Topic: This is very bad... - page 2. (Read 6770 times)

Quote from: Cusipzzz on March 28, 2011, 03:32:06 PM

Is an SSL certificate really worth signing? The fact that such a thing needs to be paid for is even more laughable.

this is a 5 MILLION $ economy, if we are stupid enough to not pay 120$ to potential do A LOT of good to bitcoins, well....

A lot of good? What? To soothe the ones who don't want to go through the trouble of adding a self-signed certificate? Heh.

more bitcoin users and miners in the long run = +++++++++++++++++++++++ in my books, specially at the low cost of a SSL cert

in the long run, it will turn away many potential miners and bitcoin traders, and we will lose much more than what the SSL cert is worth. DO NOT OVERESTIMATE THE PEOPLE OF THE INTERWEBZ

Do you not get that people sometimes get a big red DONT TRUST THIS SITE from their browsers? they trust their browsers, not some random site they probably went to see if they could make $$ with their GPU (which sounds a bit doubtful to the normal person)

?

Activity: -

Merit: -

Quote from: ? on March 28, 2011, 03:30:39 PM

Quote from: ? on March 28, 2011, 03:30:39 PM

Is an SSL certificate really worth signing? The fact that such a thing needs to be paid for is even more laughable.

this is a 5 MILLION $ economy, if we are stupid enough to not pay 120$ to potential do A LOT of good to bitcoins, well....

A lot of good? What? To soothe the ones who don't want to go through the trouble of adding a self-signed certificate? Heh.

yes. make it regular-joe friendly.

The average person probably doesn't care too much for HTTPS. It's doubtful they even know what it is.

Cusipzzz

sr. member

Activity: 334

Merit: 250

Is an SSL certificate really worth signing? The fact that such a thing needs to be paid for is even more laughable.

this is a 5 MILLION $ economy, if we are stupid enough to not pay 120$ to potential do A LOT of good to bitcoins, well....

A lot of good? What? To soothe the ones who don't want to go through the trouble of adding a self-signed certificate? Heh.

yes. make it regular-joe friendly.

?

Activity: -

Merit: -

Is an SSL certificate really worth signing? The fact that such a thing needs to be paid for is even more laughable.

this is a 5 MILLION $ economy, if we are stupid enough to not pay 120$ to potential do A LOT of good to bitcoins, well....

A lot of good? What? To soothe the ones who don't want to go through the trouble of adding a self-signed certificate? Heh.

nster

full member

Activity: 126

Merit: 100

Quote from: grue on March 28, 2011, 11:01:47 AM

Is an SSL certificate really worth signing? The fact that such a thing needs to be paid for is even more laughable.

this is a 5 MILLION $ economy, if we are stupid enough to not pay 120$ to potential do A LOT of good to bitcoins, well....

river

Activity: -

Merit: -

why don't they just get one of the cheap $9 dollar (Fiat) garbage ones .. just to shut up the browser and people from complaining. Simple.

?

Activity: -

Merit: -

Is an SSL certificate really worth signing? The fact that such a thing needs to be paid for is even more laughable.

spenvo

member

Activity: 81

Merit: 10

I'm with everyone else: I laughed out loud when I was that our SSL certificate was not signed by a CA.

Can we not get 120 bucks together? Or at the very least have an address to donate/fund the SSL cert?

kiba

legendary

Activity: 980

Merit: 1020

I don't have winblow, so I can't test.

eideteker

newbie

Activity: 13

Merit: 0

Just ran Malwarebytes, bitcoin did not show up as a threat.

casascius

vip

Activity: 1386

Merit: 1140

The Casascius 1oz 10BTC Silver Round (w/ Gold B)

bitcoin executable is clean:
http://www.virustotal.com/file-scan/report.html?id=813a970b749b7a01692597774d077d89ba6e6735d62eceebe53dda479c5f2b0e-1301327690

0/42

i think your .exe got tampered with, or it got infected by a virus.

Malwarebytes isn't listed here, should we be looking for another name?

grue

legendary

Activity: 2058

Merit: 1452

bitcoin executable is clean:
http://www.virustotal.com/file-scan/report.html?id=813a970b749b7a01692597774d077d89ba6e6735d62eceebe53dda479c5f2b0e-1301327690

0/42

i think your .exe got tampered with, or it got infected by a virus.

Mike Hearn

legendary

Activity: 1526

Merit: 1134

Need to do a few things:

1) File an FP report with MalwareBytes including the log file we have

2) Ensure Windows binaries are always signed. Not just the download but all EXEs and DLLs involved.

Judging from the screenshot, MalwareBytes is using heuristics to try and spot malware. Most likely the combination of a hard-coded IRC server and HTTP related strings trigger it, as legitimate IRC software will (a) have a known signature reputation and (b) probably not be downloading things via HTTP.

It is indeed very unfortunate. I'm not sure what the Windows build process currently looks like, but I think Gavin has set up a VM somewhere for it. Hopefully he knows how to include certificates into the compiled binaries.

Jered Kenna (TradeHill)

sr. member

Activity: 420

Merit: 250

Quote from: casascius on March 28, 2011, 10:05:43 AM

Well.., to be honest, one of my websites, for a few month now, has fb account with 4k facebook recommendations. Otherwise no, no twitters, no facebooks, dinosaur it is.

This is pretty much how I feel about facebook http://www.theonion.com/video/cias-facebook-program-dramatically-cut-agencys-cos,19753/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+OnionNewsNetwork+%28Onion+News+Network%29&utm_content=Google+International

Watch that if you haven't seen it Vlad.

Sorry to get off topic here...

Jered Kenna (TradeHill)

sr. member

Activity: 420

Merit: 250

They probably treat everything that listens on a socket and not in a whitelist as a trojan. I'd say this outfit can be simply ignored.

One of the most used anti-viruses giving a false-positive for the BitCoin client can be ignored Huh

Perspective from a new user: they visit this site called Bitcoin.org that makes their browser warn them that this site shouldn't be trusted (because we still can't get a proper SSL even though it's been brought up repeatedly for months)... and then they download an executable which their antivirus says is a virus...

and we expect their natural conclusion should be, "Oh, this is no problem. I'll send my money to MtGox shortly".

I agree, what's the hold up on the SSL?

And no facebook Vlad? I wish I had never made one, it's evil.

casascius

vip

Activity: 1386

Merit: 1140

The Casascius 1oz 10BTC Silver Round (w/ Gold B)

Quote from: sortedmush on March 28, 2011, 09:00:17 AM

They probably treat everything that listens on a socket and not in a whitelist as a trojan. I'd say this outfit can be simply ignored.

One of the most used anti-viruses giving a false-positive for the BitCoin client can be ignored Huh

Perspective from a new user: they visit this site called Bitcoin.org that makes their browser warn them that this site shouldn't be trusted (because we still can't get a proper SSL even though it's been brought up repeatedly for months)... and then they download an executable which their antivirus says is a virus...

and we expect their natural conclusion should be, "Oh, this is no problem. I'll send my money to MtGox shortly".

MacRohard

full member

Activity: 212

Merit: 100

They have a false positive reporting procedure.

http://forums.malwarebytes.org/index.php?showtopic=3228

Heh. The support guy is telling off the CEO for answering a question?

sortedmush

full member

Activity: 140

Merit: 100

They have a false positive reporting procedure.

http://forums.malwarebytes.org/index.php?showtopic=3228

kiba

legendary

Activity: 980

Merit: 1020