Noted... go turn yourself in. Or give the money back it is 'tainted'. btw: I like your avatar, it is unique.
|
|
|
to clarify: in my previous post, I just pasted in a statement, which appeared on bitcoinica.blogspot.com yesterday afternoon. It was the first sort-of official statement. We didnt get any verification if it was really official. The user "myself" re-posted it on this thread, I saved a copy locally, which I reposted here.
--Ichthyo
Maybe I'm just "fishing" here, but who is "we" in the following? We didnt get any verification if it was really official. ~Bruno~ You know, 'WE' as in 'US'.
|
|
|
It was in this thread but appears to have been removed.
Well that doesn't bode well. Well the Admins should still see it and those in the community that keep the forum downloaded.
|
|
|
Why can't they just "disable" stolen bitcoins....
I thought this was already possible with escrow? If a transaction doesn't go to plan, just don't unlock the coins.... The hole principle of escrow is that no one loses anything. If a deal doesn't go as plan, the person gets his BTC back. If you are suggesting that the escrow agent hold 'tainted' BTC and not give them back, it would be a very bad idea. Not to mention as soon as this is done once or twice, no one would use that person as an escrow. A 'good' escrow agent wouldn't even be concerned about the BTC or Fiat Currency. He would just facilitate a trade in confidence. This line of thinking on how to get coins back is getting me concerned. You will essential become thieves to get money back from thieves and destroy the concept of bitcoin. My thoughts were based on this old thread: https://bitcointalk.org/index.php?topic=750.0In one type of escrow, if the "buyer" (bitcoinica) gets scammed, they could use some special multi-signature feature of Bitcoin to basically burn the coins (hence my quasi-deflation remark). This would prevent the seller (the thief in this case) from spending them. The buyer would not be able to get them back. ah... MAD (Mutually Assured Destruction). Not a bad idea, but there will be asshats doing it for fun and/or destruction of competition. Rather than buy out a competing service that is taking market share, it might be better to lock up his funds until he goes out of business. The MAD principle could work though if both parties are of equal stature. It worked with US and Russia, not so sure it would work with Russia and Tongo if you see my point.
|
|
|
I assume you meant to quote me. Well, start 'disabling' coins if you can. BTC is a fiat currency. Its sole value is what people believe they are worth. If they can be 'disabled', they are pretty worthless. Imagine going to a store and handing a dollar to a clerk who tells you: "Sorry your dollar has been disabled." Do you have another? Oh, that one is disabled too.
But meh... go ahead and disable them. Oh, damn wait, I can't short at Bitcoinica.
yes, it was for you. I believe more people would be willing to get into if you were to tell them that hackers and thiefs don't bother with bitcoin because if you "steal" them they become worthless . This mindset has value and I would be more willing to put more money into bitcoins knowing that its worthless for a hackers to even bother with bitcoin ? just my 2 cents. Ok, I'll respect your position. Although I completely disagree with it. So you would put more money into BTC if 'Someone?' could disable them if they are 'stolen'. Who determines if they are to be disabled? What are the standards to determine if they are stolen? It would become one big cluster @#*$ really soon with false claims of coins being stolen. And then people not trusting the people that can 'disable' the coins. I understand your fear. Fear the fear tho...
|
|
|
Why can't they just "disable" stolen bitcoins. I mean we are in the 21st century we should use the digital aspect of this to our advantage yes? this would also raise the value of bitcoins if we can say "stolen proof" also And who decides what coins should be disabled? And who makes sure that those people in charge aren't corrupted or influenced? And how do they enforce it, and how could others be prevented from exploiting it? how would they go to zero?? There has never been a currency that can claim being "stolen proof" that would only raise the value of using bitcoin not make it zero. More reason to get in = more value.. I assume you meant to quote me. Well, start 'disabling' coins if you can. BTC is a fiat currency. Its sole value is what people believe they are worth. If they can be 'disabled', they are pretty worthless. Imagine going to a store and handing a dollar to a clerk who tells you: "Sorry your dollar has been disabled." Do you have another? Oh, that one is disabled too. But meh... go ahead and disable them. Oh, damn wait, I can't short at Bitcoinica.
|
|
|
Why can't they just "disable" stolen bitcoins. I mean we are in the 21st century we should use the digital aspect of this to our advantage yes? this would also raise the value of bitcoins if we can say "stolen proof" also I thought this was already possible with escrow? If a transaction doesn't go to plan, just don't unlock the coins. An analogy: thieves may steal your vault of coins and put it inside their vault, but they can never access it because the vault is unbreakable and you have the key. There's the small question of quasi-deflation if the technique gets too popular, and a question of execution. The hole principle of escrow is that no one loses anything. If a deal doesn't go as plan, the person gets his BTC back. If you are suggesting that the escrow agent hold 'tainted' BTC and not give them back, it would be a very bad idea. Not to mention as soon as this is done once or twice, no one would use that person as an escrow. A 'good' escrow agent wouldn't even be concerned about the BTC or Fiat Currency. He would just facilitate a trade in confidence. This line of thinking on how to get coins back is getting me concerned. You will essential become thieves to get money back from thieves and destroy the concept of bitcoin.
|
|
|
Why can't they just "disable" stolen bitcoins. I mean we are in the 21st century we should use the digital aspect of this to our advantage yes? this would also raise the value of bitcoins if we can say "stolen proof" also Are you serious? The value would go to Zero. Heck, the negative Bitcoins would be spent.
|
|
|
The important thing is who is liable for the customer deposits. It is Bitcoin. The original owners are liable for their 'own' bitcoins. If they chose to give that responsibility to someone else, it is on them. If we start holding 'others' responsible for the control of our money, lets just stick with the FED, Banks, CU's. They have a system already in place and there is no need to re-invent the wheel. Everyone likes pointing fingers but quite often forget to look in the mirror. The key word in the above quote is 'customer'. If the business wants to keep them, they'll come up with a solution to make them happy and relatively soon. But the 'customers' knew what Bitcoinica was when they put money into them, so it is their liability. Did anyone ever lose a wallet with everything in it? Who are you the most mad at? Be honest. Yourself.
|
|
|
Now that's far more interesting than the binary message (: The faucet has also already started sending out payments out of that chunk of coin. See how interesting the argument gets. The faucet has knowingly received 'supposedly' stolen coins and passed them on to others. Isn't there a name for that? This is why the whole idea of 'tainted' coins is a bad idea. You can't enforce the unenforceable and trying will do more harm then good. Lets put the focus where it belongs. How did they get stolen? And try to prevent that from happening again. If a bridge collapses, the engineers don't do an analysis of where the pieces fell. They do an analysis of how the bridge collapsed.
|
|
|
Well if implemented, it would be to easy to bork the system. By the nature of the system, they are forever marked but with time become but a residue. Just like 90% of Dollars have drug residue on them. You are all suspects now if you have a dollar.
What makes the idea of tainting even worse, is the ability to 'frame' others for something. i.e. 18,000 coins were supposedly stolen, the 'thief' could send 2,000 of them to a reputable person's address. The recipient will claim innocence but who is going to believe that the 'thief' just gave the coins to him? We're talking 10K about now.
You are wrong. If someone gets 2000 sent to them out of the blue, they can and should send them back. [chinrub] Not sure if serious ...... [/chinrub] I'm pretty sure if you get coins that are not yours, and you know who they belong to you must give them back or get the scammers tag. I have seen it done here on the forum. Not my rules... If everything is on par, yes. But, I could send BTC to an address that is known to belong to someone on the forum; however, they no longer have the private key to that wallet. It was destroyed. Now, do we take his word that it was destroyed? Or do we insist he still has access? and give him the scammer tag. The only way to be sure is to watch the address forever.
|
|
|
Well if implemented, it would be to easy to bork the system. By the nature of the system, they are forever marked but with time become but a residue. Just like 90% of Dollars have drug residue on them. You are all suspects now if you have a dollar.
What makes the idea of tainting even worse, is the ability to 'frame' others for something. i.e. 18,000 coins were supposedly stolen, the 'thief' could send 2,000 of them to a reputable person's address. The recipient will claim innocence but who is going to believe that the 'thief' just gave the coins to him? We're talking 10K about now.
You are wrong. If someone gets 2000 sent to them out of the blue, they can and should send them back. You make some assumptions there. They might not even know they received them (i.e. cold wallet) for months. Then you shouldn't just hand back the coins because someone says they are theirs. You should turn them over to an authority and let the claimant prove they are theirs. (i.e. just like finding a bag of cash on the street) Turn them in, if unclaimed, they are yours. It is a little more complicated than 'just send them back'. And many more possible scenarios. Declare that you have them, yes, but not publicly. But be honest, most people handed 2K coins will turn off their computer and wait and plan. BTW: The faucet has received 'tainted' coins.
|
|
|
I wonder if those New Zealand police can crack the case.
LOL, I see what you did there.
|
|
|
They could just as well send .5 BTC to all address in sigs :/ Give a Satoshi to every address in the chain.
|
|
|
If I'd stolen coins and was worried about exchanges not accepting them, I send bitdust to as many addresses as I could an exchange refusing them would have trouble keeping the rule implemented without pissing off innocent civilians.
Oh, at first sight I was tempted to take this approach for a cure of my worries about bitcoin's anonymity. Imagine exchanges would not refuse tainted coins right out but "untaint" them by sending the tainted fraction to a well known unspendable address (aka destroy the stolen coins). A future recipient would well notice the tainted coins but also the untainting and accept the input for full bitcoins again. Imagine gox doing this. Who would want tainted coins? All others would follow and refuse to take tainted coins aka untaint them and demand compensation for the tainted fraction of the payment. I could imagine such a system for the good of bitcoin as the scheme "move your coins -> claim to got hacked -> profit" would get eliminated and bitcoin would be ultimately more secure but I have a problem to decide who should judge which coins are tainted and which not. Imagine somebody selling bitcoin and only getting 70% of the promised [dirty something]. He could claim he got hacked to piss off his business partner who would not go to a court for [dirty something]. In a case as yesterday, I see no problem to count bitcoins as stolen and therefore nonexistent/invalid. But what if the raid is discovered only 3 months later and many people already accepted them? What if gox is forced into blacklisting coins from Iran? Etc ... I love these thought experiments but I would prefer it were easier to say once and for all coins will never be tainted. Else mining would be the only way to get clean coins for sure. Mining where I get the created coins ... from blocks without fees Well if implemented, it would be to easy to bork the system. By the nature of the system, they are forever marked but with time become but a residue. Just like 90% of Dollars have drug residue on them. You are all suspects now if you have a dollar. What makes the idea of tainting even worse, is the ability to 'frame' others for something. i.e. 18,000 coins were supposedly stolen, the 'thief' could send 2,000 of them to a reputable person's address. The recipient will claim innocence but who is going to believe that the 'thief' just gave the coins to him? We're talking 10K about now. So, while they are not anonymous technically, they are anonymous as far as proving anything. And if there are more than 1 'thief' if one gets caught the other can move the coins taking suspicion away from the one that was caught. All the 'what ifs' put it back into the anonymous realm, unlike getting caught with DB Cooper's loot.
|
|
|
found something strange while following the stolen coins. Sent from the thief to many small accounts and one large one. http://blockchain.info/address/1EMLwAwseowTkDtKnEHRKrwQvzi4HShxSX1.01100101 BTC e 101 2.01111 BTC 15 3.0111 BTC 4.01100101 BTC 5.01100011 BTC 6.011101 BTC 7.001 BTC 116.4569963 BTC 8.01101101 BTC 9.01100001 BTC 10.01110011 BTC 11.01110011 BTC 12.001 BTC 13.011011 BTC 14.01100101 BTC 15.01100001 BTC 16.01101011 BTC 17.001 BTC 18.01110011 BTC 19.01101111 BTC 20.01101111 BTC 21.0110111 BTC Why would they split it up like that? are they trying to hide it by making it whole bunch of small transfers? LOL, binary...
|
|
|
You can do it with software. It is merely a chain of TX's. One wonders how quickly wallet theft would disappear, if the other major exchanges started rejecting well known, stolen coins. That is one very big slippery slope.
|
|
|
Two things I noticed: 1) This transaction was almost certainly made with the Satoshi client. 2) That also means that the client was shut down as soon as the first transaction was confirmed. Otherwise, the other transactions would have been included.
Based on the timings, I suspect that the attacker may be from the US. Additionally, they either have a full-time job, or are a student.
And precisely how did you determine the client used? Is the Satoshi client more easily identifiable through its transactions over other clients?
|
|
|
The Bitcoin Consultancy is certainly having a bad couple of weeks. Couldn't have happened at a worse time for them.
Looking forward to the full report.
Well in fairness to them, I don't believe they were immediately made aware of the issue which is an issue in itself.
|
|
|
Where do we send withdrawl requests?
/dev/null The Bit Bucket might be more apropos in this situation.
|
|
|
|