Bitcoin Forum
December 10, 2016, 12:44:02 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: [ANN] Fee-less Liberty Reserve Deposits via AurumXchange!  (Read 1935 times)
Mt.Gox Support
VIP
Sr. Member
*
Offline Offline

Activity: 308



View Profile
December 05, 2011, 06:55:15 AM
 #1

We are excited to announce that our partner AurumXchange is now offering 0% Fees on all Mt.Gox Liberty Reserve deposits.

The offer is only available via AurumXchange.com and is limited to Liberty Reserve at this time. If you use Liberty Reserve through AurumXchange the funds will be added to your account in an instant!!

HOW TO FUND YOUR ACCOUNT USING LIBERTY RESERVE:

  • Go to https://www.aurumxchange.com/exchange
  • Select Liberty Reserve (USD) in the "From Currency" field.
  • Select "MtGox code (USD)" in the "To Currency" field.
  • Enter the amount you wish to load into your MtGox account into the amount field
  • Enter and confirm your email address, enter the CAPTCHA code and press the "Continue" button
  • Your exchange order will be displayed. If everything looks good, press the "Pay Now" button to make your Liberty Reserve payment.

Once you payment is made, AurumXchange will send you the USD MtGox code within seconds.

Mt.Gox : The Leading International Bitcoin Exchange.
Mt.Gox Merchant Solutions : https://mtgox.com/merchant
1481373842
Hero Member
*
Offline Offline

Posts: 1481373842

View Profile Personal Message (Offline)

Ignore
1481373842
Reply with quote  #2

1481373842
Report to moderator
1481373842
Hero Member
*
Offline Offline

Posts: 1481373842

View Profile Personal Message (Offline)

Ignore
1481373842
Reply with quote  #2

1481373842
Report to moderator
1481373842
Hero Member
*
Offline Offline

Posts: 1481373842

View Profile Personal Message (Offline)

Ignore
1481373842
Reply with quote  #2

1481373842
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481373842
Hero Member
*
Offline Offline

Posts: 1481373842

View Profile Personal Message (Offline)

Ignore
1481373842
Reply with quote  #2

1481373842
Report to moderator
1481373842
Hero Member
*
Offline Offline

Posts: 1481373842

View Profile Personal Message (Offline)

Ignore
1481373842
Reply with quote  #2

1481373842
Report to moderator
ahbritto
Full Member
***
Offline Offline

Activity: 128


Ripple


View Profile WWW
December 05, 2011, 07:59:45 AM
 #2

How do they securely send a MtGox code?
jojkaart
Member
**
Offline Offline

Activity: 97


View Profile
December 05, 2011, 03:50:30 PM
 #3

How do they securely send a MtGox code?


When I transfered money to mtgox through aurumxchange, everything went fine. However, the MtGox code was sent to me in an email, unencrypted.
Mt.Gox Support
VIP
Sr. Member
*
Offline Offline

Activity: 308



View Profile
December 07, 2011, 08:42:27 AM
 #4

How do they securely send a MtGox code?


When I transfered money to mtgox through aurumxchange, everything went fine. However, the MtGox code was sent to me in an email, unencrypted.


This is will change pretty soon and you will have a nice little surprise on how things will be implemented. I cannot comment further since I will let AurumXchange the pleasure to do so, still, I am sure you will like it.

Cheers

Mt.Gox : The Leading International Bitcoin Exchange.
Mt.Gox Merchant Solutions : https://mtgox.com/merchant
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2002



View Profile
December 24, 2011, 09:39:09 PM
 #5

Once you payment is made, AurumXchange will send you the USD MtGox code within seconds.

If I understand the process correctly, that last step in the process concerns me.  Mt. Gox codes are redeemable by the bearer.  Is AurumXChange seriously sending the Mt. Gox code through e-mail?

E-mail messages are transmitted using the SMTP protocol.  SMTP is not a secure method for communicating.  

Quote
SMTP [RFC-821] servers and clients normally communicate in the clear over the Internet. In many cases, this communication goes through one or more router that is not controlled or trusted by either entity. Such an untrusted router might allow a third party to monitor or alter the communications between the server and client.
- http://www.ietf.org/rfc/rfc2487.txt

At some point, some unscrupulous network engineer or sysadmin at one of those router hops or a compromised system somewhere enroute is going to start filtering and capturing the mtgox codes and then redeem them.  The chances of getting caught, if done properly, are likely extremely low -- any hop could have been the one where the sniffing occurred and even then the code, once redeemed, can get converted to bitcoin funds and withdrawn.

Has there ever been an AurumXChange customer that claimed that the code they received showed that it had already been redeemed?  If so, it will be difficult for either AurumXChange or Mt. Gox to determine if it was the customer attempting to double spend that code or if it instead was the result of some cyber thief somewhere between AurumXChange and my open wi-fi connection at this coffee shop.

If e-mail will be the method or transferring the code then, at a minimum, the risks should be explained and I as the customer then be given the option for the message to be sent encrypted (using my PGP public key).

Aggro
Donator
Sr. Member
*
Offline Offline

Activity: 296



View Profile
December 29, 2011, 10:44:20 PM
 #6

Hello Stephen,

Thank you for your input. While I do agree that email is inherently not secure, in practice, we have not had a single customer complaining about a stolen code (and we have processed over a thousand deposits at the time of this writing).

If email intercept were a common practice, the interception of an MtGox code would be probably the least of my concerns. What about people resetting your password and gaining access to your MtGox account, bank account, etc. by simply requesting a "reset my password by email". How many entities use a "reset password by email" without additional check and constrains? Wouldn't you agree?

Finally, please note that we DO warn the customer (and have always done so) as seen on this example:



In any case, we have recently implemented a new membership system and will move the retrieval of codes behind a password protected area.

Thanks!
Roberto

Once you payment is made, AurumXchange will send you the USD MtGox code within seconds.

If I understand the process correctly, that last step in the process concerns me.  Mt. Gox codes are redeemable by the bearer.  Is AurumXChange seriously sending the Mt. Gox code through e-mail?

E-mail messages are transmitted using the SMTP protocol.  SMTP is not a secure method for communicating.  

Quote
SMTP [RFC-821] servers and clients normally communicate in the clear over the Internet. In many cases, this communication goes through one or more router that is not controlled or trusted by either entity. Such an untrusted router might allow a third party to monitor or alter the communications between the server and client.
- http://www.ietf.org/rfc/rfc2487.txt

At some point, some unscrupulous network engineer or sysadmin at one of those router hops or a compromised system somewhere enroute is going to start filtering and capturing the mtgox codes and then redeem them.  The chances of getting caught, if done properly, are likely extremely low -- any hop could have been the one where the sniffing occurred and even then the code, once redeemed, can get converted to bitcoin funds and withdrawn.

Has there ever been an AurumXChange customer that claimed that the code they received showed that it had already been redeemed?  If so, it will be difficult for either AurumXChange or Mt. Gox to determine if it was the customer attempting to double spend that code or if it instead was the result of some cyber thief somewhere between AurumXChange and my open wi-fi connection at this coffee shop.

If e-mail will be the method or transferring the code then, at a minimum, the risks should be explained and I as the customer then be given the option for the message to be sent encrypted (using my PGP public key).
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!