Jump to content


  • Content Count

  • Joined

  • Last visited

  1. Stay away from any countries whose intelligence agencies may have created the vulnerability. Here's the example you don't want to follow: https://www.telegraph.co.uk/technology/2017/08/03/fbi-arrests-wannacry-hero-marcus-hutchins-las-vegas-reports/
  2. tev

    Instant Property Market

    The Law Society would fight that tooth and nail, since the present dysfunctionality is very lucrative for their members. Every time a conveyancing solicitor sabotages one link, other law firms along the chain get the chance to claim repeat fees.
  3. Since you're sceptical about the security of the address that your tokens are now at, you probably want to create a cold address. This usually means using wallet-software on a computer that's not connected to the internet (e.g. booted off a CD, with the wallet-software introduced via a USB stick), and then writing the new secret on a sheet of paper (taking great care to copy it accurately!). If using a live CD to generate a cold address, I suggest choosing a live CD that includes a full web browser so that you can run in-browser address-generating software.
  4. If the money that you tried to send to your account was the proceeds of selling XRP or BTC, they've got no excuses since the XRP and BTC ledgers are completely public and transparent (unlike a bank ledger!). If your BTC or XRP were previously held at an address controlled by you, then the magic of asymmetric cryptography allows you to provide mathematically rigorous proof of ownership of that address. Whether or not your bank recognises mathematical rigour is another matter...
  5. The XRP and Bitcoin networks both have to solve the Double Spend Problem. That is, they both have to prevent fraudsters from spending the same coins twice. Bitcoin solves this problem by competition, whereas the XRP network solves the same problem by consensus. Bitcoin's competitive solution to the problem is was described by Nakamoto here, and XRP's consensus solution was described by Schwartz, Youngs & Britto here. Bitcoin's competitive approach incentivizes miners to acquire more and more hash power, i.e. the ability to compute cryptographic hashes, since that's the activity at which they're competing. Cryptographic hashes do have a role to play in the XRP ledger, but it's not a competitive role, so there isn't a hash-power arms race. For Bitcoin to be decentralized, it's required that nobody own more than 51% of the hash-power. The conditions for the XRP network to be decentralized are more subtle, and I'll leave it to other to explain. A cryptographic hash is a superior version of a checksum. Think of the barcodes on supermarket packaging. If a supermarket barcode is damaged, instead of misreading it, the barcode-reader rejects it: this is because the last few bars are a checksum for the rest of the code, and a damaged barcode's checksum is almost certainly going to clash with the misread numbers in the damaged portion.
  6. Two possible explanations: A bank employee from low down in the hierarchy is ensuring his/her job security by putting on a show of AML/KYC compliance, i.e. closing an account that received funds that he/she (the bank employee) doesn't know how to trace. A higher-ranking bank employee, having identified cryptocurrencies as a threat to the bank's business model (e.g. because they can be transferred electronically from person-to-person without banks being involved), has decided to protect his/her livelihood by actions that deter/impede public use of cryptocurrencies.
  7. tev

    Destination Tag

    ...but in case you ever need to prove ownership of your XRP address, there was an xrpchat discussion a few months ago that may be relevant:
  8. In order to decide if Changelly is the right service for you, read these links and make up your own mind.
  9. How about having the secret on a separate non-networked machine in the same room, and using webcams + QR codes to communicate unsigned transactions from the networked machine to the non-networked machine, and signed transactions back the other way? Obviously, you would have to duck when walking across the room. And you would want some kind of redundancy to keep the system running while cleaning bugs off the camera lenses and screens of the two computers. Or if not QR codes, then an RS-232 crossover cable? Or audio? In short, a connection than cannot be hijacked without physical access to the space between the two computers. A mechanical connection communicating in Morse?
  10. Are you alluding to Earth's inner Fort Knox?
  11. It's looking for them on your computer, but it should be looking for them on the internet somewhere. Perhaps you should have entered something with an "https" in it, like go get https://bitbucket.org/dchapes/ripple/wallet-recover (I may not have typed the above exactly right - you'll have to check the earleir comments in this thread for the exact address.) As a side effect, you have verified that the folders /usr/lib/go-1.6/src and /home/me/go/src are special to your instance of go. I guess the former is derived from the built-in value of the GOROOT variable and the latter is derived from your value for the GOPATH variable. When you figure out the correct syntax, it's probably going to download stuff from bitbucket.org/dchapes and dump it in one or other of those two folders (probably the second one).
  12. Some background information, for you to read while you're waiting for a Go expert to show up: Your PATH environment variable is a list of folders where your computer (actually, your shell) looks for executable program files. This variable serves the useful purpose of cutting down on the amount of typing you have to do when you run a program (e.g. you can get a folder-listing just by entering ls, which is less tedious to type than /bin/ls). When you entered echo $PATH, you caused the value of the PATH variable to be 'echoed' to your screen. The dollar-sign told your computer that you were asking for the value of PATH rather than just the word "PATH". It told you that you've got a fairly typical PATH, with a couple of extra directories (/home/me/go/bin and /home/me/gotest/bin) appended on to the end. The PATH environment variable has been in use for decades, and is used on just about all computers, regardless of whether or not they have go installed on them. When you entered which go, you verified that you have a copy of the go program, and that it lives in the /usr/bin/ folder. Apparently, go makes use of two extra environment variables, GOPATH and GOROOT; and you showed (by entering echo $GOPATH) than you've got the value of GOPATH set to /home/me/gotest. However, when you ran the program go, it complained about GOPATH and GOROOT both being set to the same value. The go program wants those two variables to have different values; but this is where my knowledge runs out. You can find out if GOROOT already has some value by echoing it to the screen (echo $GOROOT).
  13. tev

    Ellipal Cold Wallet

    Doesn't really matter. I've mostly used @ripplerm's wallet (i.e. a copy of this web site on a non-networked computer), but I'm sure other software (toastwallet perhaps?) can be used offline too. (Apparently, people get confusde by ripplerm's wallet being denominated in drops, where 1 XRP = 1 million drops.) Whichever wallet-software you use, the workflow is something like this: Draw up your transaction in an internet-connected copy of the wallet-software. You'll need your address, but don't even think about entering your secret. At this stage, you want the internet connection because the wallet-software wants to be able to see the XRP ledger in order to draw up the transaction properly. Transfer your unsigned transaction to your disconnected computer. A USB stick is the obvious way to do this, but see comments below about QR codes. Use your other copy of the same wallet-software, on your disconnected computer, to sign the transaction. You do need your secret here, but you're disconnected from the internet, so thieves can't intercept it (but look behind you for CCTV cameras and people with binoculars!) Take the signed transaction back to your internet-connected computer. Load the signed transaction into the internet-connected copy of your wallet-software and broadcast it. A transaction is a fairly small file, even after you've added your cryptographic signature. So, if you're worried about malware hardwired into USB sticks, you could convert it into a QR code and use the web cams on your computers. I haven't used the QR code technique myself, since my cold computer is in fact the same machine as my hot computer (except, booted off a USB stick), but the concept is trivial. The whole process makes sense as long as you remember than XRPs are not stored in wallets; they're stored on the XRP distributed ledger. Wallet software does two things: (i) it interacts with the XRP ledger, and (ii) it writes cryptographic signatures. It uses the internet for (i), but not for (ii).