BlockExplorer To Support Bitcoin (Cash) Over Bitcoin Legacy

Dear BlockExplorer users,

BlockExplorer.com will be supporting Bitcoin Cash over Bitcoin, which we feel currently has a negative momentum path when it comes to utility. Going so far as to change the default BlockExplorer.com to show Bitcoin (Cash) over Bitcoin Legacy. BlockExplorer CEO, Rick Falkvinge, wrote in the announcement:

In August 2017, Bitcoin forked into two variants. These have taken radically different paths.

Looking at the situation one quarter later, it is clear to us that the Blockstream fork of bitcoin diverges so radically from the ideas presented in the Bitcoin white paper, that it is an evolutionary dead end. While it may still have high trading value, as a mere collectible of curiosity, the Blockstream fork of bitcoin is not part of building any future financial infrastructure, which is what Block Explorer is about.

A currency of the future has subcent optional usage fees and instant transactions. The Blockstream fork of Bitcoin (“Bitcoin Legacy”) is at $20 usage fees and rising, with no end in sight, and can take days to confirm, despite unfulfilled promises to the contrary on both points when Segwit activated in what can only be described as a community fistfight. We are therefore making the decision to consider the Blockstream fork deprecated, and support it as legacy technology only.

Rather, we have made the decision to support the only bitcoin fork with a postive utility momentum, which is Bitcoin Cash. We took an early decision to deploy a Bitcoin Cash block explorer and will continue to roll out related services. We are also deploying tools for other cryptocurrencies we find on a positive momentum path, such as ZCash, which have increased privacy value.

We will not add future support for the Blockstream fork of bitcoin (“Bitcoin Legacy”), and will be deprecating it entirely at some future point in time to be determined. Developments have revealed it to be a dead end. At such a time, we will refer to Bitcoin Cash as Bitcoin only, but will make some effort to not break API calls by changing URLs of legacy automated systems.

Developers: Note the BlockExplorer API is changing

BlockExplorer’s API and website will change, so if your site references BlockExplorer for Bitcoin Legacy, please take note of the following changes:

  • https://blockexplorer.com will be switched over to displaying Bitcoin Cash data.
  • https://bitcoinlegacy.blockexplorer.com will display Bitcoin Legacy data.
  • https://blockexplorer.com/api will continue to serve data from Bitcoin Legacy for now until we feel confident we can deprecate it, in which it will then serve Bitcoin Cash data.
  • https://bitcoinlegacy.blockexplorer.com/api should be used immediately to use the Bitcoin Legacy API.
  • https://bitcoincash.blockexplorer.com/api should be used for the Bitcoin Cash API for now, until it is switched over to https://blockexplorer.com/api

Electrum Releases Update After Google Project Zero Researcher Discovers 2-Year Old Vulnerability in Wallet Client

Electrum’s developers released a new version of their bitcoin wallet client after a security researcher at Google Project Zero discovered a critical vulnerability that allowed hackers to use malicious websites to steal bitcoins from unencrypted Electrum wallets. If you haven’t already, update to Electrum 3.05

Tavis Ormandy, a white hat hacker who has identified a number of high-profile vulnerabilities in software products, discovered a critical bug in Electrum’s JSON-RPC protocol, which is used to transfer data between clients and servers.

The interface was not secured properly, which made any unencrypted Electrum wallet immediately vulnerable to having its balance drained by thieves if both the wallet and a web browser were open at the same time.

Here is an example of how the vulnerability can be exploited to steal the wallet seed from a wallet that is either unencrypted or encrypted with a poor password:

However, Ormandy said that users with encrypted wallets also face potential risks.

“I think just scanning for people in the background of a website is really easy, and seems likely someone will try that. Even with encrypted wallets, you can still change options, change destination addresses, deanonymize users via listaddresses and so on,” Ormandy wrote on Github.

The vulnerability, which affects wallet versions 2.6 to 3.0.3, was initially reported on Nov. 24, 2017, the same day that Bleeping Computer reported that hackers have been scanning the web for Ethereum wallet clients vulnerable to an insecure JSON-RPC interface. However, Electrum developers apparently did not recognize the gravity of the issue, as it went unaddressed until Ormandy discovered it on Jan. 6.

Apparently, the vulnerability was more than two years old, as the affected code was merged on Nov. 30, 2015. Amazingly, there are no known cases of it being successfully exploited, although this will almost certainly change now that the bug has been revealed.

Electrum quickly released an update, version 3.0.4, which addressed part of the issue but may still be vulnerable to some attacks.

Developers are now urging users to update their wallets to version 3.0.5, although they should probably exercise caution while using the wallet until it is clear that the release is stable.

Notably, the vulnerability also affects Electron Cash — a bitcoin cash-based fork of Electrum — so this wallet’s users should update their software clients to version 3.1.1.

Featured Image from Pixabay

Happy Genesis Day: Today, at 18:15:05 GMT, the Bitcoin Blockchain Turns 9

bitcoin genesis day

Genesis Day is a Bitcoin holiday celebrated on January 3rd, the day that Satoshi Nakamoto mined the first block of Bitcoin – thus creating the world’s first blockchain. These were the words on the Bitcoin blockchain genesis block, the first block on the blockchain:

“The Times 03/Jan/2009 Chancellor on brink of second bailout for banks.”

It was mined by Satoshi Nakamoto himself at 18:15:05 GMT and  attached the words to prove that no pre-mining had occurred. The first block on the “block chain,” as Mr. Nakamoto called it. Nakamoto then disappeared a few years later, leaving core developer Gavin Anderson in charge. Today is the anniversary of the creation of the bitcoin blockchain, so let’s have a look at Bitcoin’s past since Satoshi left at the end of 2010.

Happy Genesis Day! A brief look at the Origins of Bitcoin and the path it has taken

“Bitcoin” first appeared in our lexicon on 31 October 2008 on a cryptography mailing list as a link to a paper written by Nakamoto about bitcoin itself. The paper detailed how bitcoin would work, and soon after the release of the whitepaper, the genesis block was mined, and the bitcoin network was online.

Fast forward to 2012, the price at the beginning of the year was $2.00, with the price rising to $13.00 in December. Bitcoin picked up some early media coverage in an episode of The Good Wife – specifically in a season 3 episode titled ‘Bitcoin for Dummies’. Later that year, the Bitcoin Foundation was created. In April 2013, The Pirate Bay began accepting donations in bitcoin.

In 2014, the price passed $1000 for a short amount of time, before falling to around $200 later in the year. The network hash rate surpassed 10PH/s, the network would later pass 100PH/s. And in February, Mt. Gox, a large exchange at the time began to refuse withdrawals, It eventually filed bankruptcy. Leaving a large number of its clients out of any bitcoin that they had stored with Mt. Gox at the time. In July, the US-based online computer hardware Newegg announced that it would begin accepting bitcoin. Later in the year, in December, Microsoft started to accept bitcoin for various services.

Three years ago… In 2015, the price hit a low of $200 and a high of $504, the highest bitcoin had ever been valued at. Coinbase reported in January that it had raised over $70 million in funding. While at the same time BitStamp was investigating a hack of their hot wallet, resulting in a loss of 19000 BTC – now worth quite a bit according to the BlockExplorer Market Data. In August,  Barclays announced that charities would be able to convert bitcoin directly to fiat currency in their accounts. In October, the Unicode Consortium received a proposal to add the bitcoin symbol to the Unicode specification.

In 2016, a slow and steady rise in Bitcoin’s price accompanied rises in transaction fees and volume. In 2017, Bitcoin forked a few times. Now that it is Genesis Day 2018: Let’s take this Bitcoin Genesis Day to look back on the path of the past and plan for the future.

Warning: There’s a Reddit Bot Attempting to Steal Bitcoin Cash Tips Sent By Tippr

If you use Reddit, you may know that tip bots such as /u/tippr allow you to tip fellow redditors, in /u/tippr’s case, with BCH. Another Reddit bot has recently been discovered that attempts to gain access to Reddit accounts that have sent tips, and if successful, transfer out any balance the account may have with tip bots to the bitcoin cash address: 1Dn1uint1pMTrNXGyE3hQzyL6FJ8jpS1SD. Here are the methods with which you can secure your Reddit account against attackers. Obviously, protecting your Tippr BCH tips is only one benefit of having a secure Reddit password.

Use a secure Reddit password

 

https://imgs.xkcd.com/comics/password_strength.png

Image from XKCD

Secure passwords will always help improve security. When choosing a password, length is better than most other security practices.  Otherwise, make sure that you do not use birthdays or things linked to you personally.

Use two-factor authentication on your account

Two-factor authentication means that when trying to log into your account, you are required to input a randomly generated, one-time use code alongside their password, this is accomplished using any two-factor authentication application that supports Time-based One-Time Password Protocol,  the Android and iOS apps Authy and Google Authenticator are recommended. You can read the full two-factor authentication setup guide here and there is a short explanation of enabling two-factor authentication below.

Enabling two-factor authentication requires you to be a subreddit moderator. You can become a subreddit moderator by creating your own subreddit. If you are a subreddit moderator you can find the option to enable 2FA on your preferences page. Reddit will ask you to confirm your email and password during the process of enabling two-factor authentication.

Featured image from Wikipedia