"I'm Kevin, and I'm full of shit" [a must read!]

[Batouzo]

HEY GUYS THIS BAG OF MONEY FELL OFF THE BACK OF A BANK LORRY I PAID SOME SHADY GUY AT THE PUB 3000 DOLLARS FOR IT AND WHEN THE BANK TURNED UP THE NEXT DAY THEY DEMANDED IT BACK WHAT THE FUCK???

Serious?? Crikeys..the cheek!
I might start a thread about it in the hope someone somewhere really cares!

It's really more the case of market with paintings, where the market owner and staff totally messed up the price tags (or: leaved the doors unlocked overnight and allowed it), and now don't want to give out the money and paintings from already completed trades.

I would care to remember that prices at this market can't be trusted, even if they just drop by -20% or -50%, I can't be sure isn't it another messup and another "rewind" is imminent. Perhaps you would not care and keep trading there as nothing happened.

[1715026495]

1715026495

[1715026495]

1715026495

[1715026495]

1715026495

[1715026495]

1715026495

[1715026495]

1715026495

[AtomicTrader]

10364   toasty   toasty@dragondata.com   $1$rtQupk2h$FR.Ee1vC2s70WFatliWHz1                     


Google this guy.  He has a unique skillset to match.

Interesting! This Kevin Day guy comes up in Google in various security/password/hacking links. The plot thickens!

[bitrebel]

Not going to lie his story really doesn't make sense.... why

I'm starting to think  Mt Gox and this guy are colluding together  who's to say they aren't?

They obviously have spoken together?

I already posted this, Very possible!
http://forum.bitcoin.org/index.php?topic=20287.0

[Batouzo]

10364   toasty   toasty@dragondata.com   $1$rtQupk2h$FR.Ee1vC2s70WFatliWHz1                     


Google this guy.  He has a unique skillset to match.

Interesting! This Kevin Day guy comes up in Google in various security/password/hacking links. The plot thickens!

If he is the hacker then hopefully he will be eventually found guilty by a just court based on actual strong evidence.

[bitprotection]

Not going to lie his story really doesn't make sense.... why

I'm starting to think  Mt Gox and this guy are colluding together  who's to say they aren't?

They obviously have spoken together?

I already posted this, Very possible!
http://forum.bitcoin.org/index.php?topic=20287.0

+1

At least we know who the hacker is and can get him!   I'm stickin with this idea ... to many things like Mt. Gox moving coins around and then this guy claiming he bought them and then and that ...its all fishy..

[elggawf]

Interesting! This Kevin Day guy comes up in Google in various security/password/hacking links. The plot thickens!

So fucking what? My name does too.

[NO_SLAVE]

Yes, check out this guy.  Lots of interest in freebsd crashing, password cracking/protection.

[bitrebel]

Hey Kevin Day.....

Are you the same Kevin Day that wrote the Book, "Inside the Security Mind" "Making the Tough Decisions"
http://www.amazon.com/Inside-Security-Mind-Making-Decisions/dp/0131118293

Product Description
Inside the Security Mind: Making the Tough Decisions, by security expert Kevin Day, teaches information officers how to think like a top security guru. Using real-world examples, Day explains how to reduce any security problem to a set of essential principles, making it easy to arrive at optimal solutions. Includes practical material on enterprise security issues and measures.
From the Back Cover

    "This is a really good book ... it spells out the motherhood and apple pie of information security in a highly readable way."

—Warwick Ford, CTO, VeriSign, Inc.

    "An excellent security read! Breaks down a complex concept into a simple and easy-to-understand concept."

—Vivek Shivananda, President

    Redefine your organization's information security
    Learn to think and act like a top security guru!
    Understand the founding principles of security itself and make better decisions
    Make your security solutions more effective, easily manageable, and less costly!

Make smarter, more informed security decisions for your companyOrganizations today commit ever-increasing resources to information security, but are scarcely more secure than they were four or five years ago! By treating information security like an ordinary technological practice—that is, by throwing money, a handful of the latest technologies, and a lineup of gurus at the problem—they invariably wind up with expensive, but deeply flawed, solutions. The only way out of this trap is to change one's way of thinking about security: to grasp the reasoning, philosophy, and logic that underlie all successful security efforts.

In Inside the Security Mind: Making the Tough Decisions, security expert Kevin Day teaches you how to approach information security the way the top gurus do—as an art, rather than a collection of technologies. By applying this discipline, your solutions will be more secure and less burdensome in time, expense, and effort. The first part of the book explains the practice of breaking security decisions down into a set of simple rules. These rules may then be applied to make solid security decisions in almost any environment. In the second part, Day uses a series of practical examples to illustrate exactly how the discipline works in practice. Additional material covers:

    Designing an enterprise security plan, including perimeter/firewall and Internal defenses, application, system, and hardware security
    Ongoing security measures—recurring audits, vulnerability maintenance, logging and monitoring, and incident response, plus risk assessment
    Choosing between open source and proprietary solutions; and wired, wireless, and virtual private networks

This book is essential reading for anyone working to keep information secure. Technical and non-technical IT professionals alike can apply Day's concepts and strategies to become security gurus, while seasoned practitioners will benefit from the unique and effective presentation of the essential security practices.

[Phil21]

10364   toasty   toasty@dragondata.com   $1$rtQupk2h$FR.Ee1vC2s70WFatliWHz1                     


Google this guy.  He has a unique skillset to match.

Thanks, all I find is security work and loads of mailinglist articles where he is involved in various security related content with regards to websites.

Must be another flakey coincidence that he seems to know his parts around that world more than avg joe and to get burn like this aswell, wtfever.

Which is likely why MtGox's story given to him seemed suspicious at best, fraudulent at worse - and even perhaps is when he decided to hold off on sending the funds he did get out back?  If you worked in this field daily, you'd likely at least have suspicions of the same thing given the responses offered.  I know I did.  They were pathetic and easily immediately proven false.  Something didn't add up right, so the correct course of action was to pause and let information come to light to ensure the correct course of action was taken.  This information was not forthcoming.

The truth may or may not come out eventually, I really truly hope it does and simply proves incompetence.  Now not only for Bitcoin's, but Kevin's sake.  I feel rather bad for my part in helping convince him to post his story publicly, to try to elicit some form of reasonable level of transparency about the issue.  There was only downside for him, but I did my part in helping convince him the community benefits would outweigh the possible drawbacks on the personal side.  I was wrong.  It truly was, whether you believe it or not, an attempt to bring the spotlight on what he felt as a major accountability and transparency issue.  If this had been handled reasonably, the money would almost assuredly be back in the proper accounts and you wouldn't have heard about much other than a simple hack and a brief market crash.

It goes beyond a simple hack.  The fact he's blaming Kevin for the "hack" itself proves that in itself for me.  Note that only third parties have been blamed in all this.  Not once has MT taken any responsibility for this supposed "hack" - why is that?  

[Batouzo]

It goes beyond a simple hack.  The fact he's blaming Kevin for the "hack" itself proves that in itself for me.  Note that only third parties have been blamed in all this.  Not once has MT taken any responsibility for this supposed "hack" - why is that?  

+1

[hazek]

Maybe if he didn't contradict himself in the very same post with his story he would have had a bit more credibility.

But guess what, he did and he doesn't.


I mean he isn't even attempting to explain these contradictions.. What more is there to say to that?

[Clipse]

So its just a huge coincidence that the same guy cashing out would be involved in security of the sorts mentioned in this thread.

Fuck if this is all just some serious coincidence then Kevin should just get of the internet, there is a very good possibility of a ricochet bullet hitting him via the interwebz.

[Phil21]

Maybe if he didn't contradict himself in the very same post with his story he would have had a bit more credibility.

But guess what, he did and he doesn't.

I mean he isn't even attempting to explain these contradictions.. What more is there to say to that?

Someone directly accused him of both committing and profiting from a felony, and said he had already involved the FBI.  I hope for Kevin's sake he's smart enough to be on the phone with an attorney right now.

[dana.powers]

I actually think Kevin's story makes some sense.  I still think he should return the BTC he withdrew (or forfeit the $3000 and all remaining BTC in account to cover the loss, which, as he claims, is probably worth close to $10,000 at market prices).

Kevin says (1) he has a higher withdraw limit than $1000 and (2) he withdrew around 600 BTC.  It is true that his post implies that his limit was at $1000 when he withdrew, but I don't think that's actually the case and I don't think that he meant to imply that.  Many on the forums have claimed that the BTC withdrawal is based on a 24-hr rolling average (people who claim to have hit this limit themselves, presumably when trying to withdraw during recent volatile periods) and not on the current market price.  At that point the 24-hr rolling average was apparently around $4.5, which would have allowed a maximum withdrawal of around 200 BTC per $1000 allowed.  600 BTC withdrawal, then, aligns with a roughly $3000 withdrawal limit.  I think perhaps he assumed that the limit was based on $0.01, but was in fact wrong about that.

But, like I said, I still think he has no claim to profit on the buy-side of a fraudulent sell order.

[Epinnoia]

MtGox claims to have reported this to the authorities.  I would trust them much more if they provided a scanned copy of the police report, if for no other reason than the fact that it's a felony to file a false police report in pretty much every legal jurisdiction.

[bitcoinminer]

I am noticing the same questions being asked of both parties and not being answered.

Question: Who do you believe, the person who has 250k bitcoins to lose (kevin), or 500k bitcoins to lose (MtGox)?

Answer: Neither.

[bitsalame]

<wearing a tin foil hat>
Or maybe the real hacker is one of the users posting in this thread, using Kevin as a scape goat.
The best way to erase one's trails is by incriminating an innocent one.
</wearing a tin foil hat>

[Phil21]

I am noticing the same questions being asked of both parties and not being answered.

Question: Who do you believe, the person who has 250k bitcoins to lose (kevin), or 500k bitcoins to lose (MtGox)?

Answer: Neither.

Good call!

[toasty]

I actually think Kevin's story makes some sense.  I still think he should return the BTC he withdrew (or forfeit the $3000 and all remaining BTC in account to cover the loss, which, as he claims, is probably worth close to $10,000 at market prices).

Kevin says (1) he has a higher withdraw limit than $1000 and (2) he withdrew around 600 BTC.  It is true that his post implies that his limit was at $1000 when he withdrew, but I don't think that's actually the case and I don't think that he meant to imply that.  Many on the forums have claimed that the BTC withdrawal is based on a 24-hr rolling average (people who claim to have hit this limit themselves, presumably when trying to withdraw during recent volatile periods) and not on the current market price.  At that point the 24-hr rolling average was apparently around $4.5, which would have allowed a maximum withdrawal of around 200 BTC per $1000 allowed.  600 BTC withdrawal, then, aligns with a roughly $3000 withdrawal limit.  I think perhaps he assumed that the limit was based on $0.01, but was in fact wrong about that.

But, like I said, I still think he has no claim to profit on the buy-side of a fraudulent sell order.

I raised my Dwolla withdrawal limit, not my bitcoin withdrawal limit. The email I got from Mark:

Hi,

To increase your bitcoin withdraw limit, there is no need for any document, just let me know your mtgox account user name, and the daily limit you wish for.

To increase your withdraw limit (by default $1000 per 24 hours and $10000 per 30 days), please provide your account name, the copy of an official ID document (such as passport, driver's license, etc...) and the copy of an utility bill at your name and address.

We will review your document and increase your withdraw limit based on your risk profile.

Please note that you can also send a notarized color copy of your ID document to this address (remember to include your mtgox account name) via registered mail (fedex, etc) :

I provided the documentation he asked for to have my cash withdrawing limit raised, which he did quickly. I did not make a request to have my bitcoin limit raised.

I admit, I explained this poorly.

[bitsalame]

I believe that actually Kevin doesn't have to give back any of it.
He purchased them in good faith. Even if the market was crashing, I would have purchased it if I saw the opportunity.

• Now, even if it is on his right to keep them, IF the money belonged to MTGOX (and not a user, but actually the main fund of MTGOX, which seems to be more plausible the more I think) then I guess that for the betterment of the economy and its stability, Kevin should give it back to MtGoX.
  In exchange of the devolution, MtGox should give a compensation for the act of good faith and allow Kevin to keep the withdrawn amount
• If the account was a personal one, Kevin has less obligation to give it back to the owner of it. When you make the wrong call playing poker you can't undo it, if you fucked it up, you fucked it up. Period.
  But still, it would be a nice gesture, and this would be totally from Kevin's generosity, if Kevin gives back partially or totally to the previous owner. A generous compensation for this gesture would be appropriate.
  

BUT, Kevin has all the rights to keep it and not giving it back to anyone. He would be a total asshole by behaving like that, but it is in his right.
Now, everything depends on his will.

MtGox shouldn't rollback shit.
The least thing that MtGox can do is to compensate to all users for this scandal and for they negligence/incompetence.
The leaked userbase is embarrassing enough, and that needs a fair compensation to all of us who entrusted this site with our money, and in some cases, our life savings (doesn't matter if trusting one's savings is a unsound judgement, the point here is that our trust has been broken).

It takes decades to build trust, and only one second to break it.

Usually, one never recovers full trust with a person, but doing good deeds can help to reestablish the relationship.
I hope MtGox understands here that more than profit, trust is actually the backbone of a business.
If you don't offer a deal to keep your users happy, expect a bank run.

(Wrong thread, I wanted to post it in Kevin's thread...)