Topic: WARNING: Paycoin XPY Josh Garza & Co. (Read 1267 times)
That was a good article on the situation... I'm afraid GAW has stuck their foot in it this time for sure. Another Mt. Gox in the making, very disturbing.
As many of us know, the best encryption/security is only as good as their dumbest programmer/developer. 
How many more hints does Mr. Garza need in order to finally do something about this continuous pattern of failure?
How many more hints does Mr. Garza need in order to finally do something about this continuous pattern of failure?
Well the programmers here know hes referring to his SSL encryption, which every fucking site uses. It would be like bragging you could access their site with a web browser, its expected functionality for any service where you can login.
I thought SSL isnt good due to the whole love bug thing recently. But what else can a website do besides SSL? theres not that many choices.
In this specific case they could start by not exposing private information to random strangers. SSL exploit is one thing, but this is a whole new level of fail.
As many of us know, the best encryption/security is only as good as their dumbest programmer/developer.
How many more hints does Mr. Garza need in order to finally do something about this continuous pattern of failure?
How many more hints does Mr. Garza need in order to finally do something about this continuous pattern of failure?
Well the programmers here know hes referring to his SSL encryption, which every fucking site uses. It would be like bragging you could access their site with a web browser, its expected functionality for any service where you can login.
I thought SSL isnt good due to the whole love bug thing recently. But what else can a website do besides SSL? theres not that many choices.
As many of us know, the best encryption/security is only as good as their dumbest programmer/developer.
How many more hints does Mr. Garza need in order to finally do something about this continuous pattern of failure?
How many more hints does Mr. Garza need in order to finally do something about this continuous pattern of failure?
Well the programmers here know hes referring to his SSL encryption, which every fucking site uses. It would be like bragging you could access their site with a web browser, its expected functionality for any service where you can login.
As many of us know, the best encryption/security is only as good as their dumbest programmer/developer.
How many more hints does Mr. Garza need in order to finally do something about this continuous pattern of failure?
How many more hints does Mr. Garza need in order to finally do something about this continuous pattern of failure?
bump for Coinfire.
Do you have the URL where the promise of CIA level security was made?
right on the front page:
https://paybase.com/
Quote
The funds you deposit into your wallet are protected by
the same protection used by the CIA and all major banks.
the same protection used by the CIA and all major banks.
https://archive.today/BMlHw#selection-459.0-467.56
bump for Coinfire.
Do you have the URL where the promise of CIA level security was made?
I would really like to take a gander at this as well. It would be great to see a link or something of the nature.
bump for Coinfire.
Do you have the URL where the promise of CIA level security was made?
bump for Coinfire.
On going discussion, other examples and demo's can be found here:
https://bitcointalk.org/index.php?topic=857670.11320
https://bitcointalk.org/index.php?topic=857670.11320
lol. This is true?
Is there any source to check it out everything or read the people comments?
Personally I didn't bought any XPY but this security issue can be a problem for some people...
Yes, can confirm. Had a nice chat with the chap who's account I had access to on hashtalk. Is there any source to check it out everything or read the people comments?
Personally I didn't bought any XPY but this security issue can be a problem for some people...
lol. This is true?
Is there any source to check it out everything or read the people comments?
Personally I didn't bought any XPY but this security issue can be a problem for some people...
Is there any source to check it out everything or read the people comments?
Personally I didn't bought any XPY but this security issue can be a problem for some people...
Single largest privacy breach to date has occurred with the long awaited launch of the much vaunted 'paybase.com', the impenetrable online wallet marketed by GAWMINER company and its owner Homero J Garza as being as secure as the "CIA"
Owing to the continued incompetence displayed by this start up company, all accounts have been breached by simply attempting to log into your own account. What that means is when you log into your account you magically appear in someone else's account due to no fault of your own.
The privacy breach is in the fact that that user's account contains there email address and balance e.g.:
and
and many many more
From this information it is trivial to learn the location and country of the user who's account you have been logged into. With information it is even less trivial to resort to informing the user by the displayed email, that should he not hand over a certain sum, you will report him to his local tax authority, which clearly by using this crypto service he is trying to avoid.
No need to try to withdrawal the sum in his account at all. A mere phishing attempt if indeed he is hiding his assets is all that is required.
All accounts on this incredibly insecure platform called "paybase.com" have been exposed by this.
Be aware.
[ see: https://bitcointalk.org/index.php?topic=857670.11340 ]
Quote
The funds you deposit into your wallet are protected by the same protection used by the CIA and all major banks
Owing to the continued incompetence displayed by this start up company, all accounts have been breached by simply attempting to log into your own account. What that means is when you log into your account you magically appear in someone else's account due to no fault of your own.
The privacy breach is in the fact that that user's account contains there email address and balance e.g.:
and
and many many more
From this information it is trivial to learn the location and country of the user who's account you have been logged into. With information it is even less trivial to resort to informing the user by the displayed email, that should he not hand over a certain sum, you will report him to his local tax authority, which clearly by using this crypto service he is trying to avoid.
No need to try to withdrawal the sum in his account at all. A mere phishing attempt if indeed he is hiding his assets is all that is required.
All accounts on this incredibly insecure platform called "paybase.com" have been exposed by this.
Be aware.
[ see: https://bitcointalk.org/index.php?topic=857670.11340 ]
Jump to: