Let's try to keep some perspective here. You've gotta pretty much expect to have to take a lot of responsibility for your own stuff out here on this wild frontier of decentralized currency/timestamp whatever. Dont risk what you cant afford to lose, I suppose.
Even if you protect your private keys and passwords carefully it appears you could be compromised on MtGox. People expect an exchange to be secure, and that's completely reasonable (quote from MtGox frontpage: "Safe and Easy"). Security should be the number one priority for such operations - you'd rather be unable to trade due to a non-security-related bug rather than lose all of yours coins, right?
Sure, CSRF is among the pretty well known vectors and probably should have been caught during development, but I can imagine the pressure to get and keep things running quickly overshadows the tedium and expense of diligence like that.
It should have been prevented (not caught) during development. But the few bits of MtGox history I picked up learnt me that MtGox was sold and is based on a code base once used for a completely different trading purpose. I hope the current maintainer(s?) aren't the same ones who wrote the insecure code. Neglecting security to "keep things running" doesn't sound like proper practise to me, regardless.
What I find encouraging about this situation, as some others have mentioned:
- it was identified pretty quickly by concerned citizens. measured in days.
- workarounds and good descriptions of the issue were made visible in multiple places (good transparency)
By who? Especially your second point shouldn't have been the responsibility of the users. In case of a security incident I expect full (and pre-emptive) transparency about the issue, it's impact and mitigation. Look at LastPass, think they did a pretty good job recently.. I haven't seen MtGox do anything like that at all.
As for banks with big IT depts. and the gobs of tax-payer $ spent to regulate and audit them....they dont really seem to do much better...case in point....CitiBank
So you're basically saying regulations and audits are pointless, backed up by a single example. Go tell your bank how they can save some cash..
I think we're doing okay out here in the wild lands and early days of this "experiment"....all things considered.
We're not.
-The reference bitcoin client currently stores keys in plaintext, which is a huge vulnerability considering 'the average user' needs lots of handholding to remain secure (0.4 should at least protect you from clueless adversaries).
- Exchanges aren't as secure as they should be - CSRF vulnerabilties were reported in multiple exchanges.
Bottom line: I believe MtGox is operating understaffed on a outdated, re-used and potentially inherently insecure code base. The very least they could do is get some auditing done and hire some competent developers to fix found issues.
