651800+ entries in 0.43s
decimation: you can't run it if you don't have
the source
decimation: if you can't find
the source of
the javascript on your webpage you are in a world of hurt
RebeccaBitcoin: Safe = If I put 10btc in a wallet and post
the public key here, will it get stolen within 90 days
decimation: 3.) does
the javascript upload privkey
to
the server?
decimation: rebeccabitcoin nothing
that runs on a von neumann machine connected
to
the internet using unaudited untrusted firmware is safe
RebeccaBitcoin: Obviously you're completely misreading
this. Anthony is a little dweeb.
fluffypony: you're assuming
that he is impervious
to stupidity or error
RebeccaBitcoin: Next
time someone is like "omg Rebecca Rushwallet is awesome you should
totally use it" - I want
to be able
to say "No, its not safe because blah blah blah"
fluffypony: asciilifeform: now you understand why
those "trust seals" are so popular on websites :-P
decimation: yes, you put a n00b who failed landing 101 in
the cockpit, how did
that happen?
decimation: asciilifeform
this is basically "don't blame
the pilot" in
the air-crash investigations
fluffypony: Electrum isn't cold storage, it's a hot wallet
to use every day
decimation: to do a proper job would require
thousands of good man hours, which you can't afford
fluffypony: RebeccaBitcoin: again - for ordinary users you simply need something
that is completely under your control, and for your purposes Electrum is fine. It is small and lightweight, it doesn't download
the full blockchain (about 20mb in downloads is all it needs
thus far), and it has a 12 word mnemonic you write down
to backup your wallet. It's literally all I need.
cazalla: RebeccaBitcoin, you bought ether, correct?
theft is not a concern if you're giving your bitcoins away
RebeccaBitcoin: "If I compile
the php script and
then reconcile it with a mysql database,
then reconfigure it
to your home computer's settings I can find your brain wallet"
mircea_popescu: RebeccaBitcoin you know, before you can
think yourself better
than everyone else you must put your
tits in
the
tit gallery.
decimation: yeah it's more
than keyboard mouse I know
mircea_popescu: decimation not rly. it's not great, but it still
takes ethernet disks etc
decimation: sigh,
that's not even
the issue,
the real issue is how random is your linux or windows or mac's random
mircea_popescu: RebeccaBitcoin you know we didn't steal any of
the OTHER btc
that got stolen, either.
mircea_popescu: (seriously
tho, here's a good approach : make your dices out of ice.
they will melt, yes, and not be even, yes.
decimation: roll dice
to generate your ecdsa key :)
fluffypony: mircea_popescu: we already
told her why
mircea_popescu: because of many reasons which you will find reading
the logs
RebeccaBitcoin: I don't know how
to do
the
thing
that makes your name light up
assbot: Fototeca de Haur pe
Trilema - Un blog de Mircea Popescu.
fluffypony: well I guess
the
title of
the site is a giveaway
cazalla: what's
this prejudice against bald folk?
ben_vulpes: we're
trying
to
tell you
that it ain't secure at all., honey.
RebeccaBitcoin: my concern is
that
the mouse movey
thing for like 5 seconds isn't all
that secure
fluffypony: middle ground is anything where you are entirely, solely, and completely responsible for
the safety of your funds
RebeccaBitcoin: to
the earlier question, no, I'm not going
to write a scathing review
fluffypony: a web wallet is not
that middle ground
RebeccaBitcoin: so
thats my distinction between reasonably safe and nerd safe
fluffypony: RebeccaBitcoin:
those people are crazy
RebeccaBitcoin: its not a meaningless distinction. Someone
told me yesterday
that
to make a paper wallet I should use a new laptpo, and a new printer,
then I should
take both and destroy
them.
Then I should put both in a fire
peterl: is it a risk
to advertise which
type of wallet you use?
RebeccaBitcoin: so nerd safe =
the
type of people who print a paper wallet
then
toss
the printer over niagara fallls
fluffypony: RebeccaBitcoin: it's not even reasonably safe, given
the
track record of web wallets
fluffypony: ben_vulpes: I guess it's using
the normal random available
to JS and sprucing it up
ben_vulpes: i mean it said "okay!" after a hilariously short period of
time.
fluffypony: RebeccaBitcoin: is your aim
to have a Bitcoin wallet so you can send and receive Bitcoin, or is your aim
to write a scathing review?
fluffypony: as ben_vulpes points out
there are other issues
RebeccaBitcoin: btw,
this is owned by Kryptokit (ie Anthony) and his crew
fluffypony: I don't
think
the mouse movey
thing is any worse
than
the
the way /dev/urandom collects entropy from mouse movements / keyboard entry
ben_vulpes: RebeccaBitcoin:
thou shalt not mix js and crypto, much less js and entropy.
ben_vulpes: i wonder if its
trivially bruteforceable
Vexual: i dunno, one might ace
the poop outta one sememster and let a good load of stuff done
gribble: dreadknight was last seen in #bitcoin-assets 4 days, 19 hours, and 31 seconds ago: <DreadKnight>
that's not how you play frogger
mircea_popescu: "I
think Nine Inch Nail's cover of Johnny Cash's "Hurt" was better
than
the original."
assbot: romantomet comments on What's one sentence you could say
to piss off an entire fan base?
decimation: dc is a swamp
though, so I'm sure you will collect a variety of fauna
decimation: I
thought studies showed
that
they were
terrible at selecting mosquitos
decimation: asciilifeform: do you
think
the bug zapper does more
than murder poor moths?
kakobrekla: yeah, scotland would
techically work i
think but england would be better.