Thanks Roy. It was a while back I wrote this, and, to their credit pretty much everything I raised they’ve addressed — even making their POS site HTTPS (having originally given a pretty lame excuse as to why it wasn’t…). I also made a YouTube video (now hidden) which pointed out some concerns with lack of email verification and 2FA — which they answered on their Facebook page. As far as I remember they’d had some SMTP issues with sending out the email verifications (again, an easy fix), and I think some issues around 2FA — which they said will come once the coin is launched. It needs to be really.
Right now, my biggest concerns are:
- That on 00:01 on 1st November the site will buckle under the load of everyone trying to transfer their balances to paper wallets. They had load issues at the end of the 30% bonus window — so hopefully that served as a warning.
- That 2FA doesn’t happen. If it doesn’t, there was no minimum criteria set on passwords either, which will spell trouble if its not been fixed. The fact this was ever an issue is a security red flag.
- That the iOS app still doesn’t have App Store approval.
- That the various mining apps (macOS, Linux and Windows) will have numerous bugs. The level of QA on the sites to date doesn’t give me much confidence this will be the case.
And these concerns are all part of an overarching concern that I’m not sure how much faith this has given me in their team’s ability to manage a blockchain app securely. Sure, they’ve all got decent web credentials — but that’s a way off what’s required here.
That said — I do believe they are trying to do things the right way. And I also think that if I dug into the telegraph group more and looked for details on these points I’d find more info. I’ve not looked at telegraph at all, but I believe their channel has over 8000 users, so assuming that’s a more mature userbase than FB/Twitter, which just seems to be full of people posting promotional codes, there have got to be a number of people smarter than me raising these questions. My worry would be that their are some bad, smart eggs who already know how they will exploit this.
Anyway Roy, your comments will hopefully galvanise me into writing a follow up article, after I’ve researched the points above in more detail — so thanks.
Assuming you can get onto the site at 00:01 on 1st November to transfer what should be a modest investment into a paper wallet— and no more than you can stomach losing — I think its still worth a punt.
What they have got is a lot of traction — in recent days Harry Redknapp has been a caveat for that, which Richard Ells has recognised. That does make me chuckle though. If you follow English football at all, you’ll know that Harry’s financial acumen at both a professional and personal level is considered to be pretty poor. To parapharse a line from Blackadder, I’d no sooner trust him for financial advice than I’d trust my John Thomas in the hands of a lunatic with a pair of scissors.