Bitcoin Forum
November 10, 2024, 05:37:29 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Other / Beginners & Help / stories changing... again on: June 26, 2011, 10:02:59 AM
In reply to this thread http://forum.bitcoin.org/index.php?topic=20535.0;all
Quote
Re: Mt.Gox and void trades: Force Majeure
June 21, 2011, 10:36:38 am
    #29
Let me quote a part of our generic terms of service about Force Majeure:

Quote
Tibanne Co. Ltd., agents, partners, ICANN, the central registry nor any person involved in the registration will be liable to the customer or any third party for any direct or indirect loss of profits, earnings or business opportunities, damages, expense, or costs resulting directly or indirectly from any failure to perform any obligation or provide service herunder because of any Force Majeure, or governmental acts or directives, strikes, riot or civil commotion, war, hacking, any natural desaster, equipment or facilities shortages which are beeing experienced by providers of telecommunication services generally, or other similar force or condition beyond Tibanne Co. Ltd.‘s reasonable control.
And another one:

Quote
For all services of Tibanne Co. Ltd. liability will be limited to intention and gross negligence.

We had no intention of getting this to happen, and we have followed every industry standard to make this secure. Despite this it happened. We have learnt new things (especially that lots of people want Bitcoin to disappear).

This seemed a bit weird to me - what kind of industry standards have to be followed to end up with such security?

So i went to inquire about this in public venue #mtgox:
Quote
26 08:28 < upb> 'We had no intention of getting this to happen, and we have followed every industry standard to make this secure.'
26 08:28 < upb> which industry standards were followed ?
26 08:33 < upb> from memory CWE-352 CWE-79 CWE-89 CWE-209 CWE-327 or the OWASP equivalent errors were present so there was no audit

26 08:43 <@MagicalTux> upb: ?
26 08:46 < upb> hi i read the thread that was posted on forums on tuesday and it was claimed that 'and we have followed every industry standard to make this secure.'
26 08:46 < upb> so the question is which, if any, standards
26 08:46 <@MagicalTux> this applies to the new system
26 08:46 < upb> ahh ok
26 08:46 <@MagicalTux> as far as I know none of the CWE listed applies to the new system
26 08:47 < upb> yes if its the new site you were referring to, the question doesnt apply Smiley
26 08:47 <@MagicalTux> legacy code was made at a time when 1000$ worth of bitcoins exchanged in one month was impressive

Okay, so he was reffering to the NEW SYSTEM. Despite his new system being secure, his old system got hacked.... Shocked
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!