From 5dbde7a84873e14f74c0b2ed78f235fad5d2839a Mon Sep 17 00:00:00 2001 From: "myarbrough@oreilly.com" Date: Wed, 5 Nov 2014 09:01:23 -0800 Subject: [PATCH] Made changes to ch04.asciidoc --- ch04.asciidoc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ch04.asciidoc b/ch04.asciidoc index 70f586fd..2abbaa83 100644 --- a/ch04.asciidoc +++ b/ch04.asciidoc @@ -956,8 +956,9 @@ Vanity addresses can be used to enhance _and_ to defeat security measures; they Eugenia could advertise a randomly generated address (e.g., 1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy) to which people can send their donations. Or, she could generate a vanity address that starts with 1Kids, to make it more distinctive. -In both cases, one of the risks of using a single fixed address (rather than a separate dynamic address per donor) is that a thief might be able to infiltrate your website and replace it with his own address, thereby diverting donations to himself. If you have advertised your donation address in a number of different places, your users may visually inspect the address before making a payment to ensure it is the same one they saw on your website, on your email, and on your flyer. In the case of a random address like 1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy, the average user will perhaps inspect the first few characters "1J7mdg" and be satisfied that the address matches. Using a vanity address generator, someone with the intent to steal by substituting a similar-looking address can quickly generate addresses that match the first few characters, as shown in Table 4-13. +In both cases, one of the risks of using a single fixed address (rather than a separate dynamic address per donor) is that a thief might be able to infiltrate your website and replace it with his own address, thereby diverting donations to himself. If you have advertised your donation address in a number of different places, your users may visually inspect the address before making a payment to ensure it is the same one they saw on your website, on your email, and on your flyer. In the case of a random address like 1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy, the average user will perhaps inspect the first few characters "1J7mdg" and be satisfied that the address matches. Using a vanity address generator, someone with the intent to steal by substituting a similar-looking address can quickly generate addresses that match the first few characters, as shown in <>. +[[table_4-13]] .Generating vanity addresses to match a random address |======= | Original Random Address | 1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy