Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Gambling
Re: Casinobit - no house edge, 100% payout
by
CasinoBit
on 10/12/2012, 14:52:15 UTC
Quote from: BRules on December 10, 2012, 02:05:39 PM
Quote from: CasinoBit on December 09, 2012, 07:56:58 PM
Quote from: BRules on December 09, 2012, 07:49:54 PM
just a note, if you're veryfying the password length, I can assume that you're storing the passwords in the database as plain text.

Man, it's a high security flaw, passwords in a database MUST be hashed and salted. I'malmost sure you don't know what I'm talking about, so take a time to learn more about it, and you should start reading here:

http://blog.moertel.com/articles/2006/12/15/never-store-passwords-in-a-database

and also see this site:

http://plaintextoffenders.com/about/

Are you kidding me?

Ok, I admit that I was kinda stupid in my last post, I just learned about hash passwords, but this doesn't mean that no one else knows about it. So, my questions is, if you're hashing the passwords why are you concerned about the password length?

and here I couldn't run it in firefox also, only in chrome.



In case someone would bruteforce the hash it wouldn't be too fast to find the password and the maximum password length is just there so people won't forget their 35 character passwords. Of course it is also salted so even if someone would get access to the database it would still be impossible for him to access the accounts, the bitcoins themselves are stored at a remote server which accesses the website anonymously.

Quote from: lightlord on December 10, 2012, 01:50:13 PM
Site keeps crashing. No other site does this, so it isn't my side.
Will this be fixed? Or it doesn't work in Firefox?

People are trying to hack it, there have been a lot of attempts so far, I personally encourage every attempt since it would be better to get hacked early on than later.

Quote from: casascius on December 09, 2012, 08:14:33 PM
Quote from: CasinoBit on December 08, 2012, 09:51:46 PM
Quote from: giantdragon on December 08, 2012, 09:47:59 PM
Quote from: CasinoBit on December 08, 2012, 09:42:37 PM
since they know the secret list ahead of time.
You are wrong again! It is impossible for the SatoshiDice to know a Transaction ID ahead of time.

Secret list! List! Not the transaction ID.

I swear it's like people keep repeating what others said instead of thinking for themselves.

This is troubling.  I'm not much of a gambler, and haven't ever played SatoshiDice, but someone bringing a casino to the Bitcoin community is really not doing their homework to not understand how SatoshiDice's hashing works and why knowing the secret list ahead of time isn't a problem if it's being hashed with the transaction ID.  The algorithm is too simple for someone willing to build a casino website to not understand, and the overconfident attitude is highly misplaced.  Sorry, but I must apply my stamp of disapproval to this one.

Just to make it clear, I have no interest in anything gambling-related whatsoever.

I actually hoped you would swallow your pride there and admit that I was right for a second, especially considering you decided to delete your own post. Which further accused us of trying to scam.

I like you all guys regardless and appreciate the feedback  Wink