Author

Topic: WARNING: Paycoin XPY Josh Garza & Co. (Read 1291 times)

legendary
Activity: 1512
Merit: 1057
SpacePirate.io
December 31, 2014, 07:47:47 PM
#14

That was a good article on the situation... I'm afraid GAW has stuck their foot in it this time for sure.  Another Mt. Gox in the making, very disturbing.
legendary
Activity: 1148
Merit: 1014
In Satoshi I Trust
legendary
Activity: 3654
Merit: 8909
https://bpip.org
December 31, 2014, 05:25:51 PM
#12
As many of us know, the best encryption/security is only as good as their dumbest programmer/developer.  Roll Eyes

How many more hints does Mr. Garza need in order to finally do something about this continuous pattern of failure?

Well the programmers here know hes referring to his SSL encryption, which every fucking site uses. It would be like bragging you could access their site with a web browser, its expected functionality for any service where you can login.

I thought SSL isnt good due to the whole love bug thing recently. But what else can a website do besides SSL? theres not that many choices.

In this specific case they could start by not exposing private information to random strangers. SSL exploit is one thing, but this is a whole new level of fail.
member
Activity: 83
Merit: 10
December 31, 2014, 03:03:05 PM
#11
As many of us know, the best encryption/security is only as good as their dumbest programmer/developer.  Roll Eyes

How many more hints does Mr. Garza need in order to finally do something about this continuous pattern of failure?

Well the programmers here know hes referring to his SSL encryption, which every fucking site uses. It would be like bragging you could access their site with a web browser, its expected functionality for any service where you can login.

I thought SSL isnt good due to the whole love bug thing recently. But what else can a website do besides SSL? theres not that many choices.
newbie
Activity: 28
Merit: 0
December 31, 2014, 02:42:16 PM
#10
As many of us know, the best encryption/security is only as good as their dumbest programmer/developer.  Roll Eyes

How many more hints does Mr. Garza need in order to finally do something about this continuous pattern of failure?

Well the programmers here know hes referring to his SSL encryption, which every fucking site uses. It would be like bragging you could access their site with a web browser, its expected functionality for any service where you can login.
full member
Activity: 141
Merit: 100
Cryptocoin Dabbler
December 31, 2014, 01:35:34 PM
#9
As many of us know, the best encryption/security is only as good as their dumbest programmer/developer.  Roll Eyes

How many more hints does Mr. Garza need in order to finally do something about this continuous pattern of failure?
hero member
Activity: 1316
Merit: 502
December 31, 2014, 01:27:34 PM
#8
bump for Coinfire.

Do you have the URL where the promise of CIA level security was made?


right on the front page:

https://paybase.com/

Quote
The funds you deposit into your wallet are protected by
the same protection used by the CIA and all major banks.

https://archive.today/BMlHw#selection-459.0-467.56

hero member
Activity: 994
Merit: 500
December 31, 2014, 01:19:44 PM
#7
bump for Coinfire.

Do you have the URL where the promise of CIA level security was made?

I would really like to take a gander at this as well. It would be great to see a link or something of the nature.
sr. member
Activity: 322
Merit: 250
Online at CoinFire.io
December 31, 2014, 01:15:59 PM
#6
bump for Coinfire.

Do you have the URL where the promise of CIA level security was made?
hero member
Activity: 1316
Merit: 502
December 31, 2014, 12:50:26 PM
#5
bump for Coinfire.
hero member
Activity: 1316
Merit: 502
December 31, 2014, 12:15:56 PM
#4
On going discussion, other examples and demo's can be found here:

https://bitcointalk.org/index.php?topic=857670.11320

newbie
Activity: 12
Merit: 0
December 31, 2014, 12:14:57 PM
#3
lol. This is true?
Is there any source to check it out everything or read the people comments?

Personally I didn't bought any XPY but this security issue can be a problem for some people...
Yes, can confirm. Had a nice chat with the chap who's account I had access to on hashtalk.
legendary
Activity: 1960
Merit: 1130
Truth will out!
December 31, 2014, 12:11:37 PM
#2
lol. This is true?
Is there any source to check it out everything or read the people comments?

Personally I didn't bought any XPY but this security issue can be a problem for some people...
hero member
Activity: 1316
Merit: 502
December 31, 2014, 12:08:39 PM
#1
Single largest privacy breach to date has occurred with the long awaited launch of the much vaunted 'paybase.com', the impenetrable online wallet marketed by GAWMINER company and its owner Homero J Garza as being as secure as the "CIA"

Quote
The funds you deposit into your wallet are protected by the same protection used by the CIA and all major banks

Owing to the continued incompetence displayed by this start up company, all accounts have been breached by simply attempting to log into your own account. What that means is when you log into your account you magically appear in someone else's account due to no fault of your own.

The privacy breach is in the fact that that user's account contains there email address and balance e.g.:



and





and many many more

From this information it is trivial to learn the location and country of the user who's account you have been logged into. With information it is even less trivial to resort to informing the user by the displayed email, that should he not hand over a certain sum, you will report him to his local tax authority, which clearly by using this crypto service he is trying to avoid.

No need to try to withdrawal the sum in his account at all. A mere phishing attempt if indeed he is hiding his assets is all that is required.

All accounts on this incredibly insecure platform called "paybase.com" have been exposed by this.

Be aware.

[ see: https://bitcointalk.org/index.php?topic=857670.11340 ]
Jump to: