The battle of the scripts - Who won the race?
steemยท@abh12345ยท
0.000 HBDThe battle of the scripts - Who won the race?
Testing out new script to combat wallet theft, and when things don't quite go to plan...........................  ## Last week ## @surfermarly had her wallet funds taken when she accidentally entered her private key into the memo field during a transfer. The culprit is running a script to automatically detect keys entered into this field, and the script likely checks for keys entered in posts and comments. Following this act of meanness, I wrote a post asking if there was a developer out there who could write a faster script, with the intention of returned the funds to their original owner. https://steemit.com/steem/@abh12345/can-someone-beat-sami100-to-the-punch There was a some interest in looking into this from the comments on the post, but I hadn't heard anything more... --------------------------- ## Today ## I received a notification from @ginabot that I had been tagged in a post. I seem to be getting more and more of these notifications, but as long as the content is relevant to me I don't mind. Anyway, the post by @reazuliqbal is here, and I resteemed it earlier. https://steemit.com/busy/@reazuliqbal/introducing-the-noble-bot Basically, @reazuliqbal has working on my request, and has today introduced @noblebot. Great name btw :) I commented on his post and we exchanged messages, the script had been tested but not in a live situation. Seeing as I put the request out, I felt obliged to give it a go...... -------------------------- ## Testing......testing...... ## Step up @steemzapper, an unused alt account of mine that was created with zappl in mind. After discussing the process with @reazuliqbal on discord, I logged in with my posting key using @steemzapper and went to the wallet to transfer 0.001 STEEM with my Active Key in the memo field.  And guess what? It seems the steemit.com interface is detecting keys in memo fields and disabling the 'Next' button. #### Result! #### I'm sure this was in place previously, but no-one confirmed this on my post last week and so I'm still not 100% sure. But anyway, I tested this on Chrome/IE/Firefox and on all 3 browsers, the 'Next' button grays out when a key is spotted. Nice one @steemit # ๐ ---------------------------- # More testing # @reazuliqbal then informed me that his script also checks for keys that are accidentally pasted into posts and comments. Now, you are going to have to be testing or a little bit crazy to want to do this, and steemit.com have your back here too - sort of:  They will tell you that you are doing it all wrong, but the 'OK' button remains enabled, allowing you to still post a key onto the blockchain. #### So what happened when I hit ok? #### I used the @steemzapper account to post the following: https://steemit.com/testing/@steemzapper/good-script-bad-script-who-s-gonna-win And just 6 seconds after my post entered the BC, 0.001 STEEM and 0.001 SBD were moved from my wallet. But where did they go? Did @noblebot take them? Was @sami100 quicker? #### Nope. @ahh was! ####  #### Well we weren't expecting that! #### As we were discussing ways to try and speed up @noblebot, and I'm pretty sure @reazuliqbal is working on this at present, I received a transfer, or 3 transfers....  @ahh seems to have been working on a solution too, and returned my funds with an additional 0.001 SBD to tell me he was faster than @sami100 :) This is pretty cool. We seemingly have at least 2 accounts now that are wearing white hats, and could well be quicker than the bad guys. I'm pretty hopeful that between them, they will do a decent job of preventing lost funds via accidents. On checking @sami100's account, it looks like he's recently taken more STEEM from other accounts. This makes me think that other applications don't have a restriction in the wallet to enter keys into the memo field. Hopefully these new accounts, @noblebot by @reazuliqbal and @ahh, can beat other evil account/s to the punch next time someone makes a mistake. Good luck both, and thank you for your work! ------------------------ Cheers Asher @abh12345 / Witness @steemcommunity
๐ qwix, picsofcosplay, mafi001, killerkuasha, stark4, paradigm42, jubagarang, sohan4745, wolfhart, east.autovote, henryrider, erikaflynn, organicgardener, simplymike, dontstopmenow, randyclemens, dashfit, herfie, riteshstark, howtostartablog, makrotheblack, bitcoinbaba, bhim, biplob12, nova-tv, sayed53, parag, instatrashed, maidisangkot, mela65, dronie, thedrewshow, blogger-funda, meansunlare, patatesyiyen, howtosteem, fresh-meme-dream, sexygirl123, edinsoo, mbadayee, jacintoelbarouki, anam01, phaazer1, solarisastro, ichigos, befaro, animesukidesu, fachod, dynet, coinsity, edyscout81, kataindah, crimo, rashyem, morin89, niouton, mlgcrypto, dotman-art, engmi, hemo, pinkyangel, andi9999, martinezbe, byebyebirdie, mrtech, kaylog, theagriculturist, brightex, cryptkeeper17, privateinvestor, ayay, mattclarke, mrday, vjg, olusolaemmanuel, maverickinvictus, zcool, nomadicsoul, tfq86, connecteconomy, crokkon, beautifuldata, ilovepoorpeople, greenrun, steemitri, mercadosaway, zahabu, choogirl, steemitph, friendsofgondor, chineyes, mammasitta, amariespeaks, fabiyamada, theuxyeti, terminallyill, unleashpower, steemmeupscotty, skycae, crimsonclad, onnovocks, discordiant, wisewoof, lpessin, blevley, steemitdude, xervantes, bruja, raphma, buggedout, rmz, esdival, osm0sis, revisesociology, funkit, costanza, cryptokeepr, steembasicincome, sull.kureen, veejay, dandesign86, alexzicky, eastmael, asbonclz, followyourjoy, make-a-whale, lynncoyle1, malloryblythe, danielsaori, progressivechef, maarnio, anmeitheal, stackin, jasonbu, rosemarynoble, anomadsoul, paulag, beat-the-bookies, girolamomarotta, karencarrens, kam.ila, halcyondaze, glenalbrethsen, marxrab, carloniere, fullabeans, yantisteem, condorwaran, steemcanvas, reazuliqbal, mhossain, linco, mistermercury, mys, lordjames, eroche, sambillingham, paulthebeloved, ange.nkuru, bashadow, aneukpineung78, nonameslefttouse, rickyislam, gillianpearce, tobixen, tarazkp, edb, cecicastor, seanlloyd, fachrurrazi, phoenixwren, espoem, geekgirl, yabapmatt, getonthetrain, smasssh, v4vapid, blazing, cryptocurator, neoconqueso, curatorcat, techtek, wwf, jeffjagoe, teamsteem,