Bitcoin Forum
December 04, 2016, 12:03:36 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 [38] 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 »
  Print  
Author Topic: [Emergency ANN] Bitcoinica site is taken offline for security investigation  (Read 201500 times)
ashleyconnor
Jr. Member
*
Offline Offline

Activity: 38


View Profile
May 15, 2012, 02:03:53 AM
 #741

From the new site:

Quote
For the technically inclined, we salt and encrypt passwords with bcrypt.

Bcrypt hashes passwords it doesn't encrypt them.
1480809816
Hero Member
*
Offline Offline

Posts: 1480809816

View Profile Personal Message (Offline)

Ignore
1480809816
Reply with quote  #2

1480809816
Report to moderator
1480809816
Hero Member
*
Offline Offline

Posts: 1480809816

View Profile Personal Message (Offline)

Ignore
1480809816
Reply with quote  #2

1480809816
Report to moderator
1480809816
Hero Member
*
Offline Offline

Posts: 1480809816

View Profile Personal Message (Offline)

Ignore
1480809816
Reply with quote  #2

1480809816
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480809816
Hero Member
*
Offline Offline

Posts: 1480809816

View Profile Personal Message (Offline)

Ignore
1480809816
Reply with quote  #2

1480809816
Report to moderator
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
May 15, 2012, 02:14:24 AM
 #742

From the new site:

Quote
For the technically inclined, we salt and encrypt passwords with bcrypt.

Bcrypt hashes passwords it doesn't encrypt them.


lol, perhaps that explains it!
Crypt_Current
Hero Member
*****
Offline Offline

Activity: 686


Shame on everything; regret nothing.


View Profile
May 15, 2012, 02:29:46 AM
 #743

From the new site:

Quote
For the technically inclined, we salt and encrypt passwords with bcrypt.

Bcrypt hashes passwords it doesn't encrypt them.


lol, perhaps that explains it!

arg ...  Angry

10% off at CampBX for LIFE:  https://campbx.com/main.php?r=C9a5izBQ5vq  ----  Authorized BitVoucher MEGA reseller (& BTC donations appreciated):  https://bitvoucher.co/affl/1HkvK8o8WWDpCTSQGnek7DH9gT1LWeV5s3/
LTC:  LRL6vb6XBRrEEifB73DiEiYZ9vbRy99H41  NMC:  NGb2spdTGpWj8THCPyCainaXenwDhAW1ZT
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
May 15, 2012, 02:31:27 AM
 #744

From the new site:

Quote
For the technically inclined, we salt and encrypt passwords with bcrypt.

Bcrypt hashes passwords it doesn't encrypt them.


lol, perhaps that explains it!

arg ...  Angry

actually i remember this was picked up late last year and pointed out to Zhou.  
BTC_Bear
B4 Foundation
VIP
Sr. Member
*
Offline Offline

Activity: 364


Best Offense is a Good Defense


View Profile WWW
May 15, 2012, 02:54:16 AM
 #745

I think that Bitcoinica should join this NZ financial service providers arbitration/dispute resolution service

http://www.fdr.org.nz/

& Zhou I'm waiting to hear back from you on your main Bitcoinica thread where you offered to refund me for the considerable swaps fees when they were first introduced ages ago - thanks

I had our legal department make some queries, and it appears they already did:

http://www.business.govt.nz/fsp/app/ui/fsp/version/searchSummaryCompanyFSP/FSP207625/4.do?noReturn=true

What is interesting though is that their FSP license ONLY allows them to deal with other businesses and NOT retail customers (i.e. individuals) as they are doing now.

Again, as official funding partners, we would very much to know who owns and operates Bitcoinica (as in, for whom are we moving thousands of dollars per week). I do not understand why the secrecy, nor why partners weren't communicated about this "Sell".

If we do not receive further information soon, we will be forced to have our legal department subpoena the NZ registry to obtain such information.

Thank you
Roberto
AurumXchange


One begs to ask: You didn't do this 'before' you started to move large sums of money?

However, thanks for the information.


Corporations have been enthroned, An era of corruption in high places will follow and the money power will endeavor to prolong its reign by working on the prejudices of the people until wealth is aggregated in a few hands and the Republic is destroyed. ~Abe Lincoln 1ApJdWUdSWYw8n8HEATYhHXA9EYoRTy7c4
guruvan
Hero Member
*****
Offline Offline

Activity: 518

ShastaFarEye Prospectors mazaclub & mazacha.in


View Profile WWW
May 15, 2012, 03:08:34 AM
 #746

I think that Bitcoinica should join this NZ financial service providers arbitration/dispute resolution service

http://www.fdr.org.nz/

& Zhou I'm waiting to hear back from you on your main Bitcoinica thread where you offered to refund me for the considerable swaps fees when they were first introduced ages ago - thanks

I had our legal department make some queries, and it appears they already did:

http://www.business.govt.nz/fsp/app/ui/fsp/version/searchSummaryCompanyFSP/FSP207625/4.do?noReturn=true

What is interesting though is that their FSP license ONLY allows them to deal with other businesses and NOT retail customers (i.e. individuals), which makes their license and operating legal framework dubious at best. As you can see by clicking on the link above, clicking on the "Financial Services" and scrolling all the way down, their dispute resolution scheme is NOT authorized to deal with retail clients:

Code:
Dispute resolution scheme
Financial service providers who provide a financial service to retail clients must belong to an approved consumer dispute resolution scheme. Please provide the details of your membership below.

* Are you providing any financial services to retail clients?
No

Again, as official funding partners, we would very much to know who owns and operates Bitcoinica (as in, for whom are we moving thousands of dollars per week). I do not understand why the secrecy, nor why partners weren't communicated about this "Sell".

If we do not receive further information soon, we will be forced to have our legal department subpoena the NZ registry to obtain such information.

Thank you
Roberto
AurumXchange


Yeah, now it appears that the owners are different than Zhou Tong. And it appears that you've been mislead for MONTHS, Robert. Wow. Just wow.

Yeah. Bitcoinica, Intersango - you guys have some SERIOUS explaining to do. I don't think ANYONE is justified in trusting you guys with so much as an email address after this bullshit.

WHO OWNS THE COMPANY? WHY IS IT SECRET? WHAT ARE YOU HIDING?

Why have Bitcoinica's owners been hiding behind a 17yr old kid?

Seriously, the main reason people refuse to answer questions these days seems to be to avoid incrimination. I'm increasingly convinced that there are more wrongdoings going on here than just violating the terms of their FSP license.

I did seriously lol at "Reopen Bitcoinica" hahaha.

Mine at the Maza Club! with ShastaFarEye Prospectors! Mazacoin PPS & P2pool mining, and more services coming soon!
Maza Means Money! Check yours at the mazacha.in!

Please contact me  on my  OTC registered GPG (A54E87F2) Key's email address or guruvan@shastafareye.net  and encrypt all correspondence.
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
May 15, 2012, 03:23:30 AM
 #747

I think that Bitcoinica should join this NZ financial service providers arbitration/dispute resolution service

http://www.fdr.org.nz/

& Zhou I'm waiting to hear back from you on your main Bitcoinica thread where you offered to refund me for the considerable swaps fees when they were first introduced ages ago - thanks

I had our legal department make some queries, and it appears they already did:

http://www.business.govt.nz/fsp/app/ui/fsp/version/searchSummaryCompanyFSP/FSP207625/4.do?noReturn=true

What is interesting though is that their FSP license ONLY allows them to deal with other businesses and NOT retail customers (i.e. individuals), which makes their license and operating legal framework dubious at best. As you can see by clicking on the link above, clicking on the "Financial Services" and scrolling all the way down, their dispute resolution scheme is NOT authorized to deal with retail clients:

Code:
Dispute resolution scheme
Financial service providers who provide a financial service to retail clients must belong to an approved consumer dispute resolution scheme. Please provide the details of your membership below.

* Are you providing any financial services to retail clients?
No

Again, as official funding partners, we would very much to know who owns and operates Bitcoinica (as in, for whom are we moving thousands of dollars per week). I do not understand why the secrecy, nor why partners weren't communicated about this "Sell".

If we do not receive further information soon, we will be forced to have our legal department subpoena the NZ registry to obtain such information.

Thank you
Roberto
AurumXchange


Yeah, now it appears that the owners are different than Zhou Tong. And it appears that you've been mislead for MONTHS, Robert. Wow. Just wow.

Yeah. Bitcoinica, Intersango - you guys have some SERIOUS explaining to do. I don't think ANYONE is justified in trusting you guys with so much as an email address after this bullshit.

WHO OWNS THE COMPANY? WHY IS IT SECRET? WHAT ARE YOU HIDING?

Why have Bitcoinica's owners been hiding behind a 17yr old kid?

Seriously, the main reason people refuse to answer questions these days seems to be to avoid incrimination. I'm increasingly convinced that there are more wrongdoings going on here than just violating the terms of their FSP license.

I did seriously lol at "Reopen Bitcoinica" hahaha.


Perhaps, re-watching this interview may explain a lot: http://www.youtube.com/watch?v=CeddzoQsgLY
stochastic
Hero Member
*****
Offline Offline

Activity: 532


View Profile
May 15, 2012, 03:27:02 AM
 #748

Who are these so-called "owners" ?

Zhoutong claims it is not him => you claim it is not you => then who is it Huh

Just a hint from a another lurker here in the forum Wink

Zhoutong pointed out that the owner requested not to be publickly known.

This started a rather lengthy discussion right here in this thread about business and ownership in generall, but like it or not, such things are very common in the current world of business. I might be wrong, but just from the answers available here in the forum, I would be surprised to get any further disclosure on that topic.

Personally I'm glad that Team Intersango spoke up and clarified their position and the technical details.

--Ichthyo



Doing some digging I find on the Bitconica FSP registration page that it was updated by a Chris HEASLIP.  Doing another search I found a Chris HEASLIP on LinkedIN that states he is in New Zealand and founder of Pushpay.

Some more investigating and the registration page shows the address to be:

Code:
Name
Bitcoinica Lp
Incorporation / Registration number
2558460
Type
Limited Partnerships (NZ)
Registered office
Auckland Chartered Accountants Level 1, 10 Manukau Road Newmarket Auckland 1023
Status
REGISTERED

Now where do you think Pushpay Limited is registered at?

Code:
ACCOUNTING BRANDS LIMITED, Level 1, 10 Manukau Road, Newmarket, Auckland, 1023 , New Zealand
  Address for service
ACCOUNTING BRANDS LIMITED, Level 1, 10 Manukau Road, Newmarket, Auckland, 1023 , New Zealand

Code:
Directors
Eliot Barry CROWTHER
Flat 2, 166 Blockhouse Bay Road, Avondale, Auckland, 0600 , New Zealand

Christopher HEASLIP
Flat 3, 10 Dorchester Street, Meadowbank, Auckland, 1072 , New Zealand

There is the 10 Manukau Road, Newmarket, Auckland address again.

Just a coincidence that a Chris Heaslip is updating the Bitcoinica LP information, is founder and managing director of an online payment company, and registers his information with the same address?

Introducing constraints to the economy only serves to limit what can be economical.
FreeMoney
Legendary
*
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW
May 15, 2012, 03:28:25 AM
 #749

How could someone not reopen bitcoinica? It's like if your golden eggs get stolen are you going to kill the golden egg layer?

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
datafish
Donator
Full Member
*
Offline Offline

Activity: 125


Swimming in a sea of data


View Profile
May 15, 2012, 03:39:30 AM
 #750

So the "solution" to leaving server vulnerable to remote password reset was to do a tedious line by line analysis of the codebase (which has never exploited) and meanwhile install the code on a new server which had (almost) the same vulnerability as the prior server.

Doesn't instill a lot of confidence, does it?  I find Intersango's response wholly lacking.  To many people, Intersango/Bitcoin Consultancy/Amir Taaki is THE public face of Bitcoin.  There should have been an immediate public statement from Intersango, even if it was just "we're looking into it and Zhou will be our spokesman for the time being."  I personally don't care if the owner wants to remain anonymous, but the people who are supposed to be in charge should act the part.
btcgoldsilver
Member
**
Offline Offline

Activity: 63


Bitcoins Gold Silver


View Profile
May 15, 2012, 04:18:43 AM
 #751


I appreciate the messages from Zhoutong and Intersango but will feel a lot happier when I have my bitcoins back. The original estimate was Monday, its nearly Tuesday evening here in New Zealand now. I think we need an update on the timeline!

Zhoutong / Intersango / mysterious owner ... Any updates on the timeline for a refund please ?

I have a feeling it will take bitcoinica a while to regain trust on this, its not just the security questions surrounding a second hack but also the other questions emerging about the secretive ownership.

Still can't see anything on the bitcoinica site myself, just getting a page timeout.

16ZodW6mxFkmxrCy5MSii7PLJ6VdfNknue
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
May 15, 2012, 04:42:21 AM
 #752

Who are these so-called "owners" ?

Zhoutong claims it is not him => you claim it is not you => then who is it Huh

Just a hint from a another lurker here in the forum Wink

Zhoutong pointed out that the owner requested not to be publickly known.

This started a rather lengthy discussion right here in this thread about business and ownership in generall, but like it or not, such things are very common in the current world of business. I might be wrong, but just from the answers available here in the forum, I would be surprised to get any further disclosure on that topic.

Personally I'm glad that Team Intersango spoke up and clarified their position and the technical details.

--Ichthyo



Doing some digging I find on the Bitconica FSP registration page that it was updated by a Chris HEASLIP.  Doing another search I found a Chris HEASLIP on LinkedIN that states he is in New Zealand and founder of Pushpay.

Some more investigating and the registration page shows the address to be:

Code:
Name
Bitcoinica Lp
Incorporation / Registration number
2558460
Type
Limited Partnerships (NZ)
Registered office
Auckland Chartered Accountants Level 1, 10 Manukau Road Newmarket Auckland 1023
Status
REGISTERED

Now where do you think Pushpay Limited is registered at?

Code:
ACCOUNTING BRANDS LIMITED, Level 1, 10 Manukau Road, Newmarket, Auckland, 1023 , New Zealand
  Address for service
ACCOUNTING BRANDS LIMITED, Level 1, 10 Manukau Road, Newmarket, Auckland, 1023 , New Zealand

Code:
Directors
Eliot Barry CROWTHER
Flat 2, 166 Blockhouse Bay Road, Avondale, Auckland, 0600 , New Zealand

Christopher HEASLIP
Flat 3, 10 Dorchester Street, Meadowbank, Auckland, 1072 , New Zealand

There is the 10 Manukau Road, Newmarket, Auckland address again.

Just a coincidence that a Chris Heaslip is updating the Bitcoinica LP information, is founder and managing director of an online payment company, and registers his information with the same address?

Which leads to this guy: http://angel.co/tseale who also invested in this: http://angel.co/coinlab
terrytibbs
Hero Member
*****
Offline Offline

Activity: 560



View Profile
May 15, 2012, 04:48:06 AM
 #753

Which leads to this guy: http://angel.co/tseale who also invested in this: http://angel.co/coinlab
Yep, that's the guy.

/zhoutong
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
May 15, 2012, 04:57:14 AM
 #754

Which leads to this guy: http://angel.co/tseale who also invested in this: http://angel.co/coinlab
Yep, that's the guy.

/zhoutong

http://www.gridding.com/G/Search.aspx?ContentDisplayMode=inline&FreeTextSearch=KOSS%20or

Quote
Based in Seattle, CoinLab is an emerging umbrella group for cultivating and launching innovative bitcoin projects. Until now, they have been relatively quiet regarding their initiatives but they are credited with releasing a comprehensive Bitcoin Primer in January 2012. The founders are startup entrepreneurs Peter Vessenes, Mike Koss, and Tihan Seale, each with a strong passion for the broad advancements enabled by a decentralized currency.
stochastic
Hero Member
*****
Offline Offline

Activity: 532


View Profile
May 15, 2012, 05:02:47 AM
 #755

Which leads to this guy: http://angel.co/tseale who also invested in this: http://angel.co/coinlab
Yep, that's the guy.

/zhoutong

http://www.gridding.com/G/Search.aspx?ContentDisplayMode=inline&FreeTextSearch=KOSS%20or

Quote
Based in Seattle, CoinLab is an emerging umbrella group for cultivating and launching innovative bitcoin projects. Until now, they have been relatively quiet regarding their initiatives but they are credited with releasing a comprehensive Bitcoin Primer in January 2012. The founders are startup entrepreneurs Peter Vessenes, Mike Koss, and Tihan Seale, each with a strong passion for the broad advancements enabled by a decentralized currency.

I wonder what is so important that they have to hide their identity.

Introducing constraints to the economy only serves to limit what can be economical.
M4v3R
Hero Member
*****
Offline Offline

Activity: 607



View Profile
May 15, 2012, 05:28:07 AM
 #756

Um, now it's even more confusing.

First, Zhoutong said that Bitcoinica will be shut down and their working on the claim page, with all positions forcefully liquidated (which, as Instated before, is not only plain wrong, but looks even illegal, considering Bitcoinica was a legal money processor).

Then, Team Intersango shows up and tells us that Bitcoinica will be back up, more secure than before. Nothing about currently open positions in this statement.

So... Which is it?!
DiabloD3
Legendary
*
Offline Offline

Activity: 1162


DiabloMiner author


View Profile WWW
May 15, 2012, 05:38:28 AM
 #757

For those who are stuck because of the Bitcoinica hack:

I am willing to pay for shares/bonds of major GLBSE mining operations with Diablo Mining Company shares to help offset the losses of Bitcoinica users.

https://bitcointalk.org/index.php?topic=77469.msg901042#msg901042

muyuu
Donator
Legendary
*
Offline Offline

Activity: 924



View Profile
May 15, 2012, 06:00:48 AM
 #758

Um, now it's even more confusing.

First, Zhoutong said that Bitcoinica will be shut down and their working on the claim page, with all positions forcefully liquidated (which, as Instated before, is not only plain wrong, but looks even illegal, considering Bitcoinica was a legal money processor).

Then, Team Intersango shows up and tells us that Bitcoinica will be back up, more secure than before. Nothing about currently open positions in this statement.

So... Which is it?!

Stop hoping you will have your positions respected.

Nothing about Bitcoinica being back up "more secure than before" contradicts the previous statement. ZT also said as much, which was part of the reason he needs to clean shop now: it will take time to do significant changes to the code base/rebuild.

The longer the process takes the more untenable is to keep positions frozen. Liquidating positions is definitely one of the most, if not the most sensible things to do if you cannot bring the site back securely VERY soon.

GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
stochastic
Hero Member
*****
Offline Offline

Activity: 532


View Profile
May 15, 2012, 07:23:50 AM
 #759

Um, now it's even more confusing.

First, Zhoutong said that Bitcoinica will be shut down and their working on the claim page, with all positions forcefully liquidated (which, as Instated before, is not only plain wrong, but looks even illegal, considering Bitcoinica was a legal money processor).

Then, Team Intersango shows up and tells us that Bitcoinica will be back up, more secure than before. Nothing about currently open positions in this statement.

So... Which is it?!

Stop hoping you will have your positions respected.

Nothing about Bitcoinica being back up "more secure than before" contradicts the previous statement. ZT also said as much, which was part of the reason he needs to clean shop now: it will take time to do significant changes to the code base/rebuild.

The longer the process takes the more untenable is to keep positions frozen. Liquidating positions is definitely one of the most, if not the most sensible things to do if you cannot bring the site back securely VERY soon.

If Bitcoinica was a registered company interested in doing everything according to the law, then why do they need to hide their identities?  Where is the police report detailing the first theft of 40,000 bitcoins and this second one of over 10,000?  Whether the police do anything or not to recover the stolen items or investigate the alleged hacking incident, Bitcoinica should report this incident.  Most thefts occur by people within a company.

Introducing constraints to the economy only serves to limit what can be economical.
muyuu
Donator
Legendary
*
Offline Offline

Activity: 924



View Profile
May 15, 2012, 07:55:45 AM
 #760

Um, now it's even more confusing.

First, Zhoutong said that Bitcoinica will be shut down and their working on the claim page, with all positions forcefully liquidated (which, as Instated before, is not only plain wrong, but looks even illegal, considering Bitcoinica was a legal money processor).

Then, Team Intersango shows up and tells us that Bitcoinica will be back up, more secure than before. Nothing about currently open positions in this statement.

So... Which is it?!

Stop hoping you will have your positions respected.

Nothing about Bitcoinica being back up "more secure than before" contradicts the previous statement. ZT also said as much, which was part of the reason he needs to clean shop now: it will take time to do significant changes to the code base/rebuild.

The longer the process takes the more untenable is to keep positions frozen. Liquidating positions is definitely one of the most, if not the most sensible things to do if you cannot bring the site back securely VERY soon.

If Bitcoinica was a registered company interested in doing everything according to the law, then why do they need to hide their identities?  Where is the police report detailing the first theft of 40,000 bitcoins and this second one of over 10,000?  Whether the police do anything or not to recover the stolen items or investigate the alleged hacking incident, Bitcoinica should report this incident.  Most thefts occur by people within a company.

It is a registered company and their identity is not hidden. Companies don't generally disclose the identity of their main investors - only companies traded in the stock market have this obligation. This is Bitcoinica's identity: http://www.business.govt.nz/fsp/app/ui/fsp/instance/viewChangesCompanyFSP/677086.do

AFAIK Bitcoinica is a Limited company not traded in any stock market. Their identity is the company (look up "juridical person" or "juridical personality"). All that is strictly in accordance to law. The liability lies within this juridical personality, and how it carries over to the people behind it depends largely - through not exclusively - on their jurisdiction (applies to the jurisdiction where an allegedly wronged user may be, as well, but good luck with opening an international prosecution). Welcome to the financial world.

GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 [38] 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!