These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE General Discussion

 
  • Topic is locked indefinitely.
Previous page12
 

Bit-Keys | Your source for PC-Games and GTC | Pay with Bitcoin

First post
Author
Previous Topic Next Topic
Medarr
Viziam
Amarr Empire
#21 - 2013-11-23 15:43:21 UTC  |  Edited by: ISD Cura Ursus
Messoroz wrote:
Medarr wrote:
They have NO SSL
They use a ****** cms
They are vulnerable to reflected XSS
They are vulnerable to Brute Forcing

Let me just leave this here...

Link Removed -- ISD Cura Ursus

This site is utter ****.... Best stay away from it.



" | Name: woocommerce - v2.0.20
| Location:Link Removed -- ISD Cura Ursus
| Readme:Link Removed -- ISD Cura Ursus
|
| * Title: WooCommerce 2.0.17 - hide-wc-extensions-message Parameter Reflected XSS"



You are a fudging idiot. DO YOU NOT READ THE FUDGING REPORT? IT BROUGHT UP A XSS ATTACK FOR A OLDER VERSION OF THE PLUGIN. This means it is useless.


Every website is vulnerable to brute forcing. People's eve accounts no doubt get stolen this way too because CCP hasn't cared to put in rate limiters on the launcher.


The only real issue is lack of SSL. Who cares what they use for a CMS? Most CMSes are piles of complicated horse turds anyway.


I'm looking at a .20 exploit here mate... Maybe you shouldnt run your mouth that quick..
And I was about to take you seriously until you said "every site is vulnerable to brute forcing"

http://www.fail2ban.org/wiki/index.php/Main_Page
http://denyhosts.sourceforge.net/
Medarr
Viziam
Amarr Empire
#22 - 2013-11-23 15:45:19 UTC  |  Edited by: Medarr
double post is double
Weaselior
GoonWaffe
Goonswarm Federation
#23 - 2013-11-23 15:50:02 UTC
a bit coin site is run by a bunch of incompetent idiot knownothings?

this is shocking I would have expected them to be legit

Head of the Goonswarm Economic Warfare Cabal Pubbie Management and Exploitation Division.
Medarr
Viziam
Amarr Empire
#24 - 2013-11-23 15:51:32 UTC  |  Edited by: ISD Cura Ursus
Solstice Project wrote:
Pak Narhoo wrote:
Medarr wrote:

Let me just leave this here...
Link Removed -- ISD Cura Ursus
.

Shocked
Could you explain how to read this properly ?

I see the data, but can't actually extract usefull information.


It shows which Wordpress is installed, which plugins are installed, which plugins may be intresting to look at or have possible exploits in them, it also shows which usernames are registered. Handy if you wanna BF something. It also shows they are sitting behind a cloud flare proxy.
Scatim Helicon
State War Academy
Caldari State
#25 - 2013-11-23 16:10:25 UTC
Can I pay in buttcoins?

Every time you post a WiS thread, Hilmar strangles a kitten.
Tippia
Sunshine and Lollipops
#26 - 2013-11-23 16:47:16 UTC
Please transfer all your stuff to me before it becomes unreachable.
Sebastor Cane
The Outlet
#27 - 2013-11-23 17:11:29 UTC
Sorry i spent all my Bitcoins inside the Deep Web
SKINE DMZ
The Scope
Gallente Federation
#28 - 2013-11-23 17:12:02 UTC  |  Edited by: ISD Cura Ursus
Medarr wrote:
They have NO SSL
They use a ****** cms
They are vulnerable to reflected XSS
They are vulnerable to Brute Forcing

Let me just leave this here...

Link Removed -- ISD Cura Ursus

This site is utter ****.... Best stay away from it.

.. just needs to update his WooCommerce, do you have any idea how much WordPress and WooCommerce is used on a massive scale? And even if you bruteforce in, barely anything to do on it. lol scriptkiddies.

I disagree
Bit Keys
Doomheim
#29 - 2013-11-23 17:42:09 UTC  |  Edited by: ISD Cura Ursus
Medarr wrote:
They have NO SSL
They use a ****** cms
They are vulnerable to reflected XSS
They are vulnerable to Brute Forcing

Let me just leave this here...

Link Removed -- ISD Cura Ursus

This site is utter ****.... Best stay away from it.


There is no real sensitive date processed on our page. The complete payment-process is secured through BitPays SSL. But it seems that most people would feel more secure if we add it.

Nearly every bigger site is vulnerable to xss or Brute-force in some way.

Woocommerce is a secure e-commerce platform which performs very well at this size. It's easy to use and very easy to extend. We don't run amazon here...

We want to give the EVE community the chance to pay for EVE with Bitcoin, nothing else. We are in contact with CCP to become an official re-seller.

We are happy for every form of feedback and try to fix real issues as fast as possible.
Chinwe Rhei
Tribal Liberation Force
Minmatar Republic
#30 - 2013-11-23 17:45:59 UTC
Did you guys seriously miss the fact that it's a bitcoin shop ? There's nothing that you need to share with the a website to make a bitcoin payment that would allow someone else to make purchases from your wallet in your name, jesus.

Besides it's just trading one kind of monopoly money for another. "Oh noes can't share my precious bitcoins on a wordpress site i burned 5 graphics cards and murdered 20 trees on wasted computer time for these babies".
Solstice Project
Sebiestor Tribe
Minmatar Republic
#31 - 2013-11-23 17:47:48 UTC  |  Edited by: Solstice Project
"we want to give the eve community" blabla.
Take your bullshit and stick it up your candy ass.


All you want to do is make a killing via bitcoins.
(and you're right with it, but we still hate you)
Bit Keys
Doomheim
#32 - 2013-11-23 17:54:15 UTC
Solstice Project wrote:
"we want to give the eve community" blabla.
Take your bullshit and stick it up your candy ass.


All you want to do is make a killing via bitcoins.
(and you're right with it, but we still hate you)


No need to be offensive... I I want to make a killing with Bitcoins, I'll buy them on an Exchange.

Of course we want to make some money with our shop. But I think thats legit.
Andski
GoonWaffe
Goonswarm Federation
#33 - 2013-11-23 18:17:06 UTC
Bit Keys wrote:
There is no real sensitive date processed on our page. The complete payment-process is secured through BitPays SSL. But it seems that most people would feel more secure if we add it.

Nearly every bigger site is vulnerable to xss or Brute-force in some way.

Woocommerce is a secure e-commerce platform which performs very well at this size. It's easy to use and very easy to extend. We don't run amazon here...

We want to give the EVE community the chance to pay for EVE with Bitcoin, nothing else. We are in contact with CCP to become an official re-seller.

We are happy for every form of feedback and try to fix real issues as fast as possible.


yeah no "I use offsite payment processing" isn't an excuse for "I don't want to spend twenty ******* bucks on an SSL cert"

Twitter: @EVEAndski

"It's easy to speak for the silent majority. They rarely object to what you put into their mouths."    - Abrazzar
Solstice Project
Sebiestor Tribe
Minmatar Republic
#34 - 2013-11-23 19:59:57 UTC  |  Edited by: Solstice Project
Bit Keys wrote:
Solstice Project wrote:
"we want to give the eve community" blabla.
Take your bullshit and stick it up your candy ass.


All you want to do is make a killing via bitcoins.
(and you're right with it, but we still hate you)


No need to be offensive... I I want to make a killing with Bitcoins, I'll buy them on an Exchange.

Of course we want to make some money with our shop. But I think thats legit.
That's not actually the same.
At all.

You pay a resellers price for item, a.
You charge customers a specific amount of money for item, which sums up to (a+b).
There's an equivalent value of (a+b) in bitcoins, c.

So, if you wanted to exchange, you'd basically pay 1:1 bitcoins for euros. (at whatever current exchange rate)
That would be (a+b) = c.

But as you're a reseller, you don't pay 1:1, you pay less.
You only pay a. The customer pays b.

And as the price of bitcoins will only go up in the long run,
you win even more than that.

It's not the same as using an exchange at all.


Btw, you're totally right with this.
Not saying anything against it.

You *might* want to consider the criticism of the others, though.
These people represent customers that don't use your site for the very reasons they bring up.
Bit Keys
Doomheim
#35 - 2013-11-23 20:22:13 UTC
Solstice Project wrote:
Bit Keys wrote:
Solstice Project wrote:
"we want to give the eve community" blabla.
Take your bullshit and stick it up your candy ass.


All you want to do is make a killing via bitcoins.
(and you're right with it, but we still hate you)


No need to be offensive... I I want to make a killing with Bitcoins, I'll buy them on an Exchange.

Of course we want to make some money with our shop. But I think thats legit.
That's not actually the same.
At all.

You pay a resellers price for item, a.
You charge customers a specific amount of money for item, which sums up to (a+b).
There's an equivalent value of (a+b) in bitcoins, c.

So, if you wanted to exchange, you'd basically pay 1:1 bitcoins for euros. (at whatever current exchange rate)
That would be (a+b) = c.

But as you're a reseller, you don't pay 1:1, you pay less.
You only pay a. The customer pays b.

And as the price of bitcoins will only go up in the long run,
you win even more than that.

It's not the same as using an exchange at all.


Btw, you're totally right with this.
Not saying anything against it.

You *might* want to consider the criticism of the others, though.
These people represent customers that don't use your site for the very reasons they bring up.


We already took actions after the criticism of the community. We already made your login-system more secure with disabling login errors and limit login attempts and some other tweaks. We also will add SSL within the next week.

We hope that we become an authorized retailer as soon as possible to gain more trust.
ISD Cura Ursus
ISD Community Communications Liaisons
ISD Alliance
#36 - 2013-11-23 20:27:17 UTC
20. Posting advertisements is prohibited.

Posts discussing or linking to online auction sites or other sales sites that offer goods or services for real life currency are prohibited.


Thread closed.

ISD Cura Ursus

Lieutenant Commander

Community Communication Liaisons (CCLs)

Interstellar Services Department
Previous page12