Bitcoin Forum
December 09, 2016, 04:00:30 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 [4] 5 »  All
  Print  
Author Topic: [UPD: взяли еще 24 ч, откроется 25 июня] MtGox откроется з  (Read 6678 times)
aleksey
Full Member
***
Offline Offline

Activity: 235


View Profile WWW
June 25, 2011, 03:53:47 PM
 #61

кто нибудь смог залогинится?

Калькулятор криптовалют - http://Биткоин.РФ/calc/
Cool Bitcoin Calculator - http://aleks1k.github.io/bitcoin-calculator/
Биткоин.РФ - http://xn--90aoahqe0a.xn--p1ai/
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481256030
Hero Member
*
Offline Offline

Posts: 1481256030

View Profile Personal Message (Offline)

Ignore
1481256030
Reply with quote  #2

1481256030
Report to moderator
Dale
Jr. Member
*
Offline Offline

Activity: 31


View Profile
June 25, 2011, 03:54:40 PM
 #62

кто нибудь смог залогинится?
Да. Ждать надо пару минут.
Pahom
Sr. Member
****
Offline Offline

Activity: 273


View Profile
June 25, 2011, 03:54:51 PM
 #63

По какому адресу можно зайти с логином, а не с емэйлом?
Dale
Jr. Member
*
Offline Offline

Activity: 31


View Profile
June 25, 2011, 03:57:04 PM
 #64

По какому адресу можно зайти с логином, а не с емэйлом?
https://mtgox.com
mich
Hero Member
*****
Offline Offline

Activity: 728



View Profile
June 25, 2011, 05:45:44 PM
 #65

Trade is closed right now, until June 26th 15:00 GMT

еще сутки нервно курим
Troll Station
Newbie
*
Offline Offline

Activity: 14



View Profile
June 25, 2011, 07:46:33 PM
 #66

Так ведь сайт уже работает и вполне себе не тормозит.
Баланс всем же показали? С отрицательными значениями решилось?
LZ
Moderator
Legendary
*
Offline Offline

Activity: 1456


Satoshi everywhere!


View Profile WWW
June 25, 2011, 07:50:51 PM
 #67

Да, баланс теперь в порядке. Smiley

"Never invest unless you can afford to lose your entire investment." © S3052
aleksey
Full Member
***
Offline Offline

Activity: 235


View Profile WWW
June 25, 2011, 08:36:18 PM
 #68

у меня через хром не логинится почему то, а через ie без проблем залогинился

Калькулятор криптовалют - http://Биткоин.РФ/calc/
Cool Bitcoin Calculator - http://aleks1k.github.io/bitcoin-calculator/
Биткоин.РФ - http://xn--90aoahqe0a.xn--p1ai/
Troll Station
Newbie
*
Offline Offline

Activity: 14



View Profile
June 25, 2011, 11:09:30 PM
 #69

у меня через хром не логинится почему то, а через ie без проблем залогинился
Дело может быть в старых куках(хотя особой привязки к кукам я не видел на mtgox).
ktotom7
Newbie
*
Offline Offline

Activity: 14


View Profile
June 26, 2011, 04:54:27 AM
 #70

странно.. не логинится.. не под ie не под хромом... пробовал ретрайв сделать тоже ничего не приходит Cheesy
Alda Gordaya
Member
**
Offline Offline

Activity: 65



View Profile
June 26, 2011, 12:43:35 PM
 #71

Так ведь сайт уже работает и вполне себе не тормозит.

насчет "работает" есть сомнения
Quote
I'm a programmer and from what I've heard and seen it looks like software behind MtGox is piece of shit not suitable for production.

It is one thing when security vulnerabilities are caused by rare bugs in code, and completely another thing when they are caused by negligence and disrespect to common practices.

    CSRF: Every form in every web application is by default vulnerable. Thus any professional web developer should be aware of CSRF problems (otherwsie EVERY application he works on will be vulnerable) and should take corrective measures. Which are simple, by the way: just check goddamn referrer! So if you see CSRF somewhere then either this is a sloppy coding or sheer lack of professionalism.

    SQL injections. They are not officially confirmed by MtGox, but people on irc claim that there were SQL injection problems (SQLi). This, again, shows that developers are lame because SQLi is a very serious issue but it is easily preventable: if you use parametrized queries/prepared statements and never modify queries themselves then SQL injections are simply not possible at all.

    Same thing XSS: if you use a templating engine like Smarty in PHP then XSS is not possible because it will 'escape' everything automatically. Naked PHP is very vulnerable, but people should know they are not supposed to build sites like they were 10 years ago.

    It looks like their trading software sucks. I've looked through a websocket API log at time of that large sell-off. Oh my... Yes, there was one large order to sell 500k BTC. I would expect that it would instantly fill it with existing bids (>= 0.01) and show current price with 0.01. But, now, it was slowly filling that huge-ass order for 36 motherfucking minutes, and it was not showing that 0.01 is the current price, so people had no idea of what is going on. (But this information was available through websocket feed.)

    Normally exchanges have automatic 'circuit breakers' -- if price goes too low trading automatically stops. If that was a case with MtGox we would have none of the mess if it would halt right after filling that huge-ass order: it would be easy to undo the damage and people would have no chance so withdraw.

    It was reported that withdrawal limit (no more than $1000 worth of BTC per day) was not properly implemented: a) you could withdraw more if you would do it many times per day; b) it takes current market price to estimate threshold for bitcoin withdrawal. If there is no smoothing/averaging it is vulnerable to 'large sell-off' attacks.

    Looking through websocket feed logs I've noticed that prices are sometimes represented as floats and sometimes as strings. E.g. 0.01 and "0.01". This means that there is some weak-typed fun going on inside and it can be a serious source of bugs. I think that weakly typed languages like PHP SHOULD NOT be used for financial software. Ideally it should be implemented in strongly and statically-typed language like Java.

    In their official announcement they said that account balances were very wrong. This indicates serious bugs or SQLi at work.

So it was not an isolated incident, software is simply full of bugs and is written in a sloppy manner. Any half-competent team would not allow software of this quality to be used in production: they would stop site and bring it back only when it is fixed.

Thus it looks like team behind MtGox is either extremely incompetent, or greedy, or both.
Troll Station
Newbie
*
Offline Offline

Activity: 14



View Profile
June 26, 2011, 01:13:42 PM
 #72

насчет "работает" есть сомнения
Сами проверяли? XSS, SQL Injecion и другие способы пролезть куда-то далее вебинтерфейса?
MiF
Member
**
Offline Offline

Activity: 83


View Profile
June 26, 2011, 02:02:53 PM
 #73

Вывод работает. 110$ на LR получены без проблем с обычной задержкой.
Troll Station
Newbie
*
Offline Offline

Activity: 14



View Profile
June 26, 2011, 02:28:50 PM
 #74

И еще по поводу задержек.
Страшно тормозит вебинтерфейс, скрипты апишки через браузер выполняются, а торговый робот зависает на обновлении тикера.
С btcex и TH все в порядке. Странно.
MiF
Member
**
Offline Offline

Activity: 83


View Profile
June 26, 2011, 08:55:25 PM
 #75

С btcex и TH все в порядке. Странно.

Действительно странно, что совершенно разные и не связанные между собой сайты ведут себя по разному. Очень, очень странно.
Troll Station
Newbie
*
Offline Offline

Activity: 14



View Profile
June 26, 2011, 10:37:40 PM
 #76

С btcex и TH все в порядке. Странно.

Действительно странно, что совершенно разные и не связанные между собой сайты ведут себя по разному. Очень, очень странно.
странность с моей стороны в том, что прога зависает в конкретном месте, без видимой на то причины.
aistto
Legendary
*
Offline Offline

Activity: 1005


View Profile
June 27, 2011, 06:31:35 AM
 #77

уже дней 5 жду восстановления пароля.
ни отказа ни пожтверждения нет.
Aqualung
Sr. Member
****
Offline Offline

Activity: 372



View Profile
June 27, 2011, 06:33:12 AM
 #78

видимо пора писать на мыло им...

used to be a miner
jacoder
Jr. Member
*
Offline Offline

Activity: 46


View Profile
June 27, 2011, 06:38:55 AM
 #79

уже дней 5 жду восстановления пароля.
ни отказа ни пожтверждения нет.
Sad Я ждал 6 дней.. Huh
видимо пора писать на мыло им...
Angry Написал вчера - ни ответа ни привета.  Angry
 
Undecided Сегодня ушел на TradeHill.
Aqualung
Sr. Member
****
Offline Offline

Activity: 372



View Profile
June 27, 2011, 07:22:10 AM
 #80

хм, с MtGox прислали мне письмо с кодом для восстановления пароля, типа я запрос на восстановление делал, хотя я ничего не делал... хм хм  Undecided

used to be a miner
Pages: « 1 2 3 [4] 5 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!