Inputs.io Security

[killerstorm]

Designing your system to fail gracefully without financial consequences is far more important than designing it not to fail or get compromised.

OK, so if I read this correctly:

It is almost six months ago that Bitcoin Central, the main Bitcoin exchange in France, shut down after losing tens of thousands of dollars to an online attack. The attacker managed to get in by breaking into the exchange’s virtual private server, allowing them to access its online “hot wallet” and withdraw all of the funds. ... But now, after nearly five and a half months of downtime, Bitcoin Central is back online.

your utter incompetence cost company the content of hot wallet + 6 months of downtime.

And now you feel like you're in position to lecture anybody on security....

Dunning–Kruger at it's finest.

[tvbcof]

This reminds me, have you published a debriefing about the technical details of your problems davout?  If so, can you point to it?

I have a comprehensive forensic audit report sitting in one of my drawers, made by a decent IT security firm.
There's no perceived interest on my side to share it with bitcointalk though.

Believe it or not I actually want the Instawallet hassles to be an understandable failure against a significant attack

Nobody cares about what you want.
It is however in our plans to publish some procedures at some point, maybe some security-related code too.

Ya, Bitcointalk.org does not seem like an appropriate place for such a thing.  A well constructed outline on your web site(s) somewhere makes more sense.  I'd suggest 'About Us', and under a sub-section along the lines of 'Why we are not as big a jack-offs as old timers remember.'

But anyway, do as you wish.  It's your business to run as you please.  I guess you needed to upgrade from your 'military grade' computers to something even more secure for your current operations?

[davout]

OK, so if I read this correctly:

Whether you read it correctly is irrelevant since it is factually incorrect.

I'd suggest

I have, as usual, no particular interest in your suggestions.

[tvbcof]

I'd suggest

I have, as usual, no particular interest in your suggestions.

Enough to respond, apparently.  I'm honored.

[mccoyspace]

Maybe TradeFortress will be back making similar posts in 6 months.

[InwardContour]

Maybe TradeFortress will be back making similar posts in 6 months.

he'll be running another lucrative long con within a year. i have completely lost faith in this community's resolve to root out scammers.

[moderate]

Passwords are never communicated through cleartext in any circumstance. Your browser automatically hashes your password.

So the hash becomes the password, right?
If the hash is intercepted can it not be used to authorize bogus requests?
I mean if the server never sees the password in clear it can't check it in any way, if it checks the hash, and the hash is intercepted it can be used to forge requests.

We use bcrypt with a user unique salt.

Thumbs up. Isn't the salting already built right into bcrypt though?

We have decoy accounts which are populated by "real" user data from our other databases. The hot pocket server automatically dumps all coins to cold storage if it sees a payment request from a decoy account. We have methods that makes it very hard for an attacker to determine if an account is decoy or not, even with root access to the linode machine and listening to traffic.

If I was you I wouldn't underestimate the ability for an attacker to tell a decoy apart from a legitimate account given enough time, access to your traffic, access to blockchain data and access to basic taint-analysis tools of wallet fundings. But since I don't really know anything about your specifics I won't comment further.

The approach we'll outline is more systematic and doesn't use tricks such as decoys, honeypots and other traps, I think you'll like it when you read about it.

Now that we know all TF said was bullshit, can you be honest about your approach ? Did you write about it somewhere ?

[davout]

I'm honored.

It doesn't take much

Did you write about it somewhere ?

Here and there, no comprehensive how-we-roll kind of post yet though.
When it's published, some of the internally developed tools will be open-sourced too, talking is easy, actually implementing stuff is something else entirely

[tvbcof]

I'm honored.

It doesn't take much

Lol!  Evidently not

[Damnsammit]

Maybe TradeFortress will be back making similar posts in 6 months.

he'll be running another lucrative long con within a year. i have completely lost faith in this community's resolve to root out scammers.

Bitcoin is perfect for criminals.  I really thought this community would have more umm... enforcers.