What protection do BTC sites use for security?

AliceWonderMiscreations

full member

Activity: 182

Merit: 107

Quote from: Deep BTC on February 28, 2017, 03:30:54 PM

There are many projects with bitcoin. There are many different sites such as gambling sites, trading sites, credit sites. Users send bitcoin to these sites. The bitcoin volume on the sites can be may high.

How do these sites provide bitcoin security? What are the characteristics of the servers they use? They can take security measures in a software sense. But a person working in the hosting company can play bitcoins.

What protection do these sites use for security?

I don't have private keys on the webserver.

Some people use deterministic keys on the server but I don't even do that.

I generate keys on a non-connected PC using my own algorithm involving a seed and a salt, sign the addresses with libsodium, and then upload to a database the server fetches from.

The server then verifies the signature (so it knows a hacker didn't inject the address, never happened to me but...) before offering it as a payment address.

Code:

def signAddress(hexsk, m):
sk = binascii.unhexlify(hexsk)
sig = pysodium.crypto_sign_detached(m, sk)
return binascii.hexlify(sig)

(hexsk is hex signing key, m is message - which in this case is the base58 address, I can there verify on the web app with the libsodium php PECL module)

20kevin20

legendary

Activity: 1134

Merit: 1598

Quote from: rivoke on March 05, 2017, 11:56:33 AM

As I know btc site using web based page so it will verified depend on the site

For example bitcointalk using COMODO RSA Domain Validation Secure Server CA so people worried no more when they try to access the site

You need to secure your website from many things such as bots, DDoS, hackers or malware. Even some small websites that don't matter much are getting these types of attacks, so it's pretty common to have a good security no matter what website you're running. You probably need to pay a subscription to companies that offer you such services, but for Bitcoin websites you need extra security for the money that's being stored and so on, so that no hacker has access to any resource.

Capradina

hero member

Activity: 756

Merit: 520

I do not know about it, because there are an awful lot of companies or sites that use this type of security. But for sure they are using a very strong security and it has a vulnerability that's hard enough when the hackers did not find loopholes via Hardware Security. Because as nice and perfect a system, if a hacker manages to take over the system hardware will surely crumble and successfully exploited. So, you need not worry for security against sites that already have many customers. For they will surely give the best security

szpalata

sr. member

Activity: 686

Merit: 253

Quote from: Deep BTC on March 03, 2017, 07:12:42 PM

Quote from: shinratensei_ on March 03, 2017, 06:59:56 PM

Quote from: Deep BTC on February 28, 2017, 03:30:54 PM

There are many projects with bitcoin. There are many different sites such as gambling sites, trading sites, credit sites. Users send bitcoin to these sites. The bitcoin volume on the sites can be may high.

How do these sites provide bitcoin security? What are the characteristics of the servers they use? They can take security measures in a software sense. But a person working in the hosting company can play bitcoins.

What protection do these sites use for security?

Just use the cloud flare to protecting these sites from DDOS attack. But it seems like make the site has become unsecured caused by the packet data must be passing the cloudflare database. and Some days later with the issue on cloudflare it makes all of the bitcoin site unsecured.

I asked for a site with software and system security.
How do we protect Bitcoins from the employees of the hosting company?

The hosting company has access to all the private keys of Bitcoins in their possession or vault hence they can employ any form of security so that such information will be protected by the appropriate financial officers in order not to leak to ordinary employees who might unethically try something funny. I know that will be kept at the top level of management but the method of protection might differ from company to company.

rivoke

legendary

Activity: 924

Merit: 1006

As I know btc site using web based page so it will verified depend on the site

For example bitcointalk using COMODO RSA Domain Validation Secure Server CA so people worried no more when they try to access the site

beerlover

legendary

Activity: 2842

Merit: 1152

Quote from: Henkkaa on March 03, 2017, 05:02:38 PM

Quote from: Deep BTC on March 03, 2017, 04:42:34 PM

Continuous instant transactions are being made on stock exchange sites. What happens when a user swaps a large amount? Such sites need automatic processing.

Of course they need automatic processing. They have custom made scripts for automatic processing, but you won't find any information on that I'd assume. What is your question here? Every site that handles bitcoins (or atleast the vast majority of them) have automatic processing on deposits and withdrawals.

Yeah, you would not except that whoever have a wallet is going to come to this forum and tell you how they are keeping a secure system, it is like giving you a key to the local bank, I am sure if they do someone out there is going to try and hack it.

Deep BTC

member

Activity: 96

Merit: 10

Quote from: shinratensei_ on March 03, 2017, 06:59:56 PM

Quote from: Deep BTC on February 28, 2017, 03:30:54 PM

There are many projects with bitcoin. There are many different sites such as gambling sites, trading sites, credit sites. Users send bitcoin to these sites. The bitcoin volume on the sites can be may high.

How do these sites provide bitcoin security? What are the characteristics of the servers they use? They can take security measures in a software sense. But a person working in the hosting company can play bitcoins.

What protection do these sites use for security?

Just use the cloud flare to protecting these sites from DDOS attack. But it seems like make the site has become unsecured caused by the packet data must be passing the cloudflare database. and Some days later with the issue on cloudflare it makes all of the bitcoin site unsecured.

I asked for a site with software and system security.
How do we protect Bitcoins from the employees of the hosting company?

shinratensei_

legendary

Activity: 3136

Merit: 1024

Leading Crypto Sports Betting & Casino Platform

Quote from: Deep BTC on February 28, 2017, 03:30:54 PM

There are many projects with bitcoin. There are many different sites such as gambling sites, trading sites, credit sites. Users send bitcoin to these sites. The bitcoin volume on the sites can be may high.

How do these sites provide bitcoin security? What are the characteristics of the servers they use? They can take security measures in a software sense. But a person working in the hosting company can play bitcoins.

What protection do these sites use for security?

Just use the cloud flare to protecting these sites from DDOS attack. But it seems like make the site has become unsecured caused by the packet data must be passing the cloudflare database. and Some days later with the issue on cloudflare it makes all of the bitcoin site unsecured.

Deep BTC

member

Activity: 96

Merit: 10

Quote from: Henkkaa on March 03, 2017, 05:02:38 PM

Quote from: Deep BTC on March 03, 2017, 04:42:34 PM

Continuous instant transactions are being made on stock exchange sites. What happens when a user swaps a large amount? Such sites need automatic processing.

Of course they need automatic processing. They have custom made scripts for automatic processing, but you won't find any information on that I'd assume. What is your question here? Every site that handles bitcoins (or atleast the vast majority of them) have automatic processing on deposits and withdrawals.

You said that the sites kept bitcoins as cold storage for safety.
If bitcoins are stored as cold storage, how do users exchange, deposit and withdrawals for bitcoin.

Henkkaa

full member

Activity: 210

Merit: 100

Quote from: Deep BTC on March 03, 2017, 04:42:34 PM

Continuous instant transactions are being made on stock exchange sites. What happens when a user swaps a large amount? Such sites need automatic processing.

Of course they need automatic processing. They have custom made scripts for automatic processing, but you won't find any information on that I'd assume. What is your question here? Every site that handles bitcoins (or atleast the vast majority of them) have automatic processing on deposits and withdrawals.

Deep BTC

member

Activity: 96

Merit: 10

Quote from: Henkkaa on March 01, 2017, 03:27:22 AM

Quote from: Deep BTC on February 28, 2017, 03:30:54 PM

There are many projects with bitcoin. There are many different sites such as gambling sites, trading sites, credit sites. Users send bitcoin to these sites. The bitcoin volume on the sites can be may high.

How do these sites provide bitcoin security? What are the characteristics of the servers they use? They can take security measures in a software sense. But a person working in the hosting company can play bitcoins.

What protection do these sites use for security?

That actually is an interesting question.

I would say, apart from well codes software and secure high-end servers, they use one-time deposit addresses, hot wallets. Most of the user funds are kept in cold storage, which is afaik the safest way of storing bitcoins. Many sites have also started using hardware wallets such as Trezor to keep funds safe.

Continuous instant transactions are being made on stock exchange sites. What happens when a user swaps a large amount? Such sites need automatic processing.

Henkkaa

full member

Activity: 210

Merit: 100

Quote from: Deep BTC on February 28, 2017, 03:30:54 PM

There are many projects with bitcoin. There are many different sites such as gambling sites, trading sites, credit sites. Users send bitcoin to these sites. The bitcoin volume on the sites can be may high.

How do these sites provide bitcoin security? What are the characteristics of the servers they use? They can take security measures in a software sense. But a person working in the hosting company can play bitcoins.

What protection do these sites use for security?

That actually is an interesting question.

I would say, apart from well codes software and secure high-end servers, they use one-time deposit addresses, hot wallets. Most of the user funds are kept in cold storage, which is afaik the safest way of storing bitcoins. Many sites have also started using hardware wallets such as Trezor to keep funds safe.

Deep BTC

member

Activity: 96

Merit: 10

There are many projects with bitcoin. There are many different sites such as gambling sites, trading sites, credit sites. Users send bitcoin to these sites. The bitcoin volume on the sites can be may high.

How do these sites provide bitcoin security? What are the characteristics of the servers they use? They can take security measures in a software sense. But a person working in the hosting company can play bitcoins.

What protection do these sites use for security?

Topic: What protection do BTC sites use for security? (Read 581 times)