People are starting to do deep-dives into the Iota crypto code and things aren’t looking pretty. I’m fairly confident there’s more where this came from. http://blog.lekkertech.net/blog/2018/03/07/iota-signatures/ …
-
-
I’m sure at some point that will happen. The Iota community seems hell-bent on getting the security community to “prove their claims” by developing weaponized exploits. It’s bad stuff.
-
No one has to encourage hackers to develop exploits. There's a monetary incentive to do such. Has any been found and exploited yet?
-
I've been repeatedly told "if it's so bad why don't you just exploit it?" by IOTA advocates. I'm sure others have too.
-
I'm sure you have and no one with ethics should try to exploit it to prove a point. My point still stands though that there are people trying to exploit vulnerabilities and they've yet to succeed.
-
The linked post appears to demonstrate a case in which someone did exactly that.
-
It was only possible because funds were sent to a spent address. That has been warned against since the beginning.
-
People have been warned against sending funds twice from the same address; this is the first suggestion that funds are vulnerable even without a second send.
-
Why would you ever send funds to a spent address knowing they are vulnerable as soon as you send them? This person sent to a spent address. Unless he/she sent them without ever wanting to send them then when they're vulnerable is somewhat irrelevant.
- 14 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.