bitoption (OP)
Newbie
Offline
Activity: 56
Merit: 0
|
|
June 18, 2011, 05:21:34 AM |
|
For discussion, I repost our top of thread status here: Update: There is an attempt at a CSRF in the wild right now aimed at bitoption.org. It tries to send 20 BTC to an address starting with: 1GEwYPX6.. I reviewed our balance sheets and transaction log; nobody has been hit by this or any other CSRF to my knowledge; I manually reviewed back four days of transaction, and scanned the rest for repeated withdrawal requests to confirm. That said, someone has clearly posted an image link, likely in these forums, which directs to sendBTC?etc.etc. This image link will not function, and has not been successful against bitoption. The site is down right this second, I am putting in a few layers of protection against this, and will update when it's in place. In the interim, if you would like to exercise your contracts, please email me at admin@bitoption.com FROM your account email, and I'll manually fill your requests, including withdrawals if you need. I anticipate a few hours to get this sorted out; there will be a slight impact on API developers as well. Sorry, this is my bad; I thought about XSS but not CSRF when I implemented the API. My hope is that the damage is limited to a little downtime for you all. More here and in the status thread as it comes!
|
|
|
|
DamienBlack
Jr. Member
Offline
Activity: 56
Merit: 1
|
|
June 18, 2011, 07:15:22 PM |
|
The site is down for me right now, getting a server timeout.
|
|
|
|
bitoption (OP)
Newbie
Offline
Activity: 56
Merit: 0
|
|
June 18, 2011, 07:24:13 PM |
|
Yep. We went down 10 minutes ago; I just got notified.
There is some sort of problem with our hosting provider; I've filed a critical level ticket, updates here shortly.
|
|
|
|
bitoption (OP)
Newbie
Offline
Activity: 56
Merit: 0
|
|
June 18, 2011, 07:37:48 PM |
|
Update: there's a DDOS attack against our provider and node. Could be due to us, could be something else. More as I get it.
|
|
|
|
FreeMoney
Legendary
Offline
Activity: 1246
Merit: 1016
Strength in numbers
|
|
June 18, 2011, 08:56:18 PM |
|
Update: there's a DDOS attack against our provider and node. Could be due to us, could be something else. More as I get it.
Aww, that sucks. I bet you're the target, I hope it gets solved easily.
|
Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
|
|
|
bitoption (OP)
Newbie
Offline
Activity: 56
Merit: 0
|
|
June 18, 2011, 09:07:38 PM |
|
We're back up; our provider seems to have things under control; no notification though. I'm probably on the hunt for better hosting. We'll see. Makes it hard to trade, all this security / DDOS-ing type stuff! Bad for business..
|
|
|
|
Hunterbunter
|
|
June 19, 2011, 12:24:30 PM |
|
it won't allow me to register...
"there was some sort of problem. Try again."
sadface.
|
|
|
|
bitoption (OP)
Newbie
Offline
Activity: 56
Merit: 0
|
|
June 19, 2011, 07:47:27 PM |
|
Hunter, we're back up now; Our register function wasn't smart enough to get past the anti-CSRF stuff we put in.
Sorry about that! Try again.
|
|
|
|
Hunterbunter
|
|
June 19, 2011, 09:13:39 PM |
|
ah there we go, working now
|
|
|
|
DamienBlack
Jr. Member
Offline
Activity: 56
Merit: 1
|
|
June 23, 2011, 12:54:29 AM |
|
The expired options aren't gone again.
|
|
|
|
DamienBlack
Jr. Member
Offline
Activity: 56
Merit: 1
|
|
June 23, 2011, 06:48:40 PM |
|
THe expired option are now correctly gone from the "my contracts" section, but my funds are still in escrow. I have an extra 4 BTC and $10 being held in escrow compared to what I should, all from freshly expired options.
|
|
|
|
brendio
|
|
June 23, 2011, 11:32:53 PM |
|
Was just about to say the same thing Damien.
My guess is he perhaps wants to wait until Mt. Gox come back online, although being able to trade options now would be a good hedge against what price btc will be at when Mt. Gox comes back online.
|
|
|
|
Enky1974
|
|
June 24, 2011, 07:01:33 AM |
|
bitoption i wrote you twice asking a fix, i bought a call strike 20$ exp.date 28 july 2011 and not a PUT, but now i've a put under my contracts instead of the call, could you please have a look? thanks:)
|
|
|
|
DamienBlack
Jr. Member
Offline
Activity: 56
Merit: 1
|
|
June 24, 2011, 03:07:52 PM |
|
Everything is fixed for me, thanks.
|
|
|
|
Enky1974
|
|
June 26, 2011, 03:43:31 PM |
|
bitoption admin, i wrote you an email asking to exercise my option, i tried to click on exercise button but nothing happens, i'm already disappointed that due to an your problem i've now a put instead of a call, at least try to answer me in a timingly manner. Thank You
|
|
|
|
DamienBlack
Jr. Member
Offline
Activity: 56
Merit: 1
|
|
June 26, 2011, 09:37:20 PM |
|
I'm getting a "502 Bad Gateway" error.
|
|
|
|
brendio
|
|
June 27, 2011, 12:36:58 AM |
|
I'm getting a "502 Bad Gateway" error.
So was I, but now I'm getting a "504 Gateway Time Out" error.
|
|
|
|
DamienBlack
Jr. Member
Offline
Activity: 56
Merit: 1
|
|
June 27, 2011, 02:55:31 AM |
|
I'm getting a "502 Bad Gateway" error.
So was I, but now I'm getting a "504 Gateway Time Out" error. Yep, and the market is doing some really interesting stuff right now. I'd like to get it sooner rather than later.
|
|
|
|
brendio
|
|
June 28, 2011, 10:07:03 AM |
|
Now it's unresponsive. I'm logged in, but I can't see my balance or contracts. Previously, I could log out and back in again to get it to work. Now it won't even log out. The browser seems to sit there doing nothing.
Come on BitOption, where are you? I can understand having problems as a result of the Mt. Gox fiasco and API changes, but you're leaving us all in the dark as our contracts tick down. You risk losing our trust and market share if you don't at least provide us with an update! BitOption is still in a fragile infantile stage of development. It's a critical time for you to show your commitment to this project.
|
|
|
|
Enky1974
|
|
July 05, 2011, 03:42:43 PM |
|
The level of service is unacceptable , thanks to god i tried it with only 1 btc. i'm still waiting from him an answer after 7 days, all i ask is to have my 1 btc back:)
|
|
|
|
|