misterbigg
Legendary
Offline
Activity: 1064
Merit: 1001
|
|
December 19, 2012, 07:58:18 PM |
|
The title should be changed but instead of just saying so, also propose an alternative. Mine:
"Blockchain.info reputation dinged by MemoryDealers.com founder Roger"
|
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
December 19, 2012, 08:04:31 PM |
|
The title should be changed but instead of just saying so, also propose an alternative. Mine:
"Blockchain.info reputation dinged by MemoryDealers.com founder Roger"
Works for me. Or "MemoryDealers.com abuses blockchain.info admin access"
|
|
|
|
teste
|
|
December 19, 2012, 08:07:15 PM |
|
The title should be changed but instead of just saying so, also propose an alternative. Mine:
"Blockchain.info reputation dinged by MemoryDealers.com founder Roger"
Works for me. Or "MemoryDealers.com abuses blockchain.info admin access" +1
|
|
|
|
elux
Legendary
Offline
Activity: 1458
Merit: 1006
|
|
December 19, 2012, 08:09:25 PM |
|
@Charlie, I agree with keeping the thread, but the title SHOULD be changed. I think everyone here agrees that blockchain.info is, once again, safe for usage. The title would likely scare newbies away from using the service (which is the best Bitcoin wallet a person can point a new user to). Without a good alternative, they may download QT (NOOOOO!) or try one of the other less user-friendly options, and be turned away from using Bitcoin entirely. Many of the things discussed in this thread may not be understood by newbies, and certainly, they are not likely to read through 5 pages of discussions to find out that the issue has been resolved.
Yes. The title, "Blockchain.info is NOT SAFE" is both dishonest and misleading. "Your personal data is not safe with Blockchain.info" was apparently true up until today. Pretty bad in itself. The thread should be kept, but the false and misleading title should be changed. If not by OP, then by a mod.
|
|
|
|
ThomasV
Legendary
Offline
Activity: 1896
Merit: 1353
|
|
December 19, 2012, 08:10:53 PM |
|
"WARNING - a webwallet is AS SAFE AS ITS ADMINS"
|
Electrum: the convenience of a web wallet, without the risks
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3472
Merit: 4801
|
|
December 19, 2012, 08:19:59 PM Last edit: December 19, 2012, 09:28:44 PM by DannyHamilton |
|
. . . Still, I think it's important that Blockchain.info users, and anyone else in the Bitcoin community understands what happened today. For that reason I will not be changing or altering this thread in any way . . .
You really should reconsider this. It would be ok to leave the thread unlocked if you really want to, and I'd definitely say you shouldn't ask for it's deletion. However, it is important to recognize that Blockchain.info is safe, and is inappropriate for you to hold them responsible for the actions of the owner of bitcoinstore.com. I'd suggest you change the title to either: WARNING - Bitcoinstore.com is NOT TRUSTWORTHYor [RESOLVED] - Blockchain.info was not safeEither one makes sure that your point is still made while reducing confusion for new users.
|
|
|
|
davout
Legendary
Offline
Activity: 1372
Merit: 1008
1davout
|
|
December 19, 2012, 08:21:20 PM |
|
Yes. The title, "Blockchain.info is NOT SAFE" is both dishonest and misleading.
Yep, it sort of implies that the vulnerability of blockchain.info's users to a skilled admin comes as a surprise to anyone
|
|
|
|
CharlieContent (OP)
|
|
December 19, 2012, 08:27:39 PM |
|
Ok, I'll change the title.
|
|
|
|
Bitcoinin
Newbie
Offline
Activity: 44
Merit: 0
|
|
December 19, 2012, 08:45:35 PM |
|
I sincerely hope that one of the lessons learned from this whole experience is that all Bitcoin-based businesses will add the following to their TOS in big bold letters:
"NOTE: if you try to scam us, and we find out, your account will be canceled, all your information, public and private, will be shared with all third parties we do business with, who may stop doing business with you as well, and this information may be shared publicly at our discretion."
If the Bitcoin community wants to be taken seriously, Bitcoin businesses better not make that a policy. ...and if the community has nothing better to do than publicly circulate lists of supposed scammers then you're just reinforcing the negative image others try to pin on Bitcoin as only being about scams and we deserve every bit of mockery we get from those outside who see Bitcoin as nothing but. Bitcoin has its benefits and its drawbacks - if you don't see that the benefits are much greater and accept the drawbacks then go back to doing ecommerce with credit cards: you'll be able to correct mistakes in refunds, but you'll also never be able to do business with 95% of the world and will have to increase your prices because of credit card fraud. You can't have it both ways. This incident could have sparked a discussion about important issues that face Bitcoin businesses - employee access, delaying/approving payments and refunds, perhaps the need for some sort of more private network for notifying each other of possible threats we face, etc. I hope it still does, but in the meantime a whole bunch of completely unnecessary FUD was produced surrounding Bitcoin and some of the major Bitcoin businesses. A relevant story from Mark Cuban: One day, Martin comes back from Republic Bank, where we had our account. He had just gone through the drive through and one of the tellers who he would see every day dropping of our deposits asked him to wait a second. She comes back and shows him a check that had the payee of a vendor, WHITED OUT and Renee Hardy, our secretary’s name typed over it. Turns out that in the course of a single week, our secretary had pulled this same trick on 83k of our 85k in the bank. As Martin delived the news, I obviously was pissed. I was pissed at Renee, I was pissed at the bank, I was pissed at myself for letting it happen. I remember going to the bank with copies of the checks, and the manager of the bank basically laughing me out of his office telling me that I “didn’t have a pot to piss in”. That I could sue him, or whatever I wanted, but I was out the money.
I got back to the office, told Martin what happened at the bank, and then I realized what I had to do about all of this. I had to go back to work. That what was done, was done. That worrying about revenge, getting pissed at the bank, all those “I’m going to get even and kick your ass thoughts”were basically just a waste of energy. No one was going to cover my obligations but me. I had to get my ass back to work, and do so quickly. That’s exactly what I did.
|
|
|
|
Rassah
Legendary
Offline
Activity: 1680
Merit: 1035
|
|
December 19, 2012, 09:03:05 PM Last edit: December 19, 2012, 10:04:43 PM by Rassah |
|
If the Bitcoin community wants to be taken seriously, Bitcoin businesses better not make that a policy. ...and if the community has nothing better to do than publicly circulate lists of supposed scammers then you're just reinforcing the negative image others try to pin on Bitcoin as only being about scams and we deserve every bit of mockery we get from those outside who see Bitcoin as nothing but.
The negative image others try to pin on Bitcoin is not that it's only being about scams. The negative image is that Bitcoin is full of scams, and that we either don't ever do anything about it, or run to the police contrary to our free-market beliefs. Regardless of whether asking police for help is hypocritical or not, it is simply not effective on a global scale Bitcoin operates on. So the only solutions we have are 1) whine about it and keep getting scammed, 2) go to the police who ignore us, and keep getting scammed, or 3) live up to the "horrible free-market" ideals we get ridiculed for, and actually take care of the scamming ourselves. We tried 1 and 2
|
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
December 19, 2012, 09:12:56 PM |
|
If the Bitcoin community wants to be taken seriously, Bitcoin businesses better not make that a policy. ...and if the community has nothing better to do than publicly circulate lists of supposed scammers then you're just reinforcing the negative image others try to pin on Bitcoin as only being about scams and we deserve every bit of mockery we get from those outside who see Bitcoin as nothing but.
tThe negative image others try to pin on Bitcoin is not that it's only being about scams. The negative image is that Bitcoin is full of scams, and that we either don't ever do anything about it, or run to the police contrary to our free-market beliefs. Regardless of whether asking police for help is hypocritical or not, it is simply not effective on a global scale Bitcoin operates on. So the only solutions we have are 1) whine about it and keep getting scammed, 2) go to the police who ignore us, and keep getting scammed, or 3) live up to the "horrible free-market" ideals we get ridiculed for, and actually take care of the scamming ourselves. We tried 1 and 2 I agree. I think companies taking a strong stand against scamming would INCREASE outsider confidence, not decrease it. We need to do everything we can to get scammers out of Bitcoin business, and if that means making the mess more public than it is, so be it.
|
|
|
|
oblongmeteor
|
|
December 19, 2012, 09:20:08 PM |
|
It is sad to see BlockChain.info - a superb service - dragged, without merit, into such an display of complete and utter incompetence on the part of the owner of Memory Dealers, Roger Ver. This https://bitcointalk.org/index.php?topic=131574.0 behavior; publicly displaying the details of a private individual and labeling them a criminal would at best seem morally dubious and at worst defamatory. Mr Ver probably should probably acquaint himself with laws and statutes governing data protection in the United States and how it applies to businesses such as his. His self styled 'terms & conditions' will likely count for nothing if the individual named chose to take the issue to a court of law.
|
|
|
|
rjbtc
Member
Offline
Activity: 69
Merit: 10
|
|
December 19, 2012, 09:24:32 PM |
|
But this isn't a scam, per se. This is the rough equivalent of getting extra change back on a purchase. Actually, that's exactly what it is. Just because you fuck up does not give you the right to plaster the personal info of the benefit of your fuck up on the internet (especially when your TOS say you won't). A friendly email asking for the bitcoins back is fine but if that doesn't get you anywhere, drop it.
If someone hacks into your system and actively steals from you, that's a different story but there's a hell of a lot of gray area there.
|
BTC: 1AYWtqieXoQZnuT4iEk6MDEXBkdVd5BykN
|
|
|
gusti
Legendary
Offline
Activity: 1099
Merit: 1000
|
|
December 19, 2012, 09:26:56 PM |
|
It is sad to see BlockChain.info - a superb service - dragged, without merit, into such an display of complete and utter incompetence trolling and hate on the part of the owner of Memory Dealers, Roger Ver trolls and haters which did nothing for the community. This https://bitcointalk.org/index.php?topic=131574.0 behavior; publicly displaying the details of a private individual scammer and labeling them a criminal would at best seem morally dubious and at worst defamatory a mistake driven by anger. FTFY
|
If you don't own the private keys, you don't own the coins.
|
|
|
oblongmeteor
|
|
December 19, 2012, 09:36:29 PM |
|
It is sad to see BlockChain.info - a superb service - dragged, without merit, into such an display of complete and utter incompetence trolling and hate on the part of the owner of Memory Dealers, Roger Ver trolls and haters which did nothing for the community. This https://bitcointalk.org/index.php?topic=131574.0 behavior; publicly displaying the details of a private individual scammer and labeling them a criminal would at best seem morally dubious and at worst defamatory a mistake driven by anger. FTFY I'm afraid I have no idea what this: "trolls and haters which did nothing for the community" means in the context of my statement. I get the distinct impression that neither do you.
|
|
|
|
CharlieContent (OP)
|
|
December 19, 2012, 09:40:03 PM |
|
It is sad to see BlockChain.info - a superb service - dragged, without merit, into such an display of complete and utter incompetence on the part of the owner of Memory Dealers, Roger Ver. This https://bitcointalk.org/index.php?topic=131574.0 behavior; publicly displaying the details of a private individual and labeling them a criminal would at best seem morally dubious and at worst defamatory. I completely agree. I think the best thing for Blockchain.info would be to force Roger Ver out. Piuk if you wish to do that, and you need capital with which to accomplish it, feel free to PM me in confidence and we will see what we can do.
|
|
|
|
wtfvanity
|
|
December 19, 2012, 09:44:24 PM |
|
What has been changed
- Roger and the support agent's access to this information has been revoked.
- Bitcoin addresses stored for notification purposes have been deleted. Addresses are now stored as a SHA 256 hash of the address, which removes the ability to lookup a wallet by bitcoin address.
- The secret phrase is now no longer shown to any admins
What other information could be used to identify a walletWe store the ip address a wallet was created with and the ip address a wallet was last updated with. Would you consider hashing the IP addresses for privacy? With a secret key, you could easily verify previous access as the creating IP address or the most recent address but could shield privacy further. This was a shock to many people that you save this kind of information when previously it was said that no tracking information was kept.
|
WTF! Don't Click Here . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
December 19, 2012, 09:46:14 PM |
|
I completely agree. I think the best thing for Blockchain.info would be to force Roger Ver out.
I'm not sure I see it the same way. Roger at best made an error in judgment, something I or anybody else could do on account of being human. The activities he engages in to promote Bitcoin paint a much clearer picture of where his interests lie. For example, everybody knows that the biggest weakness of a "Casascius Coin" is the fact that "Casascius" could know the private key. The answer isn't "push Casascius out", rather, the answer may very well be in the form of bringing affordable two-factor physical bitcoins so the trust footprint can be reduced. That's what will benefit Bitcoin in the long run. The best thing for Blockchain.info would be to recognize where its soft spots are, and actively work to harden them. Personal information stored on Blockchain a problem? What's better, push Roger out due to public outcry, or release something that makes it more the default to not store personal information on their servers? The second is by far a better long term solution, something Roger would almost certainly agree with, as I can't imagine his involvement and investment is just so he can chase down 4 BTC accidentally sent to his customer.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
gusti
Legendary
Offline
Activity: 1099
Merit: 1000
|
|
December 19, 2012, 09:48:40 PM |
|
It is sad to see BlockChain.info - a superb service - dragged, without merit, into such an display of complete and utter incompetence trolling and hate on the part of the owner of Memory Dealers, Roger Ver trolls and haters which did nothing for the community. This https://bitcointalk.org/index.php?topic=131574.0 behavior; publicly displaying the details of a private individual scammer and labeling them a criminal would at best seem morally dubious and at worst defamatory a mistake driven by anger. FTFY I'm afraid I have no idea what this: "trolls and haters which did nothing for the community" means in the context of my statement. I get the distinct impression that neither do you. I'm afraid you understand perfectly, so do I. Blockchain is a superb service, second to none. Roger has an extensive, historic, work towards the success of bitcoin. Who are the trolls posting here (including you), and what did they give to the community ?
|
If you don't own the private keys, you don't own the coins.
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3472
Merit: 4801
|
|
December 19, 2012, 09:50:10 PM |
|
What has been changed
- Roger and the support agent's access to this information has been revoked.
- Bitcoin addresses stored for notification purposes have been deleted. Addresses are now stored as a SHA 256 hash of the address, which removes the ability to lookup a wallet by bitcoin address.
- The secret phrase is now no longer shown to any admins
What other information could be used to identify a walletWe store the ip address a wallet was created with and the ip address a wallet was last updated with. . . .This was a shock to many people that you save this kind of information when previously it was said that no tracking information was kept. Not a shock to anyone who took the time to read their privacy statement and anonymity information publicly available on their website: https://blockchain.info/wallet/anonymity. . . When notifications are enabled your public keys are inserted in a separate table along with your email, skype handle or google talk username. This mode does sacrifice some Anonymity as we can now see your public keys and view your wallet balance. However just because a wallet contains a public key does not necessarily mean they are the owner of said key (as you can add keys without the respective private key). . . . . . We log the internet IP address a wallet was created with and the ip the wallet was last updated with . . .
The only shock was that another business managed to access this information, and that has been addressed appropriately.
|
|
|
|
|