What could Bitstamp have done better?

[turvarya]

First of all: I will delete every FUD in here. There is already too much in this forum. Spam the other topics, not mine.

I was wondering if Bitstamp actually made any mistake. I am not really that familiar with Bitstamp.
Everybody who is realistic about it, knows that a hot wallet can not be 100% secure. Look at all the big hacks last year.
I read somewhere, that they keep 10-15% of their Bitcoin in a hot wallet and the rest in cold storage. Is that too much?
Obviously you have to keep a lot of Bitcoin into hot wallets, otherwise people just couldn't withdraw them easily from the exchange.

[kokojie]

It's nearly inevitable for centralized exchanges to fall victim to hacks.

I would suggest traders look to decentralized exchanges, such as Bitshares, to trade between BTC and USD pair.

[hilariousetc]

Depends on whether they needed that many coins in their hot wallet. If they don't then it was silly but exchanges are obviously going to need a large amount of liquid funds.  Has it been confirmed what actually happened yet?

[tokeweed]

Depends on whether they needed that many coins in their hot wallet. If they don't then it was silly but exchanges are obviously going to need a large amount of liquid funds.  Has it been confirmed what actually happened yet?

still waiting... 

[NandChipProvider]

I can't say what they could have done, because they didn't tell us what they have already done.
Don't you dare mention that solvency report! Don't you fucking dare!

Before:
- Code Audit
- Penetration tests
- Monitoring 24/7
- Plan B to keep normal business alive.

After:
- Instant refund customers while investigating
requires Plan B + solvent. That should not be a problem for stamp ...
- Investigation progress report hourly / daily
Provide your customers more information, you are not a bank.


btw i don't believe them and all the "hacks".

[pbleak]

Depends on whether they needed that many coins in their hot wallet. If they don't then it was silly but exchanges are obviously going to need a large amount of liquid funds.  Has it been confirmed what actually happened yet?

No real information beyond some kind of hack though I don't know how anyone could move 19000BTC out of a site or if that is what happened. I mean it's baffling but sort of unsurprising that one day it would be targeted by a sophiscated group of dedicated hackers. Half the cloud mining companies have also collapsed in recent days. It's not a good time for our coin.

[crazy_rabbit]

After:
- Instant refund customers while investigating
requires Plan B + solvent. That should not be a problem for stamp ...
- Investigation progress report hourly / daily
Provide your customers more information, you are not a bank.
btw i don't believe them and all the "hacks".

You make a lot of assumptions. For example- why/how instant refund customers? Some people send the funds from other non-private key controlling services. Sending those funds to the address they came from would lead only to lost funds.

And what if the hackers managed to hack the 'instant refund system' so that all the funds got diverted to their own addresses? It's better to first INVESTIGATE before making any rash actions, no?

Hourly investigation report? Would that entail? "Still reading the code, still comparing the code, still analyzing the code" or "Still talking with the Police, still at the police station, still with lawyer at police station". These things unfortunately take time thats larger then 60 minute cycles.

As for what more information could they provide: What more information COULD they provide? The hacked address? Maybe the hacker is holding them for ransom with the explicit demand they not talk about it not confirm it? What if their lawyer tells them not to? What if the government advises them not to?

All told, they really are doing a very good job thus far. They have assured us there are enough funds to cover everyones balance before their notice to stop depositing- we could if we really had to, take them to court over that one. Otherwise, what can we do? Even Lehman Brothers was a scam. We can only wait and hope and build distributed/decentralized exchanges.

[NandChipProvider]

... We can only wait and hope and build distributed/decentralized exchanges ...

There will be some major hacks before its done . But yes full ack.

... Some people send the funds from other non-private key controlling services. ...

A bank will refund my funds very quickly if it is obvious that their system or my account got hacked and I'm not fault at that.
Obviously the current event is a system hack, so they should be able to refund customers very quickly.
Special accounts / addresses have to wait. They should have i plan for me and not the other way around.

- Investigation progress report hourly / daily
Provide your customers more information, you are not a bank.

Yes! I want to see as a customer what their plan is and what they are doing.
If they can't provide me any valuable or garbage information then i will assume they don't have a plan.
They don't know how to handle it and why should i ever put money on that exchange again?

"About 19.000 BTC stolen, Business suspended. We'are investigating!"
I can teach my parrot to say that. Next day my parrot may say it in reversed order.

... Maybe the hacker is holding them for ransom with the explicit demand they not talk...

If their lawyer told them not to tell, then tell us that their laywer told them not to.
An exchange don't deal with hackers. Business with malicious hackers?
Oh dear that consequence ...

It is best opportunity to proof themselves as the best exchange but they handle it like GOX.
Can you imagine stamp handle it so well that the normal business can continue after only a few hours?
Now the "financial world" hold still. Not stamp but bitcoin seems to be a joke. I'm sad.