Author

Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency - page 1437. (Read 4670871 times)

legendary
Activity: 2324
Merit: 1125
I downloaded the newest version and it is no longer detected as a trojan. (it is incredibly slow though Tongue)
legendary
Activity: 3766
Merit: 5146
Whimsical Pants
My virus scanner (F-secure) just reported that bitmonerod.exe contained a trojan. It's the version I downloaded on this site.

What's up? False positive?

Use your own common sense, but yes false positive, just like minerd.exe and other bitcoin executables.

The reason is Monero has been a CPU minable coin from the beginning.  So botnets distribute the daemon for mining via trojans.
sr. member
Activity: 471
Merit: 250
My virus scanner (F-secure) just reported that bitmonerod.exe contained a trojan. It's the version I downloaded on this site.

What's up? False positive?

My scanner (Kaskpersky Pure) doesn't report anything special. Latest version, just downloaded from OP to be sure.
sr. member
Activity: 280
Merit: 250
Who cares?
My virus scanner (F-secure) just reported that bitmonerod.exe contained a trojan. It's the version I downloaded on this site.

What's up? False positive?

What happened to dev?  Why is the price down? SCAM!
legendary
Activity: 2324
Merit: 1125
My virus scanner (F-secure) just reported that bitmonerod.exe contained a trojan. It's the version I downloaded on this site.

What's up? False positive?
sr. member
Activity: 283
Merit: 250
New day, new drama  Grin gotta love the world of crypto
legendary
Activity: 1762
Merit: 1011
Also obviously this would have to be temporary. The devs would need to commit to weaning off of such a system after given features are implemented or a given period of time.

I would suggest exhausting all possible external options for raising funds before building something into the software. I think going this other route would be more scandalized and trolled than you're considering.

I don't think that it's fundamentally bad to build something into the software. Not sure if you saw the Missive, but in the last wizard screenshot there's an idea for an auto-donation system we want to implement: https://i.imgur.com/ACDmOFJ.jpg

The basic idea is that it's completely user-selectable, based on a % of your tx fee (cumulative to avoid adding dust outputs) that is added on top of the tx fee, so it'll never have a major impact. In the GUI we'd most likely have it on at 50% by default.

Making it opt-in is definitely important.

Look, one can argue that having good developers is just as important to a cryptocurrency's future as the security provided by the miners, and so, too, deserve compensation. The problem with open source projects is how to implement this compensation in such a way that it doesn't centralize the development funds to one particular individual or set of individuals. If there was some way to trustlessly and fairly direct funds to each individual developer based on their perceived contributions to the development work, using some sort of algorithm, that would be the ideal. This may be an intractable problem.

It's no wonder that projects where there is no opposition to investment in a centralization of effort (say, closed source startups) at least don't have this problem. They do have other problems, of course.
legendary
Activity: 2702
Merit: 2053
Free spirit


Whirlwind missives updated.

https://bitcointalksearch.org/topic/m.8488694



Regards all,


Globb0
legendary
Activity: 1484
Merit: 1002
Strange, yet attractive.
who is on damage control  Undecided

What damage? Should we react every time someone claims something? At this stage, given that there are no technical details, we can only assume that it may be true or it may be false. And, thus, do nothing until something tips the evidence either way.

FUD is the most used drug within the cryptocoin world. This is not new; no evidence? Does not exist.
donator
Activity: 1274
Merit: 1060
GetMonero.org / MyMonero.com
who is on damage control  Undecided

What damage? Should we react every time someone claims something? At this stage, given that there are no technical details, we can only assume that it may be true or it may be false. And, thus, do nothing until something tips the evidence either way.
member
Activity: 65
Merit: 10
Maybe BitcoinEXpress should code his own coin if he's of such skill?
member
Activity: 75
Merit: 10
who is on damage control  Undecided
legendary
Activity: 1428
Merit: 1001
getmonero.org
Eek.  I was about to say at least there has been no dump...

too soon Tongue
legendary
Activity: 3766
Merit: 5146
Whimsical Pants
Eek.  I was about to say at least there has been no dump...
sr. member
Activity: 471
Merit: 250
It is not as simple as a case where the white hats are easily identifiable.

I beg to differ.  That seems a false balance to me.  It takes a pretty bad lie detector to misplace those boundaries in this case. 

Anyhow, it doesn't matter:  Just release the exploit publicly.  The only reason I can comprehend not to do so is a plan to use it personally in future, for extortion or malice.  But I may be missing something.


You might be missing the power of trolling. BCX have been taunted, he enraged and made some damaging move. Now he's just glad XMR's community took a nice FUD-bomb in the face. Sometimes the most obvious explanation can be the best.

Anyway we can all applause our favorite fake-shill troll moneroman88 for his very well executed provocation.
legendary
Activity: 3766
Merit: 5146
Whimsical Pants
It is not as simple as a case where the white hats are easily identifiable.

I beg to differ.  That seems a false balance to me.  It takes a pretty bad lie detector to misplace those boundaries in this case. 

Anyhow, it doesn't matter:  Just release the exploit publicly.  The only reason I can comprehend not to do so is a plan to use it personally in future, for extortion or malice.  But I may be missing something.

I think you may be.  He may just be not interested and also have no desire to be involved.

If he is mistaken, then he is setting an annoying trap for bears.
If he is lying, well then... he is acting unethically.
If he is telling the truth he is giving a warning for devs and investors.

I hope he explains the exploit.
legendary
Activity: 1596
Merit: 1030
Sine secretum non libertas
It is not as simple as a case where the white hats are easily identifiable.

I beg to differ.  That seems a false balance to me.  It takes a pretty bad lie detector to misplace those boundaries in this case. 

Anyhow, it doesn't matter:  Just release the exploit publicly.  The only reason I can comprehend not to do so is a plan to use it personally in future, for extortion or malice.  But I may be missing something.

legendary
Activity: 2282
Merit: 1050
Monero Core Team
Hahem am I the only one that think BCX's findings are worrisome?

Claiming to have something and providing evidence thereof are two different things.

If you have an exploit for a (genuine, not-scammy) FOSS project, not releasing it *at least* to the developers is unconscionable - you aren't hurting a corporation or a bunch of fat cats, you're hurting a small group of developers who work - unpaid - on a software development project for the presumed betterment of everyone. You're hurting altruists who are giving of themselves for little or no reward, but I guess there are people who are so ethically imbalanced that they don't even consider this.

At a minimum some technical details about it would be nice.

The ethical question I see here is that there is fierce competition among the CN coins so who does he release it to without picking favourites. If he releases the technical information to all the CN coin developers he could be providing the exploit to the attacker (black hat) as well as the defender (white hat). It is not as simple as a case where the white hats are easily identifiable.
sr. member
Activity: 471
Merit: 250
Hahem am I the only one that think BCX's findings are worrisome?

Claiming to have something and providing evidence thereof are two different things.

If you have an exploit for a (genuine, not-scammy) FOSS project, not releasing it *at least* to the developers is unconscionable - you aren't hurting a corporation or a bunch of fat cats, you're hurting a small group of developers who work - unpaid - on a software development project for the presumed betterment of everyone. You're hurting altruists who are giving of themselves for little or no reward, but I guess there are people who are so ethically imbalanced that they don't even consider this.

At a minimum some technical details about it would be nice.

I fully agree that BCX's behavior in that situation is, at best, a bit clumsy, and I'm really sorry about the consequent FUD. I hope you guys will find a way to reason him and get some details. All the best.

Jump to: