Bitcoin Forum
December 03, 2016, 12:40:13 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: An exchange as strong as the bitcoin network needs to be developed  (Read 1101 times)
carbonc
Member
**
Offline Offline

Activity: 104


View Profile
June 19, 2011, 06:52:13 PM
 #1

An exchange as strong as the bitcoin network needs to be developed.  P2P power, network trade system.
Maybe even become part of the bitcoin client.
Wonder if its possible.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480725613
Hero Member
*
Offline Offline

Posts: 1480725613

View Profile Personal Message (Offline)

Ignore
1480725613
Reply with quote  #2

1480725613
Report to moderator
saqwe
Full Member
***
Offline Offline

Activity: 224



View Profile WWW
June 19, 2011, 07:03:05 PM
 #2

An exchange as strong as the bitcoin network needs to be developed.  P2P power, network trade system.
Maybe even become part of the bitcoin client.
Wonder if its possible.



hell yeah, seems like mtgodox is down now, was this a denial of service attack?

http://pastebin.com/J0HXBjWu

Bazil
Full Member
***
Offline Offline

Activity: 126


View Profile
June 19, 2011, 07:08:38 PM
 #3

I already suggested this, but I got poopooed, maybe people will take the idea seriously now.

17Bo9a6YpXN2SbwY8mXLCD43Wup9ZE4rwm
hoo2jalu
Member
**
Offline Offline

Activity: 70



View Profile
June 19, 2011, 07:22:35 PM
 #4

An exchange as strong as the bitcoin network needs to be developed...

These exchanges are dealing with big sums. In typical industry such systems are at least engineered to PCI-DSS standards with the software itself passing PA-DSS audit and requirements.

How many exchangers audit their systems? (appear to be none)
How many exchangers have per-account controls on funds? (A few now, it seems)
How many exchangers use hardware security modules to protect records? (appear to be none)
How many exchangers use a red-team or pen-test specialists to look for holes? (appear to be none)

This is pretty lame and these exchangers are fairly untrustworthy! (by nature of their vulnerability regardless of intent.)
Chick
Member
**
Offline Offline

Activity: 70


View Profile
June 19, 2011, 07:27:30 PM
 #5

An exchange as strong as the bitcoin network needs to be developed...

These exchanges are dealing with big sums. In typical industry such systems are at least engineered to PCI-DSS standards with the software itself passing PA-DSS audit and requirements.

How many exchangers audit their systems? (appear to be none)
How many exchangers have per-account controls on funds? (A few now, it seems)
How many exchangers use hardware security modules to protect records? (appear to be none)
How many exchangers use a red-team or pen-test specialists to look for holes? (appear to be none)

This is pretty lame and these exchangers are fairly untrustworthy! (by nature of their vulnerability regardless of intent.)

LOL, I actually have a VPS that is PCI-DSS certified as a Level 4 merchant. Its sad to see that major Bitcoin exchanges don't have this in place. Sad

qikaifu
Full Member
***
Offline Offline

Activity: 168


God creats math and math creats bitcoin.


View Profile
June 19, 2011, 08:49:31 PM
 #6

An exchange as strong as the bitcoin network needs to be developed...

These exchanges are dealing with big sums. In typical industry such systems are at least engineered to PCI-DSS standards with the software itself passing PA-DSS audit and requirements.

How many exchangers audit their systems? (appear to be none)
How many exchangers have per-account controls on funds? (A few now, it seems)
How many exchangers use hardware security modules to protect records? (appear to be none)
How many exchangers use a red-team or pen-test specialists to look for holes? (appear to be none)

This is pretty lame and these exchangers are fairly untrustworthy! (by nature of their vulnerability regardless of intent.)

Those service which provided by 1-man start-up is going to be replaced by entrepreneurs.

If you see any of my suggestions useful, please donate me. http://btc.to/ec
paulie_w
Sr. Member
****
Offline Offline

Activity: 420


View Profile
June 19, 2011, 09:10:44 PM
 #7

for those of you who have read (and understood) the white paper:

did master Satoshi have any suggestions for this kind of a situation (failed exchanges)?
hoo2jalu
Member
**
Offline Offline

Activity: 70



View Profile
June 20, 2011, 02:00:56 AM
 #8

...
LOL. PCI-DSS is pure marketing towards consumers. Look at some of these requirements:
....
Duh.

Most of the requirements are "Duh" common sense. They also require testing, and have audit controls or compensating controls to identify issues early and mitigate them before they become a disaster. (in theory, see how Sony messed up PA-DSS compliance Smiley

Sure, I hate PCI-DSS bureaucracy as much as the next person, but the fact remains too many of these vulnerabilities arise from "Duh" stupid stuff they've overlooked. MtGox isn't even trying!

If you adhere to common technical standards and practices (PCI-DSS, OWASP, etc.) you're at least making an effort and protecting against the stupid stuff. Almost none of these exchangers are even doing that basic level of due diligence!
morpheus
Full Member
***
Offline Offline

Activity: 159


View Profile WWW
June 20, 2011, 02:12:18 AM
 #9

An exchange as strong as the bitcoin network needs to be developed.  P2P power, network trade system...

I've been working on a p2p bitcoin exchange for a couple months now. I'm pretty close to an initial release.

Here's the code: https://github.com/macourtney/Dark-Exchange

I'm selling Mt. Gox USD and Bitcoin for cash, check or money order in the mail: http://bitcoinmorpheus.tumblr.com/

Check out my 100% decentralized P2P exchange: https://github.com/macourtney/Dark-Exchange
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!