

Good luck to you.

At the current rate it's unlikely to be recovered. If you check the other threads in Meta even accounts with signed messages aren't getting restored or at best they have to wait weeks/months. Accounts could be restored by doing a bit of investigation on IPs etc but it's not foolproof and the forum currently doesn't have the manpower to do even that unfortunately.

On the new forum at least there will be multiple 2FA options to secure your account but I know that doesn't help you right now.
newbie
Activity: 51
Merit: 0
My account was hacked recently too. Luckily, since I have been here for years, I have BTC addresses in several threads, some of them locked (so the hacker could never edit them). And I could sign any of them.

I already sent proof to Cyrus a couple of days ago and now im waiting. I have objectively speaking all proof needed to prove the account "manselr" is me, so if the admins are legit (and I don't have a reason to think they aren't) they will recover my account (hopefully it doesn't take ages, because verifying the signed message takes 2 minutes to be honest). I will just wait, but im sure I will get it back.
member
Activity: 420
Merit: 13
Why cant the bitcointalk forum use the same ways to protect accounts as any other forum? Im not fighting the current system with signing a bitcoin trans but is there any particular reason why f2a is not used?

From what I just found, bitcointalk account hacking is an elaborate inside job scam.
And shockingly, such hacking operation is actually ongoing since more than 3 years ago.
full member
Activity: 201
Merit: 100
Why cant the bitcointalk forum use the same ways to protect accounts as any other forum? Im not fighting the current system with signing a bitcoin trans but is there any particular reason why f2a is not used? Also why has there all of a sudden been an increase in the number of accounts hacked? Status for the airdrops?
member
Activity: 420
Merit: 13
I am beginning to see.
This whole thing with over 1000+ hacked accounts is an elaborate scam.
Some members said this scam is perpetrated by just 1 to 2 persons.
Very shameless and sinful entities (Theymos and Cyrus).

Shit, this bitcointalk forum is no longer credible to me.
member
Activity: 420
Merit: 13
I know my signature was changed to displaying the Genesis Vision bounty link after it got hacked, after October 10th.
Before the hack, my signature was displaying the Bible's Matthew 6:19-21 verse.
So if the admin really care, he can easily look into the signature portion of the investigation.

In fact I wrote down 2 verses in my signature and another personal statement about bitcoin and ethereum, in total 2 verses and 1 statement (consider it 3 sets of line).
I spaced each line enough so that my signature only show 1 line while the other 2 remain hidden from view.

This feature, not a single member here can ever know, except the hacker that has now changed my signature to a bounty link, I myself (since I was the original owner), and the admin, assuming every changes to the signature is recorded.

Edit:
In fact there is absolutely no need for a staked address, assuming changes to the signature is recorded, as the admin will be able to easily validate my statement. If yes, that means I am the real owner. Otherwise, I must be one hell of a superb hacker myself for being able to know or see thru all the hidden lines of a signature of another member.

Edit #2:
Similarly, if every changes to the email setting is also recorded, then I can also easily tell the admin what's the original email address before the hack.
I can also tell the admin what's contained in that hacked account's PM, although I say I cannot remember everything in it.
member
Activity: 420
Merit: 13
@Dorkie this is very unfortunate, but what can you do. Undecided

Do you by any chance have sent a PM to anyone on this forum a Bitcoin address you can currently sign a message with? That might help your case if that person could then be contacted to quote your PM.

Now you know the importance of staking addresses... Unfortunately you have had to learn the hard way. Sad

No I did not stake any address. I was not aware of this until I got hacked. At first, I stumbled upon many comments that their accounts got hacked and I thought this wouldn't happen to me, but now it did.

Staking address is a solution, but I disagree it is the one and only solution. I am not saying it is stupid, nonsense, useless, etc. I am just saying fully dependent on just a single solution without regard to other alternatives is ridiculous. How would things turn out differently for everyone if the system makes sure the email registered with an account will never be changed? The hacker would have to hack Yahoo! or Google or Hotmail, which definitely have way much higher security measures than this forum.
full member
Activity: 322
Merit: 134
@Dorkie this is very unfortunate, but what can you do. Undecided

Do you by any chance have sent a PM to anyone on this forum a Bitcoin address you can currently sign a message with? That might help your case if that person could then be contacted to quote your PM.

Now you know the importance of staking addresses... Unfortunately you have had to learn the hard way. Sad
member
Activity: 420
Merit: 13
Your points are invalid. I personally am grateful for this feature as it prevents people from just saying "Help, my account was hacked, please change password and email".

I recently was placed in a situation where there was someone pretending the be the original owner of my account. The only thing that blocked him from taking my account was the fact that I could sign a message from a staked address.


Sorry for your loss, but that's the reason why we have a thread for staking your address. For your next account do that and you will be 100% secure.


Now what if the hacker cannot change the email?

Yes, of course he can still ask to change password, in which the request will be sent to your email, not his.

You need to understand people from their perspective.

Not everyone who register for an account in this forum will instantaneously know he should stake his address.

Expecting everyone to know this instantaneously right after registration is like expecting an impossible feat from you.
hero member
Activity: 1232
Merit: 683
Tontogether | Save Smart & Win Big
Your points are invalid. I personally am grateful for this feature as it prevents people from just saying "Help, my account was hacked, please change password and email".

I recently was placed in a situation where there was someone pretending the be the original owner of my account. The only thing that blocked him from taking my account was the fact that I could sign a message from a staked address.


Sorry for your loss, but that's the reason why we have a thread for staking your address. For your next account do that and you will be 100% secure.
member
Activity: 420
Merit: 13
I believe I have already made my points clear.
If you still fail to understand any of my points, its your own defect.
You may continue with your pathetic bickering, trying hard to impress me.
But only because you think I care.

Yeah, you are right. It is painful holding 1 losing garbage out of........... 4 winners.
I was hoping I would have all 5 winners. Too bad.

If you know that there is no way I know everything about this forum, then why even bother figuring out if I do?
Nonsense.

Why do you think I would know everything about this forum, just as why do you think you would know everything about my argument?
You apparently know nothing about it and are most definitely not capable of knowing everything, thus I doubt anyone would think that to begin with.

There is everything wrong if legitimacy is totally dependent only on one single solution (as if there is no other solution that humans cannot think of).
Completely incorrect assumption and statement. Continuing to derail this thread isn't going to help you come to solution either. Then again, bagholding all that garbage must be painful. Roll Eyes

How much time have you spent writing these replies?

A stupid person may spend many minutes (if not hours or days) writing what I write.
For a natural like me (go check out my Dorky old posts), it comes naturally to me.

Lol, not capable of knowing everything.
I bet your comment is very on-topic.

Continuing to derail this thread?
If you were not born into this world, I bet this thread would have done fine.

I can confidently say you are very much off topic.
I can bet the moderator will do nothing about your comment.
I can bet I will be proven right.

Edit:
Please bear in mind that you are now engaging in personal attacks.

Edit #2:
If you want to know what it means to be helpful, you can learn from "hilarious", the first person to reply to this thread.
He was very helpful, informative, and to the point.
I was actually going somewhere with his input, until a jackass (you) appeared and spoiled (and continue to do so) everything.
legendary
Activity: 2674
Merit: 3000
Terminated.
Why do you think I would know everything about this forum, just as why do you think you would know everything about my argument?
You apparently know nothing about it and are most definitely not capable of knowing everything, thus I doubt anyone would think that to begin with.

There is everything wrong if legitimacy is totally dependent only on one single solution (as if there is no other solution that humans cannot think of).
Completely incorrect assumption and statement. Continuing to derail this thread isn't going to help you come to solution either. Then again, bagholding all that garbage must be painful. Roll Eyes

How much time have you spent writing these replies?
member
Activity: 420
Merit: 13
Why do you think I would know everything about this forum, just as why do you think you would know everything about my argument?
I will only know everything about this forum if I am the webmaster at the very least.
You would know a little bit more about me if you stop all your childish attitudes.

Vitalik is a corporate sellout/idiot, yes.

If you think bitcoin is itself not a shitcoin, then you are seriously more naive than you can ever realize.
If you think bitcoin and the rest are all shitcoin, then I suppose you have a mission here.
If you want to bark, make sure to bark at the right tree.

The posts are on-topic. Ironically, now you're the one who is breaking the forum rules. Roll Eyes

I am amazed that calling me an idiot that wasted time on unspecified shitcoin is on-topic.
If I were to do the same on you, my comment would have been deleted.
Yes, I understand the inherent bias in every human.
You think you are objective?
Of course you can say you are, just like everyone else does.
But then you would actually earn my respect if you admit that you are not, which is actually a challenge for people of your kind.

There's nothing wrong with that. Actions have consequences, and consequences tend to be nice lessons when you fail to educate yourself on time. There's some much irony in here that it's almost funny. Roll Eyes

There is nothing wrong with requiring signed bitcoin messages as a solution.
There is everything wrong if legitimacy is totally dependent only on one single solution (as if there is no other solution that humans cannot think of).

You obviously have a challenge in understanding simple points of argument.
I am sorry.
legendary
Activity: 2674
Merit: 3000
Terminated.
Like I keep saying, I posted NO addresses here and in my PM. That shole hacker might even delete all my old PMs if he is reading this. I don't understand why do you even think that's effective.
You persist with making assumptions when you clearly lack adequate knowledge about this forum. If you delete your PM, it is not gone. The other party still has it, thus it remains in the database. If both parties delete the PM, then it still likely to be found in a backup. However, accessing these backups is hard and time consuming. Therefore, theymos would not likely do it for some random account.

The only 2 persons that I can think of that can 100% confidently vouch for me are my fellow forum members that I posted to them discussing about some of your so-called "shitcoin" (you might as well say Vitalik is the father of shitcoins since Ethereum is the origin of most of them).
Vitalik is a corporate sellout/idiot, yes.

Moderator, why is this person's comment that I am an idiot that wasted time on shitcoins be allowed to remain without deletion?
The posts are on-topic. Ironically, now you're the one who is breaking the forum rules. Roll Eyes

The only reason why I said this is ridiculous is because such method is the one and only method accepted to validate an account, which if a member never posted any address, not from bitcoin not from any altcoin and not from any shitcoin, then his hacked account is as good as 100% guaranteed gone.
There's nothing wrong with that. Actions have consequences, and consequences tend to be nice lessons when you fail to educate yourself on time. There's some much irony in here that it's almost funny. Roll Eyes
member
Activity: 420
Merit: 13
I understand the reason why a signed message from bitcoin address is a valid way to recover a hacked account.
I am no idiot on the reason why.
The only reason why I said this is ridiculous is because such method is the one and only method accepted to validate an account, which if a member never posted any address, not from bitcoin not from any altcoin and not from any shitcoin, then his hacked account is as good as 100% guaranteed gone.
This is the reason why I said it is ridiculous, certainly has absolutely nothing to do with naivety.
Come to think of this, how did businesses recover stolen/hacked account before the time of blockchain?
Can we say ALL accounts that got stolen/hacked before the existence of the blockchain were 100% not recoverable?
Surely if we think signed message from bitcoin address is the one and only solution is itself not a form of naivety, then I don't know what is.
And while some hacker can fake being hacked (nothing can leave the human imagination), we should also be clear that a person may be a genuine victim of a hack despite posting no bitcoin address.
Although it would be very hard to prove the victim is genuinely a victim, the fact that the whole investigation rely solely on signed bitcoin messages is itself ridiculous.
If the email address cannot be edited, then any hacked account would not be permanent as the rightful owner can simply request for a new password recovery.
If the email address can be edited, then complications arise, thus requiring signed bitcoin messages.
If we are worried that the user might lose his email too, then the forum can do 2nd validation through the user's phone.
If we are worried the user might lose his email, lose his phone and his account gets hacked all at the same time, then I believe that would be sheer bad luck.
It would be as bad luck as stacking a bitcoin address here but the user can't send signed message because he happen to lose his wallet/private key too.
The person that accuse me of being naive is outright insulting and not helping even a tiny.
member
Activity: 420
Merit: 13
Moderator, why is this person's comment that I am an idiot that wasted time on shitcoins be allowed to remain without deletion?

1. Please specify why I am an idiot.
2. Please specify which coin is a shitcoin and why is that so.
3. Please specify how identifying that I am an idiot that wasted time on shitcoins will help solve my problem.

If this Lauda person cannot even furnish any explanation, then why is such insults remain without deletion?

And whether I am smart or wise or otherwise is none of your business.
Because I am here trying to solve my problem.
Let me shorten it into layman terms for you, had you not been a idiot and (allegedly) wasted your time with shitcoins, then this would already have been solved (or never happened to begin with). I am not surprised that you couldn't sacrifice 30 seconds of your *valuable* time to secure your account. Roll Eyes
member
Activity: 420
Merit: 13
It is very clear to me that you cannot help me.
Had you been reading what I was writing, instead of focusing replying, you'd know that this has already been mentioned. There are two people that might be able to help you, if you are unable to provide anything substantial that is considered evidence here.

No, my PM is so fresh with this account it is almost clean. There is no bitcoin address used in my PM.
I am talking about the account Dorky, which is quite old. Do you mean to imply that you've not used any altcoin address via PM? PGP key? DOX?

Have you been directly straight to the point, we would not have wasted time on petty argument resulted from your false intellect.

I know 2 people, as past victims mentioned, Theymos and Cyrus.

Like I keep saying, I posted NO addresses here and in my PM. That shole hacker might even delete all my old PMs if he is reading this. I don't understand why do you even think that's effective.

The only 2 persons that I can think of that can 100% confidently vouch for me are my fellow forum members that I posted to them discussing about some of your so-called "shitcoin" (you might as well say Vitalik is the father of shitcoins since Ethereum is the origin of most of them).

I only posted some Bible verses in my signature. Now the asshole hacker replaced it with some Genesis Vision bounty signature.
legendary
Activity: 2674
Merit: 3000
Terminated.
It is very clear to me that you cannot help me.
Had you been reading what I was writing, instead of focusing replying, you'd know that this has already been mentioned. There are two people that might be able to help you, if you are unable to provide anything substantial that is considered evidence here.

No, my PM is so fresh with this account it is almost clean. There is no bitcoin address used in my PM.
I am talking about the account Dorky, which is quite old. Do you mean to imply that you've not used any altcoin address via PM? PGP key? DOX?
Pages:
Jump to: