Give MtGox a break

[JonasKohlheim]

They were the most popular, they were the biggest.
Of course that makes them the number one target as well.
And they did get attacked.

But why being so harsh towards them? Seriously, the hackers tried and will have kept trying to find a weak spot until they succeed.
This Sunday, they succeeded.

MtGox now just needs to handle the situation in a calm matter, which they are actually doing quite good:
The made some very good calls
1) They froze the websites and took the servers off line ASAP
2) They worked together with google to warn all the Gmail users ASAP

They are now handling the situation in an offline environment it seems, where they have everything under control.

What else do you expect them to do? Do you expect them to just go online just 5 hours after an attack, to make you all happy in the short term, but compromise everyone and everything in the process?!?

Give them a break, they are doing a good job at handling the situation and I respect them for it. Be patient, please.

[dev^]

What else do you expect them to do?

Deliver helpful status informations.

[BitcoinPorn]

Yeah.  I am with Jonas everybody who had their "real world" cash involved in this incident.   Just let this one side, I'm sure Gox will try better next time.  And if not, threes a charm!

[bitsalame]

They were the most popular, they were the biggest.
Of course that makes them the number one target as well.
And they did get attacked.

But why being so harsh towards them? Seriously, the hackers tried and will have kept trying to find a weak spot until they succeed.
This Sunday, they succeeded.

MtGox now just needs to handle the situation in a calm matter, which they are actually doing quite good:
The made some very good calls
1) They froze the websites and took the servers off line ASAP
2) They worked together with google to warn all the Gmail users ASAP

They are now handling the situation in an offline environment it seems, where they have everything under control.

What else do you expect them to do? Do you expect them to just go online just 5 hours after an attack, to make you all happy in the short term, but compromise everyone and everything in the process?!?

Give them a break, they are doing a good job at handling the situation and I respect them for it. Be patient, please.

They weren't proving and finding "new vulnerabilities"
Mt.Gox had very old and trivial misconfigurations that most security conscious administrator would have spotted immediately.
Considering the seriousness, sensitivity and the scale of this operation, it is unforgivable that it got taken down with these stupid exploits.

After the attack we demand transparency.
The only thing we got are lies.
It leaves much to be desired.

[d.james]

I'll go easy on them if they paid me their daily trade commission.

I also expect them to do what they should do when someone gets paid with that commission.

[Findeton]

I expect them to work hard to solve the problem. I'm not saying they have to solve it instantly, but they've also contributed to people's anxiety stating that they would reopen mtgox today at 2 am GTM...

Anyways, yes, I prefer them to be perfectly sure that the claim webpage works before I use it.

[Batouzo]

They were the most popular, they were the biggest.
Of course that makes them the number one target as well.

Their had a cluster fuck negligent fuck up instead of a security system.
IT students do better job at security.
Half of people that spoken about the DB leak has better knowledge about how the system should be secured.

[silverman]

I think I agree with the rollback. I'm not really sure.

But I won't give Mt.Gox a break because :

1. They gave away private customer information to an outside party, who then spread it across the net.

2. They apparently have called in some authority who will doubtless be asking for even more information.

3. Have not been as transparent with us about these issues as they have been with those who might use the information to take down Bitcoin and us Bitcoin users.

[nazgulnarsil]

if you can't afford a security guy you can't afford to open for business.

[chihlidog]

My email address and my hash are floating around on a document that anyone can download. No, I dont think I am going to give them a break. He hasnt even apologized for that. Hes acting like he did everything he could. Fact is, he got greedy, jumped in over his head, and now we pay the price. The hit that BTC is taking and will take from this has cost me money. My email address has been compromised. All from an avoidable incident that could have been prevented. And I havent even heard an apology. No, sorry, I wont give him a break.

[unixdude]

if you can't afford a security guy you can't afford to open for business.

Can't help but agree but would say that is the absolute minimum you should do. I would even say hire a CISO to get your security policies in order and  bring in a CEH to regularly test the site/ related networks for vulnerabilities it may cost them but it is worth it in the long run as the damage done to a reputation due to an event like this is immense.

[semarjt]

if you can't afford a security guy you can't afford to open for business.

This is the hilarious part to me.

The things they are struggling with are not actual security issues

Locking your front door is not a security issue, it is just common sense.

These trivial things that have been solved a million times and can and should be automatic

You don't hire a security guy to come lock your front door.