EcurrencyZone - Reviews - Bitcoin Exchange - BitTrust.org

Bitcoin exchanges with self-signed, misconfigured or non-existent HTTPS servers. [security]

Hello all,
I did a brief preliminary report of Bitcoin exchanges and their HTTPS configurations. Good news a big chunk of them (even the smaller guys) are HTTPS prepped and have their servers properly setup. Unfortunately there are still many exchanges buying/selling/or handling Bitcoins who aren't keen on their user-client security. Why is this an issue? There are several reasons mainly ease of mind - knowing your provider is secure in at least one sense. But you also have to factor in ManinTheMiddle attacks, handling commerce/trades in plaintext, phishing attacks and so on. Read more here
Here is my list so far with a note for each issue. I've also contacted most, if not all, of these providing inquiring about their security initiatives. Spread the message: we want secure services.

bitcoinfund.us:

No SSL server running at all.

liliontransfer.org: RESPONDED will implement on https://lilion.org

SSL server running with expired, self-signed cert.

btcx.se: RESPONDED awaiting new cert from Comodo.

SSL server running with self-signed cert for domain somename.somewhere.com

dgtmkt.com:

SSL server running with self-signed cert

centraw.com:

No SSL server running at all.

bahtcoin.com:

No SSL server running at all.

ecurrencyzone.com

SSL server running with expired cert: The certificate expired on 9/2/2013 11:07 PM

soescrow.com:

SSL server running with self-signed cert.

btcrow.com + btc-asia.com:

SSL servers running, but redirect back to http://

flexcoin.com:

No SSL server at all.

btcinstant.com: RESPONDED: Will work on implementation

Misconfigured HTTPS. Errors out.

bitcoinplus.mx:

Misconfigured HTTPS. Errors out.

bitcoinsinberlin.com:

Misconfigured HTTPS. SSL peer has no certificate for the requested DNS name

bitcoinmalaysia.com:

No SSL server at all.

schendera.com:

Misconfigured HTTPS. No issuer listed.
I will update this thread with new additions that we find as a community, but as well as updates from site operators and fixes!
submitted by bitcomsec to bitcoinsec [link] [comments]

BTC-E.com safety checklist for noobs

DISABLE JAVA There's java zero day exploits being discovered all the time. One exploit still hasn't been fixed. You should do this permanently with your browser java is an exploit factory. IE you can't completely disable java so don't use it.
INSTALL NOSCRIPT ADDON https://addons.mozilla.org/en-US/firefox/addon/noscript/ or whatever shit script blockers Chrome/Safari use because Chrome is still lacking the required infrastructure for selective script disablement and object blocking so noscript isn't available, but inferior clones are. Whitelist only sites you need, like btc-e.com so it doesn't automatically load harmful scripts on untrusted sites.
GET AN ENCRYPTED PASSWORD SAFE http://www.schneier.com/passsafe.html Don't use any solution that 'encrypts in your browser' because it will need java and we disabled java remember?
MAKE NEW GMAIL ACCOUNT JUST FOR TRADING Make a random account name + password that can't be guessed. http://www.passwordgenerator.eu/
Store them in your password safe so you don't forget them. Never reuse that password on any site. ENABLE TWO FACTOR AUTHENTICATION.
Note that 2factor ID sometimes doesn't work if your phone time is off. You get 30 seconds to type in the code, if off by 10 seconds derp run out of time. Set your time manually if the shitty telco time server is off www.timeanddate.com
MAKE BTC-E ACCOUNT Use impossible to guess passwords from password generator + throw in your own random letters. Save in password safe. Do not pick a name anywhere close to being your email username.
ENABLE 2FACTOR ID Click Profile, then click 'Edit'
https://btc-e.com/profile#edit/home - confirm your email.
https://btc-e.com/profile#edit/security - enable "Withdraw only with request on E-Mail"
DO NOT CLICK ANY LINKS IN THE TROLLBOX!!!! No matter how innocent the link looks don't click anything in the chatbox. Hackers are dropping links full of java zeroday, redirectors that look just like btc-e login page and phish for passwords, all sorts of bad. Trollbox is also prone to misinformation being that it is a trollbox. Avoid.
If you chat on there, expect every PM sent to you will be from a hacker trying to mine information or get you to click a link. Assume every link is an exploit attempt. Notice how it displays your name, if you picked same name as your email, they can go to work on both by trying to break into your gmail account. This is another way how people get their coins stolen. Hacker takes chat name and tries it on gmail/hotmail/yahoo. If they get in because you didn't set up 2 factor expect to be robbed of coins.
DO NOT ENABLE API Unless you know what you're doing, do not enable this. Liberty Reserve disabled their API by default because of so many drained accounts.
DISCLAIMER Of course, be aware the exchange is in Russia or possibly Bulgaria and if anything happens the owner could just disappear, but this is highly unlikely. Why would you walk away from a money machine. Remember bitfloor (US) lost all it's customers bitcoins once, CryptoXchange (Australia) stole from users and disappeared, Bitcoinica (China?) stole or lost all the coins, and bitcoin-24 (German) has just lost their bank account and owner MIA. All exchanges carry risk no matter what country they are in.
You can fund btc-e through cash deposit in India, Singapore, Malaysia, Bangladesh, Nepal, Australia with http://www.ecurrencyzone.net/ which are authorized exchange listed on the Okpay.com site. They sell btc-e vouchers and Okpay. So does http://liliontransfer.org/ for wires and other methods.
If you want a really secure platform (you fear your comp is probably already infected with hidden java zeroday botnet) then download any linux live distro and make bootable USB or burn to CD. I recommend Liberty Linux http://dee.su and just use the non private browser (disable java and javascript!), NOT the Tor browser you don't want to trust SSL over Tor and risk a malicious exit node capturing traffic and running sslstrip on it or feeding you a MITM attack with spoofed certs.
If you want to know why watch this, nothing has changed since this talk was given: https://www.youtube.com/watch?v=Z7Wl2FW2TcA
submitted by Derpcoin to Bitcoin [link] [comments]

Bitcoin BULLISH! Will BAKKT Affect Ethereum? US China Currency Wars - Bitcoin News Bitcoin CRITICAL ZONE!! 23,000 $BTC WHALE Move!! Satoshi REVEALED!? Bakkt Update Make a Living in 1 Hour a Day Trading the 3 Bar Play ... Bitcoin Price In DANGER ZONE! Chainlink and Vechain Trade ... Trusted E-Currency Exchangers 2016  100% works

Cryptocurrency markets fell hard on August 21 following the $700 price drop bitcoin core saw during the early morning trading sessions.Most digital assets have lost 2-8% in value as the overall ... Bitcoin’s Rally Stalls At $7,000 as Daily Close Fast Approaches. At the time of writing, Bitcoin is trading up just under 5% at its current price of $7,025, which is the price at which it has been trading at in the time following this morning’s slight rejection at highs of $7,200. BTC is currently trading up significantly from daily lows of under-$6,600, with the strong support established ... bitcoin news: How To Buy Or Sell BitCoins Withdrawalbtc Exchange bitcoin, Sell E-currency, perfect money the bitcoin catalog, exchange, fixed rate. Home decor & Architecture ; Electrical / Mechanical ; Landscaping 07/06/2020 Trending Bitcoin News and Market Sentiment June 7th, 2020: Bitcoin Mining Death Spiral Avoided, ... Bitcoin settles into a comfortable zone just below USD 9,800 A movie has been agreed for the film version of Bitcoin Billionaires, the story of the Winklevoss twins’ rise to crypto fame A $1 challenge has seen Bitcoin beat gold by some distance, comparing a luxury yacht to a candy ...

[index] [23814] [3484] [18] [4282] [38969] [16774] [3277] [5537] [39853] [21690]

Bitcoin BULLISH! Will BAKKT Affect Ethereum? US China Currency Wars - Bitcoin News

This video is unavailable. Watch Queue Queue. Watch Queue Queue BITCOIN HEUTE: In diesem Video gehe ich über die heutigen Bitcoin News & Ich mache eine Bitcoin Preis Analyse. Die BTC News oder Analysen können eine Inspira... #Stocks #Trading #Investing Stop over complicating your trading. It doesn't have to be so confusing. Keep it simple!! Simple is profitable! https://www.livet... To get started E-Currency Exchange you just need a laptop or computer with a good fast online connection. You cannot trade forex with a dialup connection, it would be too slow. Your computer will ... Ethereum 2.0 Update , Blockchain technology, AI, Crypto, Bitcoin BTC Halving Еthеreum nеws 15,184 watching Live now Sunday Law News Report Doug Batchelor - Duration: 41:26.

#