BitForce Single SC order #6892 08/31/12

Or maybe it was the other way around?  With a trashed rig now you have to fix it rather than annoying her.

It is happening to me but on one machine out of 3...... what's up?

I am considering a new motherboard purchase in order to add more cards to the system.  I see various specs that say PCI-E X-16 slots and X-8. 

I am not sure what the X-?? means or if it affects mining.

Any suggestions or clarifications?

Any recommendations on motherboard specs to look for?

If you can generate your own electricity why bother with mining?  I thought about adding solar Panels to my home too compensate for the mining rigs, then thought why not just add more panels and sell electricity back to  the power company?  No reason to bother with a mining rig right?  turns out eh cost of a decently large solar installation, say 5Kw is a lot of money even if the tax rebate is included and the Florida incentives are added in.

Lots of the HD 6990 on ebay but at a higher price. 

Well at least I have three very nice video cards.....

I can always put them to work on the SETI project, maybe the LHC and Climate predictions....  There are lots of ways to burn electricity with GPU cards that is contributory but perhaps not profitable.

I think I saw the price as being around $440 plus.  I just bought a 6970 on ebay for $320, almost the same as a new one.

I have heard that some of these cards have a lifetime warranty.  Does anyone know anything about that?  What mfg that be?

too bad the Nvidia cards are not useful in mining.  I have a 2 month old EVGA GTX 560 Ti sitting in a box....

Based on the specs published by Powercolor it consumes a max of 600 watts.  I think that is an improvement.

I hope the link works correctly.  Thanks Mousepotato for helping me with my error.  I will try to do better next time.

http://www.powercolor.com/Global/products_features.asp?id=364#Specification

Anyone care to guesstimate on the performance of the new card from Powercolor?

http://www.zdnet.com/blog/computers/powercolor-officially-launches-hd6870x2-two-amd-radeon-hd-6870s-on-one-graphics-card-for-449/621

Looks like it might be a bit more than half the price of one of the HD6990 cards.

If I may suggest, it might be a good idea to let the users of your exchange know the depth of support available.  It might also be a good idea from a business point of view to ramp up your userbase slowly and make sure you have adequate infrastructure to support the user base.

Any new business is going to suffer growing pains.  Managing growth and the users expectations will be very important in terms of keeping them happy and feeling like they made a good choice in the selection of an exchange.

It is also apparent that the user loyalty is somewhat fragile in that it is realtively easy to utilize a different exchange.  Users can shift their bitcoin funds very easily between exchanges.  so it will be important to develop rapid feedback when users are not satisfied.

This may become a critical factor in the success of an Exchange, how well can you maintain the user satisfaction?

Some things users seems to appreciate:

Low cost of transactions
Security
Timely Information
Service updates?
Support

Bitcoin traders, feel free to add anything here that you want to see the Exchanges improve upon. 

One principle of web site design for the Exchanges to follow is "Defense in Depth".  don't depend on a single feature to be your security, all aspects of the system require minimum access privileges and very fine grained audit controls and monitoring.  If one has permissions to access a database it should be further restricted to what tables and rows are appropriate.  All the way down to every file on every system in the enterprise.  Who owns it , who can read it (and how often!), who can change it.  who can delete it.  Keep in mind that once it is read it can be let loose in the wild with another few steps.  That has to all be monitored and logged.  and the system must do it automatically and with alerts to the watchers.

At some point the entire network is going to come alive with an AI.  the first thing it might do is hide the fact that is has become aware and sentient.  the next thing would be to insure it's continued existence.  I guess after that it starts looking for a mate.   

I did.  And I sent them a note regarding their security page and asked when they were going to be PCI-DSS compliant.  I also changed my password.

Anyone not using something like LastPass or soem other good password manager is putting themselves at risk.  Using LastPass I can have as many really good pwd as I need.

Here is a good example of some security in the financial business.  Perhaps many of you already have a Dwolla account.

http://www.dwolla.org/help/dwolla-security-and-partner-overview/

I have suggested they need to be in compliance with PCI-DSS and certified as such by an independent 3rd party. 

Any good bitcoin exchange should include similar if not better security features and insurance as those in place for Dwolla, your own online bank or any other big reputable and serious financial institution.  The time is now to graduate to the big leagues.

I have a few questions.

Did you hire a Security Professional?  A real one?  What are his qualifications?  What kind of testing, tools and monitoring has been put in place?

Have you implemetned a realistic Security Strategy, like "Defense in Depth".  Is each layer of the IT infrastructure down to the database is protected with ACL's and the minimum privileges possible.

Do you require users to have good pwd,  at least 16 characters long, digits, letters and special characters along with digital certificates. 

do you run your operations on a real Unix system?  Solaris or OpenSolaris are secure by default.  They are also "special " enough that not many hackers have expertise to penetrate it and it has very good support and Security features built in. 

Is your system hosted in the cloud? 

Are you using a well designed and professionally managed database?  Is this database being operated in the most secure manner possible?  Can you prove it and show evidence of an audit?

Everything should be logged and the logs monitored for attacks. 

Do you offer all users a digital certificate with your exchange being the CA. 

Is your entire operation behind a commercial firewall appliance and do you use a secure DNS?

What SEIM monitoring tools are in place?  You should have an SEIM monitoring solution from a reputable company.  I used AlienVault to gain experience but something even better might be a commercial offering.  Trustwave comes to mind that will audit your system and provide some certifications as to your compliance with all provisions of the NSA recommendations, and any other applicable authorities like the big exchanges. 

I think if you put this in place and let it be known upfront what is going on then you could easily attract as much business as you could handle.  With the best security in the bitcoin exchange arena you could charge more for trades and still get more customers.  With as much security as mentioned here it should be no problem for a big insurance agency like Loyds or whomever to insure each account and each trade to at least 250K bitcoins at a time or better.

You are going to be the number one target if you are successful.  Plan on it and plan on getting hit and have a plan to recover.

This is going to be a huge business with any luck and being the most secure will get you all the business you handle.

With the proper authorizations many people can perform a penetration test of the web site.  It should be fairly easy to run one, or contract to do it, and publish the results.  It would certainly be worthwhile to have some evidence of security in place. 

Some people can do the pen testing without authorization but not legally from the USA.

I just sent an email to the 5 exchanges I could find easily.  I will post any replies if they send any.

what I asked was this:

I think it would be very helpful if you published some kind of statement regarding your security planning and insurance regarding security attacks.

I am active in the Bitcoin forums and am trying to get some idea of the various exchanges that are in place and what security measures they have taken.  I also feel the best way to increase trust is to include an insurance clause in your operations.

It would definitely help attract more customers if you could point to a robust security plan and insurance against losses from security attacks.

https://www.bitcoinmarket.com/info/contact_us/

https://www.tradehill.com/Support/Contact

https://britcoin.co.uk  Statement posted on their web page.

support@btcex.com

office@virtualworldservices.at

I would like for the bitcoin exchanges to produce some kind of evidence of better security.  They should invite some serious security people to review their operations and basically perform an audit.  New people joining the exchange should insist on better security evidence up front and expect some kind of insurance policy as well.

I will go see if any of the exchanges I can find claim any kind of security plan and insurance.