Vulnerability in Wi-Fi protocol affects many competitors
Quebex Fintech Inc. Oct 17, 2017
ZDNet is reporting--the internet and media will quickly follow--that a recently disclosed vulnerability in Wi-Fi puts nearly every device using the technology at risk.
This comes only months after reports of the BlueBorne flaws affecting nearly every device with Bluetooth enabled.
There is a list of available and upcoming patches for devices over at ZDNet that might be worth a look.
Notably, if you're using an iPhone or other Apple product, you're probably a couple weeks away from having a patch, but theoretically not at significant risk if you've got the latest updates.
Users with the latest Android phones using the 6.0 Marshmallow update, however, seem to be at the greatest risk.
In the simplest terms, the vulnerability makes it possible for someone near your Wi-Fi network to inspect your connections and potentially snoop on passwords (so that they can later log in as you and, perhaps, withdraw all your crypto currencies).
Typically, websites rely on SSL to protect your password (that's the basic requirement for the green Secure/Lock icon). Though this is certainly better than not using SSL, it isn't "good enough" for a site like Quebex.
That's why we don't rely on SSL.
When you log in to Quebex, your browser sends your username to our server, our server gives your browser two strings that look like this: ERkjrnerbERBerljkngerberljbn42t2, and then your browser uses your password and the random characters to send us something that only makes sense for the single login attempt.
In short, if someone watches you log in, even thought they see what you send to our server, there's a better chance of them winning the lottery on their first play than managing to log in as you with what they see.
That's not to say you're completely protected. If an attacker manages to grab hold of your session information and pretends to be you, coming from the same internet connection, they'll be able to access your account as if you had logged in and walked away from your computer.
While they wont be able to withdraw your BTC, they will be able to--if it's a feature enabled on your account--post ads for $1/BTC. Quebex would of course see who buys at a large discount, so the ability for a hacker to profit by doing this is limited.
We ask users to be vigilant when accessing the Quebex platform, especially if using Wi-Fi on a new Android device with bluetooth enabled. A laptop or desktop computer with a wired connection and up-to-date security patches goes a long way to avoiding both of the vulnerabilities mentioned.
Users with balances and concerns over the potential impact of the vulnerabilities can ask for their account to be restricted from trading, or withdraw their balance to a disconnected location they control such as a Trezor.
This comes only months after reports of the BlueBorne flaws affecting nearly every device with Bluetooth enabled.
There is a list of available and upcoming patches for devices over at ZDNet that might be worth a look.
Notably, if you're using an iPhone or other Apple product, you're probably a couple weeks away from having a patch, but theoretically not at significant risk if you've got the latest updates.
Users with the latest Android phones using the 6.0 Marshmallow update, however, seem to be at the greatest risk.
In the simplest terms, the vulnerability makes it possible for someone near your Wi-Fi network to inspect your connections and potentially snoop on passwords (so that they can later log in as you and, perhaps, withdraw all your crypto currencies).
Typically, websites rely on SSL to protect your password (that's the basic requirement for the green Secure/Lock icon). Though this is certainly better than not using SSL, it isn't "good enough" for a site like Quebex.
That's why we don't rely on SSL.
When you log in to Quebex, your browser sends your username to our server, our server gives your browser two strings that look like this: ERkjrnerbERBerljkngerberljbn42t2, and then your browser uses your password and the random characters to send us something that only makes sense for the single login attempt.
In short, if someone watches you log in, even thought they see what you send to our server, there's a better chance of them winning the lottery on their first play than managing to log in as you with what they see.
That's not to say you're completely protected. If an attacker manages to grab hold of your session information and pretends to be you, coming from the same internet connection, they'll be able to access your account as if you had logged in and walked away from your computer.
While they wont be able to withdraw your BTC, they will be able to--if it's a feature enabled on your account--post ads for $1/BTC. Quebex would of course see who buys at a large discount, so the ability for a hacker to profit by doing this is limited.
We ask users to be vigilant when accessing the Quebex platform, especially if using Wi-Fi on a new Android device with bluetooth enabled. A laptop or desktop computer with a wired connection and up-to-date security patches goes a long way to avoiding both of the vulnerabilities mentioned.
Users with balances and concerns over the potential impact of the vulnerabilities can ask for their account to be restricted from trading, or withdraw their balance to a disconnected location they control such as a Trezor.
Canadians With Funds in Quadriga CX unable to withdraw
Jan 31, 2019
Canadians who had funds in QuadrigaCX have been having problems withdrawing Canadian dollars for months as a cursory review of reddit threads will show, but as of January 30th, 2019, customers are unable to access their Bitcoin, Litecoin, Ethereum, and Read More...
Bitcoin futures debut in US market
Dec 11, 2017
Bitcoin is up another 10% on Monday following the launch of the first regulated Bitcoin futures late on Sunday.
One BTC is currently trading at $21,080.29 CAD, on average, as of 12pm, ET, per CoinDesk, having hit a Read More...
One BTC is currently trading at $21,080.29 CAD, on average, as of 12pm, ET, per CoinDesk, having hit a Read More...
Quebex Backs the Winning Fighter
Oct 03, 2017
Quebex, being both a Canadian and Quebecois exchange, has a great fondness for Canadian and French-Canadian talent.
As such, Quebex was pleased to sponsor Mazlum Akdeniz in his debut fight at Montreal Casino.
Though his opponent danced around the Read More...
As such, Quebex was pleased to sponsor Mazlum Akdeniz in his debut fight at Montreal Casino.
Though his opponent danced around the Read More...
Quebex Response to User Activated Hard Fork
Jul 28, 2017
As you may have already heard in the news, there is likely to be a User Activate Hard Fork (UAHF) on August 1st.
Bitcoin will continue to exist. A new cryptocurrency will emerge called Bitcoin Cash (BCC), and the general Read More...
Bitcoin will continue to exist. A new cryptocurrency will emerge called Bitcoin Cash (BCC), and the general Read More...
Battle of Bitcoin: SegWit2x versus BIP 148
Jul 14, 2017
Bitcoin remains bearish amidst growing concerns amongst developers and investors alike over the fast approaching August 1st scheduled implementation of SegWit2x, the contentious new protocol intended to solve bitcoin’s scalability problem.
Although most bitcoin miners support the move to Read More...
Although most bitcoin miners support the move to Read More...