If I had buy orders in at a penny and a nickle (which I had as recently as 4 days ago), I would feel totally cheated if those orders were filled, and then Mt. Gox took the Bitcoins away from me. It is VERY possible that my trade was independent of the "stolen" bitcoins - perhaps someone (or their bot) saw the market tumbling, and sold to get out, and I bought... this would be a transaction between me and that individual, and has little to do with the stolen coins.
Bottom line is that Mt. Gox was making BOATLOADS of money before the issue. They SHOULD HAVE taken steps to prevent this from happening, and they didn't. So now they should pay, bitcoin for bitcoin, every harmed individual. No "transaction rollback". If they couldn't handle the liability, then they shouldn't have taken on the liability (along with the associated profits for the past few months).
Even if it took YEARS to make everyone whole, THAT is the right answer.
jerfelix seems exactly right about this.
mt. gox's reaction to the problem has been mountingly poor, in my view. they seem to want to avoid taking responsibility or acting as if they care about customer satisfaction, even though they have made substantial amounts of money from customers. either their marketing is very good or their community of customers is far too uncritical; it seems unfortunate for mt. gox not to be held to account because their customers have a misplaced sense of 'loyalty'.
in general, there's a remarkable lack of understanding of the business norms of exchanges and of contract law in these forums.
some myths and responses:
(1) myth: 'mt. gox has no choice but to roll back the trades; that's best for bitcoin.'
they do have a choice, and they're planning a rollback to satisfy their own interests, to cover their own liabilities for having lost customer funds. nobody benefits from a rollback except for mt. gox and the customer whose funds they allowed to be stolen.
(2) myth: 'it's common for exchanges to roll back transactions'
people hear that some transactions were 'rolled back' in the nyse flash crash and generalise that to this case, when the two cases are entirely different. i've explained this difference in other topics in detail, and moreover, not every trade in the 'flash crash' was rolled back.
mt. gox here is not reversing an exchange breakdown but attempting to reverse a theft of customer funds.
(3) myth: 'mt. gox has the right to do whatever they want, because the terms of service do not say otherwise'
in contract law, when a contract has a gap, the gap is filled in with implied terms that are typically drawn from business practices. a contractual gap does not give the party that happens to have power the right to do as it pleases.
(4) myth: 'people are responsible for all that happens when they use the same password on multiple sites'
users are partly responsible for their poor security practices, and mt. gox is also partly responsible for theirs. a leak of this magnitude is, in my view, probably unforgivable, particularly in a context where customers were trying to maintain privacy.
mt. gox seems to getting a free pass from people here for a very serious breach of privacy and security. people ought to be furious with them for this leak, and it wouldn't be wrong to ask for compensation for losses that resulted from the leak.
(5) myth: 'customers have no choice but to abide by mt. gox's decisions'
customers have many options that they can consider. legal action is a possibility, though an expensive one. additionally, dissatisfied customers can attempt to withdraw their bitcoins and then also attempt to reverse dollar transfers to mt. gox (through dwolla or their own consumer or merchant banks) in an amount that corresponds to what they assert is their legal right; consequently, mt. gox would need to sue them, rather than the other way around, if one of the parties was acting beyond their rights. there is no reason customers, rather than an unaccountable entity earning $70,000/day at their height, should be made to suffer losses as a result of this incident.
again, in case it matters, i don't stand to gain or lose from the rollback personally, and i've never had an account at mt. gox.
also, i don't want to overstate my argument. the situation here is complicated. i'm just trying to explain to people that it's not easy. i'm not sure a rollback would be wrong, but my contention is that mt. gox has not properly justified it yet.