Gollum snapshot filtered down to 8380 names [+ Security Recommendation]
View this post on Hive: Gollum snapshot filtered down to 8380 names [+ Security Recommendation]
Neither Steem, Steemit or Steemit INC can be trusted. Research the #SteemHostileTakeover , and come join everyone else on #Hive .
The stuff is open source, you are welcome to audit the code. Although yeah, that is still a great suggestion.
This is true - however saying "its open source" can also give a false sense of security in itself..
We have no way to tell that whatever appears in browser at gollumcoin.com is actually running that same open source code, or that it hasn't already been hijacked by a third party seeing an opportunity for example..
This is something I would do even if I had complete trust in the gollum team not to do anything malicious on purpose :)
Thanks for this, I won't be imputing my key on anything. I just don't feel safe doing it.
That is you right! Though the client will open-sourced, reviewed by Steemit and verifiable. If you still don't trust this (probably you are right with this), you can change you Steem keys and safely import the old ones in Golos web client
oy! My head hurts just thinking about this. I'm perfectly happy to stay here and let the others sort out their Gollum-whatevers. I think my concern may be current content on Steemit getting plagiarized,but being in a totally different language, how would we know?
Exactly, i expect a whole lot of english users using google translate to try and milk this opportunity for all they can get.. Itll repeat the earliest phases of steemit, i wonder who will be the first to do a makeup tutorial :P
Haha! It won't be me doing that makeup tutorial! I'm totally wash & wear. LOL
But did you see the initiative that @papa-pepper and @stellabelle have begun? They're "releasing" some of their posts for anyone who wants to translate into their mother language and allowing them to keep the earnings as long as the original post is cited. I've made a list of some of my evergreen posts and may just jump on that bandwagon. :)
Aha me too, I just dont get time for makeup these days with the kids ;)
Yes I did, its a great idea for an initiative - I'm thinking about doing the same but I'm not sure what posts of mine if any would be worth the effort.. You've got heaps of good stuff though, best of luck with it!
Heads up, streemian just reopened
I thinkso watch your vote strength if you had follows setup on there still. (Yup, its up see your comment votes :P)AAAIIEEEEE!!! Thanks for the heads up. I've been busy curating on my own but I'm tossed. I can't get past 80% vote power because I can't stop clicking the damned upvote button and now I'm probably down to 30% again.
Appreciate the heads up @ausbitbank !
Another great post! And thanks for the advice on key security. I'm going to heed your warning.
So have they already taken the snapshot for those keys or is that on a certain date? When does gollum go live?
Thanks bud, if I'm understanding correctly then yes they grabbed keys as they stood at Thu, 29 Sep 2016 12:00:00 GMT and launch happens Oct 15th
Great, I can begin the process now of changing all my keys. I wonder how English content will be treated there on zero day.
I wonder how welcome English on witnesses will be. Seems like a second chance for some of us that missed the launch of steemit.
Yeah I'm really curious how that's going to work out. It seemed to me from neds comments on steemspeak a while back that this "license" they organised came with rules about keeping it russian only and not competing - but I somehow doubt that will happen..
One thing that just occurred to me as well - the launch happens within 30 days of the snapshot. So even if you changed your keys, you would have to give them a valid account recovery password and it would be up to your trustee not to screw you over..
price nice
I am a bit confused on this process and will contact you in chat! @ausbitbank
Another potential risk I hadn't considered until now - even if you change your active keys on steemit , gollum just happens to be launching within a 30 day account recovery period from the snapshot - so passwords used within the last 30 days could still have some value..
I haven't really been following the Gollum launch much, (why worry about Gollum when I'm happy here on Sméagol) but is there a time limit for claiming the free Gollum points? If so, what would you advise as a good strategy for changing your password and keys with respect to the 30 day account recovery period? ie. change them now, then wait 31 days to claim the free Gollum points.
If it really is a clone of steemit then GP = SP and there shouldn't be a time limit on withdrawing those. It'll take 2 years minimum to get it out ..
Good thinking 99 - Change now, and waiting 31 days could work, but this was just an idea for a potential risk - after re-reading @someguy123's account recovery post I'm not sure if it will be a problem.
But if you're not in any rush then it would be nice to know you've ruled out the possibility completely..
Maybe I'm just too paranoid :P
i dont really get what could be the issue using the same key for golos site. if it has https for me its good enough
You don't see any problem with handing full control of your steemit wallet to a stranger ? I wish I was as trusting as you are :)
HTTPS only makes a difference if people are trying to sniff the passwords in transit, which wasn't a threat here anyway since signing happens in the browser..
i am sorry that's what i dont get. i am in control of my account in golos. i am not providing any private key to anybody?! When the russian site goes live, i will simply login in the same way like i do in steemit. unless there is something else i dont know about
You dont need to provide your private key if you're giving them your steemit login instead. They are effectively the same thing.
Analogy time - you randomly won a competition ! To claim your prize simply login to this site that looks like your bank, with your bank details. Trust us it'll be fine.
hm are they going to ask us steemit login details?! the only thing they need is the address lol. what login details?
Yes they'll ask for your steemit login details. Your steemit and gollum login details are the same, handled by the same keys. This is the point of my post ;)