rjk
Sr. Member
Offline
Activity: 448
Merit: 250
1ngldh
|
|
May 18, 2012, 02:45:33 PM |
|
Err, pull the plug for the whole dedicated server is that hard?
If I'm not mistaken, it was hosted on RS Cloud Servers (similar to AWS), and I assume that shutting it down would destroy valuable evidence that could remain in memory.
|
|
|
|
zhoutong (OP)
VIP
Hero Member
Offline
Activity: 490
Merit: 502
|
|
May 18, 2012, 05:11:07 PM |
|
Err, pull the plug for the whole dedicated server is that hard?
If I'm not mistaken, it was hosted on RS Cloud Servers (similar to AWS), and I assume that shutting it down would destroy valuable evidence that could remain in memory. They pulled the plug (suspend the servers), but the hacker was still in session. Thus the hacker is able to re-create cloud servers using our backup images. Later I questioned them "Does this mean that Rackspace Cloud shouldn't be trusted for anything financially serious?", they didn't give a response.
|
|
|
|
|
Raoul Duke
aka psy
Legendary
Offline
Activity: 1372
Merit: 1002
|
|
May 18, 2012, 05:57:57 PM |
|
The terrible thing is, Rackspace refused to I didn't log the hacker out. They I (still) don't know how to do it.
Fixed that shit for you. Was that a managed server? How much did you pay monthly/yearly to Rackspace for managing the server for you?
|
|
|
|
rjk
Sr. Member
Offline
Activity: 448
Merit: 250
1ngldh
|
|
May 18, 2012, 06:01:36 PM |
|
The terrible thing is, Rackspace refused to I didn't log the hacker out. They I (still) don't know how to do it.
Fixed that shit for you. Was that a managed server? How much did you pay monthly/yearly to Rackspace for managing the server for you? Um psy, do you know how a cloud works? Virtual machines. Suspend it, and it stops responding - same as physical hardware being put into sleep mode. Even though this was done, the cracker had access to the RS admin console, which is something that they have hosted on their own infrastructure. Apparently they don't know how to invalidate a php session, and so the cracker was able to spin up a new VM instance and load a backup and away goes Mabel with all the data.
|
|
|
|
Raoul Duke
aka psy
Legendary
Offline
Activity: 1372
Merit: 1002
|
|
May 18, 2012, 06:06:48 PM |
|
The terrible thing is, Rackspace refused to I didn't log the hacker out. They I (still) don't know how to do it.
Fixed that shit for you. Was that a managed server? How much did you pay monthly/yearly to Rackspace for managing the server for you? Um psy, do you know how a cloud works? Virtual machines. Suspend it, and it stops responding - same as physical hardware being put into sleep mode. Even though this was done, the cracker had access to the RS admin console, which is something that they have hosted on their own infrastructure. Apparently they don't know how to invalidate a php session, and so the cracker was able to spin up a new VM instance and load a backup and away goes Mabel with all the data. Apparently, Zhou Tong, which had access to the server "temp" folder holding the session data, didn't knew how to invalidate a php session also. Are you trying to tell me that Rackspace still had root access to that server? Pretty slick, actually... Or are you trying to say that the Virtual Machine is not suited to host such a website? Even more slick. One way or the other, their fault, and by their I don't mean Rackspace
|
|
|
|
rjk
Sr. Member
Offline
Activity: 448
Merit: 250
1ngldh
|
|
May 18, 2012, 06:10:26 PM |
|
Apparently, Zhou Tong, wich had access to the server "temp" folder holding the session data, didn't knew how to invalidate a php session also. Are you trying to tell me that Rackspace still had root access to that server? Pretty slick, actually... Or are you trying to say that the Virtual Machine is not suited to host such a website? Even more slick. One way or the other, their fault, and I don't mean Rackspace No, what I am saying is that the admin console/portal is hosted by rackspace themselves, not bitcoinica. It is the page that allows them to provision new hardware, file support tickets, create backups, etc. Bitcoinica has no access to those servers for obvious reasons (other RS customers use the same portal).
|
|
|
|
Raoul Duke
aka psy
Legendary
Offline
Activity: 1372
Merit: 1002
|
|
May 18, 2012, 06:12:26 PM |
|
Apparently, Zhou Tong, wich had access to the server "temp" folder holding the session data, didn't knew how to invalidate a php session also. Are you trying to tell me that Rackspace still had root access to that server? Pretty slick, actually... Or are you trying to say that the Virtual Machine is not suited to host such a website? Even more slick. One way or the other, their fault, and I don't mean Rackspace No, what I am saying is that the admin console/portal is hosted by rackspace themselves, not bitcoinica. It is the page that allows them to provision new hardware, file support tickets, creeate backups, etc. Bitcoinica has no access to those servers for obvious reasons (other RS customers use the same portal). blah blah blah... Stop kissing Zhou Tongs ass, dude. First it was php sessions, now you're telling me that Zhou Tong couldn't send a halt command to his instance? GTFO Now tell me: How much money do you have hostage in Bitcoinica at this exact moment?
|
|
|
|
Transisto
Donator
Legendary
Offline
Activity: 1731
Merit: 1008
|
|
May 18, 2012, 06:14:13 PM |
|
This link's doing nothing, I tried yesterday too.
|
|
|
|
Clipse
|
|
May 18, 2012, 06:15:49 PM |
|
Apparently, Zhou Tong, wich had access to the server "temp" folder holding the session data, didn't knew how to invalidate a php session also. Are you trying to tell me that Rackspace still had root access to that server? Pretty slick, actually... Or are you trying to say that the Virtual Machine is not suited to host such a website? Even more slick. One way or the other, their fault, and I don't mean Rackspace No, what I am saying is that the admin console/portal is hosted by rackspace themselves, not bitcoinica. It is the page that allows them to provision new hardware, file support tickets, create backups, etc. Bitcoinica has no access to those servers for obvious reasons (other RS customers use the same portal). The main question, why did they remain on VPS hosting after the linode VPS hack. They can buy or even rent a high powered dedicated server for peanuts nowadays.
|
...In the land of the stale, the man with one share is king... >> ClipseWe pay miners at 130% PPS | Signup here : Bonus PPS Pool (Please read OP to understand the current process)
|
|
|
rjk
Sr. Member
Offline
Activity: 448
Merit: 250
1ngldh
|
|
May 18, 2012, 06:16:19 PM |
|
Apparently, Zhou Tong, wich had access to the server "temp" folder holding the session data, didn't knew how to invalidate a php session also. Are you trying to tell me that Rackspace still had root access to that server? Pretty slick, actually... Or are you trying to say that the Virtual Machine is not suited to host such a website? Even more slick. One way or the other, their fault, and I don't mean Rackspace No, what I am saying is that the admin console/portal is hosted by rackspace themselves, not bitcoinica. It is the page that allows them to provision new hardware, file support tickets, creeate backups, etc. Bitcoinica has no access to those servers for obvious reasons (other RS customers use the same portal). blah blah blah... Stop kissing Zhou tongs ass, dude. Now tell me: How much money do you have hostage in Bitcoinica at this exact moment? Jesus Christ, I am not responsible for how badly Rackspace fails at server administration, I'm just telling you how the fucking setup WORKS. If you can't comprehend how it works, you have no right to be placing blame. Now obviously, using cloud services in this manner was not a good idea, and there should have been some actual dedicated hardware in use, in a locked cage, "blah blah blah", but it's too late for that now.
|
|
|
|
Transisto
Donator
Legendary
Offline
Activity: 1731
Merit: 1008
|
|
May 18, 2012, 06:24:07 PM |
|
How about the claim page start with asking me my user - password then ask for OTP ?
I had not used bitcoinica for ... 3 months ... I can't recall what positions or how much I had.
Hint : I'm not going to bother filling a page full of infos I don't know about, or I never gave them, other than my email. ... on a 173.45.224.244 that could be anything.
|
|
|
|
Raoul Duke
aka psy
Legendary
Offline
Activity: 1372
Merit: 1002
|
|
May 18, 2012, 06:44:28 PM |
|
Apparently, Zhou Tong, wich had access to the server "temp" folder holding the session data, didn't knew how to invalidate a php session also. Are you trying to tell me that Rackspace still had root access to that server? Pretty slick, actually... Or are you trying to say that the Virtual Machine is not suited to host such a website? Even more slick. One way or the other, their fault, and I don't mean Rackspace No, what I am saying is that the admin console/portal is hosted by rackspace themselves, not bitcoinica. It is the page that allows them to provision new hardware, file support tickets, creeate backups, etc. Bitcoinica has no access to those servers for obvious reasons (other RS customers use the same portal). blah blah blah... Stop kissing Zhou tongs ass, dude. Now tell me: How much money do you have hostage in Bitcoinica at this exact moment? Jesus Christ, I am not responsible for how badly Rackspace fails at server administration, I'm just telling you how the fucking setup WORKS. If you can't comprehend how it works, you have no right to be placing blame. Now obviously, using cloud services in this manner was not a good idea, and there should have been some actual dedicated hardware in use, in a locked cage, "blah blah blah", but it's too late for that now. It seems you are the one not to understand how things work. Not even going to argue this with you. It's really not worth it lol I still want Zhou Tong to tell me how much did he pay Rackspace for a FULLY managed server... For people who understand 1 word is more than enough. You're not such a person, rjk...
|
|
|
|
rjk
Sr. Member
Offline
Activity: 448
Merit: 250
1ngldh
|
|
May 18, 2012, 06:52:00 PM |
|
It seems you are the one not to understand how things work. Not even going to argue this with you. It's really not worth it lol
Oh? You have your own Rackspace account, and you can log in and tell me how it works? I do, but I am not going to waste any more of my time explaining things to a brick wall.
|
|
|
|
tvbcof
Legendary
Online
Activity: 4788
Merit: 1283
|
|
May 18, 2012, 06:54:08 PM |
|
That is really bizarre. Behavior like this speaks allot about the nature of the one behind it's premeditation. Juvenile for one, and why those three words? Designed to instill fear in the minds of those that find the message. Allot went into them being embedded in the transaction. More than likely a troll shunned by the community here. If this heist had been done by some group within TPTB in-order to derail BitCoin progress, I doubt they would go to all this trouble, no this is the mind of a Jack The Ripper type personality, and my guess a solo individual.
It's heartening to know that we've got Dayle Hinman on the case!
|
sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
|
|
|
allten
|
|
May 18, 2012, 07:36:27 PM |
|
If "Bitcoinica Consultancy" is handling things now, why didn't they notify us of the claims page rather than zhoutong? The more I hear from zhoutong, and less from intersango or whatever they call themselves, the more I lose confidence in the new owner/operators.
This +1. To start with, we never saw any communication from them indicating that anything that Zhoutong said was in any way incorrect, or that there was need of an apology to begin with. Of course, that could have been communicated privately, but from what I have seen so far even Zhoutong himself is becoming frustrated with the obvious stonewalling that we are seeing from the Consultancy. Indeed, stonewalling is the best description that I can imagine for this series of events; to the public, and to those that wish to fix the problems, as it appears - since access to even the domain name has been fraught with problems such as a poor DNS implementation, leading to those that don't even use the forum to be forced to come here and find out the problem, and wait here for a resolution. From what I've observed, I have a different perspective. The Intersango guys were brought to help with security not PR. For them to take any position of public communications would have been a breach of contract. The fact that Zhou had to become a team player for his creation caused him a lot of frustration. He was the main PR man up till the incident and should have followed through with a splash page and daily email updates (not just the forum), but instead we got a "I'm leaving Bitcoin" thread. He left when the going got tough. Sure, feelings were hurt and emotions were high. Zhou, if you really want to be proud of what you started then get back to doing the PR and be a team player even if you don't agree. You should leave Bitcoinica on much better conditions if it something you really want to be proud of!
|
|
|
|
Steve
|
|
May 18, 2012, 07:46:34 PM |
|
Regarding the Bitcoin Consultancy and questions about why they haven't been more active in this mess...I don't know what their arrangement with Bitcoinica is, but if they hadn't fully taken over the operation of Bitcoinica and had no responsibility for the security or theft, then they might be wise put their relationship on hold until Bitcoinica sorts everything out first. If the Bitcoin Consultancy had nothing to do with the security issue there's no reason they should have to clean up someone else's mess. At the minimum they would probably want to first arrange compensation for the time and effort that will be required for them to clean up the mess.
|
|
|
|
superfastkyle
|
|
May 18, 2012, 07:50:23 PM |
|
claim page doesnt work for me I click submit and nothing happens
|
|
|
|
tvbcof
Legendary
Online
Activity: 4788
Merit: 1283
|
|
May 18, 2012, 07:51:42 PM |
|
If "Bitcoinica Consultancy" is handling things now, why didn't they notify us of the claims page rather than zhoutong? The more I hear from zhoutong, and less from intersango or whatever they call themselves, the more I lose confidence in the new owner/operators.
This +1. To start with, we never saw any communication from them indicating that anything that Zhoutong said was in any way incorrect, or that there was need of an apology to begin with. Of course, that could have been communicated privately, but from what I have seen so far even Zhoutong himself is becoming frustrated with the obvious stonewalling that we are seeing from the Consultancy. Indeed, stonewalling is the best description that I can imagine for this series of events; to the public, and to those that wish to fix the problems, as it appears - since access to even the domain name has been fraught with problems such as a poor DNS implementation, leading to those that don't even use the forum to be forced to come here and find out the problem, and wait here for a resolution. From what I've observed, I have a different perspective. The Intersango guys were brought to help with security not PR. For them to take any position of public communications would have been a breach of contract. The fact that Zhou had to become a team player for his creation caused him a lot of frustration. He was the main PR man up till the incident and should have followed through with a splash page and daily email updates (not just the forum), but instead we got a "I'm leaving Bitcoin" thread. He left when the going got tough. Sure, feelings were hurt and emotions were high. Zhou, if you really want to be proud of what you started then get back to doing the PR and be a team player even if you don't agree. You should leave Bitcoinica on much better conditions if it something you really want to be proud of! One of the things I've admired most about Zhou Tong's work is that he seems to make good estimates of fair dispute resolution, then further errors on the customers side even when it costs him personally. If the new owners to not share this mode of operation, being a 'team player' could make ZT a lot of things but I could certainly understand if 'proud' was not one of them.
|
sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
|
|
|
zhoutong (OP)
VIP
Hero Member
Offline
Activity: 490
Merit: 502
|
|
May 18, 2012, 08:06:46 PM |
|
Apparently, Zhou Tong, wich had access to the server "temp" folder holding the session data, didn't knew how to invalidate a php session also. Are you trying to tell me that Rackspace still had root access to that server? Pretty slick, actually... Or are you trying to say that the Virtual Machine is not suited to host such a website? Even more slick. One way or the other, their fault, and I don't mean Rackspace No, what I am saying is that the admin console/portal is hosted by rackspace themselves, not bitcoinica. It is the page that allows them to provision new hardware, file support tickets, creeate backups, etc. Bitcoinica has no access to those servers for obvious reasons (other RS customers use the same portal). blah blah blah... Stop kissing Zhou tongs ass, dude. Now tell me: How much money do you have hostage in Bitcoinica at this exact moment? Jesus Christ, I am not responsible for how badly Rackspace fails at server administration, I'm just telling you how the fucking setup WORKS. If you can't comprehend how it works, you have no right to be placing blame. Now obviously, using cloud services in this manner was not a good idea, and there should have been some actual dedicated hardware in use, in a locked cage, "blah blah blah", but it's too late for that now. It seems you are the one not to understand how things work. Not even going to argue this with you. It's really not worth it lol I still want Zhou Tong to tell me how much did he pay Rackspace for a FULLY managed server... For people who understand 1 word is more than enough. You're not such a person, rjk... We used cloud services and what rjk just described is right...
|
|
|
|
|