|
I would love for an outside, specialised service to begin offering this.
|
|
|
|
You can now see the number of active assets available using the API, that is the number of a security that is being traded on the market and not just left in the issuers account(or the total amount issued) https://glbse.com/api/quantity_trading/ASSET_ID |
|
|
|
|
I work in finance...I run GLBSE :p
|
|
|
|
oh this is serious...where is Nef?
Nef is here, nef never sleeps, ever watching. Anyway it's not a serious issue, this was cached by cloudflare when GLBSE was brought down. I've turned off cloudflares "always on" feature as this is what was responsible for doing this, I don't think we'll be using this in the future. Also I believe I think I've isolated the cause of the issue that I brought GLBSE down to secure. Nefario. |
|
|
|
glbse down!
Yes I brought it down, two bitcoin accounts have gone negative by a fairly small amount. I consider this to be quite serious so I'm investigating as to the cause and then a patch, I think that this is probably an edge case. Nefario. |
|
|
|
|
I personally don't invest in any assets on GLBSE or outside GLBSE apart from GLBSE itself (this has been my only investment in terms of time and money).
GLBSE as a whole does not invest in anything except GLBSE.
I and GLBSE are not invested in any way with BS&T or any of it's pass through bonds,shares whatever.
Is your BTC that is held in GLBSE safe?
Whatever the BTC balance is of your account is what we have in cold storage (of course, this number is the sum of all BTC account balances on GLBSE).
If there is a "run", i.e. if EVERYONE on GLBSE wished to withdraw all their BTC at the same time there would be a delay of one or two hours, as large withdrawal requests are checked and funds dropped into the hot wallet to fund these. Every bitcent and satoishi would be returned.
Regarding the effect of a complete default of BS&T, I believe it would have a negative knockon effect on the entire bitcoin economy in the same way the sub-prime mortgages fiasco effected stock markets around the world.
There would be something of a recession on GLBSE, and I think as a result trade volume would probably reduce(which means that GLBSE's revenue would also reduce).
The upside to all this is that uncompetitive businesses (that are involved) would probably close and capital would begin to be more effectively allocated to the productive parts of the bitcoin economy.
It would mean that there would be more funds available for new ideas and technologies instead of being wasted or tied up in an unproductive area of the economy.
I love markets, and they will previal.
|
|
|
|
|
My own personal stance on MJ and drugs in general is that , though I myself don't use them, I see no reason why I should stop anyone else from doing so.
From a professional stance I need to consider GLBSE's users and asset issuers, I believe that such assets would bring unwelcome attention to GLBSE from various government agencies around the world and would in all probability result in myself being imprisoned (whether I would stay there or not I don't know), the GLBSE.com domain being seized as well as our servers (although we've got backups, it's going to be hard for me to do anything with them from prison).
Allowing such assets to list on GLBSE in it's current state would be an unacceptable risk for GLBSE, all it's users and it's operators, and as a result is not something that I could approve.
As others have mentioned in this thread earlier, an investment group that is very careful could serve this purpose.
The only exchange that would be able to handle such an asset without getting shutdown is one thats running on a darknet (such as Tor/I2P).
Nefario
|
|
|
|
|
For some reason the two most recent assets did not IPO as they were supposed to.
I'm investigating the possible reasons for this.
I've manually launched both and will be watching the next IPO when it happens to ensure all goes well.
Nefario.
|
|
|
|
|
You cannot withdraw using the API.
|
|
|
|
|
Also regarding hashing and salting passwords, the only secure method is to use BCrypt with a sufficient number of rounds.
MD5, SHA256 (or whatever) hashed hundreds of times simply isn't enough(all these hashing also's were meant to be fast), it also depends on what code you are using for this.
Is it a tried and tested library you're using or did you write your own crypto code?
If it's not BCrypt and a well used library you're using then it's certainly not secure, the latest crypto-methods are not the best, the ones that are tried and tested are(think AES, RSA, and in this case BCrypt).
|
|
|
|
We have a lot of users and I guess since your users have a GPUMAX account with the "same" password it must have been us that leaked them. If users are using the same password on GLBSE and GPUMAX, you can be pretty sure they're using the same password for other sites as well. Our users information is hashed and salted using the latest cryptography methods available. I can assure you, we didn't leak anything. On a side note, considering you know who runs GPUMAX, you could have easily sent me PM before spreading more FUD in the market. Edit: Our whois lists support@gpumax.com which shows nothing from you or anything related to security. -pirate Message-ID: < 4FC78BDE.7080708@gmail.com> Date: Thu, 31 May 2012 16:18:54 +0100 From: Doctor Nefario < doctor.nefario@gmail.com> User-Agent: Mozilla/5.0 (X11; Linux i686; rv:8.0) Gecko/20111124 Thunderbird/8.0 MIME-Version: 1.0 To: support@gpumax.comSubject: your site may have been compromised X-Enigmail-Version: 1.3.4 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit There is a high chance that gpumax.com, or the database with users passwords have been compromised. A GLBSE use has had their account logged into and cleared out, they were using the same login details they use for GPUMax. Thought you should know. Nefario I was not aware GPUMax was run by you, I've had no interest use or need of the service and still don't, I'm only reporting the information I have available. |
|
|
|
|
In the last 24 hours there have been two GLBSE accounts (that I know of) that have been cleared out.
The common theme between them is that both users had GPUMax accounts, with passwords that were either the same (as the GLBSE accounts password) or similar.
I emailed the GPUMax website yesterday (the email in their whois records as there isn't anything on the site) to inform them of this.
Since I've not seen any notice regarding GPUMax I feel that it is my responsibility to bring this to public attention.
If you have a GPUMax account it is highly likely that it's password has somehow been compromised.
If you use the same or a similar password elsewhere (GLBSE, MtGox, Email whatever) please change them now.
If you are a GLBSE user I would encourage you to use two-factor authentication, there have already been over 3 accounts which have been protected by this.
Nefario.
|
|
|
|
Our apologies, but we had to bring the site down for a bit while we investigate a potential problem. It will be back up as soon as possible. Please bear with us as we check things out.
It's been down for a while now ... How much longer ? It's been back up for hours now. |
|
|
|
Twitter status account and mailing list is a great idea, I'll get to work adding them. There is a desktop Google Auth application http://code.google.com/p/gauth4win/downloads/detail?name=gauth4win.rarAlthough I don't know how secure this app is(I've not checked it out). Guys please ensure that you are not using the same password on different websites, this is the primary cause of accounts getting compromised. Again, sorry for the downtime but it's better safe than sorry. Nefario Just a question but what happens when I lose my phone(or flash a new rom?). Is their a easy way to reset the authentication ? If you lose it no, no easy way. Best thing to do is write down the code. |
|
|
|
Twitter status account and mailing list is a great idea, I'll get to work adding them. There is a desktop Google Auth application http://code.google.com/p/gauth4win/downloads/detail?name=gauth4win.rarAlthough I don't know how secure this app is(I've not checked it out). Guys please ensure that you are not using the same password on different websites, this is the primary cause of accounts getting compromised. Again, sorry for the downtime but it's better safe than sorry. Nefario |
|
|
|
There has been no suggestion at all that glbse will "lock" you out of your account. That is simply FUD and not how Nefario operates.
This is not the first time Nefario has locked someone out of their account :/ No one has been locked out of their account. |
|
|
|
hopefully it will be a smooth transition, don't want to lose any shares moving to a new platform in the process
We will not be able to pay dividends until Hermes is up and running, so the dividends will be paid once all shares have been transfered. //DeaDTerra Why not? This functionality has not been disabled. |
|
|
|
|
Show Posts
