Which Bitcoin Exchange Can You Trust?

[qikaifu]

This is what I've been expecting for a long time, and once I wished mtgox would achieve.


"It's important now to go forward with legalization even if you don't agree with laws,"
Taaki said legitimizing exchanges would give Bitcoin the confidence needed to transcend from a niche currency embraced by libertarians and hackers to a legitimate monetary system.



http://www.pcmag.com/article2/0,2817,2387279,00.asp

[DamienBlack]

Honestly, after all of this, I would trust mt gox the most. Nothing encourages you to invest a lot in security more than being thoroughly pwnd.

[bitplane]

I personally like Britcoin, it's not very big but you know someone takes things seriously when they refuse to store any passwords at all on-site and put the source code for the exchange on github.

[BitcoinPorn]

Honestly, after all of this, I would trust mt gox the most. Nothing encourages you to invest a lot in security more than being thoroughly pwnd.

It's funny and it's true.

[imperi]

Honestly, after all of this, I would trust mt gox the most. Nothing encourages you to invest a lot in security more than being thoroughly pwnd.

It's funny and it's true.

Except Sony.

[Nefario]

GLBSE.com of course, we don't actually use passwords.

We are not however a bitcoin exchange (we're an asset exchange)

And it's down until I have security beefed up.

Nefario.

[sturle]

Honestly, after all of this, I would trust mt gox the most. Nothing encourages you to invest a lot in security more than being thoroughly pwnd.

Yes, and IMHO the situation has been handled very well.  A lot of FUD is spread here, unfortunately, and I get spam promoting TradeHill and Bitcoin7.  Spammers can not be taken seriously, and neither can the exchanges if the spammers are still allowed to trade there.  This alone strenghtens my confidence in Mt. Gox, which has never spammed me or spread FUD about other exchanges.  So far the official information has been perfectly aligned with the facts which have been shown both before and after the public explanations.

My trust is with Mt. Gox and bitcoin-central.  I do not trust TradeHill, and have complete distrust in Bitcoin7 (mostly due to cluelessness).

[onesalt]

I personally like Britcoin, it's not very big but you know someone takes things seriously when they refuse to store any passwords at all on-site and put the source code for the exchange on github.

Hmm well this is totally cool, now the hackers know exactly what sorts of attacks will work by analysing the source code for vulnerabilities. I don't recall any wall street banks leaving the schematics for their security systems lying about on the roadside for any gutter trash to read, do I?

[Jered Kenna (TradeHill)]

Honestly, after all of this, I would trust mt gox the most. Nothing encourages you to invest a lot in security more than being thoroughly pwnd.

Yes, and IMHO the situation has been handled very well.  A lot of FUD is spread here, unfortunately, and I get spam promoting TradeHill and Bitcoin7.  Spammers can not be taken seriously, and neither can the exchanges if the spammers are still allowed to trade there.  This alone strenghtens my confidence in Mt. Gox, which has never spammed me or spread FUD about other exchanges.  So far the official information has been perfectly aligned with the facts which have been shown both before and after the public explanations.

My trust is with Mt. Gox and bitcoin-central.  I do not trust TradeHill, and have complete distrust in Bitcoin7 (mostly due to cluelessness).

We have been and continue to collect referral codes of spammers for removal in our system.
We don't condone using stolen information for personal gain and hate spam as much as you do.

We can ban the spammers but if an email list this size is released it's a fact that it will be spammed.

[Nefario]

I personally like Britcoin, it's not very big but you know someone takes things seriously when they refuse to store any passwords at all on-site and put the source code for the exchange on github.

Hmm well this is totally cool, now the hackers know exactly what sorts of attacks will work by analysing the source code for vulnerabilities. I don't recall any wall street banks leaving the schematics for their security systems lying about on the roadside for any gutter trash to read, do I?

It's secure because anyone can view it.

This is PHP code, not something flying the space shuttle, you can know it's safe by having everyone have a look.

[TraderTimm]

rofl...

Please refrain from commenting about things you clearly know nothing about.

If only lardycake could learn from his own 'wisdom'.

[bitplane]

Hmm well this is totally cool, now the hackers know exactly what sorts of attacks will work by analysing the source code for vulnerabilities. I don't recall any wall street banks leaving the schematics for their security systems lying about on the roadside for any gutter trash to read, do I?

Before you sink your half a million into Britcoin you can pay a mere few thousand dollars for an independent security audit of the entire site. If you're a skilled developer then you can conduct your own independent audit.

If you're putting the source code to your exchange online then you get instant respect from developers like myself, it shows that:

1) Britcoin doesn't believe in "security by obscurity", instead they opt for real, actual security along with transparency.
2) Britcoin's code is well written enough for them to state their reputation on it, which they have.
3) Britcoin is giving back to the community, they're not someone in this thing to make a quick buck, but actually proving they will invest in the entire community by starting new exchanges.

Having seen hundreds of proprietary, bespoke applications and hundreds of open source ones, I can say with some confidence that the code quality of open source is usually much higher.

[enmaku]

I personally like Britcoin, it's not very big but you know someone takes things seriously when they refuse to store any passwords at all on-site and put the source code for the exchange on github.

Hmm well this is totally cool, now the hackers know exactly what sorts of attacks will work by analysing the source code for vulnerabilities. I don't recall any wall street banks leaving the schematics for their security systems lying about on the roadside for any gutter trash to read, do I?

It's secure because anyone can view it.

This is PHP code, not something flying the space shuttle, you can know it's safe by having everyone have a look.

I believe we're talking about Linus' Law (http://en.wikipedia.org/wiki/Linus'_Law) - "Given enough eyeballs, all bugs are shallow"

[Rob768]

Here is a list of some
http://www.talkgold.com/forum/r331614-.html

[TonyHoyle]

Really it depends where you are...you can go on bitcoincharts and see an exchange based on your particular currency and then do research.  There are a few per country

With tradehill not being an option for me (doesn't take or send EUR or GBP), britcoin is looking like the best contender, despite saying "this site is strictly in alpha state" on the front page - which previously meant I discounted it out of hand.

[BCEmporium]

Sorry, "Open Source all the way" is simply foolish!
You would get thought code? Maybe, but not quite. Main frame projects do, sidelined projects are normally half-baked with more bugs than you can count.
It also diminishes security (not increases), making it a lottery. By knowing the table structure an attacker by founding an exploitable hole would have quite a fine aim instead of shoot fish from the barrel by attempting to guess which table is which (is it users? accounts? members? the guy is Arab and calls it Al-Accounts? who knows?).
Over Open Source it all relies on the intentions of the one who found the exploitable hole, if is a good fellow will warn about it, otherwise will spread havoc.

Actually the breach @ MtGox was all about letting more people than desirable to have a look in his code, ending up with his db spread over the web.

[niemivh]

I personally like Britcoin, it's not very big but you know someone takes things seriously when they refuse to store any passwords at all on-site and put the source code for the exchange on github.

I only bank with the British from now on.



WHOA!  That's a BIG PHOTO!

[Nefario]

MY EYES!!!

[hamdi]

i trust none.
i cash out as often as possible.

using tradehill at the moment and like it.