coin_toss (OP)
Member
Offline
Activity: 117
Merit: 10
|
|
February 21, 2012, 10:33:12 AM |
|
why are bitcointalk and mtgox hosted on the same server anyway? That is just dumb. We should never be in a situation where gox is down and we can't even come to the forums to find out what the hell is going on.
|
|
|
|
Brian DeLoach
VIP
Full Member
Offline
Activity: 166
Merit: 100
|
|
February 21, 2012, 10:41:34 AM |
|
why are bitcointalk and mtgox hosted on the same server anyway?
They are hosting it for free.
|
|
|
|
Ente
Legendary
Offline
Activity: 2126
Merit: 1001
|
|
February 21, 2012, 02:00:01 PM |
|
why are bitcointalk and mtgox hosted on the same server anyway? ..which suggests even more trouble: Gain root on "bitcointalk" = gain root on "MtGox" too. megawallet.dat, achievement unlocked! All this doesnt sound too professionally thought out. Ente
|
|
|
|
Mushoz
|
|
February 21, 2012, 02:04:24 PM |
|
why are bitcointalk and mtgox hosted on the same server anyway? ..which suggests even more trouble: Gain root on "bitcointalk" = gain root on "MtGox" too. megawallet.dat, achievement unlocked! All this doesnt sound too professionally thought out. Ente 90-95% if not more of their funds is in cold storage, meaning a hack won't be able to access those coins. The "hacker" would need psychical access, ie robbing one of the banks where the private key to their wallet is stored. Good luck with that
|
www.bitbuy.nl - Koop eenvoudig, snel en goedkoop bitcoins bij Bitbuy!
|
|
|
muyuu
Donator
Legendary
Offline
Activity: 980
Merit: 1000
|
|
February 21, 2012, 03:34:20 PM |
|
90-95% if not more of their funds is in cold storage, meaning a hack won't be able to access those coins. The "hacker" would need psychical access, ie robbing one of the banks where the private key to their wallet is stored. Good luck with that I bet 5-10% of mtGox funds is still a LOT of money.
|
GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D) forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
|
|
|
Mushoz
|
|
February 21, 2012, 03:43:10 PM |
|
90-95% if not more of their funds is in cold storage, meaning a hack won't be able to access those coins. The "hacker" would need psychical access, ie robbing one of the banks where the private key to their wallet is stored. Good luck with that I bet 5-10% of mtGox funds is still a LOT of money. Sure, but then again, I doubt there are that stupid that gaining root access to the forums would compromise their Mtgox site as well. Just saying And I just checked the numbers again, it's 90-98% in cold storage, so that's great =]
|
www.bitbuy.nl - Koop eenvoudig, snel en goedkoop bitcoins bij Bitbuy!
|
|
|
muyuu
Donator
Legendary
Offline
Activity: 980
Merit: 1000
|
|
February 21, 2012, 03:56:33 PM |
|
Sure, but then again, I doubt there are that stupid that gaining root access to the forums would compromise their Mtgox site as well. Just saying And I just checked the numbers again, it's 90-98% in cold storage, so that's great =] If it's true that they run in the actual same server I'm appalled with this decision. Absolutely crazy and absolutely not banking security standards.
|
GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D) forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5348
Merit: 13336
|
|
February 21, 2012, 04:37:01 PM |
|
why are bitcointalk and mtgox hosted on the same server anyway? ..which suggests even more trouble: Gain root on "bitcointalk" = gain root on "MtGox" too. megawallet.dat, achievement unlocked! All this doesnt sound too professionally thought out. The forum isn't on the same server as MtGox.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
muyuu
Donator
Legendary
Offline
Activity: 980
Merit: 1000
|
|
February 21, 2012, 04:51:51 PM |
|
The forum isn't on the same server as MtGox.
Glad to hear that. Where did that rumour start then?
|
GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D) forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5348
Merit: 13336
|
|
February 21, 2012, 07:59:52 PM |
|
Glad to hear that. Where did that rumour start then?
MtGox does host the forum on the same network as MtGox (I think), but it's definitely on a different server.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
Matthew N. Wright
Untrustworthy
Hero Member
Offline
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
|
|
February 21, 2012, 11:37:41 PM |
|
Sure, but then again, I doubt there are that stupid that gaining root access to the forums would compromise their Mtgox site as well. Just saying And I just checked the numbers again, it's 90-98% in cold storage, so that's great =] If it's true that they run in the actual same server I'm appalled with this decision. Absolutely crazy and absolutely not banking security standards. This video explains how it all happened. [Dated]
|
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5348
Merit: 13336
|
|
February 21, 2012, 11:57:20 PM |
|
This video explains how it all happened. [Dated] Please don't post this video without telling people that most of it is false. Someone might get confused.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
Matthew N. Wright
Untrustworthy
Hero Member
Offline
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
|
|
February 22, 2012, 12:08:18 AM |
|
This video explains how it all happened. [Dated] Please don't post this video without telling people that most of it is false. Someone might get confused. Not sarcasm, but what's false? Can we start a new thread about it and clarify?
|
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5348
Merit: 13336
|
|
February 22, 2012, 01:01:13 AM Merited by PowerGlove (1) |
|
Not sarcasm, but what's false?
- The vulnerabilty was not "well-known". It was a 0-day vulnerability later patched by SMF. Probably you took the Buttcoin "report" on the vulnerability to be true, but that article was entirely made-up. The vulnerability had nothing to do with JavaScript or smilies. - The issue wasn't used as an excuse to transfer the forum to MtGox. Sirius and I tried to track down the vulnerability, but we had no experience in this area and we couldn't find it, so Sirius decided to transfer responsibility of managing the server to someone else. - The transfer to MtGox wasn't a secret. Sirius emailed ~13 of the top Bitcoiners to discuss transfering management of the server to someone else. Mark volunteered: Jeff Garzik, Sirius, and I agreed that he was the best choice. I mentioned this on IRC shortly after the decision was made. The email conversation was later published. - If that $100,000 offer would have been accepted, all of the money would have been donated to the development group or some other appropriate non-profit organization. (This offer was discussed among the same "core group" as above.)
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
Matthew N. Wright
Untrustworthy
Hero Member
Offline
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
|
|
February 22, 2012, 08:46:41 AM |
|
Not sarcasm, but what's false?
- The vulnerabilty was not "well-known". It was a 0-day vulnerability later patched by SMF. Probably you took the Buttcoin "report" on the vulnerability to be true, but that article was entirely made-up. The vulnerability had nothing to do with JavaScript or smilies. - The issue wasn't used as an excuse to transfer the forum to MtGox. Sirius and I tried to track down the vulnerability, but we had no experience in this area and we couldn't find it, so Sirius decided to transfer responsibility of managing the server to someone else. - The transfer to MtGox wasn't a secret. Sirius emailed ~13 of the top Bitcoiners to discuss transfering management of the server to someone else. Mark volunteered: Jeff Garzik, Sirius, and I agreed that he was the best choice. I mentioned this on IRC shortly after the decision was made. The email conversation was later published. - If that $100,000 offer would have been accepted, all of the money would have been donated to the development group or some other appropriate non-profit organization. (This offer was discussed among the same "core group" as above.) I'll add this quote to the video page for clarity. Thanks!
|
|
|
|
coin_toss (OP)
Member
Offline
Activity: 117
Merit: 10
|
|
February 22, 2012, 12:56:52 PM |
|
why are bitcointalk and mtgox hosted on the same server anyway? ..which suggests even more trouble: Gain root on "bitcointalk" = gain root on "MtGox" too. megawallet.dat, achievement unlocked! All this doesnt sound too professionally thought out. The forum isn't on the same server as MtGox. Thank you for correcting my earlier misstatement. I do not have any special knowledge about the server's MtGox and bitcointalk are hosted on. I was merely basing my comments on the press release made by MtGox following the downtime, which said: "On February 21 at approximately 3pm JST, Mt.Gox and other websites hosted by Mt.Gox suffered an unplanned outage caused by a Kernel Panic on our main server." I assumed this main server was hosting both sites. If, as you say, they are hosted on separate servers, that does alleviate some of my concerns. However, I still maintain that we should not ever be in a situation where both sites go down together. These sites are unquestionably the two most important resources in the bitcoin community - surely they can be hosted in a more independent manner. If Mark is going to be responsible for both sites so be it, but he should at least use 2 separate hosting providers.
|
|
|
|
DBordello
|
|
February 23, 2012, 06:47:44 AM |
|
My understanding from the Mt. Gox documents and IRC conversations with MagicalTux is that Mt. Gox owns a pair of very beefy servers (64 cores, 96gb of ram, etc). These servers are used to host virtual machines for various uses (Mt. Gox web servers, backend, etc). I would guess that bitcointalk is hosted on one of these virtual machines. When the host server kernel panic'ed, all of the virtual machines went down, including bitcointalk. Source: https://mtgox.com/press_release_20120201.html slide 8.
|
www.BTCPak.com - Exchange your bitcoins for MP: Secure, Anonymous and Easy!
|
|
|
|