this fiasco is a damn shame. it sure seems like dwolla is pulling something seriously shady, but what exactly? how could there possibly have been $100,000 in chargebacks all around the same time? are they just trying to straight up steal TH's deposits?
Actually I believe the chargebacks are real. Criminals found a weakness in DWOLLLA'S account verification system that allowed them to link a (possibly fake) name and address to a real and unrelated REAL bank account. This is in my opinion a Dwolla security problem, not a Tradehill security problem. At that point the criminals simply moved stolen Dwolla money into Tradehill, bought BTC, moved them to another exchange and sold em. Later the real owners of the bank account saw the charges and disputed them. Of course the above is my opinion but I am pretty sure it is spot on. |
|
|
|
Again, wallets don't get tainted, transaction inputs do. When you send coins, the protocol allows you to specify precisely how many coins and from which inputs. The client generally handles this automatically, but it really should not be hard to implement a feature in which you isolate certain inputs (i.e. ones the user feels are tainted) and either don't use those coins at all or only use those coins (to return to sender, the original owner, or wherever.) Fine grained control over your own money. The end of Bitcoin according to some.  What you are saying is possible, but since it is not reality for the program that exists on 99% of the users computers..... The wallet would be tainted just as I said. The user would not know when the tainted coins would go out in a payment. Sure, they could manually go into the wallet.dat and delete the tainted key, but the average user is simply not going to do that. |
|
|
|
From that page, bolding added by me: " Most all merchants are well aware of the problem, which is why we’ve always had something in our terms of service about chargebacks since Day One. Notably, there are certain types of businesses and marketplaces that are continued targets for illegal activity and, just like we work hard to protect and improve our community, a similar expectation should be assumed on behalf of merchants participating in high-risk industries. If any merchant continues to be a source of systemic fraud and we cannot come to an agreement, we will always take the appropriate actions." -------------------------- I do not have copies of the TOS, but I did read it and do not remember anything about chargebacks, and do remember them saying that there were no chargebacks. Posting something like the above, that may be proven to be untrue in the courtroom looks like a bad start on Dwolla's part. Does anyone have the OLD TOS from Dwolla? |
|
|
|
|
It would not be hard for a thief to taint a huge number of wallets by sending small amounts (random) of tainted coins to addresses that are public. Even if they sent just .01 BTC to every address in this forum it would make tracking tainted coins very difficult because you would have a huge number of false positives and innocent people with these coins.
Alternatively they could order products on the web using BTC sent to the physical addresses of known bitcoin users. Basically the data "taint trackers" would be using could contain only invalid data. I do see the point in trying to catch obviously bad moves by the thiefs but I find it unlikely that the effort will pay off.
|
|
|
|
|
Pay with a credit card (even through paypal) and you can get your money back if nothing ships. There are rules. Lots of em but...
You need to file a dispute with paypal, even if it is unsuccessful. If you do not do a PROPER paypal dispute, they will lock your account when you do the one through your credit card company. Once the paypal outcome is set, and if you loose, you are allowed to do a credit card dispute. If you are not doing fraud yourself you SHOULD be able to keep your paypal account and get your money back. In this case, a seller that never shipped you should be able to get through this process.
|
|
|
|
|
Crypto X change has the ability to withdraw directly to a bank account, I think it is $5. That is not a bad fee for this, but Dwolla seems to have it beat. For amounts under $300, it seems like it still costs less to use bitinstant to move the money to gox as USD and then use Dwolla. I have sold coins for more then I could at gox, then did the above to get the usd to my bank.
I do think that Crypto x change should add in Dwolla, the more options the better. I can use crypto x change without Dwolla, but it would encourage me to use it more.
|
|
|
|
|
If the hack can be proven to have come from the inside, it is possible that Linode could be sued and loose massive damages even though their TOS says otherwise. If the hack was from the outside with no inside help there is very little chance that Linode would loose.
|
|
|
|
Wanna buy my used coleman cook stove? Similar to:  |
|
|
|
|
I find it ironic that people waiting three months for a BFL single who prepaid (I guess that is everyone) could have sunk the money in traditional mining gear and returned most of the money by now. I know that for people with high electricity costs this may not be true, but for others with average power pricing this probably has not been the best solultion.
I may buy a BFL product, if they start delivering within days instead of months and if BTC maintains profitability like it is now.
|
|
|
|
I think he may be trying to "set JeffK straight" as they say...
Yes, I have issues with people that I've never seen contribute meaningfully to something trying to tear apart people that I know have contributed to that thing. In this case, Bitcoin being the thing and Slush (as someone with major contributions to it) being 'attacked' and being, in essence, called a liar. I tend to jump to the defense of what I believe in at those points. Therefore I posted the link to the other major breach that was only tangentially mentioned and linked to in this thread as additional proof, seeing if he'd decide to call Zhou (as well as Slush) a liar by continuing his current stand. Thralen It's also terribly unfair to attack one of the longest standing most reputable providers without any real statement on their part, and it's doubly unfair to demand they pay back what was allegedly "lost" on the service, since they aren't required by law or their TOS to hold backups of your data for you. Backups are not really the issue here. Not saying that the host did anything wrong.... but the problem is not the lack of backups.... It is one backup too many. |
|
|
|
I would not trust any shared host (VM or not) that has access to your data for a wallet over $1000. The only way to do this is with encrypted disks that are setup or encrypted by the customer with no host access of any kind.
Unfortunately this is very hard to achieve in real world. For example, I cannot use any housing here in Prague because of stupidly poor connectivity to abroad. Then it really don't matter if the provider is VPS or not, because technically there must be somebody who have physical access to the server instead of me. I'm hosting the pool in France - it's standalone server, but there is still software KVM (because *I* need to reach the server anytime) and there are probably tens of sysadmins with physical access to server. So it happen today in Linode, but it can happen everywhere else tomorrow. So choosing server provider for services where you don't have thousands of dollars monthly to protect your own server room is like playing russian roulette. I do agree that it is hard to find options in some areas. In Baltimore we have a few 'rack space' rental places that will allow you to drop in a server that you have physically set up and nobody has access to online. Sure, they could get to it physically but that kind of attack is quite different if disks are encrypted. (and yes, I know it is POSSIBLE to break into those as well but you do need to take the machine offline to do it) |
|
|
|
People have been stealing MONEY since they were first created. Has that stopped people using it?
FTFY |
|
|
|
Boycott unless they fix it.
How will you be sure they "fixed it" unless they disclose the full vulnerability? So, as you can never be sure, I say "boycott unless they greatly compensate Slush for the loss" - "I'm sorry" just doesn't cut it. Bitcoin raises web hosting to a new level. Yes, there are juicy non-bitcoin targets out there such as credit cards and personal data. But there is nothing like bitcoin for a hacker thief. Once you steal them, you can wait to use them, something that does not work as well with credit cards. You can mix them, something you can not do with credit cards. You can even lay down false tracks by sending them to peoples public addresses. Now you have 'data' that is pretty much worth a years (or more) salary for a typical sysadmin. An employee of a webhost can take it and if they know what they are doing, they can be much 'safer' then stealing credit card information. Right now the only crime is unauthorized access and data theft, not all of the other crimes that go along with credit card fraud that could involve massive jail time. I am not saying if caught they would not go to jail, but laws have not caught up to bitcoin. I would not trust any shared host (VM or not) that has access to your data for a wallet over $1000. The only way to do this is with encrypted disks that are setup or encrypted by the customer with no host access of any kind. No 'control panel" based hosting. |
|
|
|
|
I have installed a few of these myself now on reference 5870's and not had that problem. You possibly had a wire hung up under the fan mounting or not in the channel right.
|
|
|
|
|
I would take it at 45 btc you ship first. USA here.
|
|
|
|
They are both popular and expensive products. They make good bait.
Yes. Also very simple. Sell item at 80% or less of the average ebay selling price. People will beat your door down. |
|
|
|
Do you need the heatsink with the sempron? I have a 145 that I would be willing to sell, but I don't really want to ship the HS with it.
Yes, you need a heatsink. If you underclock/undervolt it and have plenty of wind in the case you might not need a fan, but I still recommend it. |
|
|
|
Hehehe Hohoho Hahaha Kekeke -- Anyhow, may I ask out of curiosity, what is so funny?  I'm willing to bet it's the fact you are trying to sell an iphone. About, I don't know, 100% of the iphone deals proposed here ended up being scams... I sold one and it was not a scam, but you are right. MOST, maybe even 80% of the attempted sales have been scams. |
|
|
|
|
Show Posts
