How to Make a Crypto Trading Bot Using Python - A ...
How to Make a Crypto Trading Bot Using Python - A ...
trading-bots · PyPI
TradeSkinsFast.com - Trade skins quickly and safely
KeyVendor.net - Fastest, easiest and the best way to sell ...
Steam Community :: #KeyVendor.net BTC⇄CSGO+TF2 Bot
Steam keys trading bot for Bitcoin Cash [BETA]
Tecumsehgo and I have built a Steam bot for trading CS:GO keys with Bitcoin Cash. If you are interested, please help beta-test it. This is the bot's account: http://steamcommunity.com/id/keymarket01 Follow the instructions in the profile to trade. (The wallet is under my full control and in the case of a hack or a bug I hereby publicly promise to compensate at least 1 BCH of funds in that wallet).
Hello! I am the victim of a steam card scam. I bought a card at wal mart to sell for bitcoin. I found a buyer and after having tried a couple others, this one accepted the trade right away. I uploaded the card with the code scratched off and followed the directions to a tee. Everything was done with as much careful scrutiny as possible. Next, as soon as the trade started, he said he needed a few minutes and disappeared. When he came back, he started spamming in the chat copy pasted messages calling me a thief and that I had used the code already (I clearly did not, I bought several cards at once and only scratched one off). I talked back and forth with him, and made it clear that I would not be cancelling the trade as he had already redeemed my code and did not release the funds. It is impossible that anyone else could have used the code. I asked him to show his steam account history, and he sent me two different screenshots. One of a small balance, and another of an account history with the account name conveniently cut off. When I pointed this out and said that I felt it was a scam, he immediately disputed the trade, knowing that a moderator would not arrive for some time. As I attempted to upload my evidence (my receipt and the card that he stole the code from, with his insane chat in the background) he began to spam the chat hundreds of times with the same copy paste message, saying my family is shameful and that I would die for stealing from him. He copy pasted about a dozen messages and sent them hundreds of times, trying to flood the chat so the moderator couldn't read it while simultaneously keeping the chat open and the dispute live. He has negative feedback, and it's his only real feedback. I realize now that all the positive feedback was for 5 dollar purchases, and was likely done by bots to build the accounts feedback rating up. His account name is "SaucyTrevally465" and it is a Chinese account pretending to be American. He has threatened me hundreds of times in the dispute chat, which no moderator has arrived in and it has been about an hour, and he continues to copy paste messages in an attempt to make the chat unreadable for the moderator when they do arrive. Here is a link to his profile: https://paxful.com/useSaucyTrevally465 In the dispute we are in currently in paxful, I have already uploaded my receipt and images of the physical card which I used in the trade. I also included his psychotic ranting in the background. u/Martha_Paxful can you please help? I don't know what to do! The dispute is open and he is losing his mind in the chat calling me names and freaking out. I just want my money back, he has it in escrow right now and I know I'll never get the code back but that's okay. Any help would be appreciated! Thanks! EDIT: I think this whole thing is run by bots, after seeing the way the scammer replies in chat, it has become clear that they aren't run by a person and simply a bot designed to use automated trades and then paste in canned responses until they escalate and eventually start a dispute! They even paste screenshots in the chat, but they're all identical! This is actually a bot, I'm relatively sure! If anyone wants me to pastebin the chat log I can.
Giving away 3 keys to announce my Dota 2 Arcana / TF2 Key trading bot
Hi guys! I'm launching a new trading bot, BitBots.trade where you can buy and sell your Dota 2 Arcanas and TF2 keys for bitcoin. This is good because: ✔️24/7 uptime ✔️Best rates on steam ✔️No hidden fees ✔️BTC functionality; No Coinbase email signup ✔️Built-in Support My main purpose for establishing bitbots.trade was to remove the headache of buying and selling liquid items. Despite the recent Arcana trade hold, my bot still instantly pays sellers. Any Bitcoin deposits are immediately detected and credited within one confirmation. Any Bitcoin withdraws are processed immediately and sent to your wallet in minutes. If any problem arises, there is a dedicated support command where I will receive an alert immediately, so I will be able to quickly remedy any problem. Here is my website where there are links and information on how to sell and buy your items: BitBots.trade Here is the bot that will buy and sell your Dota 2 Arcanas for bitcoin: https://steamcommunity.com/id/bitbotsarcana/ Here is the bot that will buy and sell your TF2 keys for bitcoin: https://steamcommunity.com/id/BitBotsTF2/ Here is my profile: https://steamcommunity.com/id/Patagucci/ Some may already heard of BitBots.trade as I launched earlier in April, but due to the Arcana trade hold and ensuing price fluctuations I temporarily shut down operations. There were also some bugs that frequently knocked the bot offline or caused it to stop working. In that time, a lot of backend changes were made to improve the speed and reliability of the bot. Despite the temporary shutdown, I was still working hard and I hope you guys try out and use my bot :) Hi to enter the giveaway: select a number between 1-10,000 and write down a fact, story or pickup line. The closest winner to a random number (from random.org) will win the key, and this will happen 3 times. You're fact or story does not need to be amazing, I'd accept "Are you from Tennessee? Cause you're the only ten I see" as a pickup line. Just put some thought into it and you're entered. All are welcomed to enter, but if you're profile is a blank page with nearly 0 games played, I may hesitate to hand over your key.
This giveaway will run for 5 days, so the winners will be drawn around Tuesday midnight EST time.
EDIT: Numbers are drawn and winners have been sent their keys. Number #1: 1816 - Rivian_TrampM9 2026 Number #2: 5253 - -potatoav3ng3r- 5171 Number #3: 8708 - SamuelAdams21 8756 Congratulations to all the winners :D
Bitcoin 11 Years - Achievements, Lies, and Bullshit Claims So Far - Tooootally NOT a SCAM !!!!
That's right folks, it's that time again for the annual review of how Bitcoin is going: all of those claims, predictions, promises .... how many have turned out to be true, and how many are completely bogus ??? Please post / link this on Bitcoin (I am banned there for speaking the truth, so I cannot do it) ... because it'a way past time those poor clueless mushrooms were exposed to the truth. Anyway, without further ado, I give you the Bitcoin's Achievements, Lies, and Bullshit Claims So Far ... . Bitcoin Achievements so far:
It has spawned a cesspool of scams (2000+ shit coin scams, plus 100's of other scams, frauds, cons).
Many 1,000's of hacks, thefts, losses.
Illegal Use Cases: illegal drugs, illegal weapons, tax fraud, money laundering, sex trafficking, child pornography, hit men / murder-for-hire, ransomware, blackmail, extortion, and various other kinds of fraud and illicit activity.
Legal Use Cases: Steam Games, Reddit, Expedia, Stripe, Starbucks, 1000's of merchants, cryptocurrency conferences, Ummm ????? The few merchants who "accept Bitcoin" immediately convert it into FIAT after the sale, or require you to sell your coins to BitPay or Coinbase for real money, and will then take that money. Some of the few who actually accept bitcoin haven't seen a customer who needed to pay with bitcoin for the last six months, and their cashiers no longer know how to handle that.
Contributing significantly to Global Warming.
Wastes vasts amounts of electricity on useless, do nothing work.
Exponentially raises electricity prices when big miners move into regions where electricity was cheap.
It’s the first "currency" that is not self-sustainable. It operates at a net loss, and requires continuous outside capital to replace the capital removed by miners to pay their costs. It’s literally a "black hole currency."
It created a new way for people living too far from Vegas to gamble all their life savings away.
Spawned "blockchain technology", a powerful technique that lets incompetent programmers who know almost nothing about databases, finance, programming, or blockchain scam millions out of gullible VC investors, banks, and governments.
Increased China's foreign trade balance by a couple billion dollars per year.
Helped the FBI and other law enforcement agents easily track down hundreds of drug traffickers and drug users.
Wasted thousands if not millions of man-hours of government employees and legislators, in mostly fruitless attempts to understand, legitimize, and regulate the "phenomenon", and to investigate and prosecute its scams.
Rekindled the hopes of anarcho-capitalists and libertarians for a global economic collapse, that would finally bring forth their Mad Max "utopia".
Added another character to Unicode (no, no, not the "poo" 💩 character ... that was my first guess as well 🤣)
Provides an easy way for malware and ransomware criminals to ply their trade and extort hospitals, schools, local councils, businesses, utilities, as well as the general population.
~~Bitcoin is "striking fear into the hearts of bankers, precisely because Bitcoin eliminates the need for banks. ~~, Mark Yusko, billionaire investor and Founder of Morgan Creek Capital, https://www.bitcoinprice.com/predictions/
"A bitcoin miner in every device and in every hand."
"All the indicators are pointing to a huge year and bigger than anything we have seen before."
"Bitcoin is communism and democracy working hand in hand."
"Bitcoin is freedom, and we will soon be free."
"Bitcoin isn't calculated risk, you're right. It's downright and painfully obvious that it will consume global finance."
"Bitcoin most disruptive technology of last 500 years"
"Bitcoin: So easy, your grandma can use it!"
"Creating a 4th Branch of Government - Bitcoin"
"Future generations will cry laughing reading all the negativity and insanity vomited by these permabears."
"Future us will thank us."
"Give Bitcoin two years"
"HODLING is more like being a dutiful guardian of the most powerful economic force this planet has ever seen and getting to have a say about how that force is unleashed."
"Cut out the middleman"
"full control of your own assets"
"reduction in wealth gap"
"cannot print money out of thin air"
"Why that matters? Because blockchain not only cheaper for them, it'll be cheaper for you and everyone as well."
"If you are in this to get rich in Fiat then no. But if you are in this to protect your wealth once the current monetary system collapse then you are protected and you'll be the new rich."
"Theres the 1% and then theres the 99%. You want to be with the rest thats fine. Being different and brave is far more rewarding. No matter your background or education."
"NO COINERS will believe anything they are fed by fake news and paid media."
"I know that feeling (like people looking at you as in seeing a celebrity and then asking things they don't believe until their impressed)."
"I literally walk round everyday looking at other people wondering why they even bother to live if they don't have Bitcoin in their lives."
"I think bitcoin may very well be the best form of money we’ve ever seen in the history of civilization."
"I think Bitcoin will do for mankind what the sun did for life on earth."
"I think the constant scams and illegal activities only show the viability of bitcoin."
"I think we're sitting on the verge of exponential interest in the currency."
"I'm not using hyperbole when I say Satoshi found the elusive key to World Peace."
"If Jesus ever comes back you know he's gonna be using Bitcoin"
"If this idea was implemented with The Blockchain™, it would be completely flawless! Flawless I tell you!"
"If you're the minimum wage guy type, now is a great time to skip food and go full ramadan in order to buy bitcoin instead."
"In a world slipping more and more into chaos and uncertainty, Bitcoin seems to me like the last solid rock defeating all the attacks."
"In this moment, I am euphoric. Not because of any filthy statist's blessing, but because I am enlightened by own intelligence."
"Is Bitcoin at this point, with all the potential that opens up, the most undervalued asset ever?"
"It won't be long until bitcoin is an everyday household term."
"It's the USD that is volatile. Bitcoin is the real neutral currency."
"Just like the early Internet!"
"Just like the Trojan Horse of old, Bitcoin will reveal its full power and nature"
"Ladies if your man doesnt have some bitcoin then he cant handle anything and has no danger sex appeal. He isnt edgy"
"let me be the first to say if you dont have bitcoin you are a pussy and cant really purchase anything worldwide. You have no global reach"
"My conclusion is that I see this a a very good thing for bitcoin and for users"
"No one would do such a thing; it'd be against their self interests."
"Ooh lala, good job on bashing Bitcoin. How to disrespect a great innovation."
"Realistically I think Bitcoin will replace the dollar in the next 10-15 years."
"Seperation of money and state -> states become obsolete -> world peace."
"Some striking similarities between Bitcoin and God"
"THANK YOU. Better for this child to be strangled in its crib as a true weapon for crypto-anarchists than for it to be wielded by toxic individuals who distort the technology and surrender it to government and corporate powers."
"The Blockchain is more encompassing than the internet and is the next phase in human evolution. To avoid its significance is complete ignorance."
"The bull run should begin any day now."
"The free market doesn't permit fraud and theft."
"The free market will clear away the bad actors."
"The only regulation we need is the blockchain."
"We are not your slaves! We are free bodies who will swallow you and puke you out in disgust. Welcome to liberty land or as that genius called it: Bitcoin."
"We do not need the bankers for Satoshi is our saviour!"
"We have never seen something so perfect"
"We must bring freedom and crypto to the masses, to the common man who does not know how to fight for himself."
"We verified that against the blockchain."
"we will see a Rennaisnce over the next few decades, all thanks to Bitcoin."
"Well, since 2006, there has been a infinite% increase in price, so..."
"What doesn't kill cryptocurrency makes it stronger."
"When Bitcoin awake in normally people (real people) ... you will have this result : No War. No Tax. No QE. No Bank."
"When I see news that the price of bitcoin has tanked (and thus the market, more or less) I actually, for-real, have the gut reaction "oh that’s cool, I’ll be buying cheap this week". I never knew I could be so rational."
"Where is your sense of adventure? Bitcoin is the future. Set aside your fears and leave easier at the doorstep."
"Yes Bitcoin will cause the greatest redistribution of wealth this planet has ever seen. FACT from the future."
"You are the true Bitcoin pioneers and with your help we have imprinted Bitcoin in the Canadian conscience."
"You ever try LSD? Perhaps it would help you break free from the box of state-formed thinking you have limited yourself..."
"Your phone or refrigerator might be on the blockchain one day."
The banks can print money whenever they way, out of thin air, so why can't crypto do the same ???
Central Banks can print money whenever they way, out of thin air, without any consequences or accounting, so why can't crypto do the same ???
It's impossible to hide illegal, unsavory material on the blockchain
It's impossible to hide child pornography on the blockchain
All Bitccoins are the same, 100% identical, one Bitcoin cannot be distinguished from any other Bitcoin.
The price of Bitcoin can only go up because of scarcity / 21 million coin limit. (Bitcoin is open source, anyone can create thir own copy, and there are more than 2,000+ Bitcoin copies / clones out there already).
immune to government regulation
"a world-changing technology"
"a long-term store of value, like gold or silver"
"To Complex to Be Audited."
"Old Auditing rules do not apply to Blockchain."
"Old Auditing rules do not apply to Cryptocurrency."
Bitcoin now at $16,600.00. Those of you in the old school who believe this is a bubble simply have not understood the new mathematics of the Blockchain, or you did not cared enough to try. Bubbles are mathematically impossible in this new paradigm. So are corrections and all else", John McAfee, 7 Dec 2017 @ 5:09 PM,https://mobile.twitter.com/officialmcafee/status/938938539282190337
2013-11-27: ""What is a Citadel?" you might wonder. Well, by the time Bitcoin became worth 1,000 dollar [27-Nov-2013], services began to emerge for the "Bitcoin rich" to protect themselves as well as their wealth. It started with expensive safes, then began to include bodyguards, and today, "earlies" (our term for early adapters), as well as those rich whose wealth survived the "transition" live in isolated gated cities called Citadels, where most work is automated. Most such Citadels are born out of the fortification used to protect places where Bitcoin mining machines are located. The company known as ASICminer to you is known to me as a city where Mr. Friedman rules as a king.", u/Luka_Magnotta, aka time traveler from the future, 31-Aug-2013, https://www.reddit.com/Bitcoin/comments/1lfobc/i_am_a_timetraveler_from_the_future_here_to_beg/
2018-12: Listen up you giggling cunts... who wants some?...you? you want some?...huh? Do ya? Here's the deal you fuckin Nerds - Butts are gonna be at30 grandor more by next Christmas  - If they aren't I will publicly administer an electronic dick sucking to every shill on this site and disappear forever - Until then, no more bans or shadow bans - Do we have a deal? If Butts are over 50 grand me and Lammy get to be mods. Deal? Your ole pal - "Skully"u/10GDeathBoner, 3-Feb-2018 https://www.reddit.com/Buttcoin/comments/7ut1ut/listen_up_you_giggling_cunts_who_wants_someyou/
2018-12: "Bitcoin could be at$40,000by the end of 2018, it really easily could", Mike Novogratz, a former Goldman Sachs Group Inc. partner, ex-hedge fund manager of the Fortress Investment Group and a longstanding advocate of cryptocurrency, 21-Sep-2018, https://www.youtube.com/watch?v=6lC1anDg2KU
2018-12: Bitcoin will end 2018 at the price point of$50,000, Ran Neuner, host of CNBC’s show Cryptotrader and the 28th most influential Blockchain insider according to Richtopia,https://www.bitcoinprice.com/predictions/
I was trading items on cs.money, then I refreshed and suddenly the avatar, balance and name changed. I paniced so I logged out and in again. Everything was normal, but should I worry? The only extensions I had were enhanced steam economy and steam wizard.
BitcoinSoV - Building stability on the backs of 0xBTC and BOMB
Summary: BitcoinSoV is the worlds first Mineable & Deflationary currency*. It is based off of the 0xBitcoin EIP918 standard, and has a 1% token burn on every transaction as introduced to the world by BombToken. Both of these projects are very well respected, and hopefully this project is able to co-exist with them rather than compete. It is of my personal opinion that while these projects were stellar examples of what is possible, BitcoinSoV takes the best of the two and makes something that has long-term mass appeal. The goal of BitcoinSoV is to become a Store of Value by fighting inflation, done through a fair start without a centralized body. Note: There are some concerns that 0xBitcoin is deflationary by nature, so BitcoinSoV is not the first. I am not an economist, so I want to be forthright in the math. BitcoinSoV has a 1% burn that reduces the circulating supply for all transactions, in addition to having a Max Supply that 0xBitcoin has. I believe that this 1% burn is what makes the token deflationary when compared to 0xBitcoin or BTC itself. So while those may be deflationary once they meet their max supply (maybe call it non-flationary), BitcoinSoV is Actively Deflationary by nature of the transactional token burn. Info: Name: BitcoinSoV Symbol: BSOV Website: https://btcsov.com Twitter: https://twitter.com/BSOV_ Telegram: https://t.me/BitcoinSoVCommunity BitcoinTalk: https://bitcointalk.org/index.php?topic=5157386.0 Contract: https://etherscan.io/address/0x26946ada5ecb57f3a1f91605050ce45c482c9eb1#contracts Precision: 8 Algo: Keccak256 (SHA3) Mining Rewards: 50 BSOV per Block Target Block Time: 10-13 Minutes (60 Ethereum Blocks) Current Block Time: 1-2 Minutes. Max Supply: 21,000,000 (theoretical max, it's already lower due to token burn) Reward Halvening: 10,500,000 Tokens Mined Expected Time To Halvening: ~5 years. Expected Time to Max Supply: ~15 Years. Burn Rate: 1% Per Transaction* (See notes below). Mining: The token is a mineable ERC20 token, allowing CPU/GPU/FGPA mining against the smart contract. Mining does require Ether to be spent on gas, as well as the cost of electricity. As of right now, there has been about 20ETH spent in gas on mining this token, resulting in a circulating supply of 950,000 tokens. All mining is done to the 0xBitcoin spec, all mining software for 0xBTC will work for BitcoinSoV. Price and Exchanges: The token is currently really easy to mine and should not be listed at an exchange at this time. When the difficulty increases and tokens become more scarce, applications will be submitted to popular exchanges. There is a great benefit here as the token has no developer fee or pre-mine, allowing it to be listed on the more difficult exchanges that adhere to US and EU compliance laws. The token is currently listed on EtherDelta as a basic means to buy/sell, though it's encouraged to Mine these tokens at such an early stage. Community Driven: This token is a smart contract that has been launched, and barring any significant exploit found in 0xBitcoin, there is no plan to ever migrate away from it. As such, the token is completely operated by the community and has no plans to evolve into its own blockchain or anything else. The community has come together to create videos, promotions, airdrops, bots, and more. If you are already participating, or get involved from reading this post and obtain a significant amount of BSOV, please consider donating to the marketing fund @ 0x88d97b2007e6aa6d728F003A32090C246EDf724E Burn Rate: All transactions have a 1% burn on the entire transaction, without rounding to the nearest whole number, which is where BSOV differentiates from BombToken. As such, you are able to send 0.0000001 BSOV and the precision is maxed out and cannot find 1%, in this case it errs on the side of caution and rounds down to 0, meaning 0.0000001 transactions have no burn. This is a calculated risk and accepted as the gas fee to abuse this would be significantly higher than what it's worth. I.e: You'd burn 15ETH to save 0.01 BSOV. It is also possible to wrap this ERC20 token in a smart contract, allowing only burn to/from the contract, and the wrapped tokens to be traded without a burn. This is also the expected behavior on exchanges, as the movement of tokens on a centralized does not actually leave their network and as such does not burn until a user withdraws. Other Details: Since the token is decentralized and community driven, there is no marketing fund, or any real push to drive up price this early. Everyone is focused on the ecosystem and getting people involved at low cost right now. If you are wondering if this project has the steam to keep going, I encourage you to look at some of the stats. I would suggest taking a look at 0xBitcoin to see how a similar token has thrived, and the performance of their early days. BitcoinSoV is currently outpacing 0xBitcoin's initial start when comparing number of miners, blocks mined, etc. There is a limited supply of tokens to be used for giveaways and other marketing, so please follow the twitter or telegram group to know when and where to get your share. Disclaimer: I am currently mining BitcoinSoV and not affiliated with the creation of the project, just an active community member. I encourage everyone at this point to mine the token if possible, as you will see the greatest rewards that way. I fully anticipate price of this token to increase with time considering it's deflationary design, but no one really knows what will happen and I am not someone you should be taking financial advice from. Please invest either mining or purchasing at your own risk. There may be stuff that I missed here, I am trying to best to be complete. If you have any questions please let me know and I will try my best to answer them. Thanks!
The importance of being mindful of security at all times - nearly everyone is one breach away from total disaster
This is a long one - TL;DR at the end!
If you haven't heard yet: BlankMediaGames, makers of Town of Salem, have been breached which resulted in almost 8 million accounts being leaked. For most people, the first reaction is "lol so what it's just a game, why should I really care?" and that is the wrong way to look at it. I'd like to explain why everyone should always care whenever they are part of a breach. I'd also like to talk about some ways game developers - whether they work solo or on a team - can take easy steps to help protect themselves and their customers/players. First I'd like to state that there is no practical way to achieve 100% solid security to guarantee you'll never be breached or part of a breach. The goal here will be to get as close as possible, or comfortable, so that you can rest easy knowing you can deal with problems when they occur (not if, when).
Why You Should Care About Breaches
The sad reality is most people re-use the same password everywhere. Your email account, your bank account, your steam account, your reddit account, random forums and game websites - you get the idea. If you haven't pieced it together yet the implication is that if anyone gets your one password you use everywhere, it's game over for you - they now own all of your accounts (whether or not they know it yet). Keep in mind that your email account is basically the holy grail of passwords to have. Most websites handle password changes/resets through your email; thus anyone who can login to your email account can get access to pretty much any of your accounts anywhere. Game over, you lose.
But wait, why would anyone want to use my password? I'm nobody!
It doesn't matter, the bad guys sell this information to other bad guys. Bots are used to make as much use of these passwords as possible. If they can get into your bank they might try money transfers. If they get into your Amazon account they might spin up $80,000 worth of servers to mine Bitcoin (or whatever coin is popular at the time). They don't care who you are; it's all automated. By the way, according to this post (which looks believable enough to be real) this is pretty much how they got into the BMG servers initially. They checked for usernames/emails of admins on the BMG website(s) in previous breach dumps (of which there are many) and found at least one that used the same password on other sites - for their admin account! If you want to see how many of your accounts are already breached check out Have I Been Pwned - I recommend registering all of your email addresses as well so you get notified of future breaches. This is how I found out about the Town of Salem breach, myself.
How You Can Protect Yourself
Before I go into all the steps you can (and should) take to protect yourself I should note that security is in a constant tug of war with convenience. What this means is that the more security measures you apply the more inconvenienced you become for many tasks. It's up to you to decide how much is too much either way. First of all I strongly recommend registering your email(s) on https://haveibeenpwned.com/ - this is especially important if your email address is associated to important things like AWS, Steam developer account, bank accounts, social media, etc. You want to know ASAP when an account of yours is compromised so you can take steps to prevent or undo damage. Note that the bad guys have a head start on this!
You probably need to have better password hygiene. If you don't already, you need to make sure every account you have uses a different, unique, secure password. You should change these passwords at least once a year. Depending on how many accounts you have and how good your memory is, this is your first big security vs convenience trade-off battle. That's easily solved, though, by using a password manager. You can find a list of password managers on Wikipedia here or you can search around for some comparison articles. Some notable choices to consider:
1Password - recommend by Troy Hunt, creator of Have I Been Pwned
LastPass - I use this at work and it's generally good
BitWarden - free and open source! I use this at home and in some ways it's better than LastPass
KeePass (and forks) - free, open source, and totally offline; if you don't trust "the cloud" you can trade away some more convenience in exchange for taking full responsibility of your password security (and backups)
Regardless of which one you choose, any of them is 100x better than not using one at all.
The problem with all these passwords is that someone can still use them if they are found in a breach. Your passwords are only as strong as the website you use them on. In the case of the BMG breach mentioned above - all passwords were stored in an ancient format which has been insecure for years. It's likely that every single password in the breach can be reversed/cracked, or already have been. The next step you need to take is to make it harder for someone else to login with your password. This is done using Multi-Factor Authentication (or Two-Factor Authentication). Unfortunately not every website/service supports MFA/2FA, but you should still use it on every single one that does support it. You can check which sites support MFA/2FA here or dig around in account options on any particular site. You should setup MFA/2FA on your email account ASAP! If it's not supported, you need to switch to a provider that does support it. This is more important than your bank account! All of the big email providers support it: GMail, Outlook.com, Yahoo Mail, etc. The type of MFA/2FA you use depends on what is supported by each site/service, but there is a common approach that is compatible on many of them. Most of them involve phone apps because a phone is the most common and convenient "thing you have" that bad guys (or anyone, really) can't access easily. Time-based One-time Password or TOTP is probably the most commonly used method because it's easy to implement and can be used with many different apps. Google Authenticator was the first popular one, but it has some limitations which continue the security vs convenience battle - namely that getting a new phone is a super huge chore (no backup/restore option - you have to disable and setup each site all over again). Many alternatives support cloud backup which is really convenient, though obviously less secure by some measure. Notable choices to consider:
Authy - probably the first big/popular one after Google Authenticator came out (I think) - NOTE: They let you use it on your desktop/browser, too, but this is TOO much convenience! Don't fall for that trap.
LastPass Authenticator - conveniently links up with a LastPass account, some sites support extra features (like not needing to type a code, just answer a phone notification)
Yubikey - A real physical MFA device! Some models are compatible with phones, too.
Duo - this one is more geared towards enterprise, but they have a free option
Some sites/services use their own app, like Blizzard (battle.net) and Steam, and don't allow you to use other ones. You will probably have a few apps on your phone when all your accounts are setup, but it's worth it. You'll definitely want to enable it on your password manager as well if you chose a cloud-based one. Don't forget to save backup codes in an actual secure location! If you lose your backup codes and your auth app/physical key you will be locked out of accounts. It's really not fun recovering in that situation. Most recommendations are to print them and put in a fireproof safe, but using some other secure encrypted storage is fine. There is such a thing as bad MFA/2FA! However, anything is at least better than nothing. A lot of places still use SMS (text messaging) or e-mail for their MFA/2FA implementation. The e-mail one has the most obvious flaw: If someone gets into your email account they have defeated that security measure. The SMS flaws are less obvious and much less likely to affect you, but still a risk: SMS is trivial to intercept (capture data over the air (literally), clone your SIM card data, and some other methods). Still, if you're not a person of interest already, it's still better than nothing.
What Does This Have To Do With GameDev?
Yeah, I do know which subreddit I'm posting in! Here's the section that gets more into things specific to game development (or software development in general).
Secure Your Code
Securing your code actually has multiple meanings here: Securing access to your code, and ensuring your code itself is secure against exploitation. Let's start with access since that's the easier topic to cover! If you're not already using some form of Source Control Management (SCM) you really need to get on board! I'm not going to go in depth on that as it's a whole other topic to itself, but I'll assume you are using Git or Mercurial (hg) already and hosting it on one of these sites (or a similar one):
First, ensure that you have locked down who can access this code already. If you are using private repositories you need to make sure that the only people who have access are the people who need access (i.e. yourself and your team). Second, everyone should have strong passwords and MFA/2FA enabled on their accounts. If 1 person on the team does not follow good security practices it puts your whole project at risk! So make sure everyone on the team is following along. You can also look into tools to do some auditing and even automate it so that if anyone's account becomes less secure over time (say they turned off MFA one day) they would automatically lose their access. Additionally you should never commit secrets (passwords, API keys, tokens, social security numbers, etc) to your code repository. Probably 90% of cases where people have their AWS/Google Cloud/Azure accounts compromised and racking up huge bills for bitcoin mining is due to having their passwords/keys stored in their git repo. They either accidentally made it public or someone got access to the private repo through a compromised account. Never store sensitive information in your code repository! Next topic: Securing your code from vulnerabilities. This one is harder to talk about for game dev as most engines/frameworks are not as susceptible (for lack of a better word) to these situations as others. In a nutshell, you need to keep track of the following:
Is my code doing anything "dangerous"? (system-level stuff, memory access, saving passwords anywhere)
Could someone get the keys to the kingdom (API key, server password, etc) by just opening Cheat Engine and looking at memory values? Or doing a strings/hex edit/decompile/etc on my game executable?
Am I using outdated libraries/framework/engine? Do they have any known security bugs?
Secure Your Computer
I'm not going to go in depth on this one because at this point everyone should have a handle on this; if not there are limitless articles, blogs, and videos about the how/what/why. In summary: Keep everything updated, and don't open suspicious links.
Lock your computer when idle - use a password (or PIN or face unlock or whatever your OS uses) - no one should ever be able to walk up to your computer and use it if you're not looking, nor should they be able to get in if they grabbed your closed laptop off the table at starbucks (thanks u/3tt07kjt for reminding me of this one)
Use full disk encryption (especially on laptops)
Update your OS for security updates ASAP
Use anti-virus (yes, Windows Defender is fine) and keep it updated
Update your web browser ALWAYS (this is your 99% chance attack vector, so don't postpone it!)
Don't install browser extensions that you don't need - a LOT of extensions are either malware from the start or become malware later (my favorite emoji extension started mining bitcoins, FFS!) - check reviews regularly after extensions update
DO use adblock and privacy extensions - ads are a common attack vector - I recommend uBlock Origin and Privacy Badger at a minimum (note that some legit sites can break and so you'll have to fiddle with settings or whitelist)
Don't open suspicious or unknown links on e-mail, social media, discord, etc (be sure to hover over the links in this post before clicking them)
Don't open attachments, ever - unless you were expecting it from that person at that time
Don't fill out ANY forms (comments, login, registration, etc) on websites that don't have HTTPS (secure) connection - your browser will show this in the address bar, usually
In general, be suspicious of everything that comes from people you don't know - and even from people you do know if it was unexpected
E-Mail is (probably) the least secure form of communications ever invented - so try not to use it for sensitive things
Secure Your Website
I will have to add more to this later probably, but again there are tons of good articles, blogs, and videos on these topics. Hopefully the information in this section is enough to get you on the right track - if not feel free to ask for more info. Lots of guides can be found on Digital Ocean's site and they are relevant even if you don't use DO for your servers.
Use HTTPS (SSL/TLS) secure connections - it's FREE and EASY thanks to Let's Encrypt
KEEP EVERYTHING UPDATED - automate as much as you can
If you have control over the server, you MUST update the OS, the web server, and any backend application servers/languages/frameworks involved. Equifax breach was due to having out of date server software. BMG breach was worsened by having out of date server software. YOU MUST STAY UPDATED, ALWAYS
Don't store sensitive personal information - it's a huge pain to be PCI compliant, it's a huge fine if you mess it up - avoid storing any customer information that you don't actually need (see also: GDPR )
Do not allow access to SSH/Remote desktop/Database services from the whole world; the general public should only ever be able to reach ports 80 and 443 on your web server (and 80 should permanently redirect to HTTPS)
Use SSH keys instead of passwords on Linux servers
Don't run your own email server - it's just not worth it; use google apps for business, office 365, zoho, or something else for business email
Secure your domain registrar account! Don't lose your domain to a bad password or lack of MFA/2FA or an old email address! If your registrar doesn't support actual security then transfer to one that does. (namecheap, namesilo, google domains, amazon aws route53, even godaddy, the absolutely worst web company, has good security options)
A lot of this will apply to your game servers as well - really any kind of server you expect to setup.
That's it, for now
I ran out of steam while typing this all up after a couple hours, but I may revisit it later to add more info. Feel free to ask any questions about any of these topics and I'll do my best to answer them all.
TL;DR (y u words so much??)
Use a password manager so you can have different, random, secure passwords on every account on every website/service/game
Use MFA/2FA on every account, if possible
Lock your computer when idle/away
Use full disk encryption on laptops
Update your operating system (we all hate Windows Update, but it really is for our own good)
Use anti-virus (Windows Defender is fine)
Update your browser
Use good adblockeprivacy blocker browsers extensions
Don't use browser extensions that you don't really need (they could be a trojan horse of bitcoin mining later)
Don't trust anything sent by anyone, unless you were expecting it and know it's safe
E-mail is the least secure form of communications in use these days; don't trust it for sensitive things
Use source control for your game code (git, mercurial, etc)
Lock down access to your source code
Don't put secrets (passwords, API keys/tokens, social security numbers, credit card numbers) in your code repository
Don't do dumb things like store your AWS keys in your game for players to just find with simple tools
Check your code dependencies for security bugs, update them when needed
Use HTTPS on your website
Update your web server OS and software
Use secure password storage (don't reinvent this wheel, it's been solved by way smarter people)
Use SSH keys instead of passwords for Linux servers
Use a firewall to block the world from getting in with SSH/Remote desktop/database direct connections
Only allow your own IP address (which can change!) into the server for admin tasks
Don't run your own email server, let someone who knows what they are doing handle that for you
Secure your domain registrar account, keep email address up to date
... in general... in general... in general... I sure wrote those 2 words a lot.
Why Should I Trust This Post?
Hopefully I have provided enough information and good links in this post that you can trust the contents to be accurate (or mostly accurate). There is certainly enough information to do some searches on your own to find out how right or wrong I might be about these things. If you want my appeal to authority answer: I've been working at a major (network/computer) security company for almost 7 years as a software developer, and I've had to put up with pretty much every inconvenience brought on by security. I've also witnessed the aftermath of nearly every type of security failure covered in this post, via customers and the industry at large. None of the links I used are related to my employer or its products. Edit: Fixed some typos and added some more links More edit: added a few more points and links
I just "traded" on cs.money , but after quite a bit of trouble. My offer went through, I accepted it, but when I had to confirm the trade on my phone the name of the cs.money-bot was different and it looked like if I was not getting any items from the bot in return for my item (empty trade). The original trade was declined in the meantime. Is my phone, or even worth, my account hacked, or is this a current Problem with cs.money and / or steam? Please help. Btw, in the end I was able the get the items (bot #58)
[Q] How can i submit a trade on reddit where my offer is money that i have on my acount's wallet?
Sorry for my bad english, but the idea is that im currently building a crowned loadout, and i want to buy the skins tyhat i dont have yet from the market, after i discuss the price with people selling on reddit. How can i do that?
You can now cash-in to Roshpit.ca using Dota 2 items
Hey Guys, A few days ago we released a marketplace on Roshpit, which essentially allows you to bet the market value of your Dota2 inventory on pro matches. We are now a competitor to Dota2lounge and arguably superior. You can read a detailed guide on the blog: http://roshpit.ghost.io/ EDIT We had an issue with the bots today from about 12:00 EST until 6:00EST. We fixed what we think is the issue and everything is back online. Sorry for the loss of service during that time
Click Send trade offer on any of the bots above; Add the keys that you want to sell to the trade offer (Optional) Copy your Bitcoin-address to the message box in the offer Send the trade offer and accept the mobile confirmation; If you completed step #3, the bot will instantly send you the payment and give you the transaction hash Steam Game Trading Trade for tradeable Steam Games with our bots. The most advanced and reliable BTC ⇄ key -bot. I buy CSGO keys for $2.00 and sell them for $9.00 I buy TF2 keys for $1.68 and sell them for $1.81 Total key balance: 2,417/12,000 Total bitcoin balance: $662,785.74 Proof Bitcoin stored by users: $230,183.45 Total value: $251,936.45 Current Bitcoin price: $9,269.73 This data is updated every 5 minutes Last update was 2020-06-25 16:39:33 GMT Our prices range from about 70% to 75% of the Steam market value. We use the same pricing method for Bitcoin cashouts as for the trading. Only difference is that common items have better pricing than more rarer items and all items are priced cheaper by a multiplier to match community prices. The commonness of the item can affect the item's price by zero to a few percent. So trade at your own risk. Cryptocurrency, Bitcoin, Ethereum, DeFi News & Analysis! 01:29:59. HxroLabs. 195 views. Cryptocurrency trading for beginners and OG's alike. We dive into technical analysis and fundamental analysis, covering the latest Bitcoin and Cryptocurrency news and trends. Join us Monday/Wednesday/Friday at 2:00PM EST! Live Charting - Crypto, Commodities, Indices and Stocks. 01 ...
****Erhalte unser kostenloses Video-Bootcamp sowie unser Whitepaper: https://bit.ly/2YsszvJ **** *** Notizen und Ressourcen zeigen*** 1. Tritt unserem Tradin... Bitcoin & Crypto; Videos; Playlists; Community; Channels; About; Home Trending History Get YouTube Premium Get YouTube TV Best of YouTube ... Please note that the bot in the Livestream is set to demonstrate insane trading speed. It was NOT tested in long run, and most likely will result in losses during trending market. It is NOT ... Cryptocurrency can be a high-risk, high-reward game for those willing to deal with the volatility. Can we use AI to help us make predictions about Bitcoin's ... AutoMoon: https://automoon.io Livestream: https://youtu.be/WhNYINgrfh0 Previous video: https://youtu.be/Z8-dlW8w9Y8 AutoMoon is the best fully automated Cryp...