Apparently, Zhou Tong, wich had access to the server "temp" folder holding the session data, didn't knew how to invalidate a php session also. Are you trying to tell me that Rackspace still had root access to that server? Pretty slick, actually... Or are you trying to say that the Virtual Machine is not suited to host such a website? Even more slick. One way or the other, their fault, and I don't mean Rackspace  No, what I am saying is that the admin console/portal is hosted by rackspace themselves, not bitcoinica. It is the page that allows them to provision new hardware, file support tickets, creeate backups, etc. Bitcoinica has no access to those servers for obvious reasons (other RS customers use the same portal). blah blah blah... Stop kissing Zhou tongs ass, dude. Now tell me: How much money do you have hostage in Bitcoinica at this exact moment? Jesus Christ, I am not responsible for how badly Rackspace fails at server administration, I'm just telling you how the fucking setup WORKS. If you can't comprehend how it works, you have no right to be placing blame. Now obviously, using cloud services in this manner was not a good idea, and there should have been some actual dedicated hardware in use, in a locked cage, "blah blah blah", but it's too late for that now. It seems you are the one not to understand how things work. Not even going to argue this with you. It's really not worth it lol I still want Zhou Tong to tell me how much did he pay Rackspace for a FULLY managed server... For people who understand 1 word is more than enough. You're not such a person, rjk... |
|
|
|
Apparently, Zhou Tong, wich had access to the server "temp" folder holding the session data, didn't knew how to invalidate a php session also. Are you trying to tell me that Rackspace still had root access to that server? Pretty slick, actually... Or are you trying to say that the Virtual Machine is not suited to host such a website? Even more slick. One way or the other, their fault, and I don't mean Rackspace No, what I am saying is that the admin console/portal is hosted by rackspace themselves, not bitcoinica. It is the page that allows them to provision new hardware, file support tickets, creeate backups, etc. Bitcoinica has no access to those servers for obvious reasons (other RS customers use the same portal). blah blah blah... Stop kissing Zhou Tongs ass, dude. First it was php sessions, now you're telling me that Zhou Tong couldn't send a halt command to his instance? GTFO Now tell me: How much money do you have hostage in Bitcoinica at this exact moment? |
|
|
|
The terrible thing is, Rackspace refused to I didn't log the hacker out. They I (still) don't know how to do it.
Fixed that shit for you. Was that a managed server? How much did you pay monthly/yearly to Rackspace for managing the server for you? Um psy, do you know how a cloud works? Virtual machines. Suspend it, and it stops responding - same as physical hardware being put into sleep mode. Even though this was done, the cracker had access to the RS admin console, which is something that they have hosted on their own infrastructure. Apparently they don't know how to invalidate a php session, and so the cracker was able to spin up a new VM instance and load a backup and away goes Mabel with all the data. Apparently, Zhou Tong, which had access to the server "temp" folder holding the session data, didn't knew how to invalidate a php session also. Are you trying to tell me that Rackspace still had root access to that server? Pretty slick, actually... Or are you trying to say that the Virtual Machine is not suited to host such a website? Even more slick. One way or the other, their fault, and by their I don't mean Rackspace |
|
|
|
The terrible thing is, Rackspace refused to I didn't log the hacker out. They I (still) don't know how to do it.
Fixed that shit for you. Was that a managed server? How much did you pay monthly/yearly to Rackspace for managing the server for you? |
|
|
|
The claim form looks simple enough to me. It doesn't require you to send anything in. It gives you the option to if you want. If you are missing 1 BTC only, shut up.
If that was to me: Go fuck yourself. I'm not missing 1 BTC. I don't gamble my money. I gave, as in passed the ownership of, 1 BTC to someone else to introduce him to Bitcoin. He decided to try Bitcoinica on his own will. Now if he wants his BTC back he has to follow a flawed claim process... One more person who will probably just write off Bitcoin as valid because of a Bitcoinica fuck up. I will even give him one more BTC if he wishes me to do so. Bitcoinica can keep the 1 BTC. They sure need it more than me or him anyway. |
|
|
|
You are wrong. If they asked for the password and then hashed it and compared to the one in the database, the hacker would have NO WAY in replicating this. That's what hashing is for. The whole security of the claim page, as realnowhereman pointed out, relies on the email address, which is very bad.
+1 . You would think they would have learned this already, given the fact that this is exactly how they got their server broken in into the first place (by somebody breaking into their email server ....). How about using the hashed password to verify account ownership, PERIOD? That way they wouldn't have an excuse to ask for scans of ID's to the persons who didn't send one previously. This whole matter stinks... I gave 1 BTC to a friend and he went along and played with it a little at Bitcoinica. Now he'll have to fill that ridiculous claim from and send them scans to get his BTC back? Great introduction to Bitcoin he had, no doubt. |
|
|
|
dont jump on EUR back yet USD is going UP mostly because there is no other liquid fiat available
 |
|
|
|
I tried to log in and found my account doesn't exist anymore. What gives?
You sure you used the right address? The address where you deposited, not the payout address. |
|
|
|
Saint Kitts & Nevis Anguilla 1 1 684 Bytes
Tom Williams? lol |
|
|
|
 Sorry, couldn't help it. It's really fitting lol |
|
|
|
I will lend it to you, no interest needed.
If you take on my offer, just PM me your paypal email.
Only thing you'll need to pay is the $15 + the fees to send it as a gift, which should be no more than $0.30, I think.
Had to 1up me huh? Haha glad he found a better deal. Good luck! ehehe, sorry. Not really doing this to earn money. And it's only $15, after all. Xenland, already sent it. Totaled $15.15 with the fee. Confirm when you get it, please. |
|
|
|
|
I will lend it to you, no interest needed.
If you take on my offer, just PM me your paypal email.
Only thing you'll need to pay is the $15 + the fees to send it as a gift, which should be no more than $0.30, I think.
|
|
|
|
If he tries hard enough he can even get a 4000% bonus on a 10BTC deposit  |
|
|
|
|
Taken care off already.
Thank you.
|
|
|
|
|
Anyone willing to sell me 300 BTC for a SEPA Transfer?
|
|
|
|
|
Are you only selling trough paypal?
Any chance for a SEPA transfer?
I want to buy 300 BTC
|
|
|
|
Lol, how is this not a pyramid scheme again?
It's explained in the OP. You are not getting paid any money from people that join under you. You only get paid from mining profits. The referrals only increase the bonus you get on your initial investment, which will be used to purchase FPGA's. |
|
|
|
Can someone post a working Windows binary link please?
Check link in first Post. But be careful, it's easy to select the "downloader app". One of the few things I totally HATE with a burning passion is when they put a huge "DOWNLOAD" button on a page where I am trying to download something and it turns out to be an ad. There ought to be a law... WTF dude... You still fall for that one? ehehehehehe |
|
|
|
|
Show Posts
