zhoutong (OP)
VIP
Hero Member
 Offline
Activity: 490
Merit: 502
|
 |
March 23, 2012, 02:12:46 PM |
|
This post is intended to inform all interested parties about Linode's response to Bitcoinica. [829136] LINODE SECURITY BREACH -- $222,520 STOLEN
Status Opened Last Updated Closed On Regarding
CLOSED 21 days ago by bitcoinica 17 hours ago by tasaro 17 hours ago by tasaro Other Dear Zhou,
The entire Linode team would like to sincerely apologize for the security incident that affected your account. We let you down, and this is not the quality of service that we ourselves and our customers expect and deserve.
We want you to know that security has always been one of Linode's top priorities. Our entire team has dedicated themselves these past few weeks towards improving our procedures and policies relating to platform security.
As an act of good faith we have applied one year of service credit to your account. All of us are truly sorry for any inconvenience you incurred. We appreciate your business and hope that you will continue to host with Linode in the future.
Sincerely,
Thomas Asaro
Vice President
Linode |
|
|
|
|
|
|
|
|
|
|
Even in the event that an attacker gains more than 50% of the network's
computational power, only transactions sent by the attacker could be
reversed or double-spent. The network would not be destroyed.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
March 23, 2012, 02:14:21 PM |
|
Ouch. That has to sting. So "generous" of them to offer a whole year of service. I will never do business with Linode.
|
|
|
|
|
zhoutong (OP)
VIP
Hero Member
Offline
Activity: 490
Merit: 502
|
|
March 23, 2012, 02:16:35 PM |
|
Ouch. That has to sting. So "generous" of them to offer a whole year of service. I will never do business with Linode.
They knew we would never do business with Linode again. So the credit is pretty much worthless. |
|
|
|
|
ptshamrock
|
|
March 23, 2012, 02:17:15 PM |
|
WTF ? *speechless*
|
"Money needs to be depoliticized, and the time has come for the separation of money and state to be accomplished."
|
|
|
proudhon
Legendary
Offline
Activity: 2198
Merit: 1311
|
|
March 23, 2012, 02:18:25 PM |
|
Yes, getting a couple hundred thousand dollars of assets stolen is, well, inconvenient.
|
Bitcoin Fact: the price of bitcoin will not be greater than $70k for more than 25 consecutive days at any point in the rest of recorded human history.
|
|
|
rjk
Sr. Member
Offline
Activity: 448
Merit: 250
1ngldh
|
|
March 23, 2012, 02:21:02 PM |
|
1 year of free hosting as compensation for damage done. * mila speechless I'm pretty sure it is only an effort to repair the bad press that they got, since their T&C state that they aren't liable for anything. What I'd rather see is a breakdown in excruciating detail of a) the reason it happened in the first place (security vulnerability details), b) exactly what fixes have been made to correct the issue (firing bad employee, tweaking PHP config, auditing firewall rules, etc), and c) an independent security audit and the results posted publicly. |
|
|
|
gusti
Legendary
Offline
Activity: 1099
Merit: 1000
|
|
March 23, 2012, 02:25:50 PM |
|
lame, but absolutely expected
|
If you don't own the private keys, you don't own the coins.
|
|
|
|
Daily Anarchist
|
|
March 23, 2012, 03:00:20 PM |
|
I have been using Linode for over a year now. A few months ago I went to their IRC channel and asked the people there why Linode does not accept Bitcoin and I got laughed at. That was strike one.
Then this ordeal happened. I didn't lose any money, but it was strike two.
I know of BitVPS and I am considering switching to them. Problem is I'm not a huge techie. It was a huge learning experience to build my VPS from scratch and host my website, VPN, email accounts etc. Moving to a new VPS would be a huge time commitment for me.
I may do it anyways down the road, but I'm curious, the people who DID lose money at Linode, where are they going now? What are they doing? Are they moving to BitVPS? Everybody here that is done with Linode, what are you doing? Where are you going?
|
|
|
|
evoorhees
Legendary
Offline
Activity: 1008
Merit: 1021
Democracy is the original 51% attack
|
|
March 23, 2012, 03:15:32 PM |
|
LOL... "our system sucks balls and lost you a couple hundred grand, so in return we'll let you keep using our service for free."
Bitcoinica lost all this money by the fault of Linode, and chose to cover the entire cost and reimburse its customers.
Linode enabled this loss through their own malfeasance, and chose not to cover any of the cost.
Bitcoinica has my sincere respect, and they demonstrate that even in the "wild west free market" of Bitcoinland, honor and market incentive can be better safeguards against theft than any regulatory body or legal system. Thank you Zhou! I hope you earn the money back 100 fold.
|
|
|
|
|
N12
Donator
Legendary
Offline
Activity: 1610
Merit: 1010
|
|
March 23, 2012, 03:17:36 PM |
|
I hope you earn the money back 100 fold.
I doubt he can ever earn 4 million Bitcoins. Oh, "money", that means fiat, my bad.  |
|
|
|
|
muyuu
Donator
Legendary
Offline
Activity: 980
Merit: 1000
|
|
March 23, 2012, 03:31:26 PM |
|
Ouch. That has to sting. So "generous" of them to offer a whole year of service. I will never do business with Linode.
They knew we would never do business with Linode again. So the credit is pretty much worthless. It's fine for LOLcat sites though  this Linode amateur shop. |
GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
|
|
|
Matthew N. Wright
Untrustworthy
Hero Member
Offline
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
|
|
March 23, 2012, 03:33:57 PM |
|
I still say they should be sued. It happened due to their own internal policies with employees and security, not because of the customer's account security. How is that not 100% their fault?
|
|
|
|
muyuu
Donator
Legendary
Offline
Activity: 980
Merit: 1000
|
|
March 23, 2012, 03:37:07 PM |
|
They have actually admitted fault right there. Provided you don't accept their offer as settlement (and you don't seem to be interested) this can help in court.
|
GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
|
|
|
hazek
Legendary
Offline
Activity: 1078
Merit: 1002
|
|
March 23, 2012, 03:57:36 PM
Last edit: March 24, 2012, 03:09:57 AM by hazek |
|
I still say they should be sued. It happened due to their own internal policies with employees and security, not because of the customer's account security. How is that not 100% their fault?
Well if their terms say they aren't liable maybe not sued but definitely investigated by some external crime fighting agency. I mean are we to seriously take just their word for what exactly happened? If it's an American company I'd contact the FBI. And if it's not it'd contact their countries respective crime fighting agency. Let's not just rollover every time someone get's their wallet stollen, these things can get investigated, if not by tracing the money, maybe they can do it by tracing the breach. |
My personality type: INTJ - please forgive my weaknesses (Not naturally in tune with others feelings; may be insensitive at times, tend to respond to conflict with logic and reason, tend to believe I'm always right)
If however you enjoyed my post: 15j781DjuJeVsZgYbDVt2NZsGrWKRWFHpp
|
|
|
|
niko
|
|
March 24, 2012, 02:32:55 AM |
|
If I understood correctly, they had a backdoor in the system that their users never knew about, but the thief somehow did. This enabled theft of serious ammounts of money (sic!), and deserves serious response.
|
They're there, in their room.
Your mining rig is on fire, yet you're very calm.
|
|
|
notme
Legendary
Offline
Activity: 1904
Merit: 1002
|
|
March 24, 2012, 02:52:22 AM |
|
I still say they should be sued. It happened due to their own internal policies with employees and security, not because of the customer's account security. How is that not 100% their fault?
Well if their terms say they aren't liable maybe not sued but definitely investigated by some external crime fighting agency. I mean are we seriously take their word for what exactly happened? If it's an American company I'd contact the FBI. And if it's not it'd contact their countries respective crime fighting agency. Let's not just rollover every time someone get's their wallet stollen, these things can get investigated, if not by tracing the money, maybe they can do it by tracing the breach. +1 |
|
|
|
|
jago25_98
|
|
March 24, 2012, 03:53:13 AM |
|
Moving to a new VPS would be a huge time commitment for me.
I want to have a process of backing up so smooth that restoration to a new service should be within a few commands... |
Bitcoiner since the early days. Crypto YouTube Channel: Trading Nomads | Analyst | News Reporter | Bitcoin Hodler | Support Freedom of Speech!
|
|
|
|
cryptoxchange
|
|
March 24, 2012, 06:39:40 AM |
|
I still say they should be sued. It happened due to their own internal policies with employees and security, not because of the customer's account security. How is that not 100% their fault?
We agree. Action should be taken. |
Crypto X Change Global Bitcoin Exchange - Deposit & Withdraw to and from Our Exchange now for a $5 Flat fee - No Wire Costs or Bank Fee's - 100% Automated Banking System & Extremely fast transfers. We can send out Withdraws to over 120 Currencies. www.cryptoxchange.com |
|
|
fcmatt
Legendary
Offline
Activity: 2072
Merit: 1001
|
|
March 24, 2012, 07:40:32 AM |
|
if banks are not liable for contents in safety deposit box when stolen, even by bank employees or facilitated by bank employees or through gross negligence of bank employees... what makes people here think that bitcoinica has any chance of satisfaction?
|
|
|
|
|
julz
Legendary
Offline
Activity: 1092
Merit: 1001
|
|
March 24, 2012, 07:53:54 AM |
|
They should be sued *if* they didn't (or won't) cooperate in properly reporting this as a theft (whether or not the stolen data is considered 'money' by the law) and providing all relevant information to a law enforcement agency.
|
@electricwings BM-GtyD5exuDJ2kvEbr41XchkC8x9hPxdFd
|
|
|
|
