|
newcn
|
 |
January 09, 2014, 04:13:27 AM |
|
@Luc @CfB @info.nxtcrypto
I suggest @info.nxtcrypto link @Luc's BTT post for each client update, so we can do a fast simple comparison with @Luc's post and confirm the sha256sum. If hacker replaced the download file and also replace sha256sum at info.nxtcrypto, it's not so easy to find it, but I think hack those 2 and Luc's account at the same time is more difficult.
Thanks.
I suggest creating an UPDATE button in the basic interface, and relating this button to http://localhost:7874/update.html |
BTC:1NzzfeHCgN8fF6mSG1UeBFCVd2cxKbGyHk
NXT:13187911577562526278
|
|
|
Zahlen
Member
 Offline
Activity: 98
Merit: 10
|
|
January 09, 2014, 04:17:14 AM |
|
If one American fueled only by curiosity calling himself rickyjames can find out so much about EpicThomas and ktirio2010 in the real world with just a few clicks of a mouse, imagine what 30,000 Americans fueled by $11 billion calling themselves the National Security Agency (NSA) can find out about YOU.
This is absolutely terrifying. I'm a loyal American with a security clearance, so I've got to say that what Edward Snowden was illegal and he should be arrested and tried for felony charges
Yet this terrifies me even more, that people are not free to say what they really want to say, because they are bound by laws that are not decided by them! And also by other things not decided by them, like religion, social ostracism, bad education and bad parenting. Enjoy every single day and every single sunset, you crazy guys and gals out there, every day there's one fewer of them for you.
Trying my darnest  May your days be awesome too. |
|
|
|
|
pandaisftw
|
|
January 09, 2014, 04:35:12 AM |
|
My client is crashing every time I send a transaction. The money gets sent (and confirmed later on), but the client crashes before I get the "The money is sent" message. java.lang.IllegalStateException: WRITER
at org.eclipse.jetty.server.Response.getOutputStream(Response.java:931)
at Nxt.doGet(Unknown Source)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:696
)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(Servlet
Handler.java:1568)
at org.eclipse.jetty.servlets.DoSFilter.doFilterChain(DoSFilter.java:457
)
at org.eclipse.jetty.servlets.DoSFilter.doFilter(DoSFilter.java:326)
at org.eclipse.jetty.servlets.DoSFilter.doFilter(DoSFilter.java:299)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(Servlet
Handler.java:1539)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java
:524)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.j
ava:143)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.jav
a:568)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandl
er.java:221)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandl
er.java:1110)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:
453)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandle
r.java:183)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandle
r.java:1044)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.j
ava:141)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(Cont
extHandlerCollection.java:199)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerColl
ection.java:109)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper
.java:97)
at org.eclipse.jetty.server.Server.handle(Server.java:459)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:280)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.jav
a:229)
at org.eclipse.jetty.io.AbstractConnection$1.run(AbstractConnection.java
:505)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPoo
l.java:607)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool
.java:536)
at java.lang.Thread.run(Unknown Source) |
NXT: 13095091276527367030
|
|
|
|
opticalcarrier
|
|
January 09, 2014, 04:36:37 AM |
|
OK trying out the amazon free EC2 VPS... Now im no stranger to SSH key authentication, Ive got 12 VPS doing it now. But this amazon shit dont work... it doesnt like the private key they gave me... Dont even see anywhere to go to ask them to reset it either.
what next?
|
|
|
|
|
|
Noitev
|
|
January 09, 2014, 04:39:32 AM |
|
I have to limit my reading on this forum, my paranoia is just under "don't trust the doctors."
|
|
|
|
|
|
joefox
|
|
January 09, 2014, 04:56:21 AM |
|
My client is crashing every time I send a transaction. The money gets sent (and confirmed later on), but the client crashes before I get the "The money is sent" message. My client is doing the SAME thing... but it only happens after my client has gone into the "negative recent blocks" and "thousands of unconfirmed transactions" phase. |
|
|
|
|
EmoneyRu
|
|
January 09, 2014, 05:04:01 AM |
|
OK trying out the amazon free EC2 VPS... Now im no stranger to SSH key authentication, Ive got 12 VPS doing it now. But this amazon shit dont work... it doesnt like the private key they gave me... Dont even see anywhere to go to ask them to reset it either.
what next?
I converted .pem to openssh format. As said here it was not even needed. "note: PEM private keys are OpenSSH's native format for protocol 2 keys"Check the username. For ubuntu default is "ubuntu" |
|
|
|
|
NxtChoice
|
|
January 09, 2014, 05:37:38 AM
Last edit: January 09, 2014, 05:49:08 AM by NxtChoice |
|
@Luc @CfB @info.nxtcrypto
I suggest @info.nxtcrypto link @Luc's BTT post for each client update, so we can do a fast simple comparison with @Luc's post and confirm the sha256sum. If hacker replaced the download file and also replace sha256sum at info.nxtcrypto, it's not so easy to find it, but I think hack those 2 and Luc's account at the same time is more difficult.
Thanks.
I do this on the nxtcrypto forum post when I update it for new clients. Ill get the info guy to do the same But I dont think itll work out perfectly. Most of the time, linking back to a post here just gets you to the top of the page the post is on. Know how to fix that? Each post should has its own link url in this forum and we can exactly locate the post. For example, you post should be link https://asktom.cf/index.php?topic=345619.msg4401865#msg4401865Edit: I also summarize a post for Nxt Client Update Link and see my signature. |
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 09, 2014, 06:23:55 AM |
|
Also, in case of the amount, the user can verify it, because it's human-readable.
Aliases r readable too. Problem is aliases need to be looked up, and you have to be sure no one is poisoning the alias lookup with fake info (associated id). So you have to do at least 5+ lookups from different peers to be sure that the ID is correct.. (Is this correct?) - That's not very fast and you won't reach 10,000 tps (or however many you want) this way. I may be wrong. Future clients will sign transactions by themselves. Sending a secret phrase to a remote node is insecure. That's why input should be validated on client side. |
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 09, 2014, 06:26:47 AM |
|
What, you 3 are so afraid of the cost of change, you willingly delude yourself into denial? What is it?
Ok, I'll tell u. We have plans that will make CRC on server side unnecessary. Can't tell u more right now. |
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 09, 2014, 06:28:56 AM |
|
P.S. If you have a pending deposit, PM me and I will help track it down
I got no reply on my question regarding account to send the reward to. Could u contact the owner and ask if he needs 20K for the 3rd place in Exchange category? |
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 09, 2014, 06:32:04 AM |
|
Technical question: is transaction ID enough to uniquely identify it or should I use the full signature?
If a transaction is confirmed then enough. |
|
|
|
|
|
mcjavar
|
|
January 09, 2014, 06:33:36 AM |
|
Is anybody willing to sell me 360k Nxt @ 0.000045?
There is no liquidity on Dgex..
|
|
|
|
|
|
|
|
|
|
Dervish
|
|
January 09, 2014, 06:42:46 AM |
|
|
|
|
|
|
|
mcjavar
|
|
January 09, 2014, 06:44:12 AM |
|
Is anybody willing to sell me 360k Nxt @ 0.000045?
There is no liquidity on Dgex..
I have 360k Nxt @ 0.000055 for you. @0.000047? |
|
|
|
|
martismartis
Legendary
Offline
Activity: 1161
Merit: 1005
|
|
January 09, 2014, 07:06:57 AM |
|
What is the longest anybody has been able to run NXT server, before having to restart it?
James
Max 10 hours. Never generated a block, allways error. |
|
|
|
|
|
EmoneyRu
|
|
January 09, 2014, 07:11:53 AM |
|
What is the longest anybody has been able to run NXT server, before having to restart it?
James
Max 10 hours. Never generated a block, allways error. 20 hours right now (after 0.5.3 update) 512Mb RAM |
|
|
|
|
marcus03
|
|
January 09, 2014, 07:18:38 AM |
|
I'm finally out of dgex.com (still had BTC in the account, bought NXT and got them out after "just" two days) and I am out of buying and selling NXT as long as there is no alternative exchange. (Please no Peercover/Ripple/Private Escrow follow-ups... Thank you.) Allow me some final words regarding dgex.com. 1.) GCInc, thanks a lot for your service over the last weeks. I think the dgex exchange was very important for NXT and you did a good and brave job with setting it up and running it. 2.) GCInc, you are a thief. You've just stolen around US$20 from me and the service you provided for me over the last weeks is worth more than US$20, but still you are thief. It feels like a friend asked you to borrow some money from you and when he pays back, he tells you that he changed his mind and only pays you back 99% of what you borrowed him. You totally lost credibility with your move to change the fees without previous notice, thus I am out of dgex until its under new management. 3.) I came for the quick profit - I stay because of the very cool community. With this NXT community there were other ways to "cover your ass". While you still had a reputation for what you've done for NXT you had a good chance to explain why you lost 800.000 with your exchange and ask for help from the community. After following here over the last weeks, I am convinced you would have gotten help from us. 4.) "Third in command"? This is a PR disaster... Unfortuntely, your way of managing dgex and answering only questions that you think you have good answers for makes me fear that this is in fact how you see yourself. I don't want to make business with you having the feeling that you are the boss and not that were a business partners. 5.) Will you commit to announcing ahead of time any fee INCREASES?
This fee increase was a mistake, yet seemed like the only option. I had to cover my ass in case the source release had exploded the price 3x...4x... god knows how much, every percent tightening the deficit rope around my neck more and more.Well, nobody else jumped onto this, but this was the point when all (remaining) alarm bells began to rang. What you basically said was that we have an exchange that is run in a way to have a NXT market value that the exchange owner is comfortable with. WTF??? So, because you still have 800.000 NXT missing you have an interest in low market values and you actually run the exchange in your interest. This is just beyond me... And it is totally beyond me that anyone still uses dgex after your sentence above. |
|
|
|
|
|
