Bitcoin Forum
September 30, 2022, 08:31:57 PM *
News: Latest Bitcoin Core release: 23.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Physical security of MtGox  (Read 1780 times)
yokosan (OP)
Hero Member
*****
Offline Offline

Activity: 700
Merit: 500


View Profile
March 14, 2013, 05:57:56 PM
 #1

Somewhere in Tokyo is an office. The MtGox office.

What would happen in the event a criminal gang decides the raid it?

I'm sure wallets and such are backed up. The website itself is hosted remotely. Still, the damage would be immense.
Even in the event that an attacker gains more than 50% of the network's computational power, only transactions sent by the attacker could be reversed or double-spent. The network would not be destroyed.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
Chalkbot
Legendary
*
Offline Offline

Activity: 896
Merit: 1001



View Profile
March 14, 2013, 06:04:21 PM
 #2

This is what would happen:

http://www.youtube.com/watch?v=Ze3hthGRbRo

candoo
Hero Member
*****
Offline Offline

Activity: 602
Merit: 500


Vertrau in Gott


View Profile
March 14, 2013, 06:09:52 PM
 #3

What if Mr. Magicaltux gets kidnapped and hold for hostage until mtgox sends all coins to the criminals??

Well Mr. Magicaltux got a very dangerous live!

Einer trage des andern Last, so werdet ihr das Gesetz Christi erfüllen.
mccorvic
Hero Member
*****
Offline Offline

Activity: 518
Merit: 500



View Profile
March 14, 2013, 06:10:44 PM
 #4


The files are IN the computer

Offering Video/Audio Editing Services since 2011 - https://bitcointalk.org/index.php?topic=77932.0
checkers6676
Full Member
***
Offline Offline

Activity: 128
Merit: 100



View Profile
March 14, 2013, 06:47:48 PM
 #5

baggyp
Member
**
Offline Offline

Activity: 95
Merit: 10


View Profile
March 14, 2013, 07:59:01 PM
 #6


+1 Tongue
Odalv
Legendary
*
Offline Offline

Activity: 1400
Merit: 1000



View Profile
March 14, 2013, 08:33:46 PM
 #7


+1 I hope so :-)
2_Thumbs_Up
Sr. Member
****
Offline Offline

Activity: 323
Merit: 251


View Profile
March 14, 2013, 09:17:33 PM
 #8

Or this:

http://xkcd.com/538
gimme_bottles
Sr. Member
****
Offline Offline

Activity: 316
Merit: 250



View Profile
March 14, 2013, 10:14:22 PM
 #9


jesus, again i've spent 30 min lokking at random comics...
labestiol
Sr. Member
****
Offline Offline

Activity: 434
Merit: 251


View Profile
March 14, 2013, 11:45:47 PM
 #10

jesus, again i've spent 30 min lokking at random comics...

Could have been worse with xkcd Wink

1BestioLC7YBVh8Q5LfH6RYURD6MrpP8y6
BitPirate
Full Member
***
Offline Offline

Activity: 238
Merit: 100


RMBTB.com: The secure BTC:CNY exchange. 0% fee!


View Profile
March 15, 2013, 12:50:43 AM
 #11

Somewhere in Tokyo is an office. The MtGox office.

What would happen in the event a criminal gang decides the raid it?

I'm sure wallets and such are backed up. The website itself is hosted remotely. Still, the damage would be immense.

Find something else to keep you up at night.

All this worry isn't good for you.

Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1004


View Profile
March 15, 2013, 02:52:10 AM
 #12

I'm sure wallets and such are backed up. The website itself is hosted remotely. Still, the damage would be immense.

Discussed here:

- Does [MtGox] use cold storage (an offline wallet that cannot be accessed should the exchange's service become compromised)

Yes.

 - Is there a target as to how much of customer's funds are kept in cold storage?  (e.g., percent of total, or perhaps relative to recent withdrawal requirements)?

On average 98% of customer bitcoins are held in cold storage, with possible variations on large bitcoin moves (large deposits or customers asking for large withdrawals).

 - Do new deposits go to cold storage?  (if the hot wallet is compromised, new deposits made (e.g., automated payouts by mining pools) would still be secure)

No, this wouldn't be practical in terms of number of bitcoin addresses to keep in cold storage. This could change thanks to BIP 0032 which we are working on implementing. It should be noted however that we are using a hardware security module for the hot wallet

 - Does the offline wallet where the cold storage resides remain protected due to an "air gap" (no access to it electronically, not connected to the network)?

Offline wallets are generated from an offline system and kept in paper format in three separate locations, using a technology based on raid. It will likely be changed to use Shamir's Secret-Sharing method in the future, and all existing offline wallets will be converted to this.

When the funds for Mt. Gox's current U.S. and Canadian customers are "transitioned" and then handled by Coinlab, that's discussed here:

Quote
CoinLab's Tiered Security Options:

Medium Security (Hot Wallet) amounts are kept minimal and layered behind clients and firewalls
High Security (Cool Wallet Storage) is kept in a physically secure location
Ultra High Security (Cold Wallet Storage) is split using Shamir's Secret Sharing Algorithm and distributed physically

 - http://coinlab.com/storage

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


BIGMERVE
Hero Member
*****
Offline Offline

Activity: 728
Merit: 500



View Profile WWW
March 15, 2013, 03:29:27 AM
 #13

This is actually a decent question. Banks are protected with vaults, panic buttons, gps trackers, ink bombs. However MtGox might just be a regular office building. I'm assuming they have cameras. If they don't already have it they should at least get panic buttons to alert police as soon as a a robbery takes place. 

They could also install one of those doors that will automatically lock once the panic button is pressed, that way the robber can't escape.

grue
Legendary
*
Offline Offline

Activity: 2058
Merit: 1319



View Profile
March 15, 2013, 03:47:50 AM
 #14

This is actually a decent question. Banks are protected with vaults, panic buttons, gps trackers, ink bombs. However MtGox might just be a regular office building. I'm assuming they have cameras. If they don't already have it they should at least get panic buttons to alert police as soon as a a robbery takes place. 

They could also install one of those doors that will automatically lock once the panic button is pressed, that way the robber can't escape.
burn the bitcoin keys for teh lulz?

It is pitch black. You are likely to be eaten by a grue.

Adblock for annoying signature ads | Enhanced Merit UI
zkay
Full Member
***
Offline Offline

Activity: 126
Merit: 100



View Profile
March 15, 2013, 03:51:44 AM
 #15

This is actually a decent question. Banks are protected with vaults, panic buttons, gps trackers, ink bombs. However MtGox might just be a regular office building. I'm assuming they have cameras. If they don't already have it they should at least get panic buttons to alert police as soon as a a robbery takes place. 

They could also install one of those doors that will automatically lock once the panic button is pressed, that way the robber can't escape.

And what if the guy figures out he's trapped and just starts killing employees until they let him out? Or some variation of this?

This idea is similar to those RapeX devices they're marketing to women in south africa. Basically it's a tube that is inserted vaginally that has barbs on the inside. If someone decides to rape the wearer, bad bad day for him. But I read a good sarcastic tagline for it "RapeX - A great way to get raped and murdered!".
oakpacific
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


View Profile
March 15, 2013, 04:45:26 AM
 #16

You could just put your wallet in an offline computer in some vaults, with MT or someone else sharing the keys, nobody can sign the transactions if they don't have physical access to the computer. If you are talking about the possibility of coercing others to give up all the coins by threatening to kill the kidnapped guy, well, traditional banks are not any safer in this aspect either.

https://tlsnotary.org/ Fraud proofing decentralized fiat-Bitcoin trading.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!