To all exchanges: Please do this...

[proudhon]

I think every bitcoin exchange needs to require a bitcoin address at registration.  Then, something like what deepbit does needs to be implemented where that address cannot be changed except by email verification to the email associated with the account.  That way if something crazy happens the exchange can return what's ours more easily without everybody needing to go through some crazy verification process.

[1714129274]

1714129274

[1714129274]

1714129274

[1714129274]

1714129274

[1714129274]

1714129274

[Desu]

E-mail verifcation on all transactions.
JS.

[Jered Kenna (TradeHill)]

We're considering all options.
The downside to a fixed address is when someone wants to cash out to someone else, which happens all the time.

We're looking at the best way to authenticate and will implement something soon.

-Jered

[GeniuSxBoY]

E-mail verifcation on all transactions.
JS.

didn't hackers go in and change email addresses?

[TonyHoyle]

didn't hackers go in and change email addresses?

So have email address verification to change the email :p

Lots of sites do this and it works well.

Of course if you used the same password for your email and your exchange, you're hosed.. but there's only so much you can protect against.

[joan]

E-mail verifcation on all transactions.

The idea of the address is that even if your E-mail gets compromised, the hacker cannot send the coins to himself.

I also think sites related to Bitcoin should try to think more in terms of addresses rather than users.
In this regards, I wish I could select the address to send coins from. This way it could serve to prove my identity (And that's why reusing addresses like in MyBitcoin is a bad idea IMHO).
Signing stuff with the private key of an address would open some perspectives too.

Cashing out to someone else would just need to cash out to himself first and then transfer (less privacy though).

[Desu]

E-mail verifcation on all transactions.

The idea of the address is that even if your E-mail gets compromised, the hacker cannot send the coins to himself.

I also think sites related to Bitcoin should try to think more in terms of addresses rather than users.
In this regards, I wish I could select the address to send coins from. This way it could serve to prove my identity (And that's why reusing addresses like in MyBitcoin is a bad idea IMHO).
Signing stuff with the private key of an address would open some perspectives too.

Cashing out to someone else would just need to cash out to himself first and then transfer (less privacy though).

Protection should be number one, The value of the BTC is to high even after all this commotion to worry about a little less privacy versus the loss of BTC.

[khal]

We're considering all options.
The downside to a fixed address is when someone wants to cash out to someone else, which happens all the time.

We're looking at the best way to authenticate and will implement something soon.

-Jered

When this patch will be accepted in bitcoin (it allows to sign a message with a bitcoin address), you could require a bitcoin address at the registration time and if people wan't to withdraw to another address, they just have to sign the new address with the default address. This allow you to :
- prove you own the original address (you can only sign messages with this address if it is in your wallet and you own the private key)
- give your trust to other addresses

Signing a message :
1L5zqFahc8Ahu9wtgJqCeJMendvD174xsG is the address given at registration time.

Code:

./bitcoind signmessage 1L5zqFahc8Ahu9wtgJqCeJMendvD174xsG "New address : xxxxxxxxxxxxxxxxxxxxxxxx"

Then, you need to give the output of the command to the website which will verify it (another "simple" command line). And it's done :
- identity verified
- the new address is provided by the verified identity in a secured way

[MaGNeT]

We're considering all options.
The downside to a fixed address is when someone wants to cash out to someone else, which happens all the time.

We're looking at the best way to authenticate and will implement something soon.

-Jered

It's not a downside.
I can send the BTC to my own wallet and then transfer them to the wallet of another person.
So there is no need to have the option to send it to another person...

[dinker]

Thanks for the info, mtgox is down right now is there a backup address I can send my file? I have many coins I need to secure them ASAP. thx!

[TonyHoyle]

Thanks for the info, mtgox is down right now is there a backup address I can send my file? I have many coins I need to secure them ASAP. thx!

 

 

[Desu]

News just in:

Mt.Gox creates an innovative new security measure. Users must upload their wallet.dat file to the server when they want to log-in for authentication. This cutting edge technology will ensure that all the users information is kept safe and secure.

Uh, Fail? How is that more secure?

[drknark]

News just in:

Mt.Gox creates an innovative new security measure. Users must upload their wallet.dat file to the server when they want to log-in for authentication. This cutting edge technology will ensure that all the users information is kept safe and secure.

Uh, Fail? How is that more secure?

"Whooosh" (sound of the joke flying over your head) 

[andrepcg]

News just in:

Mt.Gox creates an innovative new security measure. Users must upload their wallet.dat file to the server when they want to log-in for authentication. This cutting edge technology will ensure that all the users information is kept safe and secure.

Uh, Fail? How is that more secure?

someone does not understand sarcasm...

[MaGNeT]

News just in:

Mt.Gox creates an innovative new security measure. Users must upload their wallet.dat file to the server when they want to log-in for authentication. This cutting edge technology will ensure that all the users information is kept safe and secure.

Uh, Fail? How is that more secure?

someone does not understand sarcasm...

Everyone understands sarcasm....