Jump to content

MooseInTime

Member
  • Content Count

    201
  • Joined

  • Last visited

Everything posted by MooseInTime

  1. Any of the above See here for some historic examples https://bitcoinexchangeguide.com/deadcoins/
  2. 99% chance I'm wrong. The CB rumours have all died down since the public interest has gone from XRP, suggesting it was indeed all bull***t
  3. Didn't that "George Smith" CB rumour video say 18th Jan was the date for it being added to CB I know this is unlikely and done to death - but you never know!
  4. I think the key point is that even in the event of a bubble a few will survive Survivors of the dot com bubble are the Amazons and Googles Survivors of the crypto bubble (if one) will be XRP
  5. I'm more bearish, this is a long term (5 year) HODL End of 2018 $3.75 End of 2019 $5.50 End of 2020 $10 End of 2021 $95 End of 2022 $350 Mark my words haha
  6. http://lmgtfy.com/?q=xlm+inflation http://lmgtfy.com/?q=xrp+transaction+fee+destroyed XLM inflation is paid on wallets only generally wallets are safer than exchanges to store any cryptocurrency as long as your security procedures exceed that of an anonymous website. you're welcome
  7. don't forget you can always convert your XRP (at 2019, $100 value) into gold bullion then use it to impress friends and family.
  8. XLM coins pay "inflation" if held in a wallet, direct to the wallet. XRP coins do the reverse by destroying the transaction fee, reducing the overall supply, rather than giving it out proportionately.
  9. @Mercury is it worth also adding for people to use incognito mode (to prevent caching) and offline and a reboot after to prevent meltdown/spectre when using any - even known good - browser executed wallet generator?
  10. Did you make a note of your toast secret (private key)? That's enough to restore your holdings to a new instance of toast. The backup just regenerates the PIN and Passkey too
  11. Also doesn't prove they haven't lost some other asset, maybe ETH (hopefully) then we can go back to #2 on CMC
  12. XRP are still flowing into Kraken's wallet today weirdly https://bithomp.com/explorer/rLHzPsX6oXkzU2qL12kHCH8G8cnZv1rBJh Plenty of balance in there, not been hacked
  13. My team said that the most likely reason this was compromised was that the images (QRs) are cached by default, and any carefully crafted cookie could come along and pick them up. Air gapped machine, clear cache before and after, reboot after (to avoid meltdown/spectre) before connecting back to the internet.
  14. Their findings in brief: The code does not contain any callouts to servers or mechanisms to transfer the keys via TCP/HTTP/FTP etc, or webservice calls Image (QRs) are generated by the code as is the background image, no hosted material is called Only possible attack vectors could be Compromised PC with screengrabber or similar Poorly configured browser caching the QR codes, follow up attack via cookie or similar crafted to obtain the cached images Memory issues, the results of the code are stored in RAM for at least the remainder of the browser session, and in kernel memory even longer (Spectre / Meltdown scenario - not proven) Poor entropy and exposed generator to the internet means that anyone could log results of millions of generations of wallets, and reverse engineer likely pairs (not likely, would require enormous computing power - that power could be better spent mining bitcoins) The only secure way to use this generator is by running the code (known-safe) in a browser or even better in a proper IDE on an air-gapped machine, then wiping all browser cache and rebooting before reconnecting to the internet.
  15. My day job is a team lead for a team of JS devs at a defense contractor I tasked them with reviewing the above site and they reported nothing suspicious, just that the code is inefficient. However, there is the possibility as per the other forum that the code pairs are not sufficiently random to survive a brute force attack The elliptic curve is the same as is used in the current bithomp paper wallet creator though, which has been vetted by David Schwartz My suspicion is that the wallet's secret was obtained through a browser weakness rather than anything wrong with the code. For safety, always use these wallet generators offline (disable wifi/ethernet). the code should work without internet connection.
  16. Feedback from my day-job dev team: nothing immediately suspicious with the code, although it's apparently quite inefficient (it is an early version though!)
  17. ihomp is bithomp https://github.com/ihomp however, this appears to be an orphaned build
  18. It's a different URL to the one in that thread! The original URL is 404 This could be a compromised variant. The github code is missing so i am inspecting the JS hosted on the candidate site
  19. I'm not a JS expert (I manage a team of JS devs as my day job) will ask them to have a look when I'm back in the office.
  20. Can't compare the source code as the Mercury one is dead, I'm looking for anything obvious in the source of the OP's candidate now
  21. The one in the Mercury post is a dead URL: https://yxxyun.github.io/ripple-wallet/ The one the OP used is at https://ihomp.github.io/ripply-paper-wallet/coldwallet-SHA1-cdfbe3260927b6073180a1099f02ef99ce0495e8.html
  22. different URL - same look I'm comparing the source code now
  23. Moneygram upon reading this tweet they are tagged in
×
×
  • Create New...