1697 replies to this topic

[Lupus590]

Lignum, on 22 February 2016 - 01:38 PM, said:

If it doesn't work, then HTTPS is the problem.

ComputerCraft doesn't support HTTPS

[ry00000]

Well, I have an Intel Core 2 Quad, I shouldn't get much krist from it. should I?

[Lignum]

Lupus590, on 22 February 2016 - 06:01 PM, said:

ComputerCraft doesn't support HTTPS

I don't know why people keep saying it doesn't, because it does:


Works in-game (CC1.78) and on CCEmuRedux.

ry00000, on 22 February 2016 - 06:17 PM, said:

Well, I have an Intel Core 2 Quad, I shouldn't get much krist from it. should I?

You shouldn't mine with your CPU anyway. There is now turbokrist, which allows you to do GPU mining.

[Anavrins]

Lupus590, on 22 February 2016 - 06:01 PM, said:

Lignum, on 22 February 2016 - 01:38 PM, said:

If it doesn't work, then HTTPS is the problem.

ComputerCraft doesn't support HTTPS

It does, I can access dropbox with an https link in-game.
The reason why it doesn't work on some website is that, after testing multiple domain with SSLLabs, I noticed that most Java version only support up to TLS1.0.
TLS1.0 is enabled on dropbox, google, etc... but not on krist.
Krist SSLtest
Dropbox cdn SSLtest

Edited by Anavrins, 22 February 2016 - 06:46 PM.

[Lemmmy]

Anavrins, on 22 February 2016 - 06:40 PM, said:

Lupus590, on 22 February 2016 - 06:01 PM, said:

Lignum, on 22 February 2016 - 01:38 PM, said:

If it doesn't work, then HTTPS is the problem.

ComputerCraft doesn't support HTTPS

It does, I can access dropbox with an https link in-game.
The reason why it doesn't work on some is that, after testing multiple domain with SSLLabs, I noticed that most Java version only support TLS1.0.
TLS1.0 is enabled on dropbox, google, etc... but not on krist.
Krist SSLtest
Dropbox cdn SSLtest

well java is stupid my ssl is secure

im looking into it give me a few mins

Edited by Lemmmy, 22 February 2016 - 06:50 PM.

[Anavrins]

Lemmmy, on 22 February 2016 - 06:46 PM, said:

well java is stupid my ssl is secure

And not backward compatible with TLS1.0, which is my whole point to try and make it work within CC.
Enabling TLS1.0 shouldn't cause any security issues as long as you disable the RC4 cipher.
The dropbox ssltest support that claim.

Edited by Anavrins, 22 February 2016 - 06:54 PM.

[Lemmmy]

Anavrins, on 22 February 2016 - 06:51 PM, said:

Lemmmy, on 22 February 2016 - 06:46 PM, said:

well java is stupid my ssl is secure

And not backward compatible with TLS1.0, which is my whole point to try and make it work within CC.
Enabling TLS1.0 shouldn't cause any security issues as long as you disable the RC4 cipher.
The dropbox ssltest support that claim.

the problem is my ssl configuration is backwards compatible with tls1.0 but for some reason nothing is seeing this and im pretty sure nginx is screwing with me at this point

tls1.0 has been enabled the entire time, i even tried the mozilla ssl config generator and set the profile to old and thats still lying

[Lemmmy]

	ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
	ssl_prefer_server_ciphers on;

i don't see the problem

woudld it be because i have dhparams setup

Edited by Lemmmy, 22 February 2016 - 07:13 PM.

[Anavrins]

Lemmmy, on 22 February 2016 - 07:03 PM, said:

tls1.0 has been enabled the entire time, i even tried the mozilla ssl config generator and set the profile to old and thats still lying

I would suggest the intermediate profile instead, you don't want SSLv3 in there
We should probably continue this discussion via PM or via a Github issue or something.

[Lemmmy]

Anavrins, on 22 February 2016 - 07:20 PM, said:

Lemmmy, on 22 February 2016 - 07:03 PM, said:

tls1.0 has been enabled the entire time, i even tried the mozilla ssl config generator and set the profile to old and thats still lying

I would suggest the intermediate profile instead, you don't want SSLv3 in there
We should probably continue this discussion via PM or via a Github issue or something.

i used to, problem is that the intermediate profile doesnt remotely support java 6 or 7. check the krist github, i'll make an isssue there

https://github.com/L...Krist/issues/17

Edited by Lemmmy, 22 February 2016 - 07:22 PM.

[Waitdev_]

wait, so.. how am i supposed to mine krist? i know it's a program, but where do i get that?
also, i saw something to do with a network thing, does that mean it uses internet?

[Lupus590]

Waitdev_, on 23 February 2016 - 06:20 AM, said:

i saw something to do with a network thing, does that mean it uses internet?

crypto currency miners have to compare with each other to make sure that no-one has already mined that block, this is what the network usage is for

as for miners: http://www.computerc...ed-krist-miner/

Edited by Lupus590, 23 February 2016 - 09:49 AM.

[bauen1]

Wait a minute, will the database be downloadable (worst dramatic sentence ever)
Because the way addresses are verified is: storing a sha256 hash of the address + the key meaning that its quite possible to mine this hash with a gpu.


KFaucet is responding with 502 (Bad Gateway) to the claim call of kj71ec3dc3 (mine, 2 + 4 + 8 + 16 + 32 krist claimed) /api/claim/kj71ec3dc3
Is this normal ?
This is even happening with other addresses

Edited by bauen1, 23 February 2016 - 12:39 PM.

[ry00000]

I COULD unhash an address... If I knew the SHA256 and the key... Yeah, thanks, krist.ceriat.net for not providing the SHA's and the keys.

[Lignum]

bauen1, on 23 February 2016 - 12:33 PM, said:

Wait a minute, will the database be downloadable (worst dramatic sentence ever)
Because the way addresses are verified is: storing a sha256 hash of the address + the key meaning that its quite possible to mine this hash with a gpu.

We store a hashed private key in the database, which prevents mining addresses unless you get the exact key used to make the address (which is hard if it's a long key!). But either way, it's unlikely that the Krist database will be downloadable, since we're no longer using SQLite, which means we would need to dump the db periodically.

bauen1, on 23 February 2016 - 12:33 PM, said:

KFaucet is responding with 502 (Bad Gateway) to the claim call of kj71ec3dc3 (mine, 2 + 4 + 8 + 16 + 32 krist claimed) /api/claim/kj71ec3dc3
Is this normal ?
This is even happening with other addresses

Yep, sorry, we had to reboot the VPS yesterday because of a memory leak and I forgot to start KFaucet back up. It should work now.

[Lemmmy]

Lignum, on 23 February 2016 - 05:42 PM, said:

But either way, it's unlikely that the Krist database will be downloadable, since we're no longer using SQLite, which means we would need to dump the db periodically.

To follow this up, I am planning on writing a DB dumper that will make a data.db containing all non-sensitive info at 0:00 GMT daily.
Edit: I'm doing this now.

ry00000, on 23 February 2016 - 01:09 PM, said:

I COULD unhash an address... If I knew the SHA256 and the key... Yeah, thanks, krist.ceriat.net for not providing the SHA's and the keys.

You can unhash an address? Yeah, right. You could rainbow table it for sure, but we store them salted so good luck using a rainbow table too.

Go ahead and unhash these privatekeys:

4aaa3e2da7fcab5c599dab7a5a86341addebf25b19f6696b2e4b3e6d130e5035
8f07ac7acb02b34d043266cae6c4532f639ff56cdd32d1f0f1dcc308eb8d1ff6
0b862738b6f904d55ba4f436f569d732537a8d05e688d4709908ef54bdcccd60
105d5d126a88a910840e137a514f3ddc038f25ccda41ea10bcc6c878b5e1a0e5
0b34dcd8a9d5f5fcbb7791ad0aa25979a2c194bdaffd7951e05404c57cc9d45c

And one for luck:

9627ec943025d95252ea3151cd75f292b26cdb950d77489919b4a2d69f24ee03e4769cb50ea724742b014c4d30cd76c4896426ce6d659187771b220d74485f81

Edit 2: I had a second look at your message, and it's absolutely hilarious how BS it is. First of all, why do you need the SHA-256 AND the key? The SHA-256 is pretty much just sha256(address + privatekey), so the key is just enough. Address generation has nothing to do with the stored SHA-256, it is purely an extra measure against collisions.

Addresses are generated based on the privatekey, and will collide. This means that you can mine addresses. This is most likely what you think you can do. Addresses are generated using SHA-256 and a little bit of fairy dust (and 3d6 quality code). It should be noted that SHA-256 is a cryptographic hash function, and it is one-way. This means you cannot unhash. You can however mine for the target string and hope that you eventually get it. Rainbow tables make this easy as they come with pre-prepared input and outputs, but are invalidated when salts are thrown into the mix. If you have enough computational power, you can easily mine for any address you wish. However, as Lignum stated, you will need to mine for the exact privatekey used now.

ry00000, on 23 February 2016 - 01:09 PM, said:

Yeah, thanks, krist.ceriat.net for not providing the SHA's and the keys.

What the hell? Were you dropped on the head as a child? Did you seriously think that any of us would be stupid enough to literally give you the privatekeys and/or hashes? Please take a good look in a mirror and reconsider your life. Thank you.

Edited by Lemmmy, 23 February 2016 - 06:21 PM.

[Anavrins]

ry00000, on 23 February 2016 - 01:09 PM, said:

I COULD unhash an address... If I knew the SHA256 and the key... Yeah, thanks, krist.ceriat.net for not providing the SHA's and the keys.

Let's say the account with password "a", has an address "kxxk8invlf" and a privatekey "9c61cce6bae9ac864b60238532ac8ce1a73006d943b44e060259e50363f4aebd-000" which is 68 characters long.
The hash stored in the database is sha256("address..privatekey"), you know the address, but you still need to figure out the privatekey.
Is it me or you are claiming to be able to crack a 68 characters long password?

Spoiler

[FoxData]

I want to mine this with an in game computer - How do i do it?

[Quartz101]

FoxData, on 23 February 2016 - 08:25 PM, said:

I want to mine this with an in game computer - How do i do it?

You don't. It would be too insanely slow, especially with GPU mining.

[Anavrins]

FoxData, on 23 February 2016 - 08:25 PM, said:

I want to mine this with an in game computer - How do i do it?

Here's my CC miner if you want to mess with it 0swpD5L2
You will only be able to get a maximum of around 1500 hash/sec with it, compared to 1'000'000'000 hash/sec with a gpu miner.
You can also swap the commenting on line 54-55 if you want to try with an easier, false work, but you will not get any valid krist that way.

Edited by Anavrins, 24 February 2016 - 03:39 AM.