|
Strong Sauce posted:metamask is the most popular crypto wallet, it has a chrome extension. it is also really unintuitive to use and so users do things like expose the QR code that gives anyone access to wallets. so a common scam was to msg people on discord who were asking for help and pretending to be someone important or support and they'd trick people into giving up that qr code, or hell even the seed code. VitalSigns posted:https://twitter.com/tayvano_/status/1648187036552290304
|
#
?
Apr 18, 2023 17:36
|
|
|
|
| # ? May 29, 2024 11:53 |
|
|
I have had people who are still proud poo touchers telling me that this sort of problem is a major issue for Crypto (joke of a security model) and that it needs a custodial solution. But given the risk factor and all I can't foresee one ever happening. Meanwhile in the crypto group's they're celebrating gensler getting a hard time from gop when it's dumb soundbites. IE: https://twitter.com/sassal0x/status/1648338351832064003 edit: lol new trump NFT's that have already dropped 75% from cost: https://twitter.com/MAGAoriginalist/status/1648356534382886912 $100 price selling for $10 ish already. https://opensea.io/collection/trump-digital-trading-cards-series-2 .05 eth, eth around 2k. notwithoutmyanus fucked around with this message at 19:25 on Apr 18, 2023 |
|
#
?
Apr 18, 2023 18:03
|
|
|
Dumbies, you're supposed to sell the useless trinkets AFTER he dies. Not before!
|
|
#
?
Apr 18, 2023 19:38
|
|
|
zedprime posted:I have a slightly manic thought/hope that this is some 0 day pseudorandom exploit that's abusing the master-pass-as-only-source-of-entropy problem My heart's desire is that it's some ultra stupid blatant bullshit that we called out in the thread years ago and forgot all about, the nuclear level of i-told-you-so will be beautiful
|
|
#
?
Apr 18, 2023 19:41
|
|
|
notwithoutmyanus posted:edit: lol new trump NFT's that have already dropped 75% from cost: It's almost even worse than most crypto scams, for many of them you at least have the excuse that the sponsor hasn't been indicted for criminal fraud.
|
|
#
?
Apr 18, 2023 19:46
|
|
|
Strong Sauce posted:
these remind me a lot of scams and grifts that i came up with in Ultima online back in the day, based on random little tricks and issues in the game. My friends and i got pretty inventive and eventually all of our accounts were banned after we pulled a big con. Makes my heart glad, is what I'm saying
|
|
#
?
Apr 18, 2023 20:34
|
|
|
My bank use to lock up my account every month because of my Patreon account. Someone could empty your entire wallet and nobody can do poo poo.
|
|
#
?
Apr 18, 2023 21:07
|
|
|
ChaseSP posted:The online based ones are, the local storage ones should be pretty secure and not actually have a key stored anymore hopefully. This actually isn't true either. Maybe LastPass is "bad" (you've heard a bunch of breaches of not password data) but it's asymmetric encryption and no one else can decrypt your vault, not even them. I have used 1password for nearly half a decade now with cloud storage, both my own personal corner and now 1password's family hosted solution. Someone could conceivably steal my vault from them, but then they'd have to guess my passphrase or otherwise brute force decrypting my vault. Point is, it's not transparently bad to use a cloud based solution, but you do need to understand your threat model. Pick a secure passphrase, and don't keep spreading literal FUD about password managers. They are incredibly good, especially the cloud-based ones because of how simple it makes this for the lowest (or at least lower) common denominator.
|
|
#
?
Apr 18, 2023 21:21
|
|
|
JohnCompany posted:It's almost even worse than most crypto scams, for many of them you at least have the excuse that the sponsor hasn't been indicted for criminal fraud yet. Fixed!
|
|
#
?
Apr 18, 2023 21:23
|
|
|
Keepass is free as in beer and speech and can optionally sync its encrypted database across platforms with a whole lot of different apis
|
|
#
?
Apr 18, 2023 21:40
|
|
|
Yeah Keepass is very good and has a bunch of ranging of how it works in terms for how secure you want it which is frankly the best method of doing it. I just don't have much trust for cloud stuff in general given continuous hacks and exploits being found and far prefer the actual file storing the keys be on local drives even if I'm aware this isn't perfectly secure either.
|
|
#
?
Apr 18, 2023 22:03
|
|
|
Having a keystore in the cloud is technically less secure since that's one fairly weak link. But it's still an encrypted keystore and the next step if someone got your keystore and needs to get in is still going to be the crowbar method.
|
|
#
?
Apr 18, 2023 22:10
|
|
|
I just put all my passwords in a txt file on my desktop labeled "passwords don't read" but what makes it secure is that there are like 80 passwords in there and none of them are labeled.
|
|
#
?
Apr 18, 2023 22:12
|
|
|
Salt Fish posted:I just put all my passwords in a txt file on my desktop labeled "passwords don't read" but what makes it secure is that there are like 80 passwords in there and none of them are labeled. Take it one step further and make it so that none of them are right, either
|
|
#
?
Apr 18, 2023 22:17
|
|
|
hmm so the thefts have been happening since december '22 and only to "OGs" who made their wallets a long time ago like back when LastPass had hilariously weak PBKDF2 settings that never updated unless the user manually changed them and then their entire database got got in dec. of 22 hmmm
|
|
#
?
Apr 18, 2023 22:38
|
|
|
Get a cool decoder ring and use it on them.
|
|
#
?
Apr 18, 2023 22:39
|
|
|
Just lol if Henrique doesn't courier you a fresh one time pad via diplomatic bag with your morning orange juice
|
|
#
?
Apr 18, 2023 23:17
|
|
|
Kit Walker posted:Take it one step further and make it so that none of them are right, either just make all your passwords the site name, but in pig latin
|
|
#
?
Apr 18, 2023 23:23
|
|
|
Just as the morning sun is rising over the mountains, if you hold the prisim in the right orientation the beam of light will reveal the true password.
|
|
#
?
Apr 18, 2023 23:24
|
|
|
Hello Sailor posted:just make all your passwords the site name, but in pig latin hey please don't give away my SA password!
|
|
#
?
Apr 18, 2023 23:25
|
|
|
ChaseSP posted:Yeah Keepass is very good and has a bunch of ranging of how it works in terms for how secure you want it which is frankly the best method of doing it. I just don't have much trust for cloud stuff in general given continuous hacks and exploits being found and far prefer the actual file storing the keys be on local drives even if I'm aware this isn't perfectly secure either. Keepass rules, I use it + Syncthing to keep my password file synchronized across devices. There's even an Android app (and syncthing for android), so I can use it on mobile.
|
|
#
?
Apr 18, 2023 23:30
|
|
|
Thesaurus posted:these remind me a lot of scams and grifts that i came up with in Ultima online back in the day, based on random little tricks and issues in the game. My friends and i got pretty inventive and eventually all of our accounts were banned after we pulled a big con. Reminds me of the classic Diablo 2 scam. When you spoke in chat, your account's username was displayed in your chat handle. So the scam was going in chat and saying "Giving away my account, just whisper me what you want the password to be", then people would whisper you a password and immediately log out of their account to try that password on your account, meanwhile it was somehow always the password to their actual account that they had just conveniently logged out of. e: Diablo 2 was pretty much the first crypto. My friends and I made some money in highschool by running D2 bots all day while we were at school, then going home to sell the drops the bot found for FG on d2jsp and then sell the FG for real money 
deep dish peat moss fucked around with this message at 23:40 on Apr 18, 2023 |
|
#
?
Apr 18, 2023 23:35
|
|
|
Diablo scams are how I learned VERY QUICKLY that the internet is all about scamming people, and it was scam or be scammed.
|
|
#
?
Apr 18, 2023 23:57
|
|
|
deep dish peat moss posted:e: Diablo 2 was pretty much the first crypto. My friends and I made some money in highschool by running D2 bots all day while we were at school, then going home to sell the drops the bot found for FG on d2jsp and then sell the FG for real money D2 trading makes a really good analogy for the "wait in a parking lot for a dealer to come exchange cash for bits" phase of bitcoin. Though it did get easier towards the end, once Paypal became more of a thing.
|
|
#
?
Apr 19, 2023 00:28
|
|
|
jokes posted:Diablo scams are how I learned VERY QUICKLY that the internet is all about scamming people, and it was scam or be scammed. I wonder if that's part of why this forum has a general higher distrust of crypto and decentralized unregulated economies than most other online communities. It's very comparable to a MMO economy and a large percentage of the userbase here has probably played an MMO long enough at some point to see how that plays out. E: to add to the analogy, my only actual interaction with crypto ever was buying some Cardano in 2021 to profit off the exact same mechanic as MMO Patch Note Economics. In any MMO, if you read the patch notes they will mention items that will have higher demand in the next patch, and you can stockpile that item now to sell it for a gigantic markup on patch day to all the people who don't read the patch notes. I did that with Cardano because they literally announced a date that their highly-anticipated new smart contract system would launch 6+ months ahead of time, so I thought "Hmm, this reminds me of MMO patch notes" and bought a bunch at like $1.10 each and immediately sold it on "patch day" for 2.70 each. Unsurprisingly that smart contract update turned out to be garbage and the price tanked lower than ever before by the next day. But the sheer fact that "Huge new update!" with a specific timeframe was known meant that the date and time of the short-lived price spike could be predicted. It was pretty much insider trading except without regulations to prevent it, and "being an insider" only requires reading public statements that most of the userbase is uninterested in and/or ignorant of. deep dish peat moss fucked around with this message at 01:01 on Apr 19, 2023 |
|
#
?
Apr 19, 2023 00:46
|
|
|
The same reasons I know that chatbot AI is doomed to end in racism and far-right-wing chuddery are the same reasons I know you can't trust anything on the internet: I played video games on the internet consistently since 9/11. Spending time on the internet is a bit like 40k where they send out probes into the wider universe and all the data they ever get back are ork noises, but instead of ork noises it's ork noises and racism. "The internet makes you stupid", and adding internet to things also makes them stupid.
|
|
#
?
Apr 19, 2023 01:13
|
|
|
I learned early to assume literally everything on the internet is a scam til proven otherwise.
|
|
#
?
Apr 19, 2023 01:31
|
|
|
Keepass more like pee-rear end
|
|
#
?
Apr 19, 2023 01:50
|
|
|
deep dish peat moss posted:Reminds me of the classic Diablo 2 scam. When you spoke in chat, your account's username was displayed in your chat handle. So the scam was going in chat and saying "Giving away my account, just whisper me what you want the password to be", then people would whisper you a password and immediately log out of their account to try that password on your account, meanwhile it was somehow always the password to their actual account that they had just conveniently logged out of. Wait I don't get how this scam works Someone who thinks they're getting a free account would have to whisper their own password for the scam to work right? Why wouldn't they just make up a new password on the spot to whisper to the person supposedly giving away their account?
|
|
#
?
Apr 19, 2023 01:53
|
|
|
You're understanding it correctly, but this was 22 years ago ( ) and people weren't as password-security-conscious as they are today. It was still years later that companies and online services in general realized that exposing login usernames publicly to other users is a fantastically-bad idea.
|
|
#
?
Apr 19, 2023 01:59
|
|
|
Because people love to use the same password over and over for all their accounts, especially back in the day.
|
|
#
?
Apr 19, 2023 02:01
|
|
|
Yeah but you could just say some throwaway thing like "Frogger123" or something then change it to your real password after so no one else has to know the one password you use for everything. But yeah okay I get it the scam relied on people just impulsively saying the first thing that came to mind to get the free account, which was their own account password often enough for the scam to be worthwhile. E: please don't use password Frogger123 to steal my SA account tia
|
|
#
?
Apr 19, 2023 02:10
|
|
|
You know the classic quote, "There's a sucker born every minute"? There are 266 people born every minute, and almost all of them are suckers.
|
|
#
?
Apr 19, 2023 02:14
|
|
|
My favorite scam was "Drop your most expensive item by the fence here and I'll go over there so that you know I cannot steal it (pinky swear) so I know that you can be trusted to be let into the clan/teamspeak/irc/whathaveyou."
|
|
#
?
Apr 19, 2023 02:15
|
|
|
nomad2020 posted:My favorite scam was "Drop your most expensive item by the fence here and I'll go over there so that you know I cannot steal it (pinky swear) so I know that you can be trusted to be let into the clan/teamspeak/irc/whathaveyou." I played a lot of D2 but only single player, how would they steal it. Could they run over and grab it before the other person reacted, or would they have an accomplice, or was there some remote item grabbing ability?
|
|
#
?
Apr 19, 2023 02:18
|
|
|
There were a couple of versions that I know of, but the one I know how was a glitch. You couldn't use spells 'in town', but you could use say teleport from outside the town wall into the town.
|
|
#
?
Apr 19, 2023 02:53
|
|
|
Also now you have to sign up and set a password for something or other practically daily and they all want long passwords with numbers and symbols also LastPass got hacked
|
|
#
?
Apr 19, 2023 03:01
|
|
|
jokes posted:Diablo scams are how I learned VERY QUICKLY that the internet is all about scamming people, and it was scam or be scammed. For me it was EVE. Like, holy poo poo does this crypto poo poo feel like something right out of New Eden. E: deep dish peat moss posted:I wonder if that's part of why this forum has a general higher distrust of crypto and decentralized unregulated economies than most other online communities. It's very comparable to a MMO economy and a large percentage of the userbase here has probably played an MMO long enough at some point to see how that plays out. Sardonik fucked around with this message at 05:19 on Apr 19, 2023 |
|
#
?
Apr 19, 2023 05:14
|
|
|
Sardonik posted:The EVE devs did a pretty hilarious troll to try to discourage this kind of thing once. They claimed they were going to increase the blueprint price of Small Tractor Beam 1 or some such from 250k to a million isk, but then didn't actually do it. I remember reading on the forums some jagoff had bought like 1000 of them was exceptionally angry about it. Reminds me of the guy who came in to one of these threads in early 2021 asking if bitcoin was good to get in to now, since he missed out on grifting people by buying up all the toilet paper and hand sanitiser, and wanted to get in on a ground floor.
|
|
#
?
Apr 19, 2023 06:15
|
|
|
|
| # ? May 29, 2024 11:53 |
|
|
Someone who isn't a sucker TayTay ... rules?
|
|
#
?
Apr 19, 2023 06:39
|
|
