Bitcoin Forum
April 18, 2014, 11:42:23 AM *
News: Due to the OpenSSL heartbleed bug, changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 [30] 31 32 33 34 35 36 37 38 39 40 41 42
  Print  
Author Topic: bitfloor needs your help!  (Read 92170 times)
TheButterZone
Hero Member
*****
Offline Offline

Activity: 658


Nemo me impune lacessit


View Profile WWW

Ignore
October 02, 2012, 01:33:37 AM
 #581

Crazy number of executions today...

ΜΟΛΩΝ ΛΑΒΕ! I sell stuff for BTC here here and here | Flute & Violin & Piano For Sale | Voiceover for BTC | Copy editing for BTC
gpg_identity=http://pgp.thebutterzone.com | WoT feedback here & eBay feedback here | Buy BTC in San Diego, CA, or worldwide!
PayPal: Bitcoinese for "FU, I'm getting a chargeback up to 365 days later!" | Bitcoin voice chat | Utilities For Bitcoin Sellers | THE Bitcoin Sound is here.
    mBitCASINOWIN BITCOINS IN OUR
24/7 LIVE DEALER CASINO

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1397821343
Hero Member
*
Offline Offline

Posts: 1397821343

View Profile Personal Message (Offline)

Ignore
1397821343
Reply with quote  #2

1397821343
Report to moderator
1397821343
Hero Member
*
Offline Offline

Posts: 1397821343

View Profile Personal Message (Offline)

Ignore
1397821343
Reply with quote  #2

1397821343
Report to moderator
1397821343
Hero Member
*
Offline Offline

Posts: 1397821343

View Profile Personal Message (Offline)

Ignore
1397821343
Reply with quote  #2

1397821343
Report to moderator
whitslack
Member
**
Offline Offline

Activity: 112



View Profile

Ignore
October 02, 2012, 02:53:26 AM
 #582

Crazy number of executions today...
Yeah, I know. I was responsible for several dozen of those. Wink
toffoo
Sr. Member
****
Offline Offline

Activity: 347



View Profile

Ignore
October 02, 2012, 03:39:33 AM
 #583

bitfloor, we need your help!

http://www.downforeveryone.com/downforeveryone-https/result.php?url=bitfloor.com


Quote
Checking "down or not" status for https://bitfloor.com ...

Hey, it's not just you! https://bitfloor.com looks down from here.
Of course, we can't be sure about every other location, but at least it's not accessible from here (Brea, California - United States) right now.

shtylman
Sr. Member
****
Offline Offline

Activity: 243



View Profile

Ignore
October 02, 2012, 07:54:44 AM
 #584

Apologies for the site downtime today. It was cased by a crash on the web and API server. I have brought all services back up and posted about the outage on the bitfloor blog. In the future, serious downtime issues will always be mentioned on the blog.
mufa23
Hero Member
*****
Offline Offline

Activity: 742


I'd fight Gandhi.


View Profile

Ignore
October 02, 2012, 08:04:57 AM
 #585

Sounds good. The recent down times have been getting me worried.

Positive rep with: pekv2, AzN1337c0d3r, Vince Torres, underworld07, Chimsley, omegaaf, Bogart, Gleason, SuperTramp, John K. and guitarplinker
shtylman
Sr. Member
****
Offline Offline

Activity: 243



View Profile

Ignore
October 02, 2012, 08:42:59 AM
 #586

Sounds good. The recent down times have been getting me worried.

Understandable given what has happened in the past. However, I do want to stress that the issues have all been separate incidents and in no way related to any sort of compromise or attack on the servers. As mentioned in the previous post (and per the sentiment expressed by my users), serious server downtime will always be mentioned on our blog as well as our twitter account (@bitfloor) as soon as possible.
Otoh
Donator
Hero Member
*
Offline Offline

Activity: 1022



View Profile

Ignore
October 02, 2012, 11:04:45 AM
 #587

Hi,

It's been 9 days now since I emailed support to apply for ACH withdrawal status to be set up on my account with you, I sent you my full bank account details plus photo of my ID, but so far with no acknowledgment, no reply, no response to my post in your thread asking after this & the ACH has not been enabled on my account as yet.

Copied to your thread & would appreciate an update, thanks.

Otoh

Edit PS - I've just bought 800 coins on Gox that could/might have been done on your exchange otherwise, which would at least have made a few coins for the compensation fund of those who had theirs stolen from you. Just checked - not much Ask volume on BitFloor atm so maybe it would have been just a few unless there was hidden interest waiting for Bids.

BTC = $c²     LTC = $c³     BTC = 1otohotohMoQoxHuxLBveQiZcV3Pji3Tc     LTC = LQMHQ6haTzVa2uKkxFAaujEqmzkbHBzt7i     NXT = 9862336831998627827     

BITCOIN: ♦  Just-Dice.com  ♦   ♦  1% House Edge Dice Game  ♦   ♦  Play or Invest  ♦     LITECOIN: INTRO | CLIENT | EXCHANGE | CHARTS | MINING | FORUM | ASTRO | A REPORT ON LTC | NEWS | PRIZES | CHARITY | MY REP | DICE
whitslack
Member
**
Offline Offline

Activity: 112



View Profile

Ignore
October 02, 2012, 01:13:39 PM
 #588

Quote
The outage was due to  misbehavior on the server running the website and affected the website and api access.

Thanks for the attempt at transparency, but this is too vague. What was the problem? How did you correct it? You're on the Bitcoin Forum; you can get technical with us. Humor us. We need to want to trust that you know what you're doing.
SkRRJyTC
Hero Member
*****
Offline Offline

Activity: 770


View Profile

Ignore
October 02, 2012, 01:16:48 PM
 #589

Bitfloor has indeed resumed trading. My official statement on the matter is here:
https://plus.google.com/109620439233076225324/posts/bLJRDHApjSP

More generally https://blog.bitfloor.com will contain official updates.

If you have specific questions please contact support@bitfloor.com and I will gladly respond.

Any reasonable way for you to prove these claims?  Or someway for users to verify these claims themselves (this would be even better)

..."In reopening, a number of improvements to both the wallet storage and website have been made. Bitfloor aims to be safe and reliable platform and as a result have changed our fund storage policy to 100% offline storage for your funds. Daily transactions through out hot wallet will be backed by Bitfloor funds, never putting client funds at risk."...

..."Bitfloor is now running on dedicated servers in a PCI compliant data center based in the US. Bitfloor services are further isolated based on exposure. Testnet and development are not located in the same data center or hosting provider to ensure further isolation. Backups are encrypted and write only on all of the servers. Hot wallet files are encrypted even further and unavailable even with physical access to the disk."...

Please?

New security continues to be unverified...
fbastage
Full Member
***
Offline Offline

Activity: 163


View Profile

Ignore
October 02, 2012, 02:22:08 PM
 #590

serious downtime issues will always be mentioned on the blog.

blog? I can't find any. looked on site, google search, your bitcointalk profile.  could you link to it?

Temper your trust carefully. "BitCoin never changed human nature, it only removed a few of the leeches."

how was my service today? call 1MeKFywBwY5oCwh8ivs3o4ipzDgeSYS3mc to complain
whitslack
Member
**
Offline Offline

Activity: 112



View Profile

Ignore
October 02, 2012, 02:56:06 PM
 #591

blog? I can't find any. looked on site, google search, your bitcointalk profile.  could you link to it?
Intuitively, it's:
http://blog.bitfloor.com/
toffoo
Sr. Member
****
Offline Offline

Activity: 347



View Profile

Ignore
October 02, 2012, 05:39:20 PM
 #592

blog? I can't find any. looked on site, google search, your bitcointalk profile.  could you link to it?
Intuitively, it's:
http://blog.bitfloor.com/

That link actually loads nothing for me (just reloads https://bitfloor.com) but https://blog.bitfloor.com looks like it redirects to: https://plus.google.com/109620439233076225324/posts

... serious server downtime will always be mentioned on our blog as well as our twitter account (@bitfloor) as soon as possible.

You've made two tweets lifetime (one of which being yesterday's ex post facto downtime acknowledgement) and have have 11 total followers.  Maybe you should actually start using twitter a bit more before we rely on it for downtime announcements.

Hi,

It's been 9 days now since I emailed support to apply for ACH withdrawal status to be set up on my account with you, I sent you my full bank account details plus photo of my ID, but so far with no acknowledgment, no reply, no response to my post in your thread asking after this & the ACH has not been enabled on my account as yet.


Likewise, same deal for me.  Waiting...no reply.

I would love to continue to support BitFloor's resurrection, but I cannot justify sending any more coins there until I have a verified way to cash out.

Come on Roman, your remaining loyal clients and potential new ones are going to need some extra communication and responsiveness to rebuild your credibility after what happened.  So what's up?

Rassah
Hero Member
*****
Offline Offline

Activity: 1064


Director of Bitcoin100


View Profile

Ignore
October 03, 2012, 03:37:20 AM
 #593

Bought $5,000 worth of BTC today, and withdrew the BTC without issues. Everything seems to be working ok (I guess aside from some customer support/ACH issues)

shtylman
Sr. Member
****
Offline Offline

Activity: 243



View Profile

Ignore
October 03, 2012, 04:08:20 AM
 #594

Bitfloor has indeed resumed trading. My official statement on the matter is here:
https://plus.google.com/109620439233076225324/posts/bLJRDHApjSP

More generally https://blog.bitfloor.com will contain official updates.

If you have specific questions please contact support@bitfloor.com and I will gladly respond.

Any reasonable way for you to prove these claims?  Or someway for users to verify these claims themselves (this would be even better)

..."In reopening, a number of improvements to both the wallet storage and website have been made. Bitfloor aims to be safe and reliable platform and as a result have changed our fund storage policy to 100% offline storage for your funds. Daily transactions through out hot wallet will be backed by Bitfloor funds, never putting client funds at risk."...

..."Bitfloor is now running on dedicated servers in a PCI compliant data center based in the US. Bitfloor services are further isolated based on exposure. Testnet and development are not located in the same data center or hosting provider to ensure further isolation. Backups are encrypted and write only on all of the servers. Hot wallet files are encrypted even further and unavailable even with physical access to the disk."...

Please?

New security continues to be unverified...

There are no reasonable ways for many of your questions to be verified. The production and testnet separation can be confirmed through a traceroute on the respective domains.

I welcome suggestions for reasonable ways in which you believe your requests can be confirmed without compromising user identities, trading activity, or balances.
SkRRJyTC
Hero Member
*****
Offline Offline

Activity: 770


View Profile

Ignore
October 03, 2012, 05:05:03 PM
 #595

Bitfloor has indeed resumed trading. My official statement on the matter is here:
https://plus.google.com/109620439233076225324/posts/bLJRDHApjSP

More generally https://blog.bitfloor.com will contain official updates.

If you have specific questions please contact support@bitfloor.com and I will gladly respond.

Any reasonable way for you to prove these claims?  Or someway for users to verify these claims themselves (this would be even better)

..."In reopening, a number of improvements to both the wallet storage and website have been made. Bitfloor aims to be safe and reliable platform and as a result have changed our fund storage policy to 100% offline storage for your funds. Daily transactions through out hot wallet will be backed by Bitfloor funds, never putting client funds at risk."...

..."Bitfloor is now running on dedicated servers in a PCI compliant data center based in the US. Bitfloor services are further isolated based on exposure. Testnet and development are not located in the same data center or hosting provider to ensure further isolation. Backups are encrypted and write only on all of the servers. Hot wallet files are encrypted even further and unavailable even with physical access to the disk."...

Please?

New security continues to be unverified...

There are no reasonable ways for many of your questions to be verified. The production and testnet separation can be confirmed through a traceroute on the respective domains.

I welcome suggestions for reasonable ways in which you believe your requests can be confirmed without compromising user identities, trading activity, or balances.

Smarter people could help me out here if I dont know what I'm talking about, but how about these ideas:

In order to prove "...changed our fund storage policy to 100% offline storage for your funds. Daily transactions through out hot wallet will be backed by Bitfloor funds, never putting client funds at risk." You could sign messages from both the Bitfloor wallet and the customer funds wallet or at least show a picture of what you used to make the offline wallet or the offline wallet itself.

In order to prove "Bitfloor is now running on dedicated servers in a PCI compliant data center based in the US." you could show some sort of recipt from said data center.

In order to prove "Backups are encrypted and write only on all of the servers." why not just host them publicly?  If they are properly encrypted it shouldn't be an issue and I believe with some cyrtpo hash magic a person should be able to verify their own details are in the backup without others being able to break it.


BitcoinForLiberty
Jr. Member
*
Offline Offline

Activity: 37


View Profile

Ignore
October 04, 2012, 03:12:36 PM
 #596

Roman,

Please tell us why Chase deposits into Bitfloor are not available this morning. Makes me wonder if your account was frozen by Chase.
shtylman
Sr. Member
****
Offline Offline

Activity: 243



View Profile

Ignore
October 04, 2012, 03:19:50 PM
 #597

Roman,

Please tell us why Chase deposits into Bitfloor are not available this morning. Makes me wonder if your account was frozen by Chase.


It was not frozen but they are closing it (details of which are private). I will be moving to a new cash deposit system which will also include more banks; however the transition will take a few weeks. The new system will continue to allow for free deposits. Apologies for any inconvenience this may cause to anyone using the Chase deposits.
jwzguy
Hero Member
*****
Offline Offline

Activity: 868



View Profile

Ignore
October 04, 2012, 04:57:36 PM
 #598

Roman,

Please tell us why Chase deposits into Bitfloor are not available this morning. Makes me wonder if your account was frozen by Chase.


It was not frozen but they are closing it (details of which are private). I will be moving to a new cash deposit system which will also include more banks; however the transition will take a few weeks. The new system will continue to allow for free deposits. Apologies for any inconvenience this may cause to anyone using the Chase deposits.
So Chase deposits are not coming back? The webpage says "Chase deposits are temporarily unavailable." Just curious as it is my main method of deposit.

19wXnWTeGuraN9g5UsMAi119sWzDCQcr7S
Bitcoin Logo shirts!
SkRRJyTC
Hero Member
*****
Offline Offline

Activity: 770


View Profile

Ignore
October 06, 2012, 07:34:17 PM
 #599

Bitfloor has indeed resumed trading. My official statement on the matter is here:
https://plus.google.com/109620439233076225324/posts/bLJRDHApjSP

More generally https://blog.bitfloor.com will contain official updates.

If you have specific questions please contact support@bitfloor.com and I will gladly respond.

Any reasonable way for you to prove these claims?  Or someway for users to verify these claims themselves (this would be even better)

..."In reopening, a number of improvements to both the wallet storage and website have been made. Bitfloor aims to be safe and reliable platform and as a result have changed our fund storage policy to 100% offline storage for your funds. Daily transactions through out hot wallet will be backed by Bitfloor funds, never putting client funds at risk."...

..."Bitfloor is now running on dedicated servers in a PCI compliant data center based in the US. Bitfloor services are further isolated based on exposure. Testnet and development are not located in the same data center or hosting provider to ensure further isolation. Backups are encrypted and write only on all of the servers. Hot wallet files are encrypted even further and unavailable even with physical access to the disk."...

Please?

New security continues to be unverified...

There are no reasonable ways for many of your questions to be verified. The production and testnet separation can be confirmed through a traceroute on the respective domains.

I welcome suggestions for reasonable ways in which you believe your requests can be confirmed without compromising user identities, trading activity, or balances.

Smarter people could help me out here if I dont know what I'm talking about, but how about these ideas:

In order to prove "...changed our fund storage policy to 100% offline storage for your funds. Daily transactions through out hot wallet will be backed by Bitfloor funds, never putting client funds at risk." You could sign messages from both the Bitfloor wallet and the customer funds wallet or at least show a picture of what you used to make the offline wallet or the offline wallet itself.

In order to prove "Bitfloor is now running on dedicated servers in a PCI compliant data center based in the US." you could show some sort of recipt from said data center.

In order to prove "Backups are encrypted and write only on all of the servers." why not just host them publicly?  If they are properly encrypted it shouldn't be an issue and I believe with some cyrtpo hash magic a person should be able to verify their own details are in the backup without others being able to break it.




Were these bad ideas?
notme
Hero Member
*****
Offline Offline

Activity: 924


View Profile

Ignore
October 06, 2012, 08:37:06 PM
 #600

Smarter people could help me out here if I dont know what I'm talking about, but how about these ideas:

In order to prove "...changed our fund storage policy to 100% offline storage for your funds. Daily transactions through out hot wallet will be backed by Bitfloor funds, never putting client funds at risk." You could sign messages from both the Bitfloor wallet and the customer funds wallet or at least show a picture of what you used to make the offline wallet or the offline wallet itself.

In order to prove "Bitfloor is now running on dedicated servers in a PCI compliant data center based in the US." you could show some sort of recipt from said data center.

In order to prove "Backups are encrypted and write only on all of the servers." why not just host them publicly?  If they are properly encrypted it shouldn't be an issue and I believe with some cyrtpo hash magic a person should be able to verify their own details are in the backup without others being able to break it.




Were these bad ideas?

Yes, mostly.

1) Making public information about how he created his cold wallet, or how it is stored, or where it is stored reduces his security.
2) Shouldn't be too harmful since anyone can verify that themselves with the existing public record Wink.
3) Making them public reduces the effort of a compromise from "breaking into his server, obtaining root access to change permissions on backups, copying backups, finding the password" to "finding the password".  Regardless, no amount of crypto "magic" will allow parts of the encrypted data to be read or even verified, so it would be pointless anyway.  Hashing and encryption are two very different beasts.

While no idea is perfect, some ideas are useful.
Programmer/Math Nerd
12jh3odyAAaR2XedPKZNCR4X4sebuotQzN
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 [30] 31 32 33 34 35 36 37 38 39 40 41 42
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!