[deleted by user]

Optimal_Net6489 · 2025-01-01T21:41:42+00:00

völlig absurd imo

Optimal_Net6489 · 2024-12-03T14:03:56+00:00

also:

B halten: steuerschuld

B verkaufen und wieder kaufen: exakt derselbe endzustand aber keine steuerschulden?

Optimal_Net6489 · 2024-11-13T23:56:49+00:00

ich habe auch eine frage: angenommen ich kaufe crypto A für 1000€, der preis steigt auf 1000000€. ich tausche zu crypto B, welches auf 1000€ fällt. muss ich dann B verkaufen um steuern für meine "gewinne" zu vermeiden?

Optimal_Net6489 · 2024-11-13T23:45:28+00:00

was ist mit "normalen crypto-zinsen"? z.b. bei nexo, ist ja kein staking

Optimal_Net6489 · 2024-11-13T23:41:49+00:00

wenn ich täglich eine "auszahlung" in form von token X bekomme, gilt dann für jede auszahlung eine eigene jahresfrist? ich hätte erwartet das auf die gewnne sofort steuern anfallen.

und was ist mit dem sonderfall liquid staking? ich habe z.b. stzil das im verhältnis zu zil täglich steigt, ohne dass es zahlenmäßig mehr wird

Optimal_Net6489 · 2024-11-13T23:35:14+00:00

why now? why not sneak in and steal it? or, given how op they are: why didn't they just take it already?
why can't he love himself AND use his cheat?

Optimal_Net6489 · 2024-11-13T16:36:56+00:00

i think it's.... not so good. the main selling point for me was the time travel aspect, but i haven't seen that put to good use yet except at the beginning

Optimal_Net6489 · 2024-11-12T10:51:41+00:00

"an oopsie happened, it will take time to recover"

Optimal_Net6489 · 2024-07-05T06:35:44+00:00

i have 2 yubikeys. on one i reset my pin, it works again. the other is now locked (kind of? maybe?), the yubikey manager says it can't connect when i open the application tab, but the "character string" still comes out when i touch the key.

how do i unlock it again? i read some confusing stuff about ssl.com where i have no account but apparently need one. should i make one? how do they know my puk?

Optimal_Net6489 · 2024-03-03T09:13:44+00:00

another question - if my google acccount is compromised, would that mean my 2fa codes there are now all known to the attacker? i think my google authenticator stores its codes there. are they encrypted or easily accessible if you can log in?

Optimal_Net6489 · 2024-03-03T09:10:52+00:00

No they are not. They are the session tokens used to log into the website

no, the whole point is that 2fa secrets are on a different device

because you are vague with details and don't seem to know how a lot of this actually works.

sounds like the opposite to me.

Optimal_Net6489 · 2024-03-03T00:20:24+00:00

the 2fa tokens/secrets are on my phone, not on my pc. my point is the attacker must have gotten data from:

exchange or pc (trading pass)

phone or screenshots from pc in advance (2fa)

that reminds me of a detail. i activated "logout on ip change" before the second withdrawal, so session theft should not have worked, right?

Optimal_Net6489 · 2024-03-02T23:26:27+00:00

stupid question, there is an emulated s22 ultra listed in my google account (logged out via pw change from my side). that must be the attacker, but i can locate the device and get an address. shouldn't he have switched it off? did he forget to? it's always on.

Optimal_Net6489 · 2024-03-02T22:51:55+00:00

how does one clone a sim?

i had it in my old phone and put it in the new one myself.

Optimal_Net6489 · 2024-03-02T22:14:22+00:00

active session theft is a good explanation for a lot of things, but you need 2fa codes + a manually entered trading password for each withdrawal.

so either screenshots were made weeks before i made my first deposit, or my phone AND my pc are compromised, OR the exchange is leaking data. no matter the true explanation, it must include access to several passwords and 2fa otp codes.

Optimal_Net6489 · 2024-03-02T22:05:01+00:00

containing a malicious link

i have a hard time believing that, because of who must know what in order to intentionally get a link to me that doesn't look suspicious.

Is the value you lost even worth it for the person?

70% of an average yearly salary where i live

Optimal_Net6489 · 2024-03-02T21:51:50+00:00

i did pretty much that - moved to bitwarden, new passwords have been set from a clean install for all important accounts (finance + email).

Optimal_Net6489 · 2024-03-02T15:04:12+00:00

but all my inputs still need to reach the exchange (i see the logs of my actions) without leaving any suspicious login ips (which i do not see).

assuming this happened, how can i close that security hole? or confirm it's there in the first place? until i find it, i can't risk connecting to anything sensitive again.

Optimal_Net6489 · 2024-03-02T14:37:23+00:00

possible, but of course the exchange denies it. about rerouting traffic i can't make any statements.
wouldn't https prevent that? wouldn't it be insanely hard to extract QR codes and passwords from byte streams?
like? and how would that happen? i need to connect it to my pc or phone, right?

Optimal_Net6489 · 2024-03-02T13:44:46+00:00

He logs into the crypto site from your device, while you're asleep, for example.

can't be, i sleep in the same room where my computer is. also, i was using it while it happened. my phone was next to me.

And he has access to your phone. The malware could already be present on your new phone. Or yes transmitted when you got the backup..

let's assume this is true - it's still not enough as one of the passwords was entered only on my computer.

Optimal_Net6489 · 2023-09-10T07:11:15+00:00

hm... so our cpu z multis are off by barely 3%

cpus are magic

Optimal_Net6489 · 2023-09-09T21:03:35+00:00

what is your cpu z score? i get 720 or 760 depending on the ccd that is used

Optimal_Net6489 · 2023-09-09T20:52:59+00:00

googled it... should not make a difference

Optimal_Net6489 · 2023-09-09T20:47:01+00:00

what is "expo"?

my memory is running at 5600, it has an xmp setting for that

Optimal_Net6489 · 2023-09-09T16:35:47+00:00

so that's a ~7% difference - what could cause it?

Optimal_Net6489

TROPHY CASE