rpc cookie authentication

I am getting a message when I start bitcoind :

Config options rpcuser and rpcpassword will soon be deprecated. Locally-run instances may remove rpcuser to use cookie-based auth, or may be replaced with rpcauth. Please see share/rpcuser for rpcauth auth generation

What is cookie based auth and how can I use it ?

Thanks

Bitcoin investment vehicles

I’ve heard of at least 2 financial products which enable people to take positions on bitcoin in the stock market. Here’s a Reuter’s article on one. Can anyone explain what the purpose of these investment vehicles is? Why would someone want to pay a financial institution ~2%/year to hold their bitcoin for them? Not to mention the counterparty risk…

“By listing the ETI on the Gibraltar Stock Exchange, which is an EU-regulated market, we are able to bring a high level of transparency and liquidity to investors”, said Revoltura CEO Ransu Salovaara.

Transparency? How is an opaque financial product – which may or may not be backed by actual bitcoin – going to provide more transparency than trades on a public blockchain?

Is this simply a money grab to exploit the people who don’t have a clue or am I missing something?

Bitcoin system with payins and payouts using bip32

I want to build an automated system, that can accept payments from users in bitcoin and can make payouts to addresses, specified by users, as well.

BIP32 says, that the best way to accept payments is to use HD wallets. But what about payouts? How can I make payouts using funds from account’s external chain addresses with received funds and not introduce security leaks?

Attaching additional data / text message to a Bitcoin transaction?

I’m building an single page web app, where I need to send the users inputted string (email address) along with their bitcoin payment. Say for example I have a single page web app that issues gift certificate barcodes and accept Bitcoin or altcoins. The problem I’m having is that if the user pays to my static bitcoin address, how do I know where to send the barcode information to? I need some form of contact, in my case it’s an email address that the user inputs on to the page. What ways can the user send me their email address?

Some problems I ran into was the static bitcoin address. If multiple people paid to the same bitcoin address, I won’t know who to send the barcode to. But if I have 100 pre-generated addresses. And one of them was chosen at random then combined with the email address. It would less likely have a collision of someone paying at the same time to the same btc address.

Now the issues is getting that email+btc address to me to verify the transaction has been completed.

One of the other solutions I came up with was requiring another altcoin that had messaging ability built in. The only 2 I know of is Florincoin and NXT where you can include a message with each transaction. The only issue with this is that it requires the app owner to hold florincoin or nxt (i don’t believe you can attach a message in ethereum?). Using shapeshift to convert BTC to one of these coins works, but you cannot attach a message during this shapeshift swap. If shapeshift enabled the ability to also attach a message during their conversion this would technically solve the issue by getting the email address to the app owner.

What are some other solutions that might not require a centralized server to collect this data? Centralized server solutions are okay too if you have a solution.

How to denouce a scam exchange?

I was scammed by an exchange called BitNake. It is referenced in the Bitcoin Wiki as a fast and secure exchange seeded in Germany. I could not find any negative comments on the web and decided to try it. I paid the minimum amount but never got any Bitcoin deposited in my wallet. Repeated e-mails to the support address went unanswered.

As it turns out, the BitNake website seems to have been created just last month and is actually installed in California. I guess I am one of the first to fall for this.

The question then is: how do I tell the world this website is a scam? So that others do not fall for it too.

Update I: here is the scam report at CoinTalk.

Update II: BitNake had been previously reported as a scam. However the search engine I use, DuckDuckGo, seems to be blind to BitcoinTalk. Another interesting aspect in this story is PayPal actively protecting the scammer.