Bitcoin Forum
April 23, 2014, 02:23:21 PM *
News: Due to the OpenSSL heartbleed bug, changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Pages: 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42
  Print  
Author Topic: bitfloor needs your help!  (Read 92875 times)
adamstgBit
Hero Member
*****
Online Online

Activity: 1064


Trusted Bitcoiner


View Profile WWW

Ignore
September 04, 2012, 06:54:20 PM
 #61

New withdrawals are currently on hold while I work through the future of the exchange.

That is unacceptable.  Regardless of the future of the exchange you have an obligation to disburse funds to the ACH account on record.  You previously handled requests by email.  USD funds by depositors are the property of the depositor and not an investment.  You have no legal standing to hold those funds pending "anything".

Since it seems shtylman missed it.  

Let me make it more clear.  You wanting to continue bitfloor is admirable but it has absolutely nothing to do with client funds.  The only purpose of those funds is for CLIENT to purchase bitcoins.  Since that is no longer possible the funds should be returned immediately.  Not in week, not in a month, not after you get "hacked" again and the attacker makes a bank wire withdraw of all the USD funds to some foreign bank.



ya sending everyone's money back seems like a good first step.

then rebuild a better system, and start making money again.

BTC.sx - Leveraged Bitcoin Trading. Simply use Bitcoin to take advantage of a rising or falling Bitcoin price.
BTC.sx - Leveraged Bitcoin Trading. Profit from a rising or falling Bitcoin price.
1398263001
Hero Member
*
Offline Offline

Posts: 1398263001

View Profile Personal Message (Offline)

Ignore
1398263001
Reply with quote  #2

1398263001
Report to moderator
1398263001
Hero Member
*
Offline Offline

Posts: 1398263001

View Profile Personal Message (Offline)

Ignore
1398263001
Reply with quote  #2

1398263001
Report to moderator
1398263001
Hero Member
*
Offline Offline

Posts: 1398263001

View Profile Personal Message (Offline)

Ignore
1398263001
Reply with quote  #2

1398263001
Report to moderator
    mBitCASINOWIN BITCOINS IN OUR
24/7 LIVE DEALER CASINO

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1398263001
Hero Member
*
Offline Offline

Posts: 1398263001

View Profile Personal Message (Offline)

Ignore
1398263001
Reply with quote  #2

1398263001
Report to moderator
1398263001
Hero Member
*
Offline Offline

Posts: 1398263001

View Profile Personal Message (Offline)

Ignore
1398263001
Reply with quote  #2

1398263001
Report to moderator
greyhawk
Hero Member
*****
Offline Offline

Activity: 728


View Profile

Ignore
September 04, 2012, 06:56:04 PM
 #62

Bitfloor is a helluva lot cheaper and more convenient than the clip joints being called exchanges out there.

I wonder why...

Stop sending me Bitcoins! 1HNLqLrPEwMk8woA91qwX9sRkatRfQik2T
Click here to get hacked
Dansker
Hero Member
*****
Offline Offline

Activity: 741


Hello world!


View Profile

Ignore
September 04, 2012, 06:56:59 PM
 #63

How about this:

You repay any USD-deposits, since they are all in tact.

You then re-pay what you can of the remaining BTC deposits.

You will then re-do your security, and publicly post how it will be done right from now on.

You will then re-pay the users who have deposited BTC which you can no longer repay with the incoming transaction fees, untill you have repaid everyone.

Then you will (after a year or two) start making money again. Running the operation untill then will have to be based on your hard work, and possibly investors investing into the company.

Disclosure: I am not invested in any way with any parties to this.

Severian
Sr. Member
****
Offline Offline

Activity: 336


anarchistic marketist


View Profile WWW

Ignore
September 04, 2012, 07:01:10 PM
 #64

Bitfloor is a helluva lot cheaper and more convenient than the clip joints being called exchanges out there.

I wonder why...

Are you saying that paying a 5% fee will ensure security?

"The synonym of usury is ruin." -Samuel Johnson
DigitalHermit
Full Member
***
Offline Offline

Activity: 150


Thank you! Thank you! ...


View Profile

Ignore
September 04, 2012, 07:03:22 PM
 #65

Bitfloor is a helluva lot cheaper and more convenient than the clip joints being called exchanges out there.

I wonder why...

Are you saying that paying a 5% fee will ensure security?

... as in pay 5% now or 100% later?  Tongue
vampire
Hero Member
*****
Offline Offline

Activity: 574



View Profile

Ignore
September 04, 2012, 07:04:53 PM
 #66

How about this:

You repay any USD-deposits, since they are all in tact.

You then re-pay what you can of the remaining BTC deposits.

You will then re-do your security, and publicly post how it will be done right from now on.

You will then re-pay the users who have deposited BTC which you can no longer repay with the incoming transaction fees, untill you have repaid everyone.

Then you will (after a year or two) start making money again. Running the operation untill then will have to be based on your hard work, and possibly investors investing into the company.

Disclosure: I am not invested in any way with any parties to this.

25k BTC is a lot of money. With the current valuation it will take 10 years to repay. And certainly this incident won't increase volume for bitfloor.

Sad.
Stephen Gornick
Hero Member
*****
Online Online

Activity: 1246



View Profile WWW

Ignore
September 04, 2012, 07:05:33 PM
 #67

You repay any USD-deposits, since they are all in tact.

You then re-pay what you can of the remaining BTC deposits.

Customer assets are customer assets.  It doesn't matter if they are dollars, bitcoins or bananas.  If BitFloor does not have reserves (and that was reported in OP) or any other way to make customers whole, then this is a bankruptcy case.  This exchange is operating in the U.S., there are very specific laws as to how to proceed.

Disbursing funds to some customers and not others would be a criminal act under those.

I believe a court order (injunction) should be filed to help ensure the exchange operator proceeds as prescribed by law.

[Edited, s/funds/assets/.  and added.]

greyhawk
Hero Member
*****
Offline Offline

Activity: 728


View Profile

Ignore
September 04, 2012, 07:07:59 PM
 #68

Bitfloor is a helluva lot cheaper and more convenient than the clip joints being called exchanges out there.

I wonder why...

Are you saying that paying a 5% fee will ensure security?

You can't "ensure" security. You can strive to maximize security however.

Like taking that 5% fee and paying someone who knows something about security to have a look at your stuff and point out obvious weaknesses like "unencrypted copy of the wallet keys" lying around on "supposedly non-public-facing" servers with open connections to public facing servers.

Stop sending me Bitcoins! 1HNLqLrPEwMk8woA91qwX9sRkatRfQik2T
Click here to get hacked
Tuxavant
Hero Member
*****
Offline Offline

Activity: 728


Bitcoin Mayor of Las Vegas


View Profile WWW

Ignore
September 04, 2012, 07:11:55 PM
 #69

Disbursing funds to some customers and not others would be a criminal act under those.

I believe a court order (injunction) should be filed to help ensure the exchange operator proceeds as prescribed by law.

Bitcoins were stolen, not cash. That cash is not Bitfloors to distribute to other customers. It's mine.

Generation Bitcoin | G+ | FB | Bitcoins In Vegas | CoinBus.com | TOR Exit Operator 1MVTPATVCKBMfALRHJsXpHfKJu7GyL7nAc
Severian
Sr. Member
****
Offline Offline

Activity: 336


anarchistic marketist


View Profile WWW

Ignore
September 04, 2012, 07:13:27 PM
 #70


Like taking that 5% fee and paying someone who knows something about security to have a look at your stuff and point out obvious weaknesses like "unencrypted copy of the wallet keys" lying around on "supposedly non-public-facing" servers with open connections to public facing servers.

Or maybe one should be responsible for one's own money and btc and not leave them sitting on other peoples' servers for extended periods? Would you leave your wallet and house keys next to someone on the subway to watch for you? You gave him five bucks. He said he'll do his best.

"The synonym of usury is ruin." -Samuel Johnson
greyhawk
Hero Member
*****
Offline Offline

Activity: 728


View Profile

Ignore
September 04, 2012, 07:15:32 PM
 #71

Like taking that 5% fee and paying someone who knows something about security to have a look at your stuff and point out obvious weaknesses like "unencrypted copy of the wallet keys" lying around on "supposedly non-public-facing" servers with open connections to public facing servers.

Or maybe one should be responsible for one's own money and btc and not leave them sitting on other peoples' servers for extended periods? Would you leave your wallet and house next to someone on the subway to watch for you? You gave him five bucks. He said he'll do his best.

That too of course.  Wink

Stop sending me Bitcoins! 1HNLqLrPEwMk8woA91qwX9sRkatRfQik2T
Click here to get hacked
kangasbros
Hero Member
*****
Offline Offline

Activity: 808


View Profile

Ignore
September 04, 2012, 07:16:02 PM
 #72

Wow... just wow.

I thought you were better than that.

I never store keys on a webserver for a project involving customer funds.  If all monies belong to the site operator that's their business, but if there are customer accounts I refuse to write code for someone who isn't willing to put the keys on a separate, heavily locked down server (preferably with no public ip).

Hmm, do you mean that the outgoing transfers should always be done from separate server manually? So no automated transfers?

JayCoin
Sr. Member
****
Offline Offline

Activity: 370


LOAD "*",8,1


View Profile WWW

Ignore
September 04, 2012, 07:21:36 PM
 #73

Few questions:

Where your servers VPS?

Who hosted your servers?


 

Bitvenders.com
Bitcoin Mining Equipment
Buy and Sell Bitcoins AtCoinbase.com
vampire
Hero Member
*****
Offline Offline

Activity: 574



View Profile

Ignore
September 04, 2012, 07:22:22 PM
 #74

Wow... just wow.

I thought you were better than that.

I never store keys on a webserver for a project involving customer funds.  If all monies belong to the site operator that's their business, but if there are customer accounts I refuse to write code for someone who isn't willing to put the keys on a separate, heavily locked down server (preferably with no public ip).

Hmm, do you mean that the outgoing transfers should always be done from separate server manually? So no automated transfers?


Not really. A hot wallet server can connect to the exchange, listen for transfers, validate transfers to any issues (like requests from wrong ips, large transactions, etc) and automatically process them.

The server doesn't need to be accessible from outside.
DeathAndTaxes
Donator
Hero Member
*
Offline Offline

Activity: 966



View Profile WWW

Ignore
September 04, 2012, 07:22:51 PM
 #75

Wow... just wow.

I thought you were better than that.

I never store keys on a webserver for a project involving customer funds.  If all monies belong to the site operator that's their business, but if there are customer accounts I refuse to write code for someone who isn't willing to put the keys on a separate, heavily locked down server (preferably with no public ip).

Hmm, do you mean that the outgoing transfers should always be done from separate server manually? So no automated transfers?

Well he didn't mean that but yes a cold wallet with batch processing is another option.  I would point out that even if a hot wallet is needed, if the hot wallet wallet had say 10% of total funds then 90% of the BTC would still remain right now.  The attacker would have stolen ~2,500 BTC not 25,000.  If using a split wallet like that occassional the hot wallet can run out of funds and clients will experience a delay.

There is no single solution which meets the needs of every single service provider.  That being said having a hotwallet with 100% of the funds is simply inexcusable.   More than anything else it is sad.   Bitfloor was growing rapidly and was a great source of liquidity outside of MtGox (which is important IMHO).  It is destroyed now and honestly shtylman is better than that.

Gerald Davis  CEO, Tangible Cryptography Inc.
BitSimple. A simpler way to buy and sell bitcoins
vampire
Hero Member
*****
Offline Offline

Activity: 574



View Profile

Ignore
September 04, 2012, 07:23:08 PM
 #76

Few questions:

Where your servers VPS?

Who hosted your servers?


 

from whois


Name Servers:
   ns1.linode.com
   ns2.linode.com
   ns3.linode.com
   ns4.linode.com
Severian
Sr. Member
****
Offline Offline

Activity: 336


anarchistic marketist


View Profile WWW

Ignore
September 04, 2012, 07:25:54 PM
 #77

That too of course.  Wink

Isn't it odd that personal responsibility is always down further on the list? : )

"The synonym of usury is ruin." -Samuel Johnson
greyhawk
Hero Member
*****
Offline Offline

Activity: 728


View Profile

Ignore
September 04, 2012, 07:27:26 PM
 #78

That too of course.  Wink

Isn't it odd that personal responsibility is always down further on the list? : )

It's very human at least.

Stop sending me Bitcoins! 1HNLqLrPEwMk8woA91qwX9sRkatRfQik2T
Click here to get hacked
Stephen Gornick
Hero Member
*****
Online Online

Activity: 1246



View Profile WWW

Ignore
September 04, 2012, 07:27:56 PM
 #79

Disbursing funds to some customers and not others would be a criminal act under those.

I believe a court order (injunction) should be filed to help ensure the exchange operator proceeds as prescribed by law.

Bitcoins were stolen, not cash. That cash is not Bitfloors to distribute to other customers. It's mine.

Doesn't work that way in the U.S.

A quick search and I couldn't find the exact description about how customer funds are pooled (giving a net balance), regardless if the account had a balance of securities or cash, then disbursed.  

Here's from Canada, which is pretty much the same in the U.S.

Quote
The customer pool fund includes all securities owned by a bankrupt securities firm, and all securities and cash held by or for the account of both the securities firm and every customer of the securities firm, other than customer name securities. The customer pool fund is allocated first to cover the costs of administering the bankrupt estate and then to cover customer claims in proportion to each customers net equity position.

 -- http://www.cipf.ca/Public/FAQ/Coverage/PartXII.aspx

SgtSpike
Hero Member
*****
Offline Offline

Activity: 1106


Firstbits: 18tkn


View Profile WWW

Ignore
September 04, 2012, 07:29:49 PM
 #80

shtylman, what does "currently evaluating" mean?  Do you have the ability to pay for 24k BTC out of your own pocket, or are you looking for outside investments?  I appreciate you being upfront about the attack, but do I have any hope of seeing any of my deposited BTC again?

Also, to those saying that USD should be paid out - no, it should not.  If Bitfloor does indeed default on its obligations, then a court ruling would have it pay out equally to remaining creditors.  Not 100% to USD creditors, and 2% to BTC creditors.  Therefore, shtylman should hold on to any USD he has until he has decided what course of action to take, and use it to pay out on claims on a bankruptcy liquidation, should it come to that.

Pages: 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!