Jump to content

jargoman

Member
  • Content count

    124
  • Joined

  • Last visited

1 Follower

About jargoman

  • Rank
    Advanced Member
  1. 700,000 ripple stolen from my gatehub account

    If the nature of a hack is to not leave a trace then why did the hacker redirect the user to an external site that potentially could lead back to them? they could have used a key logger but they didn't. Therefore they did NOT have access to his computer. They somehow thwarted ssl + dns. Which suggests a network attack. It could have been his neighbors cracking the wifi. Or some other attack but I personally think it was malicious javascript, A proxy can be opened on any operating system that supports javascript. There are no secure operating systems. This is coming from an os agnostic software developer.
  2. 700,000 ripple stolen from my gatehub account

    Actually it WAS a hack on his wallet. I don't believe his computer was compromised. I believe a proxy was opened and exploited. Perhaps using malicious javascript. Which means no operation system is safe and using a different password for each site wouldn't matter either.
  3. Miguel Vias CNBC quote 21 july 2017

    It's likely obligatory for them NOT to tell us anything
  4. Ripple should IPO now

    no. Giving someone 20 billion instead of 10 billion doesn't relate to twice the speed of development. If anything it would significantly slow things down.
  5. 700,000 ripple stolen from my gatehub account

    An attacker could potentially overwrite the bookmark config.
  6. It would in theory go down but I have a feeling R3 wouldn't sell it on the open market. They would use it to sell to banks and compete with ripple. Unless they plan on using it to crash the market
  7. Tripple Entente Encryption

    For the record I did not find a flaw in my encryption scheme. I still have the opinion that it's much stronger than single round rijndael. IF the user selects an appropriately strong key combination. The flaw in question is if there is multiple keys an attacker can cache the intermediate values to save processing time. However if the an attacker can crack one of the passwords single round rijndael would be broken anyway. The flaw in double des is because single des is broken. Tripple DES is deemed secure because the third round of encryption adds a second intermediate step. with the foreach set of keys analogy encryt(key1,key2,key3) = intemediate(key4,key5)
  8. can i store my XRP in bittrex ?

    As long as you understand the risks and the brutal history of bitcoin exchanges. I've made a lot of money trading on exchanges and lost a lot to defaulting exchanges.
  9. Tripple Entente Encryption

    That's what I'm starting to think I should do. If I didn't save the address I'd have to put my password in just to check my balance, the way it is now I can select any wallet and do any action I want with it. If that action requires a digital signature then the wallet requests the password at the last possible moment. I do have a cold wallet but I also use the hot wallet daily. Encrypting the hotwallet may seem redundant and rightfully so, but not encrypting the hotwallet is just reckless.
  10. Tripple Entente Encryption

    I looked into what you are saying. My approach significantly increases the strength of rijndeal encryption, but your suggestion significantly increases the time it would take to bruteforce the three passwords. I would be better off concatenating the three passwords into one massive password, derive a massive random salt and use an encryption scheme with a bigger blocksize.
  11. Tripple Entente Encryption

    Thank you for the caution. I use Rfc2898 on each of the three keys for key stretching, generating three 128 bit unique keys. I'm well aware the encryption is still only 128 bit and NOT equivalent to 384 bit encryption. However, the amount of time to directly brute-force three passwords rather than one password is exponentially longer. No matter which way you slice it the password is the weakest link. The intention of the algorithm is to make a seemingly simple choice have many possible outcomes yet be easily remembered by a human while still being resistant to direct brute force. Color being the perfect example, there are 140 standard human readable colors. Although easy for a human to remember ruby red or baby blue, for a brute force attacker it forces them to create 140 unique rainbow tables. As far as the three rounds of encryption. My implementation would not be much different from Triple Des. Except I use 3 keys instead of one https://en.wikipedia.org/wiki/Triple_DES
  12. Tripple Entente Encryption

    key 1 classic alpha numeric password key 2 numeric password entered into a keylogging resistant keypad. key 3 selection of words from a pre-established list to prevent rainbow tables. salt 1 random salt created with an entropy creating wizard salt 2 account address used to further prevent rainbow tables. the seed is then encrypted with following pseudo code providing three layers of rijndael encryption one = encrypt(seed, key1, salt1) two = encrypt(one,key2,salt2) three = encryption(two,key3,salt1)
  13. 100 + Member Increase

    When I first saw the title of this post I thought there was 100 more banks onboard
  14. Swift Twitter

    We could totally flash mob their twitter lmao
×