Bitcoin Forum
December 10, 2016, 11:02:11 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: TradeHill - Status update - resuming service / some accounts disabled  (Read 2971 times)
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420



View Profile WWW
June 20, 2011, 04:10:14 PM
 #1

TradeHill is back up.

We have made a few changes in regards to security:

As of right now we have given our users 12 hours to change their passwords.
Implemented a captcha system (no we don't like them either)
Lock accounts out after several failed attempts.

We are being bombarded with attempts to access our site using the Mt Gox account list.
We have disabled a number of accounts to prevent unauthorized access.
If your account is disabled send us an email.


More changes are on the way.

Regards,
Jered

moneyandtech.com
@moneyandtech @jeredkenna
1481367731
Hero Member
*
Offline Offline

Posts: 1481367731

View Profile Personal Message (Offline)

Ignore
1481367731
Reply with quote  #2

1481367731
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
sang
Sr. Member
****
Offline Offline

Activity: 275


View Profile
June 20, 2011, 04:19:21 PM
 #2

As noted in the other thread, giving us the option to change our email's (if possible) would go along way to improving security.
Klestin
Hero Member
*****
Offline Offline

Activity: 494


View Profile
June 20, 2011, 04:24:39 PM
 #3

Or how about a forgot password reset system?
airdata
Sr. Member
****
Offline Offline

Activity: 406


View Profile
June 20, 2011, 04:26:28 PM
 #4

Great.

Dwolla also implements a PIN number system in addition to their password.  Which is painless and adds another bit of security. 
I will check you guys out later in the day.
SpaceLord
Member
**
Offline Offline

Activity: 70


View Profile
June 20, 2011, 04:28:12 PM
 #5

I'd gladly trade on TradeHill, if I could get a password reset. It's genius not allowing me to reset it...
Jaime Frontero
Full Member
***
Offline Offline

Activity: 126


View Profile
June 20, 2011, 04:29:50 PM
 #6

i've changed my password - although i wasn't prompted to do so when i logged in a few (five) minutes ago.

i won't have to do it again, will i?  that is:  is a site-wide prompt to change passwords still coming?
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420



View Profile WWW
June 20, 2011, 04:34:53 PM
 #7

Passwords:

We have been resetting passwords manually.
If we can handle the volume manually we won't implement the automatic feature when we can devote time to other security issues.

For the moment send an email to info@tradehill.com and we will reset it immediately.

PIN:
It's in the works. We would prefer to keep unauthorized users out but a pin on withdraws would be an additional level of security.

Email changes:
They are currently the account names. We're looking in to options here and will announce changes to the system.

moneyandtech.com
@moneyandtech @jeredkenna
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420



View Profile WWW
June 20, 2011, 04:35:44 PM
 #8

i've changed my password - although i wasn't prompted to do so when i logged in a few (five) minutes ago.

i won't have to do it again, will i?  that is:  is a site-wide prompt to change passwords still coming?

Most likely no.

moneyandtech.com
@moneyandtech @jeredkenna
Klestin
Hero Member
*****
Offline Offline

Activity: 494


View Profile
June 20, 2011, 05:38:25 PM
 #9

Passwords:
For the moment send an email to info@tradehill.com and we will reset it immediately.
I made this request via email three hours ago, no response yet.  I realize you guys are probably swamped, so perhaps it's still in queue. 
SpaceLord
Member
**
Offline Offline

Activity: 70


View Profile
June 20, 2011, 06:58:48 PM
 #10

Passwords:
For the moment send an email to info@tradehill.com and we will reset it immediately.
I made this request via email three hours ago, no response yet.  I realize you guys are probably swamped, so perhaps it's still in queue. 

Same thing here.
Yankee (BitInstant)
Legendary
*
Offline Offline

Activity: 1078


Charlie 'Van Bitcoin' Shrem


View Profile WWW
June 20, 2011, 07:12:59 PM
 #11

Passwords:
For the moment send an email to info@tradehill.com and we will reset it immediately.
I made this request via email three hours ago, no response yet.  I realize you guys are probably swamped, so perhaps it's still in queue. 

Give them some time, They are dealing with over 50,000 users!

Bitcoin pioneer. An apostle of Satoshi Nakamoto. A crusader for a new, better, tech-driven society. A dreamer.

More about me: http://CharlieShrem.com
Nefario
Hero Member
*****
Offline Offline

Activity: 602


GLBSE Support support@glbse.com


View Profile WWW
June 20, 2011, 08:04:31 PM
 #12

Tradehill compromised.

http://securityforthemasses.blogspot.com/2011/06/someone-offering-tradehill-bitcoin.html

PGP key id at pgp.mit.edu 0xA68F4B7C

To get help and support for GLBSE please email support@glbse.com
TraderTimm
Legendary
*
Offline Offline

Activity: 1652



View Profile
June 20, 2011, 08:16:49 PM
 #13

Invalid bouncing email address claims that Tradehill compromised.

http://securityforthemasses.blogspot.com/2011/06/someone-offering-tradehill-bitcoin.html

Fixed that for you.

fortitudinem multis - catenum regit omnia
JackH
Sr. Member
****
Offline Offline

Activity: 355


View Profile
June 20, 2011, 08:23:16 PM
 #14

How can people be so blind and dumb and believe that something popping out of the blue, offering to facilitate a service will actually work. These Tradehill people may have good intentions, but who can handle this type of traffic such an exchange is receiving. And who can handle having all the geeks on the internet attacking them all the time.

I am sorry, but unless a big corporation or a bank steps in with some serious money backing it up this is a just mtgox.com all over. Errors are already popping up and the software is untested and repairing it on the fly just doesnt work!!! Its about money people, MONEY!

<helo> funny that this proposal grows the maximum block size to 8GB, and is seen as a compromise
<helo> oh, you don't like a 20x increase? well how about 8192x increase?
<JackH> lmao
SpaceLord
Member
**
Offline Offline

Activity: 70


View Profile
June 20, 2011, 08:47:39 PM
 #15

Passwords:
For the moment send an email to info@tradehill.com and we will reset it immediately.
I made this request via email three hours ago, no response yet.  I realize you guys are probably swamped, so perhaps it's still in queue. 

Give them some time, They are dealing with over 50,000 users!

6 hours later, no email to reset my password. Just sayin'.
Yankee (BitInstant)
Legendary
*
Offline Offline

Activity: 1078


Charlie 'Van Bitcoin' Shrem


View Profile WWW
June 20, 2011, 08:57:32 PM
 #16

Passwords:
For the moment send an email to info@tradehill.com and we will reset it immediately.
I made this request via email three hours ago, no response yet.  I realize you guys are probably swamped, so perhaps it's still in queue. 

Give them some time, They are dealing with over 50,000 users!

6 hours later, no email to reset my password. Just sayin'.

I assure you, they are doing their best. Send a PM to JeredKenna on this forum, he is one of the guys who runs TH

Bitcoin pioneer. An apostle of Satoshi Nakamoto. A crusader for a new, better, tech-driven society. A dreamer.

More about me: http://CharlieShrem.com
Bunghole
Member
**
Offline Offline

Activity: 64



View Profile
June 20, 2011, 09:16:54 PM
 #17

I just had a funny thought of the Trade Hill guys sitting around in diapers today, so that they don't have to take the time to go to the bathroom.
killer2021
Member
**
Offline Offline

Activity: 84


View Profile
June 20, 2011, 09:49:41 PM
 #18

How can people be so blind and dumb and believe that something popping out of the blue, offering to facilitate a service will actually work. These Tradehill people may have good intentions, but who can handle this type of traffic such an exchange is receiving. And who can handle having all the geeks on the internet attacking them all the time.

I am sorry, but unless a big corporation or a bank steps in with some serious money backing it up this is a just mtgox.com all over. Errors are already popping up and the software is untested and repairing it on the fly just doesnt work!!! Its about money people, MONEY!

So when are you opening up the JackH bitcoin exchange?

Just saying.

Anonymous Cash-By-Mail Exchange: https://www.bitcoin2cash.com
1H6mqgB6UcqKt2SrCmhjxUp9np1Xrbkdj7
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420



View Profile WWW
June 20, 2011, 10:57:12 PM
 #19

Passwords:
For the moment send an email to info@tradehill.com and we will reset it immediately.
I made this request via email three hours ago, no response yet.  I realize you guys are probably swamped, so perhaps it's still in queue. 

Give them some time, They are dealing with over 50,000 users!

6 hours later, no email to reset my password. Just sayin'.


We've been reseting passwords / accounts if we missed anyone please email us again.
We will be adding a feature to reset your own account soon but we are receiving a lot of hack attempts and do not want to rush anything that could potentially be exploited.

moneyandtech.com
@moneyandtech @jeredkenna
chihlidog
Newbie
*
Offline Offline

Activity: 28


View Profile
June 20, 2011, 10:59:05 PM
 #20

Passwords:
For the moment send an email to info@tradehill.com and we will reset it immediately.
I made this request via email three hours ago, no response yet.  I realize you guys are probably swamped, so perhaps it's still in queue. 

Give them some time, They are dealing with over 50,000 users!

6 hours later, no email to reset my password. Just sayin'.


We've been reseting passwords / accounts if we missed anyone please email us again.
We will be adding a feature to reset your own account soon but we are receiving a lot of hack attempts and do not want to rush anything that could potentially be exploited.

Could you elaborate a little on these hack attempts and how secure your site is?

Im not sure why anyone would want to, but just in case, I humbly and very gratefully accept donations at: 1Kn6NFFE4EqrhN1pgBDoBQEvSA5c3tdqhi
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!