|
5000Bitcoins (OP)
|
 |
October 21, 2014, 04:30:26 PM
Last edit: January 05, 2015, 01:17:12 PM by 5000Bitcoins |
|
After the MtGox tragedy, we saw exchanges stepping up to do audits to ensure their customers. Atleast those who wanted to prove their legitimacy, although this is a small step, audits show that something is there until it's not.
I'm not gonna go into depth about MtGox much since other brighter minds have done so already but bottomline what we learned (or did not learn) from MtGox is that the human element, the same system bitcoin was built to erase the need of trust in money, is still in play when coming to exchanges. Exchanges are too damn easy for a single person to corrupt. Whether or not these persons are responsible I will not speak on, because nobody knows, but highly likely;
Exchanges are poorly built, ridiculously centralized, and a vast majority of them are the prime target for hackers. This happends today, tomorrow, the next week. Those saying "it is peoples fault for leaving coins on exchanges" I resent this, because in no way is it okay to bail with customers money whether in form of BTC or gold. People leaving coins on exchanges simply want to trade. Exchanges offer this service. The only people I can truely say they are to blame themselves are those who never want to trade but only hold this coin, then ofcourse a wallet elminates the need of trust for exchange owners, and there is no need to hold coins on exchanges.
That being said it is not the first time it is one point of error that ruins the life of many. Gox, Mintpal, let's say even services like that wallet in 2012.
And everytime, all the employers are "baffled" by this fact, I can't but help to chuckle when I read this sorta stuff, as in MP the employers were employed at a registered company but had no papers on it.... Ok, let's not get sidetracked but still, employers of a company in bitcoin holds some sort of responsibility to speak up when they feel something is not right instead of shrugging it off because they are making bread and butter off it. I don't blame any employee as CEOs in "real" companies can prove to be dishonest without employers knowledge.
But since this is the cryptography era, and we have technology at our hands made and further developed every day as, escrow system, multisigs, and more layers of security, to eliminate the need to trust the guy sitting on the other side of the globe whether he is anonymous or not I can't help but wonder why in this exact same sense people treat this industry like fiat money industries.
That is why I am proposing all exchanges to do multi-sigs on their wallets.
I am tired of "one guy" running off with money, leaving all the other employers baffled as to what happend, when they unknowingly aided him in a crime.
Whilst this extra layer would not eliminate conspiracies as such as more guys are in on the whole shebang, it would add an extra layer of security.
Proof of Identity does not matter
Take the real world for an example, where people rob the elder, or rob a supermarket for cigarettes. Some people have no shame.
As such, identity of owners of anything does not matter. People will steal your stuff with their real name, even let you see their face and remember it too.
I recall an incedent where I was robbed by someone in my school when I was young, and I could not do anything about it, him being 3 years older than me.
To some, their real name is no leverage against them because they simply place no dignity in it. Why this is such a big sense of security in crypto markets, I am not sure, but I can believe it being that many here are either techgeeks, drug users, doing something in which govt dislikes or they straight up would not take the chance whatever reason else there is, as soon as someone give up their realname he is suddenly Messiahs.
I don't even in the first place get why a majority wants to put their real name on anything brand new, as they have no idea what regulations they walk into, or if they are being made example of first when they do something succesful, also Bitcoin in ground was made so that we wouldn't have to trust who we deal with.
The system would eliminate that.
Also by the way giving up your name may result in: extortion, harassment. Look around in BCT and you'll find people are calling peoples parents, relatives, siblings, employers trying to get them fired. Sometimes the person being harassed have done something, other times it is done to them out of pure jealousy or just for the "lulz" of trying to ruin someone elses life, over disagreeing with them on forums.
Needless to say, btc-e has remained anonymous, had they been public they probably would be out of business soon, based on if they are russians.
My point in the end is just that identification does not matter, take a second to think that instead of storing $2500 on an exchange, how many people you've met through the years in real life would you let hold $2500 just because you know their name?
The time for false sense of security and centralization should be over when we have the right technology at our disposal
#1 My proposal is that I am calling for exchanges and services to start using multi-sig wallets and prove that they do.
#2 Audits were fine until it's not.
#3 1 person responsible for an entire exchanges wallets is not enough secure, from hackers or the person himself.
#4 Employees need to speak up more often instead of shrugging off if they feel something is not right.
#5 If owners of smaller exchanges are not willing to do this it will sooner or later cause their demise. Own stupidity or victim of other.
#6 If owners of exchanges/services do not agree to multi-sigs in my opinion it is alarming. Most owners need protecting from themselves.
If it is something we have seen time and time again from exchanges/services at their point of errors is that it comes down to ONE person "screwing up"
or "getting hacked".
I think it's time that customers demand better from their services of use instead of whining everytime we go down this road.
Discussion:
What other security systems can exchanges/services implement to eliminate the need to trust one person?
What exchanges/services are using this? Anyone care to make a list?
Other suggestions?
Pros and cons to using multi-sigs, solutions?
|
