Pages:
Author

Topic: StrongCoin key leak. - page 2. (Read 4662 times)

sr. member
Activity: 262
Merit: 250
April 03, 2013, 08:14:18 AM
#14
As far as online wallets go, StrongCoin seems pretty secure, but is there any legitimate reason to use an online wallet?

(Unless you were stupid enough to buy a Chromebook, then I have no sympathy for you)

Benefits are.

1. Ease of use, nothing to install.
2. You don't have to do your own backups.
3. Accessible from anywhere.
sr. member
Activity: 350
Merit: 251
April 03, 2013, 08:08:38 AM
#13
As far as online wallets go, StrongCoin seems pretty secure, but is there any legitimate reason to use an online wallet?

(Unless you were stupid enough to buy a Chromebook, then I have no sympathy for you)
legendary
Activity: 1736
Merit: 1000
Truly decentralized stable asset
April 03, 2013, 07:08:34 AM
#12
Quote from: [email protected]
Over the easter weekend due to a bug in the strongcoin interface hackers were able to access all encrypted private keys held on the Strongcoin server. This means for people who had weak passwords on their keys or people who had a lot of information in their clue field the BTC may have already been stolen.

This is a thread to answer questions on the StrongCoin key and clue field leak.

1) what was the bug? what do you mean by "interface"?
2) what are you doing to prevent such bugs from occurring again?
3) do you know of anyone's coins being stolen?

1. It was possible to change the id in a URL and see another users encrypted key. That is now fixed.
2. I'm posting a notice on the site to advise people to use longer passwords. There was already a widget to give the user feedback as to how strong there password was.
3. Yes.

This sounds like the whole source code of the site should undergo a very tight review and penetration testing ASAP.

^THIS
hero member
Activity: 504
Merit: 500
FPGA Mining LLC
April 03, 2013, 06:57:49 AM
#11
Quote from: [email protected]
Over the easter weekend due to a bug in the strongcoin interface hackers were able to access all encrypted private keys held on the Strongcoin server. This means for people who had weak passwords on their keys or people who had a lot of information in their clue field the BTC may have already been stolen.

This is a thread to answer questions on the StrongCoin key and clue field leak.

1) what was the bug? what do you mean by "interface"?
2) what are you doing to prevent such bugs from occurring again?
3) do you know of anyone's coins being stolen?

1. It was possible to change the id in a URL and see another users encrypted key. That is now fixed.
2. I'm posting a notice on the site to advise people to use longer passwords. There was already a widget to give the user feedback as to how strong there password was.
3. Yes.

This sounds like the whole source code of the site should undergo a very tight review and penetration testing ASAP.
vip
Activity: 1316
Merit: 1043
👻
April 03, 2013, 06:35:21 AM
#10
LOL, why would anyone want to use it exactly.

No.
sr. member
Activity: 262
Merit: 250
April 03, 2013, 06:31:36 AM
#9
Quote from: [email protected]
Over the easter weekend due to a bug in the strongcoin interface hackers were able to access all encrypted private keys held on the Strongcoin server. This means for people who had weak passwords on their keys or people who had a lot of information in their clue field the BTC may have already been stolen.

This is a thread to answer questions on the StrongCoin key and clue field leak.

1) what was the bug? what do you mean by "interface"?
2) what are you doing to prevent such bugs from occurring again?
3) do you know of anyone's coins being stolen?

1. It was possible to change the id in a URL and see another users encrypted key. That is now fixed.
2. I'm posting a notice on the site to advise people to use longer passwords. There was already a widget to give the user feedback as to how strong there password was.
3. Yes.
hero member
Activity: 900
Merit: 1000
Crypto Geek
April 03, 2013, 06:09:20 AM
#8
I see I signed up for it at some point. Balance is zero. Perhaps it always was. Can't remember and there's no history. O well...

deja vu, never mind :p !
full member
Activity: 126
Merit: 100
April 03, 2013, 05:55:53 AM
#7
Can you explain what happened? I looked at strongcoin once but compared to blockchain.info they didn't seem to offer much.
full member
Activity: 580
Merit: 108
April 03, 2013, 05:42:31 AM
#6
I used StrongCoin once. Then I seen their 1% fee. Seriously? I can transfer my own money for free and more securely.
member
Activity: 117
Merit: 10
April 03, 2013, 05:39:51 AM
#5
newbie
Activity: 44
Merit: 0
April 03, 2013, 05:35:59 AM
#4
Quote from: [email protected]
Over the easter weekend due to a bug in the strongcoin interface hackers were able to access all encrypted private keys held on the Strongcoin server. This means for people who had weak passwords on their keys or people who had a lot of information in their clue field the BTC may have already been stolen.

This is a thread to answer questions on the StrongCoin key and clue field leak.

1) what was the bug? what do you mean by "interface"?
2) what are you doing to prevent such bugs from occurring again?
3) do you know of anyone's coins being stolen?
rme
hero member
Activity: 756
Merit: 504
April 03, 2013, 05:01:08 AM
#3
sr. member
Activity: 252
Merit: 250
April 03, 2013, 02:51:33 AM
#2
this is me caring
sr. member
Activity: 262
Merit: 250
April 03, 2013, 02:46:02 AM
#1
This is a thread to answer questions on the StrongCoin key and clue field leak.
Pages:
Jump to: