dodgrr
Member
Offline
Activity: 70
Merit: 10
|
|
June 21, 2011, 10:47:29 PM |
|
First, the general public has to succumb to the fact that you're not an idiot and that mybitcoin's database was actually hacked.
I believe mybitcoin's database was hacked. You may also be an idiot.
|
|
|
|
ryepdx
|
|
June 21, 2011, 11:00:58 PM |
|
I also believe it is possible that MyBitcoin was hacked as well. The exposure of the database at Mt. Gox might be acting as a smokescreen for this possibility. After all, it is easy to assume people are getting hacked because they were on Mt. Gox and failed to change their passwords. Yet, if he tells the truth, here is someone who didn't have a Mt. Gox account and he still got hacked. I was already somewhat suspicious when I saw how quickly people's MyBitcoin accounts were being compromised. I figured LS just had a lot of hashing power, but it's entirely possible they found an exploit on MyBitcoin. :-(
Only MyBitcoin can answer this one for us. They'd have to check for usernames in their database which were not in the leaked database and which had all their bitcoins transferred out of their account today to the attacker's bitcoin address. If these usernames exist, then it's probable that there exists an exploit.
To follow this line of thought: assuming that they've now cleared out a good portion of the accounts on MyBitcoin, it may be safe to say they have *a lot* of bitcoins. If LS is truly malicious, or if they are out to prove a point, then the next stage of their attack could be to dump all their acquired bitcoins on the free market. I'm not too worried about it because last time that happened we managed to snap back to $13 pretty quickly. But this would definitely add fuel to the black-PR fire.
We need to secure our websites and wallets ASAP, people. If they *do* plan on dumping them on an exchange, those exchanges will need countermeasures in place. It seems they're using the same bitcoin address for all their exploits. This could be their downfall IF we can coordinate. If you run an exchange, I would suggest putting in some special rules for bitcoins that can be tracked back to that address.
If we can stop these thieves from wreaking any more havoc on our community than they already have, it will be a victory not just for us, but for decentralization as a whole. If we can prove that a crime of this magnitude can be halted and the perpetrator caught without government intervention, it will set the tone of all Bitcoin-related discussion going forward.
These thieves have unleashed the bogeyman that lurks in the back of the common person's thoughts when they hear the word "cryptocurrency." It is up to us to lay that bogeyman to rest.
|
|
|
|
bitbonga
Newbie
Offline
Activity: 27
Merit: 0
|
|
June 21, 2011, 11:01:51 PM |
|
If you could make a good site then why not sell stuff for USD? That is why my hopes are for a) remittances (shady/ hugely bloated / noncompetitive industry) b) poker (illegal in usd) c) drugs (illegal in USD) d) sexcam (paypal won't handle it and it could dramatically reduce the costs of entry for individual providers and cut out gouging middlemen)
For other commerce, bitcoin has wasted rewards on early adopters that could have been shared with adopting merchants (under alternative currency generation rules). On the plus side, further growth in the shady stuff could bootstrap future growth in the legitimate stuff.
I've been lurking this forum since February and the above words are like poetry to me! They so simply express what I've been thinking all these past months!
|
|
|
|
nickwit
Member
Offline
Activity: 80
Merit: 10
|
|
June 21, 2011, 11:57:51 PM |
|
I can make a good site, and I sell things for USD AND BTC.
As to the "why":
Because I want to see bitcoins succeed, because I can see that the banks are imposing a type of derivative slavery on us, and this is the best way we have of routing around them.
It's not as simple as "making money for yourself". Nothing born of that philosophy is ever anything other than toxic.
Oh... and as far as I can see, the USD/GPB are crashing (I've lost 1/3 of my income in the last couple of years) whereas recent wobbles aside, bitcoins are still appreciating.
|
|
|
|
bitcoinminer
|
|
June 22, 2011, 12:27:54 AM |
|
MtGox sent out emails to everyone about the password...
I didn't receive an email and I can see from the released CSV of accounts that my email is correct. Anyone who thinks that EVERYONE in the world has the patience and tollerence to monitor these forums on a daily basis, with all the bull shit and meaningless crap and know-it-all views of idiots, is pretty foolish in my opinion. For every 30 minutes I spend reading posts in this forum, 1 minute is worth while and the other 29 minutes I feel like looking for a tall bridge. I think it is quite concievable that there are many out there who know of bitcoin, have used bitcoin, but still haven't heard any word of the recent events spanning the past few days. Tell you what, you can give me $100 grand, and I'll read the forums, own a television, and check my email once every few days for you. Otherwise, seriously, quit crying... If you didn't care enough about your money to keep an eye on 100k$, then you don't need it. I check my bank account balance every day, like it's suddenly going to have more than a few hundred bucks to rub together Hopefully if you're married, etc. your wife doesn't let you handle anything important, especially issues of money. You'd have to be on another friggin planet to miss all the different ways you would have been notified.
|
Be fearful when others are greedy, and greedy when others are fearful.
-Warren Buffett
|
|
|
FreeMoney
Legendary
Offline
Activity: 1246
Merit: 1016
Strength in numbers
|
|
June 22, 2011, 12:30:28 AM |
|
First, the general public has to succumb to the fact that you're not an idiot and that mybitcoin's database was actually hacked.
I believe mybitcoin's database was hacked. You may also be an idiot. So they just haven't gotten around to taking my coins??? wth is wrong with you?
|
Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
|
|
|
CurbsideProphet
|
|
June 22, 2011, 12:34:27 AM |
|
And all these coins need to be liquidated....
So a flood of BTC supply hits the markets pushing the price down. Everyone but the hackers lose out in the end.
|
1ProphetnvP8ju2SxxRvVvyzCtTXDgLPJV
|
|
|
myrkul
|
|
June 22, 2011, 12:48:13 AM |
|
And all these coins need to be liquidated....
So a flood of BTC supply hits the markets pushing the price down. Everyone but the hackers lose out in the end.
short term glut != long term crash.
|
|
|
|
CurbsideProphet
|
|
June 22, 2011, 12:58:11 AM |
|
And all these coins need to be liquidated....
So a flood of BTC supply hits the markets pushing the price down. Everyone but the hackers lose out in the end.
short term glut != long term crash. So you have a long term solution? This is not a short term event, it's a precedent. Security has been and will continue to be compromised because not everyone will be diligent with security measures. Whether you like it or not, as an owner of BTC's, the value of your "coin" is tethered to the security (or lack thereof) of all other users. A finite supply of a mostly illiquid instrument means a flood of supply will push down prices. When you get something for free, you don't really care if you get the best price when selling. It's a pretty big hole in the BTC model if you ask me.
|
1ProphetnvP8ju2SxxRvVvyzCtTXDgLPJV
|
|
|
lemonginger
Full Member
Offline
Activity: 210
Merit: 100
firstbits: 121vnq
|
|
June 22, 2011, 01:15:20 AM |
|
Seems as though people are trying to create these sites as a way to put their foot in the door for when they've actually got some knowledge/funds to code a half decent, secured website. Everyone with some php/html/sql knowledge seems to be attempting this. That funny thing is, regardless of how shitty these sites are, a lot of them are actually profiting. Especially the crayon gambling sites.
This is true. Hopefully it will encourage bigger players with more time/energy/skills to invest to do so. I also agree that alternative generation rules to spur merchants would have been/would be nice, but don't know what that looks like. I still think the proposal of BTC+ with a better client and a new block chain is the best offered so far.
|
|
|
|
myrkul
|
|
June 22, 2011, 01:25:38 AM |
|
So you have a long term solution? This is not a short term event, it's a precedent. Security has been and will continue to be compromised because not everyone will be diligent with security measures. Whether you like it or not, as an owner of BTC's, the value of your "coin" is tethered to the security (or lack thereof) of all other users.
A finite supply of a mostly illiquid instrument means a flood of supply will push down prices. When you get something for free, you don't really care if you get the best price when selling. It's a pretty big hole in the BTC model if you ask me.
No, the value of the Bitcoin is pegged to the size of the market and the demand for coins. One idiot losing his coins is going to cause a brief dip in the price, not a long term depression.
|
|
|
|
nemo
|
|
June 22, 2011, 01:29:12 AM |
|
Someone changed my wallet address for BTCguild just today. Thank god for my 24 hour lock. My password wasn't even the same as the one I used for MTGox. I'm going to convert my wallet into QR code and print it, then format my computer. Shit is starting to get real.
|
|
|
|
CurbsideProphet
|
|
June 22, 2011, 01:38:41 AM |
|
No, the value of the Bitcoin is pegged to the size of the market and the demand for coins. One idiot losing his coins is going to cause a brief dip in the price, not a long term depression. One idiot? Mt. Gox was compromised. Everyone who used the same password there and at mybitcoin.com lost their coin. Dropbox accounts may have been compromised. Even before this whole Mt. Gox fiasco, some idiot lost $500,000 to a hacker. This is the tip of the iceberg my friend. My point is, even if YOU are smart and take all the necessary precautions, there are stupid people out there who will not. Should you care? YES. Why? Because like you said BTC is dependent upon the size of the market (small and finite) and demand for coins. If this was a one-time event then no big deal. The problem is this can be replicated and as you can see, it's happening right now. So you can hold onto your BTC's for as long as you want, doesn't matter, the hackers will continue to take BTC's and flood the market with them. This will depress the price of BTC's, not just in the short term, but until you can secure the wallets of all BTC holders. Goodluck with that.
|
1ProphetnvP8ju2SxxRvVvyzCtTXDgLPJV
|
|
|
Vince Torres
|
|
June 22, 2011, 01:40:46 AM |
|
Hundreds of thousands of bitcoins were lost in the past few weeks. Hoping the market can recover...
|
Namecoin.com .bit domain registrar. Register a new .bit domain for just $1! BTC: 1LpKzg24NHmrxLZbnVphcstV3s7uA8cSnT LTC: LWHswCFRPouCXTNiT8B9HUVnGrae9eojVg
|
|
|
nemo
|
|
June 22, 2011, 01:43:52 AM |
|
What's the point of having something if nobody wants to steal it?
|
|
|
|
myrkul
|
|
June 22, 2011, 01:46:36 AM |
|
This will depress the price of BTC's, not just in the short term, but until you can secure the wallets of all BTC holders. Goodluck with that.
Beauty part is, I don't have to. The hackers will take of that for me. By default, when they're done, all the holders are secure.
|
|
|
|
lemonginger
Full Member
Offline
Activity: 210
Merit: 100
firstbits: 121vnq
|
|
June 22, 2011, 02:33:59 AM |
|
This to me is further proof of why people trying to get their grandma/cousins/etc to use bitcoin when it clearly isn't ready (and I'm talking about some of the infrastructure surrounding the currency as well as the client) just because they want to speculate are hurting bitcoin overall.
Everyone expects a new opensource project to have bugs and incompatibilities. In this case, some of the "bugs" aren't with bitcoin itself, but with services growing up around it. Exposing vulnerabilities is great, because then they can get fixed. But it sucks when people are losing lots of money because of it.
|
|
|
|
makomk
|
|
June 22, 2011, 08:12:49 AM |
|
But sometimes the free-market will save also... as suddenly those who make good sites are at a competitive advantage.
That's the trouble - it won't and it hasn't. As an end user, you can't actually tell how secure one website is over another. There's no way of spotting whether there's a daft SQL injection or XSS attack somewhere on the website, or the admin has set his or her password to "iloveyou", or if they've given database access to some auditor with insufficient security, or how effective their detection of suspicious activity is, or how well they're storing passwords. Most people don't even have the knowledge to spot the obvious externally-visible things like a lack of protection against CSRF attacks. (Mt Gox failed at pretty much all of these except for the "iloveyou" one.) What's more, even when evidence of a security breach does come to light most people don't seem to care. Look at all the people on this forum who still trust Mt Gox more than they trust any of its competitors despite all the evidence about its lack of security.
|
Quad XC6SLX150 Board: 860 MHash/s or so. SIGS ABOUT BUTTERFLY LABS ARE PAID ADS
|
|
|
joepie91
|
|
June 22, 2011, 04:17:45 PM |
|
Someone changed my wallet address for BTCguild just today. Thank god for my 24 hour lock. My password wasn't even the same as the one I used for MTGox. I'm going to convert my wallet into QR code and print it, then format my computer. Shit is starting to get real.
Wipe your computer with DBAN (boot and nuke) instead of formatting - this way it will be impossible to recover the wallet file in any way. Yes, after formatting a drive you can sometimes still recover data. I saved someones holiday pics that way once.
|
Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
|
|
|
|