[BOUNTY 22 btc] lulzSec secure, private exchange

[marcus_of_augustus]

In light of on-going exchange security issues (this goes back to the beginning for MTGOX if you read the archives) I'm going to start a bounty for development of a secure, private exchange for bitcoin. If someone else wants to have a go then lulzSec will be requested to white-hat attack it as the first test.

i)   exchange (multiple currencies incl. BTC)
ii)  secure, (impenetrable in reasonable time (20 years) to lulzSec)
iii) commercially private, (blinded transactions or similar divorcing account holders from BTC addresses)

I pledge 20 BTC.

[bitplane]

Why the fuck should LulzSec care about Bitcoin or anything else for that matter? They're in it for the lulz and would most likely applaud the guy who caused all this drama, they aren't white hats.

[bitcoinaddict]

How would this work?  I'll pledge 1BTC if I get to have the result and run the exchange and take all of the profit?

[genjix]

https://gitorious.org/intersango/

Used on Britcoin

We're working on v2.0 of it too:
http://bitcoinconsultancy.com/wiki/index.php/Intersango

[interfect]

Why the fuck should LulzSec care about Bitcoin or anything else for that matter? They're in it for the lulz and would most likely applaud the guy who caused all this drama, they aren't white hats.

They're sitting on (or at least were given) a somewhat sizable amount of donations in BTC. Assuming they haven't cashed it out for more easily traced dollars, they have some interest in keeping Bitcoin somewhat useful.

[elggawf]

they have some interest in keeping Bitcoin somewhat useful.

I really don't think they do. My money would be on that they're at least wealthy enough to be doing what they're doing, and the fact that people are giving them an anonymous e-cash reward for something they do out of the pure hilarity of it is almost certainly just icing on the cake.

Why do people take hackers like Anonymous, LulzSec, etc, and then turn them into some imaginary white knight?

[marcus_of_augustus]

they have some interest in keeping Bitcoin somewhat useful.

I really don't think they do. My money would be on that they're at least wealthy enough to be doing what they're doing, and the fact that people are giving them an anonymous e-cash reward for something they do out of the pure hilarity of it is almost certainly just icing on the cake.

Why do people take hackers like Anonymous, LulzSec, etc, and then turn them into some imaginary white knight?

Today's pirates will be tomorrow's queen's guards.

[marcus_of_augustus]

https://gitorious.org/intersango/

Used on Britcoin

We're working on v2.0 of it too:
http://bitcoinconsultancy.com/wiki/index.php/Intersango

Thanks genjix, hadn't seen this. It is the OS version of s/ware that Britcoin runs on I'm assuming?

Will it be incorporating any privacy layers by default for individuals information security?

E.G; like OT https://github.com/FellowTraveler/Open-Transactions or BlindBitcoinTransfers use https://blindbitcoin.com/technical.html

[BeeCee1]

If someone else wants to have a go then lulzSec will be requested to white-hat attack it as the first test.

i) what makes you think they would accept your request
ii) If they do accept, what makes you think they wouldn't just say "nope, no problems" wait till people start using it then attack it, that would be lulzy

[finack]

You clearly have a very broken understanding of what lulzsec is. They are, in fact, pretty much the exact opposite of what you're looking for.

[marcus_of_augustus]

You clearly have a very broken understanding of what lulzsec is. They are, in fact, pretty much the exact opposite of what you're looking for.

Really? So put down zero bounty pledge from you then?

Everybody has their price.

[finack]

Everybody has their price.

Oh, I'm quite sure you could get them to take money from you. They'd probably even act like you were doing a smart thing. Taking cash that's openly offered to you for doing work when the only thing you're known for is screwing people over is pretty lulzy. Actually doing the work wouldn't be lulzy at all.

What you're actually interested in hiring is known as an app sec consultancy. There are many, almost any of them having the ability to find the simple SQLi's and CSRF that mt. gox fell to. As an added bonus, most of them won't currently be involved in committing federal felonies on a daily or weekly basis. Here's an example of such a firm that's well thought of: http://www.matasano.com/

The problem with hiring people who are actively robbing banks to design your vault is that you really have no excuse to give when they come back and rob you.

[anthony_]

LulzSec is nothing more than a bunch of dumb teenagers using entry-level penetration testing tools.

[onesalt]

I put down a pledge of 100 bitcoins for a 50% stake in the company, the 100btc being payable 10 years after the exchange first starts up.

[unk]

https://gitorious.org/intersango/

Used on Britcoin

We're working on v2.0 of it too:
http://bitcoinconsultancy.com/wiki/index.php/Intersango

you decided to use unparameterized sql queries inline in the code?

[stick_theman]

I pledge 2 BTCs.

[jatajuta]

they have some interest in keeping Bitcoin somewhat useful.

I really don't think they do. My money would be on that they're at least wealthy enough to be doing what they're doing, and the fact that people are giving them an anonymous e-cash reward for something they do out of the pure hilarity of it is almost certainly just icing on the cake.

Why do people take hackers like Anonymous, LulzSec, etc, and then turn them into some imaginary white knight?

Today's pirates will be tomorrow's queen's guards.

Bitcoins will turn them in Robin Hood. 

[Chick]

Hey! This thread got featured on TechCrunch!

[marcus_of_augustus]

Hey! This thread got featured on TechCrunch!

Cool, might get more than measly 22 btc bounty pledges ... I guess no one really wants a secure exchange after all.

[true]

LulzSec is nothing more than a bunch of dumb teenagers using entry-level penetration testing tools.

And the lulz grows.

lulz