No comments from @gmaxwell yet?
Doesn't look like it
Topic: This message was too old and has been purged - page 2. (Read 9288 times)
Doesn't look like it
Shame. I'd feel pretty badly treated if I were EK, nothing but venom hurled his way and then didn't even acknowledge his ideas when he gave them away for free.
Check his claims history. Big waster of time, historically.
So that makes what appears to be a proven exploit less significant? Get down off your high horse
No comments from @gmaxwell yet?
Shame. I'd feel pretty badly treated if I were EK, nothing but venom hurled his way and then didn't even acknowledge his ideas when he gave them away for free.
Check his claims history. Big waster of time, historically.
Yes, we truly do need some sort of decentralized bounty reward system for users who contribute to fixing exploits and bugs. It does take a considerable amount of time and resources to work and fix flaws and exploits such as these. It's in the best interest of everyone involved within Bitcoin to have these problems addressed and remedied.
I see both sides of the spectrum here and depending on the severity of the exploit and the effort used to research it should depend on the bounty paid. This is the only problem with Open Source software and developers working on these projects. It's hard to financially justify dedicating hours and hours of free work with little reward rather than recognition and self improvement. Once a decentralized bounty system is in place then I believe we will truly see great effort put forth in all of our favorite OSS projects (Tor, Gnupgp, Bitcoin, Keepass, etc).
Thanks for your time and effort spent in researching this, and I do appreciate and hope you responsibly handle your discoveries rather than illicitly exploiting them for personal gain.
I see both sides of the spectrum here and depending on the severity of the exploit and the effort used to research it should depend on the bounty paid. This is the only problem with Open Source software and developers working on these projects. It's hard to financially justify dedicating hours and hours of free work with little reward rather than recognition and self improvement. Once a decentralized bounty system is in place then I believe we will truly see great effort put forth in all of our favorite OSS projects (Tor, Gnupgp, Bitcoin, Keepass, etc).
Thanks for your time and effort spent in researching this, and I do appreciate and hope you responsibly handle your discoveries rather than illicitly exploiting them for personal gain.
Shame. I'd feel pretty badly treated if I were EK, nothing but venom hurled his way and then didn't even acknowledge his ideas when he gave them away for free.
I guess no news are no news.
News?
This message was too old and has been purged
Out of curiosity have you attempted this on the namecoin network lately?
I'm sure it will work there too but that isn't the reason I ask.
I'm sure it will work there too but that isn't the reason I ask.
Perhaps gmaxwell doesn't want to say anything until there is a fix -- keeping a lid on the problem so it doesn't become a problem for the network.
If that's the case it'd be good if he can at least confirm it does exist and is being worked on so both quickseller and him remove their negative feedbacks.
Perhaps gmaxwell doesn't want to say anything until there is a fix -- keeping a lid on the problem so it doesn't become a problem for the network.
So Evil-Knievel, care to enlighten us on what happened? Give us your version.
Yes, the NXT developers have a very good bounty program. It made fun to hack for a month back then, and afterall I received 100.000 NXT as a bounty.
We Nxt people like it when others break our toys.
It benefits us to make our platform stronger. 
So no more replies from gmaxwell? Were his claims credible?
This message was too old and has been purged
Even though he has sent the bug to gmaxwell to be reviews, why did he already get a negative trust ?
Self-proclaimed internet-sheriff's blind anger. Questionable behaviour, I agree.
Speaking about questionable behaviour... To me "Hey, I found a critical bug. I will inform you about it for BTC10" sounds an awful lot like "Hey, I can break your legs. For $2000 I won't".
No, because then he'd be saying if you don't pay me the 10 btc I'm going to start shooting down every node I see until it's fixed.
Rather he simply wants to be compensated for his time spent digging into the code and finding a vulnerability.
To those who believe the Bitcoin Foundation should not offer these bounties I ask why does the EFF offer bounties and prizes?
Edit: Has gmaxwell verified the claim sent by PM yet?
I realise that, which is why I said "sounds an awful lot like". Obviously he wants compensation for his work, which is alright. He's just not packaging his request that nicely. He's obviously rubbing people the wrong way. If he were to present it nicer he would be more likely to get what he wantstm.
Also the EFF offers those bounties to give people an incentive to go out and find issues. Evil-Knievel doesn't need such an incentive. He goes out looking with no prospect of a reward, only to request it upon finding something.
It's like finding someone's wallet. If you return it do you demand $10? Or do you just give it back and accept whatever reward they give? And how does that change if the owner put out posters offering a reward for finding their wallet?
Anyway, bottom line is that if he found an issue he deserves something. But there's no obligation for anyone to give him what he deserves.
If I am not mistaken, Evil Knievel discovered a flaw in the NXT code last year and received a reward. So I think he should be taken seriously.
While some may not like his approach, there is nothing illegal or wrong or unethical about it. He spent his own time and resources to discover the exploit, and if he feels he deserves 10BTC for it, then so be it. Whether anyone takes up his offer is another matter altogether. Leaving him negative ratings and attacking his motives sets a negative precedent for the future. Not everyone is just willing to volunteer their time and effort for free, open source or otherwise. Isn't Bitcoin all about free market?
He could have sold the exploit to a short selling whale or a Bitcoin detractor and get paid more than 10BTC. Bitcoin as a whole would've suffered.
I suggest everyone keep their judgement GMaxwell responds.
Just for the record: The bitcoind node, that redsn0w has set up on a VPS Server was shotdown within less than 10 seconds; the bitcoind node consumed so much CPU and memory that the entire server stopped working. Even a login via SSH was not possible anymore.
I can "confirm" but it was only a small droplet with the basic specifics. These were the ghraps:
I don't know what he did, I've suggested him to try with other linux machine (not vps) and maybe someone here can help him.
So no more replies from gmaxwell? Were his claims credible?
This message was too old and has been purged
Jump to: