Ninjastic
Search content
Sort by
Showing 6 of 6 results by jandd
Post
Topic
Board Pools
intermediary certificate missing -> failing certificate validation
by
jandd
on 13/09/2013, 17:13:09 UTC
The server at https://deepbit.net/ does not deliver the intermediary certificate of the CA "issuer=/C=US/O=GeoTrust Inc./OU=Domain Validated SSL/CN=GeoTrust DV SSL CA", therefore all browsers only trusting the GeoTrust root CA "GeoTrust Global CA" give a certificate warning (i.e. Iceweasel (Firefox) on Debian Wheezy).

Please fix the web server configuration to deliver the intermediary CA certificate together with the server certificate.

See also https://www.ssllabs.com/ssltest/analyze.html?d=deepbit.net for some ideas for improvement.
Post
Topic
Board Wallet software
Re: Most straightforward way to run a server-side python client
by
jandd
on 23/06/2011, 05:05:29 UTC
If you need a Python client for bitcoind's RPC interface that has no dependencies besides Python 2.6 you might want to have a look at my implementation. I use it as described by titeuf_87 running bitcoind in a separate LXC container.
Post
Topic
Board Beginners & Help
Re: Bitcoin Businesses and Developers, Let's Get Started!
by
jandd
on 22/06/2011, 08:32:47 UTC
I'm a Debian Developer and experienced Software Architect, I did a small Python layer around the RPC API (see the Wiki). I'm working on other server side Python code (i.e. to calculate exchange rates using bitcoincharts' JSON APIs) and want to write enough code to integrate a custom (Python) shoping cart system with Bitcoin. Maybe the resulting code can be integrated with other systems (i.e. Satchmo). I'm a cryptography expert and did a lot of crypto related implementations (closed source at work) in the last few years. I'm not proficient enough with C++ to help with original Bitcoin code though.
Post
Topic
Board Beginners & Help
Re: Market Crash: Mt Gox has been Hacked (Official Statement)
by
jandd
on 19/06/2011, 21:17:57 UTC
Quote from: nixxle on June 19, 2011, 08:14:42 PM
Quote from: Atheros on June 19, 2011, 08:08:00 PM
No, they really did get hacked- or at least someone leaked their accounts. Find yourself here:



Then, someone started cracking the MD5 password hashes and then, with passwords in hand, trying various accounts until they found one with lots of money. There is a $1000 per day withdrawl limit, so in order to get more bitcoins out, they had to crash the market close to 0 first. And that is what happened today.

The End.

Started cracking MD5 hashes? You have no idea what you are talking about.

The passwords in the accounts.csv are not MD5.

More likely, a hacker got access to the serer, did the damage he did ( dump BTC on the market from 1 account or something) and figured: while I am here, I might as well spice things up and make a full dump of the users database table.

These are salted MD5 hashes as generated by crypt(3), breaking these using brute force should be quite complicated (if the crackers did not discover another MD5 weakness).

BTW: I found my fresh account there too. Fortunately I did not have any BTC or USD there yet. I hope they implement better security measures and do a code review before going online again.
Post
Topic
Board Beginners & Help
Re: Introduce yourself :)
by
jandd
on 19/06/2011, 20:37:54 UTC
I'm a Debian developer from Germany and got to know bitcoin since the ITP was filed. I use it since bitcoind hit Debian testing and do some small mining using the phoenix miner on a Radeon HD 5570 GPU. I consider accepting Bitcoins for my small Hosting business too.
Post
Topic
Board Beginners & Help
Re: Newbie restrictions
by
jandd
on 19/06/2011, 20:31:20 UTC
Quote from: theymos on June 12, 2011, 07:47:18 PM
Due to a mass of trolling, only established posters are able to post in non-newbie sections. You are considered "established" if you have spent 4 hours online and have made 5 posts.

If you have really good posts, you can post a request for preemptive whitelisting in the appropriate topic.

Also:
- You must have made one post in order to send PMs.
- You need 10 posts to put a link in your signature.
- You need 50 posts to put an image in your signature.

This is a nice idea. I assume using more "traditional" tools like CAPTCHAs, DNS blacklists, Akismet or blogspam.net are too resource intensive, right?