I have a new browser security method. Inside this link you'll have access to a virtual browser environment. In this environment you will have the ability to control and access a plain text private bitcoin key worth 20$. There is only a single key, first one to take it ends the challenge for all.
-> Demo Signup: https://app.redactsure.com -> Bitcoin Checker: https://redactsure.com/bitcoinchallenge
Note: - No mobile, keyboard required - Requires you to verify an email - Any bug is eligible for a prize if it's something I haven't seen before, just tell me.
Some people were asking about implementation I'll provide a few details. - A server hosted browser - I manipulate what you are seeing on the webpage in real time - While I don't change the underlying webpage I do manipulate your actions to the webpage - A transformer model runs in real time along side you (tries to find all sensitive words you see)
Overall the system's goals are to allow you to perform work without ever seeing the data. It's in a early prototype stage and I expect a large numbers of edge cases just from the nature of the problem. The bitcoin is a proxy to the real goal which is protecting real PII in remote work settings.
It would be nice if you tell me the bug. I would like to post how you broke it.
I have a new browser security method. Inside this link you'll have access to a virtual browser environment. In this environment you will have the ability to control and access a plain text private bitcoin key worth 20$. There is only a single key, first one to take it ends the challenge for all.
Note:
- No mobile, keyboard required
- Requires you to verify an email
- Any bug is eligible for a prize if it's something I haven't seen before, just tell me.
Some people were asking about implementation I'll provide a few details.
- A server hosted browser
- I manipulate what you are seeing on the webpage in real time
- While I don't change the underlying webpage I do manipulate your actions to the webpage
- A transformer model runs in real time along side you (tries to find all sensitive words you see)
Overall the system's goals are to allow you to perform work without ever seeing the data. It's in a early prototype stage and I expect a large numbers of edge cases just from the nature of the problem. The bitcoin is a proxy to the real goal which is protecting real PII in remote work settings.
It would be nice if you tell me the bug. I would like to post how you broke it.
Wufoo.com -> Demo -> Form Settings -> Pasting the key in the description caused the preview to show the key.
This was sort of finicky to do, I'm not sure how reproducible it is? I also had the BTC key shoved in a bunch of other fields, some of which became partially visible.
got it. went to the html form example, pasted into the text box and then tried uploading a file. "Access to local files ..." text on the top of the page moved the whole page down, exposing the key.
I have a new browser security method. Inside this link you'll have access to a virtual browser environment. In this environment you will have the ability to control and access a plain text private bitcoin key worth 20$. There is only a single key, first one to take it ends the challenge for all.
Limitations: - 15mins per session (why? GPU per session, limited spots)
- US only is preferred (why? latency, I am streaming video to you)
- No mobile, keyboard required
- Requires you to verify an email
Some people were asking about implementation I'll provide a few details.
- A server hosted browser
- I manipulate what you are seeing on the webpage in real time
- While I don't change the underlying webpage I do manipulate your actions to the webpage
- A full transformer model runs in real time along side you (tries to find all sensitive words you see)
Overall the systems goals are to allow you to perform work without ever seeing the data. It's in a early prototype stage and I expect a large numbers of edge cases just from the nature of the problem. The bitcoin is a proxy to the real goal which is protecting real PII in remote work settings.
Other notes:
- It would be nice if you tell me the bug. I would like to post how you broke it.
- I'll post updates as well as info on bugs sessions here: https://x.com/CharlesCurt2
Launch Electrum, create a new wallet, "Import Bitcoin addresses or private keys", paste in the recovered key.
If you just paste the raw key, Electrum uses a legacy format, and none of the transactions show up for that private key. Adding the "p2wpkh:" prefix to the key makes the transactions show up, but I realized that well after someone else claimed it.
I don't know if this is an Electrum thing, if this is considered general knowledge now for those who regularly use BTC, or if it's a quirk of how BTC has evolved.
Pasted the private key into the email address field on the Wufoo signup page, and the validator helpfully told me my "email" was invalid, with the whole key included.
Nice! Thanks again. You're definitely making me fix all my laziness for sure. I honestly hopped that bug would only expose the tail ends but the select and drag is definitely not something I've tried before.
Note: - No mobile, keyboard required - Requires you to verify an email - Any bug is eligible for a prize if it's something I haven't seen before, just tell me.
Some people were asking about implementation I'll provide a few details. - A server hosted browser - I manipulate what you are seeing on the webpage in real time - While I don't change the underlying webpage I do manipulate your actions to the webpage - A transformer model runs in real time along side you (tries to find all sensitive words you see)
Overall the system's goals are to allow you to perform work without ever seeing the data. It's in a early prototype stage and I expect a large numbers of edge cases just from the nature of the problem. The bitcoin is a proxy to the real goal which is protecting real PII in remote work settings.
It would be nice if you tell me the bug. I would like to post how you broke it.