Bitcoin Forum
December 09, 2016, 12:21:32 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Something I don't get about GOX.  (Read 1095 times)
Hook^
Jr. Member
*
Offline Offline

Activity: 56


View Profile
June 25, 2011, 03:16:47 PM
 #1

There is something about their announcement that has been bothering me.  They said that their site wasn't hacked, but an auditor 'lost' the password hashes.  If that is correct, then why does their site say that it has vastly improved security?  If their site was already secure, why do they need to 'vastly improve' the security?

It sounds like a tacit admition to the sql injection rumors floating around. 
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
teflone
Hero Member
*****
Offline Offline

Activity: 770


You're fat, because you dont have any pics on FB


View Profile
June 25, 2011, 03:18:26 PM
 #2

There was your money, .....     GONE!


For Canadians by Canadians: Canada's Bitcoin Community - https://www.coinforum.ca/
relative
Jr. Member
*
Offline Offline

Activity: 56


View Profile
June 25, 2011, 03:18:57 PM
 #3

their official story is so full of BS I'm tired of even discussing it.
ploum
Sr. Member
****
Offline Offline

Activity: 378



View Profile WWW
June 25, 2011, 03:23:14 PM
 #4

Typical reaction: if someone tried to break your door but finally stole your keys, you will want a more secure door.

In a sense, it is logical because they realized that, next time, someone might be able to break the door.

Blog posts about Bitcoin - 1KdRBbhjo72CqKTrFsQed6s9NMrvwvrUkq
AtlasONo
Hero Member
*****
Offline Offline

Activity: 551



View Profile
June 25, 2011, 03:25:02 PM
 #5

Because it's what the people demanded.
julz
Legendary
*
Offline Offline

Activity: 1092



View Profile
June 25, 2011, 03:25:40 PM
 #6

...If their site was already secure, why do they need to 'vastly improve' the security?
It sounds like a tacit admition to the sql injection rumors floating around. 

The database leak showed that the passwords were not stored particularly securely - so that at least needed to be fixed.
Because a fair amount of the account info is now public - that also forced them to implement extra security features e.g the IP address checking they did for account reclamation.
Also - they said they intended to keep the existing server 'as is' for investigation purposes.

It does seem a possibility that the auditor story is a cover story for an underlying sql injection vulnerability - but I don't see this as a tacit admission
 -  it's still just speculation as far as I can tell.



@electricwings   BM-GtyD5exuDJ2kvEbr41XchkC8x9hPxdFd
TraderTimm
Legendary
*
Offline Offline

Activity: 1652



View Profile
June 25, 2011, 03:27:15 PM
 #7

We need more Mt.Gox threads guys, I think you are falling behind.

Only a few more before the front discussion page will be nothing but Gox! (As if that was the only thing going on at the moment.)

fortitudinem multis - catenum regit omnia
BTC Economist
Member
**
Offline Offline

Activity: 112


View Profile
June 25, 2011, 03:29:04 PM
 #8

Where did all the "hehehe" usernames come from?  I think those most have been SQL injected.  The hackers tested the system injecting users, then went for the whole database.  Gox is liars.  I don't know why anyone would trust any money with them.

When BTC soars, you need to be READY!  PM me to learn more about my new e-book, How to Create and Profit from the Second Bitcoin Bubble available exclusively to BTC forum members!

17JzkreEBYNHQM9tMTiUKCHANofwzHRLhP
TiagoTiago
Hero Member
*****
Offline Offline

Activity: 616


Firstbits.com/1fg4i                :Ƀ


View Profile
June 25, 2011, 03:30:29 PM
 #9

Security is not just about software, but about the company guidelines when dealing with wetware as well

(I dont always get new reply notifications, pls send a pm when you think it has happened)

Wanna gimme some BTC for any or no reason? 1FmvtS66LFh6ycrXDwKRQTexGJw4UWiqDX Smiley

The more you believe in Bitcoin, and the more you show you do to other people, the faster the real value will soar!

Do you like mmmBananas?!
Mark Oates
Full Member
***
Offline Offline

Activity: 168



View Profile
June 25, 2011, 03:33:59 PM
 #10

ITS UP! I'M IN!
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!