SteemIt.com is to be hacked? Security advisory.
Hi there, steemers. As we all know security matters. Much.
As we can see steemit.com has been the fastest growing community lately. People of different countries, nations, languages and opinions join us every minute. I personally encountered two different serious errors on the website steemit.com today.
What does this say? That website steemit.com is not ready for this count of users.
My opinion it is not ready for hackers or spamers too. What if someone makes robots with a parser (on python or etc). Facebook accounts can be bought online. This is not a problem. So robots upvote each other, post random content and earn steems.
It is easy for a programmer. DDOS-ing steemit.com is even easier now. These are only two simple examples of intrusion that will influence comminuty. But I am sure there are more possibilites. Everybody remembers the DAO and what happened to it.
So what can we do?
First of all we can be more careful, and secure your personal steem.
How to do it is written here:
How to make a very secure owner key for cold storage: Your Steem account is worth money! How to secure it with a new owner key to keep it yours forever
How to use or make a secure enough posting key and switch to using it to log in: How to login with your posting key (and why this is important)
Next advise is: do not give your passwords to anyone.
Check the SSL sertificate for steemit.com (press green lock to the left of address now) and always check it to be like now BEFORE typing you password.
Moving on. I think in the community there are many security specialists and we can ask them to try to hijack the steemit.com for good.
How to do it is written here: STEEM Bug Bounty Program - How to reports bugs and new ideas
Also other services like Telegram provide a decent payment for those who can hack into their system for good. Maybe and here everyone should chip in 1 steem for a good case as a payout?
And if you notice something suspicious you should tell other users so we can notice it. If you're not being heard here, fell free to join Telegram communities (links are at the end of this article). All questions get answers there.
Don't forget to check my newer post where I reveal fraud schemes in SteemIt.
What do you think? Post in comments.