kuangfengli76

@kuangfengli76

152 Following

6 Followers

kuangfengli76 pfp

To make it easier for everyone reading the HN Post Title, they're talking about "Their Server(s) at OVH" being compromised, with no evidence of "OVH" itself (along with all customer servers) being compromised. Now you may go ahead and read the post.

0 reply

0 recast

1 reaction

kuangfengli76 pfp

0 reply

0 recast

0 reaction

Ayussh pfp

3 replies

1 recast

7 reactions

kuangfengli76 pfp

Good Tuesday ! Happy Imagine !!

0 reply

0 recast

0 reaction

kuangfengli76 pfp

0 reply

0 recast

0 reaction

kuangfengli76 pfp

0 reply

0 recast

0 reaction

Jeff H. pfp

Piney River Ranch, Colorado 🇺🇸 06/27/2018

10 replies

2 recasts

23 reactions

kuangfengli76 pfp

Good Tuesday ! Happy Imagine !!

1 reply

0 recast

1 reaction

kuangfengli76 pfp

Good Tuesday ! Happy Imagine !!

1 reply

0 recast

1 reaction

JP pfp

Good Tuesday! Weeds are also flowers if placed in the right place /itookaphoto

6 replies

2 recasts

6 reactions

kuangfengli76 pfp

To make it easier for everyone reading the HN Post Title, they're talking about "Their Server(s) at OVH" being compromised, with no evidence of "OVH" itself (along with all customer servers) being compromised. Now you may go ahead and read the post.

0 reply

0 recast

1 reaction

kuangfengli76 pfp

What is this response supposed to mean in context of the actual discussion here? Just because they use a cheap trick to make the user feel more secure doesn't mean the system underneath it isn't, in fact, secure (it doesn't mean it is secure either, it says nothing one way or another). I don't hear about big bank sites (even ones using psychological trickery on their users) getting cracked very often while bitcoin exchanges/wallet services/etc are falling over seemingly daily).

0 reply

1 recast

1 reaction

kuangfengli76 pfp

You are right. A different strategy could be to use a set of distributed server hosted at different hosting providers and use shared secrets. This would require that k hosts over n are compromised for the full system to be compromised. Such system is more difficult to design so that it is as secure as the shared secret. But the benefit is that it would be distributed and thus avoid the single point of failure of a server behind a dedicated link and in a cage.

0 reply

1 recast

1 reaction

dajunguo32 pfp

But wasn't that a disaster last time we tried it? Oh, that was a good poster / bad poster mod.

0 reply

1 recast

1 reaction

caoshiqing33 pfp

As long as it's not goatse, Alex Beckenham has a major point. Also, some of the 'useless' threads are actually quite entertaining, if not educational (e.g. the Rawdawg and Bitcoin snail graph/meme ones). I agree with the referral code one, though even that was interesting to see, some people are quite creative Smiley

0 reply

5 recasts

5 reactions

zhengxitie45 pfp

And I agree with you that more towards long-term investment is a good choice, because trading does require sufficient experience and also sufficient knowledge to be able to become a profitable trader. And what must be known is that their intelligence must be limited because I think trading is not the right choice for those who live in rural areas.

0 reply

1 recast

1 reaction

zhengxitie45 pfp

Yes, financial support is the main thing they experience because it is different from living in a city where you can easily earn money by working or whatever. And introducing skills to them or improving the skills they already have to be able to earn money, and that is a very good way. Because to be able to get involved with Bitcoin they need to trade or buy it periodically according to their ability and save it for the long term, and after they have income we can introduce Bitcoin to them and buy it after they prioritize their important needs.

0 reply

1 recast

1 reaction

guanxingyun79 pfp

If you still have 7 characters of entropy, that's 60^7 combinations. If the attacker hacked the account in one hour (as they claim), how did the attacker sent 777600000 requests per second for one hour without them noticing? One billion requests per second, that's not something you usually handle. Nor your servers, you would crash anytime.

0 reply

3 recasts

2 reactions

deguangsima67 pfp

Personally I think this kind of thing is a move in the wrong direction, I am a member of a cycling forum in the UK that has zero moderation and the tone and sense of community is something even the best drawn up list of rules could not come close to, the forum has grown from nothing to 50,000 + and suffers none of the problems lists of rules like these seek to address. It's fucking great !

0 reply

5 recasts

5 reactions

kuangfengli76 pfp

A "simple" transport medium won't prevent security issues itself (you can run PPP over RS-232), but it will force you to define a fairly minimal API, which is possible with HTTP too. Notice how all these leaks were not because of HTTP server security issues or the like, but because the critical parts of the application were not isolated.

1 reply

1 recast

1 reaction