MtGox withdrawal delays [Gathering]

[mp420]

"yep – and in fact I actually wire transferred $15,000 the same day the website was shut down. Fuck me."

Ouch...!

A couple of interesting articles:

http://gawker.com/does-mt-goxs-ceo-have-a-secret-history-of-online-payme-1534752110

http://techcrunch.com/2014/03/03/mt-gox-source-code-leaked-by-hackers-along-with-team-information-customer-data/

Looks like Empty Gox's 20GB database of customer info (along with bank/passport scans) has been hacked...

Talk about adding insult to injury....

The last one, ouch. Before I was just disappointed, now I am angry.

Never trust a PHP coder!

does this mean we'll have to go silk road to buy our passports back?

From what I understood from thr IRC chat it's an old database with documents.
They stored it previously in the MySQL database.

They had 500,000 verified customers, everyone had to send minimum 2 scanned documents.
If you assume that the average size of a document is 1MB the database should be of 1000 gigabytes size, not 20.

Nevertheless, storing that kind of sensitive data in a (non-airgapped) database is INEXCUSABLE. You just DO NOT DO THAT. EVER.

[1714286392]

1714286392

[1714286392]

1714286392

[1714286392]

1714286392

[1714286392]

1714286392

[Hunterbunter]

"yep – and in fact I actually wire transferred $15,000 the same day the website was shut down. Fuck me."

Ouch...!

A couple of interesting articles:

http://gawker.com/does-mt-goxs-ceo-have-a-secret-history-of-online-payme-1534752110

http://techcrunch.com/2014/03/03/mt-gox-source-code-leaked-by-hackers-along-with-team-information-customer-data/

Looks like Empty Gox's 20GB database of customer info (along with bank/passport scans) has been hacked...

Talk about adding insult to injury....

The last one, ouch. Before I was just disappointed, now I am angry.

Never trust a PHP coder!

does this mean we'll have to go silk road to buy our passports back?

From what I understood from thr IRC chat it's an old database with documents.
They stored it previously in the MySQL database.

They had 500,000 verified customers, everyone had to send minimum 2 scanned documents.
If you assume that the average size of a document is 1MB the database should be of 1000 gigabytes size, not 20.

Nevertheless, storing that kind of sensitive data in a (non-airgapped) database is INEXCUSABLE. You just DO NOT DO THAT. EVER.

What is database airgapping?

[mp420]

"yep – and in fact I actually wire transferred $15,000 the same day the website was shut down. Fuck me."

Ouch...!

A couple of interesting articles:

http://gawker.com/does-mt-goxs-ceo-have-a-secret-history-of-online-payme-1534752110

http://techcrunch.com/2014/03/03/mt-gox-source-code-leaked-by-hackers-along-with-team-information-customer-data/

Looks like Empty Gox's 20GB database of customer info (along with bank/passport scans) has been hacked...

Talk about adding insult to injury....

The last one, ouch. Before I was just disappointed, now I am angry.

Never trust a PHP coder!

does this mean we'll have to go silk road to buy our passports back?

From what I understood from thr IRC chat it's an old database with documents.
They stored it previously in the MySQL database.

They had 500,000 verified customers, everyone had to send minimum 2 scanned documents.
If you assume that the average size of a document is 1MB the database should be of 1000 gigabytes size, not 20.

Nevertheless, storing that kind of sensitive data in a (non-airgapped) database is INEXCUSABLE. You just DO NOT DO THAT. EVER.

What is database airgapping?

Shorthand for a database on an airgapped system.

[dave111223]

[Lohoris]

Only... they are anonymous, so sueing them might be much more complicated.
Which also means they are more likely to just grab any funds they still have and run.

Excuse me, who is anonymous? Are you talking about Bitstamp? Their management has always been very public:

https://twitter.com/nejc_kodric
http://www.crunchbase.com/person/nejc-kodric
http://si.linkedin.com/pub/nejc-kodri%C4%8D/47/227/299
http://si.linkedin.com/pub/damijan-merlak/16/667/4a9?trk=pub-pbmap

Plus you can find other Bitstamp employees on Linkedin just by searching "Bitstamp" with no problem. I really don't know where does this myth about Bitstamp being "anonymous" comes from, Coindesk always mentions Nejc when writes about Stamp, Nejc has a btctalk account under his real name which he used to post about his company when he founded it, when you open a ticket on Stamp the support agent always signs the reply with his first+last name...

And for Christ sake you just need to google "Bitstamp CEO" to find dozens (if not hundreds) of links about Nejc Kodric.

Sorry, my bad.
They are "privacy protected" in the whois, so I just believed when someone else also told me they were anonymous.
No clue why they have a hidden whois if their names are indeed known, it's just free bad publicity for them which they shouldn't deserve.

(that being said, their "hand out your documents or we'll keep your funds" without any email warning has been quite an assy move...)

[mmitech]

Only... they are anonymous, so sueing them might be much more complicated.
Which also means they are more likely to just grab any funds they still have and run.

Excuse me, who is anonymous? Are you talking about Bitstamp? Their management has always been very public:

https://twitter.com/nejc_kodric
http://www.crunchbase.com/person/nejc-kodric
http://si.linkedin.com/pub/nejc-kodri%C4%8D/47/227/299
http://si.linkedin.com/pub/damijan-merlak/16/667/4a9?trk=pub-pbmap

Plus you can find other Bitstamp employees on Linkedin just by searching "Bitstamp" with no problem. I really don't know where does this myth about Bitstamp being "anonymous" comes from, Coindesk always mentions Nejc when writes about Stamp, Nejc has a btctalk account under his real name which he used to post about his company when he founded it, when you open a ticket on Stamp the support agent always signs the reply with his first+last name...

And for Christ sake you just need to google "Bitstamp CEO" to find dozens (if not hundreds) of links about Nejc Kodric.

Sorry, my bad.
They are "privacy protected" in the whois, so I just believed when someone else also told me they were anonymous.
No clue why they have a hidden whois if their name are indeed known, it's just free bad publicity for them which they shouldn't deserve.

(that being said, their "hand out your documents or we'll keep your funds" without any email warning has been quite an assy move...)

I live near Bitstamp (10 min away walking), I visited their office a couple of times, I don't know that much about their business model/information as these things are confidential and there is no company that will reveal such internal information, but the guys seemed friendly and yes I've got the feeling that these people know what they are doing...

BTW the first time I visited last year, they had around 7 (or so) employees, the second time I visited they had more than 15 employees (didn't count but the office was big and full) and I hear that they are picking up potential and talented people to work for them...

[Luno]

Has anyone called to MtGox and asked when it will be possible to return the money?

The phone line is set up because of legal demands under Japanese law. They don't actually process anything or offer any service on that phone number.

A: You can wait and see if Gox becomes reconstructed and you wil be paied in shares?

B: You can join some of the class action lawsuits being launched and possibly get a % back in years.

C: You can camp outside his mother's home in France with a bill board, with a tipping address and hope world media will pick it up and donations will make you good.

[donk4u]

Has anyone called to MtGox and asked when it will be possible to return the money?

The phone line is set up because of legal demands under Japanese law. They don't actually process anything or offer any service on that phone number.

A: You can wait and see if Gox becomes reconstructed and you wil be paied in shares?

B: You can join some of the class action lawsuits being launched and possibly get a % back in years.

C: You can camp outside his mother's home in France with a bill board, with a tipping address and hope world media will pick it up and donations will make you good.

Moms address? getting plane ticket

[Luno]

Has anyone called to MtGox and asked when it will be possible to return the money?

The phone line is set up because of legal demands under Japanese law. They don't actually process anything or offer any service on that phone number.

A: You can wait and see if Gox becomes reconstructed and you wil be paied in shares?

B: You can join some of the class action lawsuits being launched and possibly get a % back in years.

C: You can camp outside his mother's home in France with a bill board, with a tipping address and hope world media will pick it up and donations will make you good.

Moms address? getting plane ticket

Anne Karpeles, French media interviewed her about her sons troubles, she seems a little reality detached also. Fance is close to me so I actually considered that myself, before I felt sorry for her.

[sobriket]

Anne Karpeles, French media interviewed her about her sons troubles, she seems a little reality detached also. Fance is close to me so I actually considered that myself, before I felt sorry for her.

She sounds autistic, if she really meant what she said

[Luno]

Anne Karpeles, French media interviewed her about her sons troubles, she seems a little reality detached also. Fance is close to me so I actually considered that myself, before I felt sorry for her.

She sounds autistic, if she really meant what she said

I grew up with a single mom myself. I kind of sense that kind of unhealthy mother son bond in the way she describes him.

[tvbcof]

Sorry, my bad.
They are "privacy protected" in the whois, so I just believed when someone else also told me they were anonymous.
No clue why they have a hidden whois if their names are indeed known, it's just free bad publicity for them which they shouldn't deserve.

Probably me.  I've eluded to it for some time (and part of it in error most likely.)  For that I apologize.

I continue to maintain that if an 'about us' does not contain human readable information about the principles, that is a problem.  Similarly a 'privacy enhanced' whois records.  When whois cannot be matched to information in the 'about us', I consider it a red flag.  That alone would be a legitimate reason to stay away from Bitstamp unless they are the only option (which is perfectly possible.)

But wait, there is more!

(that being said, their "hand out your documents or we'll keep your funds" without any email warning has been quite an assy move...)

This!  To switch policies and hold BTC hostage for an identity theft kit is bad, especially if they continue to accept funding.  To do it without warning is worse.  To have some NSAbook post somehow constitute a 'fair warning' is worse yet because it indicates that they could have sent out e-mail and it was not a matter of being put under some sort of sudden pressure.

This is a clear expression of Bitstamp's business practices and their attitude toward their users.  It constitutes a VERY good reason to stay away from Bitstump unless it is utterly necessary.

[alfabitcoin]

Sorry, my bad.
They are "privacy protected" in the whois, so I just believed when someone else also told me they were anonymous.
No clue why they have a hidden whois if their names are indeed known, it's just free bad publicity for them which they shouldn't deserve.

Probably me.  I've eluded to it for some time (and part of it in error most likely.)  For that I apologize.

I continue to maintain that if an 'about us' does not contain human readable information about the principles, that is a problem.  Similarly a 'privacy enhanced' whois records.  When whois cannot be matched to information in the 'about us', I consider it a red flag.  That alone would be a legitimate reason to stay away from Bitstamp unless they are the only option (which is perfectly possible.)

But wait, there is more!

(that being said, their "hand out your documents or we'll keep your funds" without any email warning has been quite an assy move...)

This!  To switch policies and hold BTC hostage for an identity theft kit is bad, especially if they continue to accept funding.  To do it without warning is worse.  To have some NSAbook post somehow constitute a 'fair warning' is worse yet because it indicates that they could have sent out e-mail and it was not a matter of being put under some sort of sudden pressure.

This is a clear expression of Bitstamp's business practices and their attitude toward their users.  It constitutes a VERY good reason to stay away from Bitstump unless it is utterly necessary.

To be fair, bitstamp did announced last year that all users need to be verified in order to withdraw fiat/btc and gave almost a month prior they start to do it.
You should check the facts prior making accusations and false claims

[tvbcof]

To be fair, bitstamp did announced last year that all users need to be verified in order to withdraw fiat/btc and gave almost a month prior they start to do it.
You should check the facts prior making accusations and false claims

I've never put any value at risk with Bitstamp, so I'm mostly going with what Eldrtyrell relayed.  He, like myself, valued his identity scans highly and at least in my case it has nothing to do with criminal activity.  He had to find a backdoor in Bitstump's API in order to retrieve his funds.  I can probably dig up the thread if you don't know of it.

Again, some vague Facebook post does not constitute an announcement.  Many of us don't use Facebook at all...and for reasons which should be becoming clear to even the most poorly informed among us.

[alfabitcoin]

To be fair, bitstamp did announced last year that all users need to be verified in order to withdraw fiat/btc and gave almost a month prior they start to do it.
You should check the facts prior making accusations and false claims

I've never put any value at risk with Bitstamp, so I'm mostly going with what Eldrtyrell relayed.  He, like myself, valued his identity scans highly and at least in my case it has nothing to do with criminal activity.  He had to find a backdoor in Bitstump's API in order to retrieve his funds.  I can probably dig up the thread if you don't know of it.

Again, some vague Facebook post does not constitute an announcement.  Many of us don't use Facebook at all...and for reasons which should be becoming clear to even the most poorly informed among us.

Have i mentioned facebook?  
Announcement was on the bitstamp home page for almost a month before they actualy started doing it!
Again, why you do not finds facts first is beyond me.

Scroll to the 4th sep 2013. They gave almost a month notice-till 30. September 2013.
Most recent news are also on bitstamp hompage.

https://www.bitstamp.net/news/


Beside, that started 5 months ago and its users fault of not being informed. From 30.th september new user have enough notice and they do not have deposit/withdraw enabled until verified.

[mightycount]

Has anyone called to MtGox and asked when it will be possible to return the money?

The phone line is set up because of legal demands under Japanese law. They don't actually process anything or offer any service on that phone number.

A: You can wait and see if Gox becomes reconstructed and you wil be paied in shares?

B: You can join some of the class action lawsuits being launched and possibly get a % back in years.

C: You can camp outside his mother's home in France with a bill board, with a tipping address and hope world media will pick it up and donations will make you good.

Moms address? getting plane ticket

Yeah, I too liked the camping idea.. What's the address?

[tvbcof]

To be fair, bitstamp did announced last year that all users need to be verified in order to withdraw fiat/btc and gave almost a month prior they start to do it.
You should check the facts prior making accusations and false claims

I've never put any value at risk with Bitstamp, so I'm mostly going with what Eldrtyrell relayed.  He, like myself, valued his identity scans highly and at least in my case it has nothing to do with criminal activity.  He had to find a backdoor in Bitstump's API in order to retrieve his funds.  I can probably dig up the thread if you don't know of it.

Again, some vague Facebook post does not constitute an announcement.  Many of us don't use Facebook at all...and for reasons which should be becoming clear to even the most poorly informed among us.

Announcement was on the bitstamp home page for almost a month before they actualy started doing it!
Again, why you do not finds facts first is beyond me.

If one uses an API one does not visit the homepage often.  Or if one simply does not use a service much.  I, for instance, had an account with a handful of BTC at Mt. Gox for years and probably went 6 months at times without logging in.  IIRC, ET claims they had his e-mail but didn't even send a note.  Are you denying this?  If not, are you justifying it?  If so, how?

Holding someone's money hostage is a big deal.  It should be user-approved item (with one of those 'I agree' checkboxes.)  If I were designing things I'd allow withdrawal of all of the funds that were in place when the new policy was put in place.  I would also dis-allow the API until a user checked the 'I agree' box, and that would have happened when the policy was first announced, or within 72 hours of that.

All I am saying is that from MY perspective it looks like Bitstamp either wanted people to not withdraw their BTC or they wanted to obtain the user's identity docs and they adjusted their business procedures to achieve that goal.  Someone who wants MY business better bend over backward to avoid displaying red flags.  Especially in Bitcoin-land.  I've not often gotten burnt screwing with Bitcoin and have made a lot of money doing it.  There is a reason for this.

[alfabitcoin]

To be fair, bitstamp did announced last year that all users need to be verified in order to withdraw fiat/btc and gave almost a month prior they start to do it.
You should check the facts prior making accusations and false claims

I've never put any value at risk with Bitstamp, so I'm mostly going with what Eldrtyrell relayed.  He, like myself, valued his identity scans highly and at least in my case it has nothing to do with criminal activity.  He had to find a backdoor in Bitstump's API in order to retrieve his funds.  I can probably dig up the thread if you don't know of it.

Again, some vague Facebook post does not constitute an announcement.  Many of us don't use Facebook at all...and for reasons which should be becoming clear to even the most poorly informed among us.

Announcement was on the bitstamp home page for almost a month before they actualy started doing it!
Again, why you do not finds facts first is beyond me.

If one uses an API one does not visit the homepage often.  Or if one simply does not use a service much.  I, for instance, had an account with a handful of BTC at Mt. Gox for years and probably went 6 months at times without logging in.  IIRC, ET claims they had his e-mail but didn't even send a note.  Are you denying this?  If not, are you justifying it?  If so, how?

Holding someone's money hostage is a big deal.  It should be user-approved item (with one of those 'I agree' checkboxes.)  If I were designing things I'd allow withdrawal of all of the funds that were in place when the new policy was put in place.  I would also dis-allow the API until a user checked the 'I agree' box, and that would have happened when the policy was first announced, or within 72 hours of that.

All I am saying is that from MY perspective it looks like Bitstamp either wanted people to not withdraw their BTC or they wanted to obtain the user's identity docs and they adjusted their business procedures to achieve that goal.  Someone who wants MY business better bend over backward to avoid displaying red flags.  Especially in Bitcoin-land.  I've not often gotten burnt screwing with Bitcoin and have made a lot of money doing it.  There is a reason for this.

Again, new users from september 30. 2013. Can not withdraw/deposit unless verified. Its users fault of not being informed from service provider, and that fact even is stated on their policy. All users had enough time (almost a month) before announcement to wifhdraw their funds.
So first you trided to dismiss this claiming its facebook statement which is false, now you are saying this and now i dont understund where is bitstamp fault when they made announcement on time with all users had enough time to act and withdraw their funds.

[tvbcof]

Again, new users from september 30. 2013. Can not withdraw/deposit unless verified. Its users fault of not being informed from service provider, and that fact even is stated on their policy. All users had enough time (almost a month) before announcement to wifhdraw their funds.

I seem to have missed it;  What was the excuse for not sending a simple e-mail again?

[alfabitcoin]

Again, new users from september 30. 2013. Can not withdraw/deposit unless verified. Its users fault of not being informed from service provider, and that fact even is stated on their policy. All users had enough time (almost a month) before announcement to wifhdraw their funds.

I seem to have missed it;  What was the excuse for not sending a simple e-mail again?

Maybe they have, maybe they did not, you should consider spam emails , phishing etc. But finaly, they made announcement on thir site where it belong!
And user could have switched off notifications.
..and you still insist of bitstamp wrong doing? Go and find out yourself, forum thread are far from valid fact.