error
|
|
July 05, 2011, 07:46:04 PM |
|
We will look into offering two-factor authentication depending on feedback from the userbase.
Do it do it do it!
|
3KzNGwzRZ6SimWuFAgh4TnXzHpruHMZmV8
|
|
|
joepie91
|
|
July 05, 2011, 07:48:08 PM |
|
How do you deal with stolen funds? If the account of a user gets broken into due to something that is not obviously user error, is there any insurance for these funds?
I second this question. SQ and JoePie, If funds get stolen due to any issues on server side, we will stand behind our product and cover the losses. Any user side compromises of the account will of course not be covered. You can request stricter limits on BTC and USD transfers on your account to prevent hacker from making away with too much cash. Hope this helps, Keyur And what if it is unclear where the issue was? For example, when my $200 was stolen from my Mt. Gox account it was impossible to undeniably prove that it was an issue on their side (as all data that was recorded was an IP and a destination address) - however, it was extremely unlikely that it was an issue on my side (as I had a 20 character alphanumeric mixed case password that was not reused anywhere, and did hours of manual analysis on my machine to verify that I had no malware issues). What action would be taken on CampBX' side in such a case? As to two-factor authentication, a very basic way to prevent thefts from an account would be by offering two-factor auth through a confirmation email when the user tries to withdraw funds anywhere. A slightly better (but although cheap, not free) option would be sending out texts. A slightly more expensive but still fairly cheap option would be offering a digital one-time pad dongle (much like the dongles and calculators provided by other online banks). In my opinion the optimal solution would be automatic (free) two-factor authentication for all users using e-mail or SMS (this is likely cheap enough to be covered by transaction fees), and an optional 'upgrade' to a hardware dongle for a one-time fee/purchase. EDIT: Almost forgot to mention this. In my opinion two-factor authentication is absolutely essential for any serious exchange that acts like a bank to some degree - and from a business perspective of view it would give you an immediate headstart in the Bitcoin exchange market, it being a more-or-less "exclusive feature".
|
Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
|
|
|
datguywhowanders
Member
Offline
Activity: 112
Merit: 10
|
|
July 05, 2011, 07:58:02 PM |
|
As to two-factor authentication, a very basic way to prevent thefts from an account would be by offering two-factor auth through a confirmation email when the user tries to withdraw funds anywhere. A slightly better (but although cheap, not free) option would be sending out texts. A slightly more expensive but still fairly cheap option would be offering a digital one-time pad dongle (much like the dongles and calculators provided by other online banks).
In my opinion the optimal solution would be automatic (free) two-factor authentication for all users using e-mail or SMS (this is likely cheap enough to be covered by transaction fees), and an optional 'upgrade' to a hardware dongle for a one-time fee/purchase.
EDIT: Almost forgot to mention this. In my opinion two-factor authentication is absolutely essential for any serious exchange that acts like a bank to some degree - and from a business perspective of view it would give you an immediate headstart in the Bitcoin exchange market, it being a more-or-less "exclusive feature".
I agree that two-factor needs to be... well... a factor. Due to the digital nature of Bitcoins and the fledgling economy that currently exists, it is going to be a target.
|
Donations Welcome: 163id7T8KZ6MevqT86DjrBF2kfCPrQsfZE
|
|
|
Keyur @ Camp BX (OP)
|
|
July 05, 2011, 08:44:04 PM |
|
How do you deal with stolen funds? If the account of a user gets broken into due to something that is not obviously user error, is there any insurance for these funds?
I second this question. SQ and JoePie, If funds get stolen due to any issues on server side, we will stand behind our product and cover the losses. Any user side compromises of the account will of course not be covered. You can request stricter limits on BTC and USD transfers on your account to prevent hacker from making away with too much cash. Hope this helps, Keyur And what if it is unclear where the issue was? For example, when my $200 was stolen from my Mt. Gox account it was impossible to undeniably prove that it was an issue on their side (as all data that was recorded was an IP and a destination address) - however, it was extremely unlikely that it was an issue on my side (as I had a 20 character alphanumeric mixed case password that was not reused anywhere, and did hours of manual analysis on my machine to verify that I had no malware issues). What action would be taken on CampBX' side in such a case? As to two-factor authentication, a very basic way to prevent thefts from an account would be by offering two-factor auth through a confirmation email when the user tries to withdraw funds anywhere. A slightly better (but although cheap, not free) option would be sending out texts. A slightly more expensive but still fairly cheap option would be offering a digital one-time pad dongle (much like the dongles and calculators provided by other online banks). In my opinion the optimal solution would be automatic (free) two-factor authentication for all users using e-mail or SMS (this is likely cheap enough to be covered by transaction fees), and an optional 'upgrade' to a hardware dongle for a one-time fee/purchase. EDIT: Almost forgot to mention this. In my opinion two-factor authentication is absolutely essential for any serious exchange that acts like a bank to some degree - and from a business perspective of view it would give you an immediate headstart in the Bitcoin exchange market, it being a more-or-less "exclusive feature". Joe, Thank you for the insightful post - we are researching available 2-factor options and implementation costs. I will keep you posted on this. As for the unclear-hack issue, unfortunately there is no clear solution there. We tend to take the southern approach in situations like these, and go based on our relationship with the user. Thank you, Keyur
|
|
|
|
Isepick
|
|
July 05, 2011, 09:01:18 PM |
|
+1 on two-factor...I don't know what cost and complexity would be, but 2-factor via SMS (like Google) would rock. 2-factor with email is not as secure, as it is reasonable that anyone who has your CampBX password may have other passwords (like email) depending on how you were compromised. If someone has my CampBX password and my cell phone, then bitcoins are probably the least of my worries.
|
|
|
|
HideousBeastManGuy
Newbie
Offline
Activity: 56
Merit: 0
|
|
July 05, 2011, 09:08:47 PM |
|
I dunno why exchanges are ignoring the time-tested RSA tokens. You could be the first!
|
|
|
|
DamienBlack
Jr. Member
Offline
Activity: 56
Merit: 1
|
|
July 05, 2011, 09:16:23 PM |
|
Some good deals right now. 4 bitcoins selling under $12.50 when mt gox is at $14. I guess no one has cash there yet.
|
|
|
|
MeSarah
|
|
July 05, 2011, 09:50:39 PM |
|
I too would like to see a two-factor authentication. I would like it to have a hardware componet such as a smartcard or usb dongle. Im sure most would be willing to pay a reasonable price to buy those, but if you get gready and charge an arm-n-leg it would drive people away. It would also be convenient if you could buy this device with btc.
And one last thing. Analytics!! We as traders want as many charts and data points as we can get our eyeballs on. Without this info adoption of CBX will be slow. Ok, really one last thing this time. Getting trade info on bitcoincharts.com is free advertizing for you. CBX should make this a priority.
|
60 GH/s BFL Single SC - Pre-Order Yours Today!`````` Only $1299.99 - butterflylabs.com ``````
|
|
|
QuantumQrack
|
|
July 05, 2011, 10:02:01 PM |
|
In other words, CampBX does not want to be a place for illegal activity! Sure. But according to this document: APPENDIX F: MONEY LAUNDERING AND TERRORIST FINANCING "RED FLAGS" http://www.ffiec.gov/bsa_aml_infobase/pages_manual/OLM_106.htmpurchasing bitcoins is illegal, because you don't know where purchased funds are going. In what country do they go?... So, you have to report every transaction to respective auhtorities!? I've noticed there hasn't been an answer to this yet I don't think. Are all transactions reported to any state or government office?
|
|
|
|
Keyur @ Camp BX (OP)
|
|
July 05, 2011, 10:47:54 PM |
|
In other words, CampBX does not want to be a place for illegal activity! Sure. But according to this document: APPENDIX F: MONEY LAUNDERING AND TERRORIST FINANCING "RED FLAGS" http://www.ffiec.gov/bsa_aml_infobase/pages_manual/OLM_106.htmpurchasing bitcoins is illegal, because you don't know where purchased funds are going. In what country do they go?... So, you have to report every transaction to respective auhtorities!? I've noticed there hasn't been an answer to this yet I don't think. Are all transactions reported to any state or government office? QQ, No, all transaction do not need to be reported. This type of legal requirement would be unfeasible and unenforceable. Thank you, Keyur
|
|
|
|
Keyur @ Camp BX (OP)
|
|
July 05, 2011, 10:51:23 PM |
|
I too would like to see a two-factor authentication. I would like it to have a hardware componet such as a smartcard or usb dongle. Im sure most would be willing to pay a reasonable price to buy those, but if you get gready and charge an arm-n-leg it would drive people away. It would also be convenient if you could buy this device with btc.
And one last thing. Analytics!! We as traders want as many charts and data points as we can get our eyeballs on. Without this info adoption of CBX will be slow. Ok, really one last thing this time. Getting trade info on bitcoincharts.com is free advertizing for you. CBX should make this a priority.
Hi Sarah, Everyone tends to have a very personalized take on how they prefer to view their analytics, so we ended up taking the road of empowering end-user. You can do an export of all your trading history in a CSV file, and use software like Excel / Excelcius / Mathematica to run analysis on it. We are already looking into two-factor and Bitcoincharts! Will keep you posted. Thank you, Keyur
|
|
|
|
Stephen Gornick
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
July 06, 2011, 02:58:08 AM |
|
The Depth Table was confusing to me. Buy Interest | Price BTC 1 | $13. 50 BTC 4 | $11.60 BTC 2 | $10.00
I thought those BTC N were just labels or something at first. I didn't realize that was quantity. e.g., 1+ interest at $13.50 It rounds that down, ... why not list the exact quantity available? Additionally, I see that you have a ticket / help desk system. Is that also for these type of issues (e.g., enhancement requests)?
|
|
|
|
DamienBlack
Jr. Member
Offline
Activity: 56
Merit: 1
|
|
July 06, 2011, 02:59:24 AM |
|
The Depth Table was confusing to me. Buy Interest | Price BTC 1 | $13. 50 BTC 4 | $11.60 BTC 2 | $10.00
I thought those BTC N were just labels or something at first. I didn't realize that was quantity. e.g., 1+ interest at $13.50 It rounds that down, ... why not list the exact quantity available? Additionally, I see that you have a ticket / help desk system. Is that also for these type of issues (e.g., enhancement requests)? I think that is the exact quantity. The few people trading are doing it in round numbers so far.
|
|
|
|
elggawf
|
|
July 06, 2011, 03:14:31 AM |
|
I think that is the exact quantity. The few people trading are doing it in round numbers so far.
I'm reasonably sure it's not - unless someone put a sell offer at $13.49 at the same time I did, my 0.5 got rounded up to 1. They're fixing all these issues as we call them out, which is something I guess. I managed to break it in a most awesome fashion by taking out every last satoshi of Bitcoin at once, which Keyur's team has apparently fixed. The exchange is really rough around the edges and missing a lot of features, but at this point I gotta give it points for responsiveness. Also Keyur, the 0.05 increments of BTC was not expected behavior for me, though it sounds like it was for you guys. Will it always be like that?
|
^_^
|
|
|
FreeMoney
Legendary
Offline
Activity: 1246
Merit: 1016
Strength in numbers
|
|
July 06, 2011, 04:06:51 AM |
|
So you will report some transactions to third parties without the user's permission?
|
Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
|
|
|
Frank White
Newbie
Offline
Activity: 36
Merit: 0
|
|
July 06, 2011, 04:07:53 AM |
|
take the "BTC" out of the depth table, dont round it all the way up, put a pause button on the chart slideshow... , get better graphs, API is needed
layout is cool but it's still a bit confusing to read shit
|
|
|
|
DamienBlack
Jr. Member
Offline
Activity: 56
Merit: 1
|
|
July 06, 2011, 04:14:10 AM |
|
When I went to sell a bitcoin, it gave me an estimate of how much I would get "after commission", and it was lower than the amount I asked. But I though commission was 0 until July 15th.
Also, I would like to be able to get my bitcoins back without paying the transaction fee, if I so choose.
|
|
|
|
elggawf
|
|
July 06, 2011, 04:26:28 AM |
|
When I went to sell a bitcoin, it gave me an estimate of how much I would get "after commission", and it was lower than the amount I asked. But I though commission was 0 until July 15th.
Also, I would like to be able to get my bitcoins back without paying the transaction fee, if I so choose.
They said somewhere that you'll be charged transaction fees, but then at some date (I forget what it was) you'd get the fees refunded that were charged before the 10th.
|
^_^
|
|
|
phillipsjk
Legendary
Offline
Activity: 1008
Merit: 1001
Let the chips fall where they may.
|
|
July 06, 2011, 05:09:25 AM |
|
Looks like my plan to open a safety deposit box at least 10km from my home for off-site back-ups may raise a couple of red flags: - Customer visits a safe deposit box or uses a safe custody account on an unusually frequent basis.
- Safe deposit boxes or safe custody accounts opened by individuals who do not reside or work in the institution’s service area, despite the availability of such services at an institution closer to them.
There are two branches within about 5km. I want my safety deposit box or house to survive a city destroying event. Off-site backups mean bimonthly or biweekly access as well. A little off-topic though.
|
James' OpenPGP public key fingerprint: EB14 9E5B F80C 1F2D 3EBE 0A2F B3DE 81FF 7B9D 5160
|
|
|
Stephen Gornick
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
July 06, 2011, 05:23:32 AM |
|
Looks like the dates are all in the pacific time zone.
If given a chance I would set my profile to display all times as UTC.
|
|
|
|
|