Bitcoin Forum
April 20, 2014, 04:24:33 PM *
News: Due to the OpenSSL heartbleed bug, changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 [18] 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 ... 80
  Print  
Author Topic: [Emergency ANN] Bitcoinica site is taken offline for security investigation  (Read 133369 times)
David M
Sr. Member
****
Offline Offline

Activity: 368


View Profile

Ignore
May 12, 2012, 08:11:01 AM
#341


This is why the whole idea of 'tainted' coins is a bad idea.


I would not call it is not an idea per se, but a reaction to crypto shock.  Some suffer it from their own mistakes (delete wallet etc..), others by a foreign hand.

The brutal truth that the maths does not care for authority can take time to fully grasp. In the meantime, we rage...
    mBitCASINOWIN BITCOINS IN OUR
24/7 LIVE DEALER CASINO

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1398011073
Hero Member
*
Offline Offline

Posts: 1398011073

View Profile Personal Message (Offline)

Ignore
1398011073
Reply with quote  #2

1398011073
Report to moderator
1398011073
Hero Member
*
Offline Offline

Posts: 1398011073

View Profile Personal Message (Offline)

Ignore
1398011073
Reply with quote  #2

1398011073
Report to moderator
1398011073
Hero Member
*
Offline Offline

Posts: 1398011073

View Profile Personal Message (Offline)

Ignore
1398011073
Reply with quote  #2

1398011073
Report to moderator
organofcorti
Donator
Hero Member
*
Offline Offline

Activity: 1036


Poor impulse control.


View Profile WWW

Ignore
May 12, 2012, 09:16:43 AM
#342

Cool way of releasing a message. The thief clearly has some familiarity with Bitcoin.

Familiarity with Bitcoin?  Perhaps not so much...  There's lots of more interesting ways to embed a message in Bitcoin transactions if you're familiar with the data formats and the protocol, such as the one described here for example:

https://bitcointalk.org/index.php?topic=34458

Having the transaction amounts be binary seems a bit rudimentary, actually.

Sure it's blatant. One look at that list of numbers and it was pretty obvious what the 'code' was - a sequence of increasing mounts to enable ordering and then a string of 0s and 1s - what else could it be? But I wouldn't call it rudimentary. It's a good use of the tools at hand.

Sure, he could have coded a way more leet message which someone may have discovered at some point in a few months or years, but this was a way he could pass his message on and be sure interested parties would get the message almost immediately and achieve further notoriety without having to give up any more anonymity than he already has.


Bitcoin network and pool analysis 12QxPHEuxDrs7mCyGSx1iVSozTwtquDB3r
follow @oocBlog for new post notifications
disclaimer201
Hero Member
*****
Offline Offline

Activity: 882


A Digital Currency for a Digital Age


View Profile

Ignore
May 12, 2012, 09:35:19 AM
#343

If my 100 coins are gone, I doubt that I will use a bitcoin business again. It's our fault to trust in such businesses obviously.

Sign up for CryptoAve http://www.cryptoave.com/register.php?r=disclaimer201
Cryptsy Trade Key: 409b3afd4da9c15ce3fd5bcf92bec9fb24e94180
Realpra
Hero Member
*****
Offline Offline

Activity: 688


View Profile

Ignore
May 12, 2012, 09:42:32 AM
#344

Lulz I have better security for my 2.14 coins and thought of buying more and hence the need to be even more secure!

Who trusts 4 email accounts with root access?

Seems like we have a new BitCoin rule of thumb: "A bitcoin site is not safe until it has been hacked at least once"

Bitcoin card in the spirit of Bitcoin itself.
Open source, usable globally, no bank involvement, perfect security and near-zero fees:
https://bitcointalk.org/index.php?topic=7539.140
Clipse
SCAMMER
Hero Member
*****
Offline Offline

Activity: 504


View Profile

Ignore
May 12, 2012, 09:50:24 AM
#345

Lulz I have better security for my 2.14 coins and thought of buying more and hence the need to be even more secure!

Who trusts 4 email accounts with root access?

Seems like we have a new BitCoin rule of thumb: "A bitcoin site is not safe until it has been hacked at least once"

In this case, atleast twice ? or does the first linode invasion count as .5 ?

...In the land of the stale, the man with one share is king... >> Clipse

We pay miners at 130% PPS | Signup here : Bonus PPS Pool (Please read OP to understand the current process)
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW

Ignore
May 12, 2012, 10:03:41 AM
#346

Quick Update

- It's more serious than we thought. We need some additional time to come up with a compensation proposal.
- Likely we will either shut down the platform or re-develop entirely (which will take months instead of days).
- The preliminary decision: reimburse for the full amount, including margin balances and position P/L.
- The root cause of this problem is an email server compromise. The email server belongs to one of our team members.
- Reminder again: Please do not reuse your Bitcoinica passwords as the database server was compromised. Do not click any links in the email. All Bitcoinica announcements will be updated on Bitcoinica website when available.

Important Disclaimer: I'm not a partner of Bitcoinica LP after the corporate reorganisation. Therefore, I have no financial obligation in this matter as I'm only an employee of Bitcoinica LP responsible for daily operations (no shares, no voting). However, I'll do my best with the team to resolve this problem as quickly as possible and minimize the impact for the community. I appreciate your patience and understanding.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
SomeoneWeird
Hero Member
*****
Offline Offline

Activity: 602


View Profile

Ignore
May 12, 2012, 10:10:46 AM
#347

Quick Update

- It's more serious than we thought. We need some additional time to come up with a compensation proposal.
- Likely we will either shut down the platform or re-develop entirely (which will take months instead of days).
- The preliminary decision: reimburse for the full amount, including margin balances and position P/L.
- The root cause of this problem is an email server compromise. The email server belongs to one of our team members.
- Reminder again: Please do not reuse your Bitcoinica passwords as the database server was compromised. Do not click any links in the email. All Bitcoinica announcements will be updated on Bitcoinica website when available.

Important Disclaimer: I'm not a partner of Bitcoinica LP after the corporate reorganisation. Therefore, I have no financial obligation in this matter as I'm only an employee of Bitcoinica LP responsible for daily operations (no shares, no voting). However, I'll do my best with the team to resolve this problem as quickly as possible and minimize the impact for the community. I appreciate your patience and understanding.

Hope everything works out in the end.
kokjo
Hero Member
*****
Offline Offline

Activity: 1022


You are WRONG! :D


View Profile

Ignore
May 12, 2012, 10:13:23 AM
#348

Quick Update

- It's more serious than we thought. We need some additional time to come up with a compensation proposal.
- Likely we will either shut down the platform or re-develop entirely (which will take months instead of days).
- The preliminary decision: reimburse for the full amount, including margin balances and position P/L.
- The root cause of this problem is an email server compromise. The email server belongs to one of our team members.
- Reminder again: Please do not reuse your Bitcoinica passwords as the database server was compromised. Do not click any links in the email. All Bitcoinica announcements will be updated on Bitcoinica website when available.

Important Disclaimer: I'm not a partner of Bitcoinica LP after the corporate reorganisation. Therefore, I have no financial obligation in this matter as I'm only an employee of Bitcoinica LP responsible for daily operations (no shares, no voting). However, I'll do my best with the team to resolve this problem as quickly as possible and minimize the impact for the community. I appreciate your patience and understanding.
how do i get my money out?

"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell
Blitz≠
Donator
Hero Member
*
Offline Offline

Activity: 1022



View Profile

Ignore
May 12, 2012, 10:14:33 AM
#349

- It's more serious than we thought. We need some additional time to come up with a

Important Disclaimer: I'm not a partner of Bitcoinica LP after the corporate reorganisation. Therefore, I have no financial obligation in this matter as I'm only an employee of Bitcoinica LP responsible for daily operations (no shares, no voting). However, I'll do my best with the team to resolve this problem as quickly as possible and minimize the impact for the community. I appreciate your patience and understanding.

What exactly is more serious? Details?

Important Disclaimer: I'm not a partner of Bitcoinica LP after the corporate reorganisation. Therefore, I have no financial obligation in this matter as I'm only an employee of Bitcoinica LP responsible for daily operations (no shares, no voting). However, I'll do my best with the team to resolve this problem as quickly as possible and minimize the impact for the community. I appreciate your patience and understanding.
Wow, so the Intersango guys are left holding the bag for your incompetence? That was a clever move.

Not sure how they got suckered into this deal before they took over everything.

"Bitcoin had been transformed from an anarachistic challenge to the financial status quo, to the crypto spawn of Satan, fuelled by cut-throat greed and delusions of avarice." - MatTheCat
freewil
Member
**
Offline Offline

Activity: 92



View Profile

Ignore
May 12, 2012, 10:16:28 AM
#350

- Likely we will either shut down the platform or re-develop entirely (which will take months instead of days).

Why would you need to re-develop for a compromised email server?
davout
Staff
Hero Member
*****
Offline Offline

Activity: 1148


1davout


View Profile WWW

Ignore
May 12, 2012, 10:18:29 AM
#351

Important Disclaimer: I'm not a partner of Bitcoinica LP after the corporate reorganisation. Therefore, I have no financial obligation in this matter as I'm only an employee of Bitcoinica LP responsible for daily operations (no shares, no voting).
If you're not in charge, maybe the person who actually is should communicate.

davout
Staff
Hero Member
*****
Offline Offline

Activity: 1148


1davout


View Profile WWW

Ignore
May 12, 2012, 10:18:55 AM
#352

- Likely we will either shut down the platform or re-develop entirely (which will take months instead of days).

Why would you need to re-develop for a compromised email server?
This

rapeghost
Sr. Member
****
Offline Offline

Activity: 265


STOP THE INSANITY. LETS END HUMANITY


View Profile WWW

Ignore
May 12, 2012, 10:21:59 AM
#353

How to ruin a business in 12 months: The Zhoutong Method.

When you live in my house you'll follow my rules, boy. Now, butter that bacon!
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW

Ignore
May 12, 2012, 10:30:07 AM
#354

Wow, so the Intersango guys are left holding the bag for your incompetence? That was a clever move.

Not sure how they got suckered into this deal before they took over everything.

There's no such thing as "incompetence" in a team. If you have to trace to the root cause, the compromised email server isn't mine, or has anything to do with my development work. Does that mean some people are more competent than the other? Obviously not. We are on the same boat.

There're a lot of details that I'm not supposed to disclose at this moment. But simply, I gave up my sole ownership a long time ago, even before the Linode hack. The Intersango guys are fully aware of everything and they have inspected the code and server configurations for weeks before signing their agreement. They fixed some non-trivial security issues in the past few weeks as well.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
Blitz≠
Donator
Hero Member
*
Offline Offline

Activity: 1022



View Profile

Ignore
May 12, 2012, 10:33:55 AM
#355

You forgot to answer one question.

- It's more serious than we thought. We need some additional time to come up with a

Important Disclaimer: I'm not a partner of Bitcoinica LP after the corporate reorganisation. Therefore, I have no financial obligation in this matter as I'm only an employee of Bitcoinica LP responsible for daily operations (no shares, no voting). However, I'll do my best with the team to resolve this problem as quickly as possible and minimize the impact for the community. I appreciate your patience and understanding.

What exactly is more serious? Details?

"Bitcoin had been transformed from an anarachistic challenge to the financial status quo, to the crypto spawn of Satan, fuelled by cut-throat greed and delusions of avarice." - MatTheCat
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW

Ignore
May 12, 2012, 10:34:20 AM
#356

Important Disclaimer: I'm not a partner of Bitcoinica LP after the corporate reorganisation. Therefore, I have no financial obligation in this matter as I'm only an employee of Bitcoinica LP responsible for daily operations (no shares, no voting).
If you're not in charge, maybe the person who actually is should communicate.

I'm representing the company at the moment. I decided to stand out to post this thread because:

- I'm the first one to acknowledge this issue (as the other guys were asleep).
- I'm the usual person communicating about Bitcoinica on this forum.
- Most people assumed that zhoutong = Bitcoinica.

I'm in close communication with Intersango guys so you can voice out whatever you want.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
zhoutong
VIP
Hero Member
*
Offline Offline

Activity: 490


View Profile WWW

Ignore
May 12, 2012, 10:35:50 AM
#357

You forgot to answer one question.

- It's more serious than we thought. We need some additional time to come up with a

Important Disclaimer: I'm not a partner of Bitcoinica LP after the corporate reorganisation. Therefore, I have no financial obligation in this matter as I'm only an employee of Bitcoinica LP responsible for daily operations (no shares, no voting). However, I'll do my best with the team to resolve this problem as quickly as possible and minimize the impact for the community. I appreciate your patience and understanding.

What exactly is more serious? Details?

The more serious thing is that we may need additional time to provide the details. We are working with Rackspace to know more about this issue.

EDIT: There's no additional financial loss. We have revoked the withdrawal API key.

Founder of NameTerrific (https://www.nameterrific.com/). Co-founder of CoinJar (https://coinjar.io/)

Donations for my future Bitcoin projects: 19Uk3tiD5XkBcmHyQYhJxp9QHoub7RosVb
dizzy1
Full Member
***
Offline Offline

Activity: 134


View Profile

Ignore
May 12, 2012, 10:41:42 AM
#358

Why after the linode hack do you still let people reset the root password?
WhatsHappening
Newbie
*
Offline Offline

Activity: 23


View Profile

Ignore
May 12, 2012, 10:49:56 AM
#359

zhou: How long do we have to wait for our money (BTC or USD) ? Is there any schedule for that ?
Blitz≠
Donator
Hero Member
*
Offline Offline

Activity: 1022



View Profile

Ignore
May 12, 2012, 11:06:56 AM
#360

But simply, I gave up my sole ownership a long time ago, even before the Linode hack.
You want to tell us Bitcoinica is one of the most legit Bitcoin businesses while you leave its ownership in the shadows for a "long time" (months?!) and deceive us all? I always thought you were the sole owner, and I thought Intersango only very recently took over.

"Bitcoin had been transformed from an anarachistic challenge to the financial status quo, to the crypto spawn of Satan, fuelled by cut-throat greed and delusions of avarice." - MatTheCat
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 [18] 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 ... 80
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!