Re: The Official Mastercoin Foundation, Master Protocol & Mastercoin Thread
has this been resolved? source: http://bitcoinpete.com/2014/04/16/ex-post-toronto-bitcoin-expo/
A couple of boys from Alabama under the BitStore banner found a way to upload an iOS app without submitting it to Apples App Store, effectively cracking the cartel and opening the ecosystem to Android-like development. This was less interesting than the insight from one of the BitStore guys who audited the code of OmniWallet, a Mastercoin web wallet that was shamelessly pumped all weekend despite being in pre-alpha, and found that OmniWallet stores user info and private keys unencrypted in plain text on its servers, making OmniWallet a Flexcoin waiting to happen. [↩]
A couple of boys from Alabama under the BitStore banner found a way to upload an iOS app without submitting it to Apples App Store, effectively cracking the cartel and opening the ecosystem to Android-like development. This was less interesting than the insight from one of the BitStore guys who audited the code of OmniWallet, a Mastercoin web wallet that was shamelessly pumped all weekend despite being in pre-alpha, and found that OmniWallet stores user info and private keys unencrypted in plain text on its servers, making OmniWallet a Flexcoin waiting to happen. [↩]
To the best of my knowledge, this is absolutely 100% not correct. We'll wait for the U.S dev team to wake up and double check.
In any case, there are right and wrong ways to do security disclosure. The wrong way is posting it on in forum/blog, the right way is sending it to security@mastercoin.org (I'm not pointing a finger at you you, but rather at the team who did the so called 'audit').
We have a security program - if anyone actually finds a security concerns, they get rewarded.
This is definitely not true, and was never true. Anyone spreading false rumors faces legal liability in civil court.
I guess we have found a new revenue stream to fund our legal and regulatory engagement team- just kidding.
