Bitcoin Forum
December 03, 2016, 12:33:21 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2]  All
  Print  
Author Topic: The upside to the MtGox hax  (Read 3961 times)
YoYa
Hero Member
*****
Offline Offline

Activity: 627



View Profile
June 20, 2011, 05:25:34 PM
 #21

The world doesn't operate on prevention, because prevention doesn't work.

They were able to reverse transactions and roll the site back to the way it was before the invalid order.  They also had mechanisms in place to reduce the amount of irreversible damage that could happen before the attack was noticed and stopped.

Those sound like pretty damn good safeguards to me.

Tight security is a pretty important form of prevention.  Mt Gox can rollback transactions as much as they like.  The few members of the general public who follow bitcoin got the message that 'bitcoin got hacked', regardless of the real details.

The world does operate on prevention.  That's why balconies have railings, dangerous areas are often fenced off and industrial machinery has physical and electronic barriers to prevent accidents.

Agreed, not only that but banking and finance operate on prevention^2. This represents the sheer lack of experience MtGox have in what they are doing. I've worked in companies with extremely fast growth, and it's not hard to notice that success leads to growing pains, and as evidenced by yesterday these can be severe.

In that sense I can sympatise with MtGox, but on the other hand.....
  • They didn't add even the simplest of extra sec checks to their login
  • They didn't assume the worst and proceed as such when reports started surfacing that accounts were being hacked
  • Their database should have been natively encrypted, performance issues are not a customers concern
  • They could have closed the exchange at the weekends to help stabilize both security and volatility

Get with it! You're not in the game card trading world any more Dorothy! This is the real world, with an entire internet of dodgy fucks just looking to penetrate your every orificeflaw!
1480725201
Hero Member
*
Offline Offline

Posts: 1480725201

View Profile Personal Message (Offline)

Ignore
1480725201
Reply with quote  #2

1480725201
Report to moderator
1480725201
Hero Member
*
Offline Offline

Posts: 1480725201

View Profile Personal Message (Offline)

Ignore
1480725201
Reply with quote  #2

1480725201
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480725201
Hero Member
*
Offline Offline

Posts: 1480725201

View Profile Personal Message (Offline)

Ignore
1480725201
Reply with quote  #2

1480725201
Report to moderator
1480725201
Hero Member
*
Offline Offline

Posts: 1480725201

View Profile Personal Message (Offline)

Ignore
1480725201
Reply with quote  #2

1480725201
Report to moderator
Sottilde
Newbie
*
Offline Offline

Activity: 10


View Profile
June 20, 2011, 05:54:23 PM
 #22


In that sense I can sympatise with MtGox, but on the other hand.....
  • They didn't add even the simplest of extra sec checks to their login
  • They didn't assume the worst and proceed as such when reports started surfacing that accounts were being hacked
  • Their database should have been natively encrypted, performance issues are not a customers concern


Agreed on these points.  They don't even do basic IP verification (non-recognized IP, send email with verification link).  They really need to step it up.
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!