|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
Rassah
Legendary
 Offline
Activity: 1680
Merit: 1035
|
 |
September 06, 2012, 06:03:53 AM |
|
|
|
|
|
|
|
Keyur @ Camp BX
|
|
September 06, 2012, 06:16:47 AM |
|
Interesting find! Bruce's mailing list is awfully quiet about this hack. |
|
|
|
|
BorderBits
|
|
September 06, 2012, 06:17:10 AM
Last edit: September 06, 2012, 06:32:40 AM by BorderBits |
|
I haven't read much of this thread -- do people think this Bitfloor guy didn't just rip them off? It's just all the more funny if he's in cahoots with Bruce Pedo Wagner. Edit: But yes, only the same P.O. Box Office. Coincidence? Eh... |
|
|
|
|
markm
Legendary
Offline
Activity: 2940
Merit: 1090
|
|
September 06, 2012, 06:40:25 AM |
|
The only people profiting from bitcoin are hackers. Fuck this shit.
I haven't lost anything yet from bitcoin but it does seem like hackers are just having a field day with it. As much as everyone hates Mt.Gox because of the cost to put money on there and the loss of anonymity, it seems like they have the best methods on there. I feel like bit floor should have known better than to have all of their coins in a hot wallet after btc-e and other hacks. Exchanges are damned if they do and damned if they don't. People want the convenience of being able to do instant withdrawals and transfers without any of the risk. Small Bitcoin services which hold large amounts of other people's BTC are hacker magnets and intruders know that such services are often one or two man operations without capital reserves to invest in infrastructure. They're soft targets. Security needs to be baked in from the day a service is created but many Bitcoin services are more concerned about rushing to market than they are about security (they probably tell themselves they'll invest in "proper" security once the profits are rolling in, not realising that a rapidly expanding business often makes little or no profit). Until Bitcoin service providers lift their game security-wise, people should severely limit the amount of BTC they store on such services. Bitcoins stored on a service are always at risk. You accept the risk of them being lost or stolen by leaving them on deposit with a service. Take a look at Open Transactions and help us make it more accessible to people. I notice this case is yet another Linode case, is there any reason to think there was any real vulnerability other than the fact of being hosted by a third party instead of being a server physically controlled by the operator of the service? -MarkM- |
|
|
|
markm
Legendary
Offline
Activity: 2940
Merit: 1090
|
|
September 06, 2012, 06:44:07 AM |
|
Sounds like the cold storage was deposited with pirate.
That was an obvious idea to jump to right off the bat but seemingly someone has traced some transaction(s) thought to possibly be the thief moving the coins, which would not really be possible if the coins had already been sent to pirate would it? It is amazing though the clever ways people come up with of making their coins accessible to hackers. -MarkM- |
|
|
|
|
Bitcoin Oz
|
|
September 06, 2012, 06:50:01 AM |
|
I haven't read much of this thread -- do people think this Bitfloor guy didn't just rip them off? It's just all the more funny if he's in cahoots with Bruce Pedo Wagner. Edit: But yes, only the same P.O. Box Office. Coincidence? Eh... Roman was on Bruce's show. |
|
|
|
markm
Legendary
Offline
Activity: 2940
Merit: 1090
|
|
September 06, 2012, 06:52:37 AM |
|
I've already stopped putting any funds in any Bitcoin service. It's obvious few of them have a clue how to secure their sites and there is no way to know who does and who doesn't.
Wrong. There is a way to know. But it requires the code for the entire system, from front end to back end, to be published for public scrutiny. And not just the program code, but the server configs and software versions and everything. In fact, it should be possible for the entire file system of every server to be available via public, read-only, anonymous FTP — minus the one directory containing the private keys and the one directory that holds the database table containing the users' personal information, if such a table exists. There is no reason that the remainder of the systems' contents shouldn't be held out for the light of day to wash over them. Security through obscurity is no security at all. Cryptographic algorithms are secure despite their method of operation being public knowledge. The same should be true of web sites. Please come help us get Open Transactions polished up... -MarkM- |
|
|
|
|
Bitcoin Oz
|
|
September 06, 2012, 06:56:34 AM |
|
Sounds like the cold storage was deposited with pirate.
That was an obvious idea to jump to right off the bat but seemingly someone has traced some transaction(s) thought to possibly be the thief moving the coins, which would not really be possible if the coins had already been sent to pirate would it? It is amazing though the clever ways people come up with of making their coins accessible to hackers. -MarkM-  |
|
|
|
markm
Legendary
Offline
Activity: 2940
Merit: 1090
|
|
September 06, 2012, 06:58:30 AM |
|
Well sadly Stephen was misinformed and likely turned a bad situation into a worse one. His talk of injunctions and criminal activity were simply false. I am just not certain if it was coming from a place of intentional malfeasance or simple ignorance.
Here: But once a corporation reaches insolvency, the fiduciary duties that once flowed to equity-holders divert instead to creditors. Again quoting the Delaware Supreme Court, "the corporation's insolvency makes the creditors the principal constituency injured by any fiduciary breaches that diminish the firm's value.
But once the moment of insolvency arrives, as the Delaware Court of Chancery has explained, "the creditors become the enforcement agents of fiduciary duties because the corporation's wallet cannot handle the legal obligations owed." The court continued: "Because, by contract, the creditors have the right to benefit from the firm's operations until they are fully repaid, it is they who have an interest in ensuring that the directors comply with their traditional fiduciary duties of loyalty and care." - http://www.faegrebd.com/8365tl;dr: Things change when your organization becomes insolvent. I am not a lawyer, but I'm aware that in the U.S., bad things can happen to you as an officer or director if you then take action after establishing insolvency that ends up further harming your creditors -- especially actions which might favor one creditor over another. Now customer funds are even more sacrosanct. My argument was that legal counsel should be obtained BEFORE paying out one single dime. Roman had reopened the site to allow ACH withdrawals so I was making the argument that the only way to stop it was to get an injunction filed. Personally, I don't have that many BTC involved and have already mentally booked mine as a total write off. I could see though how Roman might be persuaded because releasing USDs to depositors would mean some people (those with USD balances) would be less pissed off -- though others (those with BTC balances), would be more pissed off. But an insolvent organization no longer does what is best for the company or for its shareholders and instead is in dire need of legal advice before taking further action. It looks like that might be what then happened. I hope to cover this stuff for my Open Transactions server by taking the position that although the tokens representing assets are intended to do so in a non fractional reserve manner, nonetheless the actions of theives, acts of god, force majeur etc could contrive to force some of those tokens into being fractional (or even zero) reserve; but that each type of token is independent such that loss of dollars to back dollar tokens would cause only those tokens into being less thasn full reserve, whereas tokens representing assets not lost would remain fully backed. Not sure how long it would take though for the system to earn itself enough moneu to have that cast into legally airtight form... -MarkM- |
|
|
|
|
BorderBits
|
|
September 06, 2012, 06:59:08 AM |
|
I haven't read much of this thread -- do people think this Bitfloor guy didn't just rip them off? It's just all the more funny if he's in cahoots with Bruce Pedo Wagner. Edit: But yes, only the same P.O. Box Office. Coincidence? Eh... Also, it's probably completely random, and it's nothing that I know about anyways, but both Bitfloor and Bruce Wagner's multiple phone numbers are in the same prefix (646-580-XXXX), which is run by a small company, BandWidth.com. There are hundreds of prefixes for the 646 area code, and Bandwidth owns 17 . . . kinda coincidental that Bruce and Bitfloor not only use the same post office for their P.O. box, but also use the same telcomm and apparently set up their plans around the same time (assuming that's why the company gave them numbers within the same prefix). It's like they're in cahoots or something. |
|
|
|
|
|
BorderBits
|
|
September 06, 2012, 07:02:48 AM |
|
Roman was on Bruce's show.
It's kinda clever to advertise and talk up the business before cashing it out. With his cut, maybe Bruce can finally send the poor guy his $951 in BTC from that other thread now. |
|
|
|
|
markm
Legendary
Offline
Activity: 2940
Merit: 1090
|
|
September 06, 2012, 07:05:51 AM |
|
It's more the hot wallet I'm trying to understand. It is needed for the exchange to instantly process transactions directed by customers. So there'll always be a kind of command path going from website to wallet, no matter how far away you hide the hot wallet, and we'll have to trust that path we setup ourselves. A good hacker will find that path and command the bitcoind. So there's actually no need to trust our path if we can't trust our website.
Now, of course you can have the hot wallet pull for commands and transactions, but then.. how do you trust the content of those commands and transactions? Because, basically, that is that same public website with input from customers.
If we can't trust the website giving commands into the hot wallet, [edited:]how can we trust that same website to collect and offer the hot wallet valid and intended commands to pull?
The route I am going is to have the customers sign everything using their own private keys. If a hacker uses their private keys unauthorised that will be totally outside my control and I will have no way even to distinguish between a hacker and the actual customer, since to me the private key is the customer. This seems nice and safe from my end as service, but admittedly is not going to be very nice for people who let hackers get hold of their private keys. -MarkM- |
|
|
|
markm
Legendary
Offline
Activity: 2940
Merit: 1090
|
|
September 06, 2012, 07:12:29 AM |
|
If we can't trust the website giving commands into the hot wallet, [edited:]how can we trust that same website to collect and offer the hot wallet valid and intended commands to pull? You never fully can trust it, but you can make it more difficult for an attacker by having the hot wallet independently check the incoming commands for deviations from normal patterns which could indicate the website has been compromised. At the cost of requiring more manual human action you can add more safeguards, like requiring customers to pre-register their withdrawal addresses and transferring a list of valid addresses via sneakernet to the hot wallet every 8 hours. Now an attacker can't break into the website and send the hot wallet a command to withdraw all the bitcoins to some arbitrary address because that address won't be on the authorized list. I am not really convinced that you cannot set up the system to be trustable. For example if I base sending out of bitcoins on my having received bitcoin-tokens in a certain account, then it looks to me as if the only way I can get those tokens arriving in my account (and thus triggering a send-out-coins request) is if the hacker has the private keys of a user who has bitcoin-tokens. Those tokens in turn could only have arrived there through a properly signed transaction, and the signatures go all the way back to the account that actually issues the tokens. The whole point of all this signing is so the server does not actually have to be trusted... -MarkM- |
|
|
|
markm
Legendary
Offline
Activity: 2940
Merit: 1090
|
|
September 06, 2012, 07:14:19 AM |
|
I've been thinking about a similar method as part of the code for an exchange I'm working on, and it's almost correct other than if somebody has access to your database and knows your rules, they can insert or alter records in the database table that controls your payment processing service. The solution here would be to have the requests (database records) be nonced & signed. Preferably with both a server/application private key and a per-user private key derived from the users password.
Please look at Open Transactions system and maybe come help us get it widely deployed... -MarkM- |
|
|
|
Shagnasty
Member
Offline
Activity: 148
Merit: 10
|
|
September 06, 2012, 08:04:27 AM |
|
Why can't someone invent a machine that can be switched on or off to connect to the internet and it's only purpose is to be a bitcoin wallet. It can have a little screen that says how many BTC you have. Just connect and it updates and disconnect. And the main thing would be if you needed to send BTC, it would require you to insert some type of key or swipe a card or something.
|
|
|
|
ErnestoJuarell
Member
Offline
Activity: 113
Merit: 10
¿Sabe lo que quiero decir?
|
|
September 06, 2012, 10:00:49 AM |
|
I haven't read much of this thread -- do people think this Bitfloor guy didn't just rip them off? It's just all the more funny if he's in cahoots with Bruce Pedo Wagner. Edit: But yes, only the same P.O. Box Office. Coincidence? Eh... Also, it's probably completely random, and it's nothing that I know about anyways, but both Bitfloor and Bruce Wagner's multiple phone numbers are in the same prefix (646-580-XXXX), which is run by a small company, BandWidth.com. There are hundreds of prefixes for the 646 area code, and Bandwidth owns 17 . . . kinda coincidental that Bruce and Bitfloor not only use the same post office for their P.O. box, but also use the same telcomm and apparently set up their plans around the same time (assuming that's why the company gave them numbers within the same prefix). It's like they're in cahoots or something. It could be a "virtual office". |
|
|
|
Stephen Gornick
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
September 06, 2012, 10:09:10 AM |
|
Why can't someone invent a machine that can be switched on or off to connect to the internet and it's only purpose is to be a bitcoin wallet. It can have a little screen that says how many BTC you have. Just connect and it updates and disconnect. And the main thing would be if you needed to send BTC, it would require you to insert some type of key or swipe a card or something.
That (offline wallet) is one of the requests on the Raspberry Pi thread: - http://bitcointalk.org/index.php?topic=93724.msg1155722#msg1155722 |
|
|
|
|
Domrada
|
|
September 06, 2012, 12:17:41 PM |
|
I've been thinking about a similar method as part of the code for an exchange I'm working on, and it's almost correct other than if somebody has access to your database and knows your rules, they can insert or alter records in the database table that controls your payment processing service. The solution here would be to have the requests (database records) be nonced & signed. Preferably with both a server/application private key and a per-user private key derived from the users password.
Please look at Open Transactions system and maybe come help us get it widely deployed... -MarkM- I've been watching the #opentransactions channel and it looks like FT & co. are still working out the bugs. Are you sure it's stable enough to "widely deploy"? |
|
|
|
Phinnaeus Gage
Legendary
Offline
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
|
|
September 06, 2012, 02:01:10 PM |
|
Nah! Two different box numbers at the same address by two Bitcoiners of which one interviewed the other one on a show that was sponsored by another Bitcoiner. Nothing further to see here. ~Bruno~ |
|
|
|
|
|
