BTC New Attack on Tippr Users - Potential reddit Exploit

---

• New Attack on Tippr Users - Potential reddit Exploit
• Elizabeth Stark of Lightning Labs admits that a hostile actor can steal funds in LN unless you broadcast a transaction on-chain with a cryptographic proof that recovers the funds. This means LN won't work without a block size limit increase. @8min17s
• There are 2.5 billion people without a bank account. With Bitcoin Cash, a mobile phone with an Internet connection is now a bank with access to the global marketplace. Bitcoin Cash is one of the biggest humanitarian project to lift billions out of poverty and hardships.
• Bitcoin: Australian Banks Under Fire After Claims of Frozen Accounts
• Bitcoin Cash coming soon to Purse.io!!
• I've done some tests, this is how reddit accounts might be getting compromised. Some coder might be able to help
• I just used BCH to get an Amazon card through Cryptonize.it and it took 3 seconds! Only 3 fucking seconds! That's insane!
• [SERIOUS, PLEASE READ!] The 'Tippening' day 10: $50,000 Tipped!
• Leak in Purse.io code shows BCH is being added. WE WON GENTS!
• CRITICAL NOTICE TO ALL REDDIT USERS: Enable 2FA on your Reddit account immediately. 2FA is currently only available to moderators of a subreddit, so create your own sub if need-be to access this 2FA feature. If you do not, hackers will be able to access your account until Reddit fixes this exploit.
• Brick and Mortar Bitcoin Cash Merchant Directory app I'm working on
• Please let Purse.io know, we want to use BCH to buy on amazon with a 15% discount. Poll link in comments
• Ask Amazon Customer Service to add Bitcoin Cash as a payment option.
• Coloured Coins; the basics (non technical)
• Genesis Cloud Mining to Add Bitcoin Cash support!
• Starting the New Year off right with BCH!
• Congratulations, BCH is now 5 months old !
• Pineapple Fund Donates $5 Million in Bitcoin as Seed Capital for the Poor
• Achievement Unlocked: 7000 BTC committed in unconfirmed transactions
• Purse.io are running a poll for which coin to add in 2018. Ethereum is winning with 38% of the votes, Bitcoin Cash is second with 26%. Please take a moment out to vote and let’s get Bitcoin Cash added to Purse. Thanks!!
• Serious question for this sub: Why not Ethereum?
• Hungy? Get Domino's or Papa John's Pizza and pay with Bitcoin Cash on cryptonize.it
• Satoshi Nakamoto 7,5 years ago: Bitcoin fees are trivial compared to the fees many other types of services add automatically.
• Update: my Reddit password was changed even though my email wasn't compromised and my account has Reddit 2FA
• Help me live on Cash

New Attack on Tippr Users - Potential reddit Exploit Posted: 31 Dec 2017 03:53 AM PST submitted by /u/-DasVPS- [link] [comments]

Elizabeth Stark of Lightning Labs admits that a hostile actor can steal funds in LN unless you broadcast a transaction on-chain with a cryptographic proof that recovers the funds. This means LN won't work without a block size limit increase. @8min17s Posted: 31 Dec 2017 09:47 PM PST submitted by /u/cryptorebel [link] [comments]

There are 2.5 billion people without a bank account. With Bitcoin Cash, a mobile phone with an Internet connection is now a bank with access to the global marketplace. Bitcoin Cash is one of the biggest humanitarian project to lift billions out of poverty and hardships. Posted: 31 Dec 2017 12:28 PM PST Bitcoin Cash is what I signed up for. Not Bitcoin Segwit that makes these 2.5 billion people go bankrupt through high transaction fees. submitted by /u/MobTwo [link] [comments]

Bitcoin: Australian Banks Under Fire After Claims of Frozen Accounts Posted: 31 Dec 2017 10:54 PM PST submitted by /u/flowerboy27 [link] [comments]

Bitcoin Cash coming soon to Purse.io!! Posted: 31 Dec 2017 03:18 PM PST submitted by /u/increaseblocks [link] [comments]

I've done some tests, this is how reddit accounts might be getting compromised. Some coder might be able to help Posted: 31 Dec 2017 07:30 PM PST So I have been trying different things to compromise my own accounts and these are my conclusions: 1) It is impossible from the reddit username to come up to the email of the user because reddit doesn't give out any hints when resetting the password. 2) I searched the posts of compromised users such as /u/jessquit and couldn't find anything where he mentions his email. 3) I also checked shop links /u/jessquit posted and none of those shops give out any hints about the email when you try to reset the password. 4) Several victims have reported that the password was resetted without the email from reddit being opened. Conclusion 1: If your reddit got hacked your email/identity was not compromised. The attacker did not hack you through the email. SO I started to play around with reset links and it appears that this is strictly a reddit issue because reddit sends expiration free reset links, not sure how to call them because they never expire. In other words, if someone can decode how reset links for accounts are generated (they must have an algorithm or something) then they can simply click on reset password for any username, generate the reset link, paste it on their browser, change your password (user receives email that password has been changed) and sign in with new password. All this because reddit does not read where the resetter is coming from (whether from the read email reddit sends the user or direct traffic). For example, I set up a test account and requested a password reset. I received an email with this reset link: https://www.reddit.com/resetpassword/JUIgW7UgTgRl-WqUVETG4JmKo2s?ref_source=email&ref=password_reset&ref_campaign=password_reset&v=QVFBQURmYzJXeTdQQ1dhYktrM3N3X0MyYjBqdWt0Zk1iQXV4a3U3RXNwNUFwWC1lTE95MA== If you click on the link [you must be signed out] you will be able to reset the password of the account. Even though you are probably on the other side of the world. I tried to look into a couple of reset links but I do not see any pattern. I believe hackers have the key of whatever coding algorithm reddit is using to generate these links and exploit the fact that links do not expire and are not sensible to whether the user clicks on the reset email or not to hack accounts. Hope this helps to solve this asap. Edit 1: After looking into the reddit code in github it appears that predicting the reset link is impossible because it is generated randomly and nobody predict a random value. The only vulnerability with reddit reset links then appears to be that they do not expire (expire in 12h) and work even if the user's emailed link is not opened/clicked. They can be streamed and still work. As result the only explanation at this point is that someone with access to Reddit's outbox database (probably a reddit employee) is exploiting these reset links independently to change passwords and hack accounts. This person is the hacker or is working for the hacker (s). submitted by /u/geekmonk [link] [comments]

I just used BCH to get an Amazon card through Cryptonize.it and it took 3 seconds! Only 3 fucking seconds! That's insane! Posted: 31 Dec 2017 06:39 PM PST God damn, it's a rush coming from BTC to BCH. From a 5 day transaction to a 3 second transaction. Holy fuck, why do people stick with BTC if it's that god damn slow? The only thing stopping my from the Flippening now is that I'm trying to ride out the dip so I have cash for my planned Australia trip. Then again, that's betting on BTC going back up to around 20K again, which I don't think is likely anymore ;-; Point is, this is insane, the literal 3 second transaction times. submitted by /u/Nukeable42 [link] [comments]

[SERIOUS, PLEASE READ!] The 'Tippening' day 10: $50,000 Tipped! Posted: 31 Dec 2017 12:10 PM PST I just want to congratulate this community for reaching just shy of $50,000 total tips, its absolutely phenomenal that we've reached this point! My Reddit account has been compromised and my tippr balance has been withdrawn without my consent. I always make sure that my passwords consist of random letters and symbols and never user the same password twice. I received an email this morning stating that my password had been reset even though no one had accessed my email account (even the email was unopened). Has anyone else had this happen to them? I'm a university student so this has been a pretty heavy blow as you can imagine. This has been a real low point for 2017. I'm thinking of just cashing out and leaving crypto as a whole tbh, I've got exams coming up in the next two weeks and I cant be dealing with the stress and anxiety of someone potentially stealing my coins, this is not what i need right now. I'm going to be stopping the 'tippening' daily posts and taking some time away from Reddit but ill be monitoring the comments see if i can help with a solution to this problem. Im really careful with my computer security. All my exchange and email accounts have 2FA and all address seed words are PGP encrypted, so im pretty bullet proof on that front! Unfortunately I didn't have Reddit 2FA enabled, my logic was no one can reset my password if they cant access my email account (im a dumbass, i know!) Don't let this minor hiccup ruin the /BTC community mojo, this is a minor step-back! 2018 will be a great year! NOTE to all /BCH tipprs: Please enable 2FA, If you've got over $10 balance, please withdraw it to a private wallet to mitigate risk! Note to hacker: If you're reading this then I whole heartedly commend you, you've found an exploit in the password reset system of a huge website, which in itself is pretty impressive. Kudos to you man! EDIT 1: Some kind /BTC users have asked me for an a donation address so here goes (please dont do crazy amounts). Im a moderator of r/velopic and have activated 2FA so no one can access this account and edit the address afterwards (apparently Reddit only offers 2FA to mods, why not all users?!?!). To anyone who does, I really appreciate all the love you guys are showing! This is something we can all learn from this and hopefully this has helped people become more aware of the potential risks and preventative measures you can take to protect yourselves. BCH: 1CXP8kT9rBSENMqK4gmje5nVFrKhRdqozi Ignore: tagging users who have potential to lose alot. u/asicshack u/zprtlv u/BeijingBitcoins u/HCDTD u/zongk u/NxtChg u/rawb0t u/iamnotaclown u/grant-meaccess submitted by /u/velopic [link] [comments]

Leak in Purse.io code shows BCH is being added. WE WON GENTS! Posted: 31 Dec 2017 03:03 PM PST submitted by /u/DarkSpace-Harbinger [link] [comments]

CRITICAL NOTICE TO ALL REDDIT USERS: Enable 2FA on your Reddit account immediately. 2FA is currently only available to moderators of a subreddit, so create your own sub if need-be to access this 2FA feature. If you do not, hackers will be able to access your account until Reddit fixes this exploit. Posted: 31 Dec 2017 01:44 PM PST submitted by /u/BitcoinIsTehFuture [link] [comments]

Brick and Mortar Bitcoin Cash Merchant Directory app I'm working on Posted: 31 Dec 2017 08:32 PM PST submitted by /u/curyous [link] [comments]

Please let Purse.io know, we want to use BCH to buy on amazon with a 15% discount. Poll link in comments Posted: 31 Dec 2017 10:15 AM PST submitted by /u/hunk_quark [link] [comments]

Ask Amazon Customer Service to add Bitcoin Cash as a payment option. Posted: 31 Dec 2017 04:06 PM PST submitted by /u/DigitalCoinz [link] [comments]

Coloured Coins; the basics (non technical) Posted: 01 Jan 2018 12:12 AM PST Coloured Coins; the basics (non technical)   Ive written a bit of an essay, be aware that I'm not an expert in this field. I've been interested in crypto for about 6 months and have enjoyed understanding (or trying to understand) potential avenues this technology can take in the future. I'm not a programmer, I don't know anything about coding, those who are savvy in computer science might find what I've written hard to get through, or perhaps just plain stupid at times, if you do, I would love to be told where I'm wrong, and why I'm stupid (be blunt, I really want that, I can take it, its not rude if I ask for it). This was written for beginners, by a beginner (a recipe for disaster perhaps), and might just have been an excerise for me to consolidate my current understanding of coloured coins and their potential. Do not use me or anything I've said as a sole source of information, I'm new, and theres so many smarter people within this space to learn from. Having said all that, here is my understanding of coloured coins and the potential they bring to the world when added to the Bitcoin (Cash) blockchain.   I've recently seen a revival of the concept of coloured coins being implemented onto the Bitcoin Cash blockchain. My, basic understanding of this is that, in much the same way bank notes have serial numbers, the path that a Bitcoin has travelled can be tracked. Lets say you receive a $100 dollar note with a serial number 1234567890, this number, due to human psychology and pattern recognition makes for an item (no longer money) worth significantly more than $100. Another possible implication of this serial number property of physical cash is this idea of a note representing a physical non cash item such as a ticket. Lets say you are hosting a sporting event at a stadium that sits 50,000 people. If we have a serial number system of money with 500,000 $1 notes circulating, then, without selling printed tickets, you could say that one seat in your sporting event is exchangable for a dollar note with serial number ending in 0. You've now, without the use of a printer, created a system of payment and scarcity of property on top of the currency.   This doesn't happen, because paper tickets are easy to print and society tends not to value serial numbers on paper cash, with few exceptions for collectors.   But the idea is there and can be translated into Bitcoin with interesting uses. Lets explore how this can work. Well lets say 2 people have 1 Bitcoin each. One persons Bitcoin is a random Bitcoin that was mined in 2015 by an unknown miner, its been spent, its been held, theres nothing particularly noteworthy about the places or wallets this Bitcoin has traveled when we take a look at its history on the blockchain. Now, the other Bitcoin is 1 of 50 that was conjured up in the first transaction reward on the first block mined by Satoshi Nakomoto. Its been moved once, to this new address and, by checking the blockchain we can prove this. Is this second Bitcoin, mined and held by Satoshi Nakomoto more valuable or equal in value to the first Bitcoin? Given the choice, which Bitcoin would you rather have? The second one right? Well how much extra would you pay for it? This is the beginnings of the concept behind layering additional value or ideas on top of the individual non fungible Bitcoins we currently have.   I'll touch breifly on how you could 'colour' a coin, conceptually. Not the coding, just the very basic idea that coders would be following when these ideas eventualise. To 'mint' a new colour on a Bitcoin, you would send it through an address, that leaves mark on the coin. Since you can follow coins histories back to inception via the blockchains records, any coin that passes through X address can be assigned a colour X. As far as I am aware, the same could go for previous addresses, if consensus is reached and wallet software agrees to and implements the feature. Say for example, the first 50 Bitcoins ever mined, that address could be assigned the colour Black, and those 50 coins become collectable within the community. (I dont particularly like this idea, its complicating the currency, essentially a gamification instead of a real world usecase, but, (for me at least) it helps to understand the ideas behind this brainstorm.)   Now we have this idea established of uniqueness of coin, varifiable using the blockchain, in much the same way uniqueness of paper money can be verified using (and trusting) the serial number printed on it by the government of the country the money is from.   What does this mean, what can it do? Well this is where the fun begins. Essentially, the ways this can be used on a decenentralised, open source software that offers movement of real world value between users instantly and basically for free is perhaps infinite, or if not infinite, theres immense possibility. Whats required is out of the box and creative thinking.   I'll go over some of these ideas I've heard, but remember these only scratch the surface of potential ways thinga can be build ontop of Bitcoin or Bitcoin Cashes blockchain regarding colouring coins. These are not my ideas, I dont know where they originated, so I cant give credit.   A deed to a house If you colour a coin in such a way, that it becomes the only one with that colour, then this coin can represent ownship of a real world item, such as a house or a car. If you then use a lock on your door that communicates with the blockchain, its theoretically possible to require proving you hold that coin to open the door to the house. The same is true for cars, instead of car keys, if you have this coloured coin represent the ownership of the car, then starting the car becomes as simple as proving to the cars onboard computer that you hold that coin. Provided you hold the coin and private key, it becomes impossible for a person to steal your car, and yet it also decentralises 'ownership' of things, its not the DMV or government that verifies who owns what, its the blockchain. This is the basis for smart property, if you've ever heard that phrase before.   Decentralised stock exchange If a coin can represent a deed to a house, it can also represent ownership, or part ownership of a business in the form of stocks. If a company colours 100 coins and each coin represents 1% of the companies equity, these shares can be bought and sold without the use of Wallstreet or any other countries centralised stock exchange.   Copyright protection By uploading a document to the blockchain, you can prove you were the first person to record it, since the blocks within the blockchain are kept chronologically. You could then sell the idea by transfering the coin to another user who values this idea or can execute on it when you cant.   Black listening addresses Lets say a malicious party decides to attempt a 51% mining attack on the Bitcoin Cash blockchain. This works by transacting Bitcoins for a physical good, for example a car, and then going back to a previous block and mining a different chain, that after long enough, given 51% mining power, will become the largest current chain and thus the 'real' chain. In this new chain, the car dealership never recieves the Bitcoin as payment, yet they did hand over the car, because they saw the older chain as the largest and thus most valid at the time. To black list an address using coloured coins, you could attribute the miners of that alt chain a colour, blue for example, and then build wallet software that rejects the transaction of blue coins. This idea has dangerous implications, perhaps to the point that it should not be used, but its conceptually possible, and someone may think of a way this benefits the ecosystem for good not bad.   As far as I can tell, the ideas above become possible with widespread implimentation of coloured coins on top of the Bitcoin or Bitcoin Cash blockchain.   To some of you reading this, it might sound like I know a lot, and to others you might be struggling to get through it, due to the numerous mistakes I'm sure I've made. I'm not a programmer, I dont know even the slightest thing about coding or the technical side of Bitcoin, Bitcoin Cash or the blockchain. I do try to understand things as concepts and enjoy the less mathetmatically complicated, economic side of cryptocurrency.   If you've read all this, and have an idea or even a vague, unique, possibly stupid way that you think, maybe...somehow...somewhen... something unique and game changing could result, then comment it, and lets see if any programmers or coders can expand upon whats technically possible and whats not.   Thanks for reading this, I welcome anything and everything in the comments. If I see a question I know the answer to, I'll do my best to answer it.   KoopaV submitted by /u/KoopaV [link] [comments]

Genesis Cloud Mining to Add Bitcoin Cash support! Posted: 31 Dec 2017 05:35 PM PST I know many of you are not a fan of cloud mining but for me this is good news. I received an email from genesis saying the following: We also wanted to announce that we'll be offering Bitcoin Cash (Live on 31th of Dec) as AUTO (Automatically traded) and as fully minable option in the beginning of January for all Bitcoin mining contracts! I checked and there's already an option to automatically trade my mined BTC to BCH. Once they release their contract for BCH I'll surely purchase one. Another great way to start the year! submitted by /u/sraelgaiznaer [link] [comments]

Starting the New Year off right with BCH! Posted: 31 Dec 2017 07:54 PM PST Just exchanged the last of my Bitcoin for Bitcoin Cash! I joined the crypto community early in 2017 and have learned a lot through subs like this one. I truly believe Bitcoin Cash is the future of this movement, and I'm proud to say I'm officially all in! submitted by /u/b_to_the_rian [link] [comments]

Congratulations, BCH is now 5 months old ! Posted: 31 Dec 2017 03:17 PM PST submitted by /u/thepaip [link] [comments]

Pineapple Fund Donates $5 Million in Bitcoin as Seed Capital for the Poor Posted: 31 Dec 2017 09:27 PM PST submitted by /u/kairostech88 [link] [comments]

Achievement Unlocked: 7000 BTC committed in unconfirmed transactions Posted: 31 Dec 2017 08:56 PM PST submitted by /u/davewantsmoore [link] [comments]

Purse.io are running a poll for which coin to add in 2018. Ethereum is winning with 38% of the votes, Bitcoin Cash is second with 26%. Please take a moment out to vote and let’s get Bitcoin Cash added to Purse. Thanks!! Posted: 31 Dec 2017 09:28 AM PST submitted by /u/_nmesis [link] [comments]

Serious question for this sub: Why not Ethereum? Posted: 31 Dec 2017 10:21 PM PST It has: More traction than BCH A stronger dev team than BCH Much faster transactions than BCH Much more stable hashrate/block times than BCH Much more adoption than BCH submitted by /u/markasoftware [link] [comments]

Hungy? Get Domino's or Papa John's Pizza and pay with Bitcoin Cash on cryptonize.it Posted: 31 Dec 2017 08:41 AM PST submitted by /u/SharkLaserrrrr [link] [comments]

Satoshi Nakamoto 7,5 years ago: Bitcoin fees are trivial compared to the fees many other types of services add automatically. Posted: 31 Dec 2017 03:40 PM PST submitted by /u/Kain_niaK [link] [comments]

Update: my Reddit password was changed even though my email wasn't compromised and my account has Reddit 2FA Posted: 31 Dec 2017 05:30 AM PST my account was just hacked a few hours ago and the password changed. I have the experimental 2FA turned on, so apparently the attacker wasn't able to progress past changing the password. The attacker was able to change my password by sending a password recovery email then clicking the link in the email to reset the password, even though I have activated 2FA on my Reddit account, and my email was not compromised. This is a very dangerous turn of events. FYI I previously had posted this under a different, scarier title. I thought it best to take that post down and update since apparently (hopefully) the 2FA on my Reddit account actually was able to prevent the attacker from fully compromising the account. If you don't know about Reddit's 2FA, it's experimental and only available to mods. To activate it on your account, create a sub that you are moderator for (I created /r/jessquit) and then you can activate 2FA in your Reddit settings. Highly recommended since apparently Reddit has a major security flaw on their hands. Note: my email provider is a very large provider with a name we all know. Logging is provided and there was no suspicious activity on my email account. My email account also has 2FA. The emails sent by reddit (first one "click here to change your password" second one "your password has been changed) were unopened in my inbox. submitted by /u/jessquit [link] [comments]

Help me live on Cash Posted: 31 Dec 2017 07:52 PM PST So I'm a firm believer in the idea that the best way to support adoption of Cash is by actually using it so I've recently been considering how feasible it would be to primarily using Cash for everything. Salary - does anyone know any services that I can point my employer to or would they need an account on a local exchange? I guess I need to speak to an accountant about taxes as well. Rent, bills, groceries and fuel can presumably be paid for using a Debit/Credit Card - is there a decent option available for Cash yet? Paywave/Paypass is a Visa network so I would still need to pay the Visa fees when using tap-to-pay right? Are there any easy ways to get fiat cash out on the odd occasion I'm at a cash-only store or market? Anything else I've forgotten? I'm thinking I will publish the process I end up going through so that people have a simple guide if they are ever so inclined. Any and all suggestions more than welcome! submitted by /u/stabwah [link] [comments]

You are subscribed to email updates from Bitcoin - The Internet of Money. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States