Bitcoin Forum
May 30, 2015, 12:21:46 AM *
News: Latest stable version of Bitcoin Core: 0.10.2 [Torrent]
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 [31] 32 33 34 35 36 37 38 39 40 41 42 »
  Print  
Author Topic: bitfloor needs your help!  (Read 132464 times)
davout
Staff
Legendary
*
Offline Offline

Activity: 1358


1davout


View Profile WWW

Ignore
October 08, 2012, 07:44:44 AM
 #601

1) Making public information about how he created his cold wallet, or how it is stored, or where it is stored reduces his security.
Security through obscurity is not security.

3) Making them public reduces the effort of a compromise from "breaking into his server, obtaining root access to change permissions on backups, copying backups, finding the password" to "finding the password".  Regardless, no amount of crypto "magic" will allow parts of the encrypted data to be read or even verified, so it would be pointless anyway.  Hashing and encryption are two very different beasts.
Why not ? Say you hash the account identifiers (maybe with a per-account secret), pair them with their balance, sum the balances in a nice report.
Anyone can verify they are in the balance list, no one can look my balance up, I can check that the sum is consistent with the amount in cold storage.
That can also be seen as some sort of backup if properly signed, I'm sure the Bitcoinica folks would have loved to have something like that lying around.

1432945306
Hero Member
*
Offline Offline

Posts: 1432945306

View Profile Personal Message (Offline)

Ignore
1432945306
Reply with quote  #2

1432945306
Report to moderator
1432945306
Hero Member
*
Offline Offline

Posts: 1432945306

View Profile Personal Message (Offline)

Ignore
1432945306
Reply with quote  #2

1432945306
Report to moderator
COINROYALE BITCOIN CASINO GET UP TO 1 BTC FREE Use Code: WELCOMEBTC PLAY NOW
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1432945306
Hero Member
*
Offline Offline

Posts: 1432945306

View Profile Personal Message (Offline)

Ignore
1432945306
Reply with quote  #2

1432945306
Report to moderator
1432945306
Hero Member
*
Offline Offline

Posts: 1432945306

View Profile Personal Message (Offline)

Ignore
1432945306
Reply with quote  #2

1432945306
Report to moderator
1432945306
Hero Member
*
Offline Offline

Posts: 1432945306

View Profile Personal Message (Offline)

Ignore
1432945306
Reply with quote  #2

1432945306
Report to moderator
SgtSpike
Legendary
*
Offline Offline

Activity: 1330


Firstbits: 18tkn


View Profile WWW

Ignore
October 08, 2012, 08:23:34 AM
 #602

1) Making public information about how he created his cold wallet, or how it is stored, or where it is stored reduces his security.
Security through obscurity is not security.

Passwords are security through obscurity, so yes, it is.

Vod
Legendary
*
Offline Offline

Activity: 1372


Licking my boob since 1970


View Profile WWW

Ignore
October 08, 2012, 08:09:05 PM
 #603

1) Making public information about how he created his cold wallet, or how it is stored, or where it is stored reduces his security.
Security through obscurity is not security.

Passwords are security through obscurity, so yes, it is.

A password by itself is useless - you need the associated login name.

I WILL BE BLOCKING ALL PERSONAL MESSAGES AS I WILL NOT BE ABLE TO READ THEM ON A TIMELY BASIS.
"You have enemies? Good. That means you've stood up for something, sometime in your life." - Winston Churchill
Inaugural PICISI Sponsor - Read up on Armis' Long Con!
davout
Staff
Legendary
*
Offline Offline

Activity: 1358


1davout


View Profile WWW

Ignore
October 08, 2012, 08:17:03 PM
 #604

1) Making public information about how he created his cold wallet, or how it is stored, or where it is stored reduces his security.
Security through obscurity is not security.

Passwords are security through obscurity, so yes, it is.

Ok smartass, let me just quote wikipedia for you Smiley
Quote
Security through obscurity is a pejorative referring to a principle in security engineering, which attempts to use secrecy of design or implementation to provide security.

A password by itself is useless - you need the associated login name.
Oh, and what are you doing here ? How about letting the grown-ups do the talking ?

giszmo
Legendary
*
Offline Offline

Activity: 1414


¡ɥɔʇɐʍ ʇsnɾ &#7


View Profile WWW

Ignore
October 08, 2012, 09:03:04 PM
 #605

Ok smartass, let me just quote wikipedia for you Smiley
Quote
Security through obscurity is a pejorative referring to a principle in security engineering, which attempts to use secrecy of design or implementation to provide security.

A password by itself is useless - you need the associated login name.
Oh, and what are you doing here ? How about letting the grown-ups do the talking ?

Don't feed the troll.

SgtSpike
Legendary
*
Offline Offline

Activity: 1330


Firstbits: 18tkn


View Profile WWW

Ignore
October 08, 2012, 09:23:50 PM
 #606

1) Making public information about how he created his cold wallet, or how it is stored, or where it is stored reduces his security.
Security through obscurity is not security.

Passwords are security through obscurity, so yes, it is.

Ok smartass, let me just quote wikipedia for you Smiley
Quote
Security through obscurity is a pejorative referring to a principle in security engineering, which attempts to use secrecy of design or implementation to provide security.
The fact is though, revealing information about his cold storage procedures DOES reduce the effective security of said procedure.  One less unknown is one more factor a malicious entity could use in planning an attack.

I know the argument is that security measures should always be 100% bulletproof, so that even if all the facts were known, it wouldn't be possible to crack, but it is very rarely the case that such a scenario can be created.  Especially with regards to cold storage, the malicious entity would want to know where it is stored, how it is stored, how often and when it is accessed, etc.  Each of those unknowns is "security through obscurity", but each one, if revealed, would help an attacker with pulling off a heist.

Just my two cents.  Wink

toffoo
Sr. Member
****
Offline Offline

Activity: 380



View Profile

Ignore
October 11, 2012, 01:33:39 AM
 #607

Quote
bitfloor7:24 PM  -  Public

WellsFargo cash deposits are currently suspended. Due to this account suspension, ACH withdrawals will be delayed as the account is closed. These delays are outside of our control and we apologize for any inconvenience this may cause. We strive to process both USD and BTC in an efficient manner and will continue to do so after these delays are resolved.

We will post more information on the future of cash deposits as it becomes available.

Otoh
Donator
Legendary
*
Offline Offline

Activity: 1428



View Profile

Ignore
October 11, 2012, 11:45:13 AM
 #608

ACH withdrawal was enabled on my account, it took a while but implemented earlier this week & just when I planned to test it out Wells Fargo go & break it, oh well I shall look at doing this in November now, I hope that Bitfloor will find the US banks more cooperative than the UK ones have proved to be for other Exchanges up until now. I guess that this explains why there's a 139 btc bid there atm for $12.20 while Gox price is just under $12 now, a nice arb op for someone who doesn't mind waiting to get the $ out.

Node40.com is a leader in DASH hosting, dedicated exclusively to fully managed masternode hosting. Professional, organized, and responsive. I have dozens of nodes with them.
BTC = $c²     BTC = 1otohotohMoQoxHuxLBveQiZcV3Pji3Tc     http://addie.cc/otoh     CHARITY | MY REP | DICE
SgtSpike
Legendary
*
Offline Offline

Activity: 1330


Firstbits: 18tkn


View Profile WWW

Ignore
October 11, 2012, 04:23:07 PM
 #609

Roman - any update on the potential investors/payback of the lost BTC?

whitslack
Member
**
Offline Offline

Activity: 115



View Profile

Ignore
October 11, 2012, 04:59:11 PM
 #610

Roman - any update on the potential investors/payback of the lost BTC?
I somewhat expected to start seeing my "held" BTC balance tick downwards ever so slightly as transaction fees are being collected, but it hasn't happened. Maybe it's a manual process now, but Roman should automate it. Continuous, incremental progress toward getting everyone paid back, even if it will take years, would be a welcome sight.
SgtSpike
Legendary
*
Offline Offline

Activity: 1330


Firstbits: 18tkn


View Profile WWW

Ignore
October 11, 2012, 05:02:57 PM
 #611

Roman - any update on the potential investors/payback of the lost BTC?
I somewhat expected to start seeing my "held" BTC balance tick downwards ever so slightly as transaction fees are being collected, but it hasn't happened. Maybe it's a manual process now, but Roman should automate it. Continuous, incremental progress toward getting everyone paid back, even if it will take years, would be a welcome sight.
Agreed, though I was also hoping he would find an investor to cover the losses.  Wink

BCB
CTG
VIP
Hero Member
*
Offline Offline

Activity: 910


BCJ


View Profile

Ignore
October 11, 2012, 05:52:00 PM
 #612

we tried....

https://bitcointalk.org/index.php?topic=112069.msg1212452#msg1212452
SkRRJyTC
Legendary
*
Offline Offline

Activity: 952


View Profile

Ignore
October 11, 2012, 07:42:51 PM
 #613

Roman - any update on the potential investors/payback of the lost BTC?
I somewhat expected to start seeing my "held" BTC balance tick downwards ever so slightly as transaction fees are being collected, but it hasn't happened. Maybe it's a manual process now, but Roman should automate it. Continuous, incremental progress toward getting everyone paid back, even if it will take years, would be a welcome sight.
Agreed, though I was also hoping he would find an investor to cover the losses.  Wink

Maybe its because confidence in security has not been restored.  I know mine hasn't.
TheButterZone
Legendary
*
Offline Offline

Activity: 1064


Nemo me impune lacessit


View Profile WWW

Ignore
October 11, 2012, 08:00:35 PM
 #614

I was thinking of selling my debt, but probably wouldn't get more than 10 cents on the dollar for it, if that. Should have done it right away like TangibleCrypto did.

ΜΟΛΩΝ ΛΑΒΕ! I sell stuff for BTC here here and here | Flute & Violin For Sale | Voiceover for BTC | Copy editing for BTC
gpg_identity=http://pgp.thebutterzone.com | WoT feedback here & eBay feedback here | Buy BTC in San Diego, CA, or worldwide! | Get paid for taking surveys!
PayPal: Bitcoinese for "FU, I'm getting a chargeback up to 365 days later!" | Bitcoin voice chat | Utilities For Bitcoin Sellers | THE Bitcoin Sound is here.
Tuxavant
Hero Member
*****
Offline Offline

Activity: 756


Bitcoin Mayor of Las Vegas


View Profile WWW

Ignore
October 11, 2012, 11:08:27 PM
 #615

Quote
bitfloor7:24 PM  -  Public

WellsFargo cash deposits are currently suspended.

Dammit!!!

Generation Bitcoin | G+ | FB | Bitcoins In Vegas | CoinBus.com | TOR Exit Operator 1MVTPATVCKBMfALRHJsXpHfKJu7GyL7nAc
BlackHeartFund
Full Member
***
Offline Offline

Activity: 126



View Profile

Ignore
October 12, 2012, 12:31:51 PM
 #616

I was thinking of selling my debt, but probably wouldn't get more than 10 cents on the dollar for it, if that. Should have done it right away like TangibleCrypto did.

Yeah but if you wait another month you will be saying that you should have sold a month ago for 10%...

Does anyone really thing any serious chunk of this debt will ever be paid back? Nothing is impossible, but that is impossible.
TheButterZone
Legendary
*
Offline Offline

Activity: 1064


Nemo me impune lacessit


View Profile WWW

Ignore
October 12, 2012, 07:49:35 PM
 #617

It's pointless to post once it gets into single digits.

ΜΟΛΩΝ ΛΑΒΕ! I sell stuff for BTC here here and here | Flute & Violin For Sale | Voiceover for BTC | Copy editing for BTC
gpg_identity=http://pgp.thebutterzone.com | WoT feedback here & eBay feedback here | Buy BTC in San Diego, CA, or worldwide! | Get paid for taking surveys!
PayPal: Bitcoinese for "FU, I'm getting a chargeback up to 365 days later!" | Bitcoin voice chat | Utilities For Bitcoin Sellers | THE Bitcoin Sound is here.
TheButterZone
Legendary
*
Offline Offline

Activity: 1064


Nemo me impune lacessit


View Profile WWW

Ignore
October 18, 2012, 09:18:55 AM
 #618

Well, somebody(s) must be uber-confident in Bitfloor, considering there's ~545 BTC of liquidity on the asks side worth ~$6,755 right now, ranging from $11.90-14.01. Wonder when we're going to start seeing the BTC trickling back into our accounts.

ΜΟΛΩΝ ΛΑΒΕ! I sell stuff for BTC here here and here | Flute & Violin For Sale | Voiceover for BTC | Copy editing for BTC
gpg_identity=http://pgp.thebutterzone.com | WoT feedback here & eBay feedback here | Buy BTC in San Diego, CA, or worldwide! | Get paid for taking surveys!
PayPal: Bitcoinese for "FU, I'm getting a chargeback up to 365 days later!" | Bitcoin voice chat | Utilities For Bitcoin Sellers | THE Bitcoin Sound is here.
Tuxavant
Hero Member
*****
Offline Offline

Activity: 756


Bitcoin Mayor of Las Vegas


View Profile WWW

Ignore
October 18, 2012, 01:28:25 PM
 #619

Is there even a way to get cash in there yet (after the wells fargo/chase account closures)?

Generation Bitcoin | G+ | FB | Bitcoins In Vegas | CoinBus.com | TOR Exit Operator 1MVTPATVCKBMfALRHJsXpHfKJu7GyL7nAc
Bigal
Full Member
***
Offline Offline

Activity: 204



View Profile

Ignore
October 18, 2012, 02:11:33 PM
 #620

Well, somebody(s) must be uber-confident in Bitfloor, considering there's ~545 BTC of liquidity on the asks side worth ~$6,755 right now, ranging from $11.90-14.01. Wonder when we're going to start seeing the BTC trickling back into our accounts.

Good question, I'm glad to see it's back operational but until I see some attempt at my lost btc being paid back I just can't bring myself to use their service anymore.

The Small Time Miner Pools   CryptoCoin Ticker   BTC 1EHV2BY8JcvpBqnMqq5BSkbZvFHT7ndpnz    LTC  LaBigaLvm7L8XT5urnwJW5MpoArBAjsk2X
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 [31] 32 33 34 35 36 37 38 39 40 41 42 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!