Bitcoin Forum
December 09, 2016, 11:26:53 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 »
  Print  
Author Topic: Bitcoinica MtGox account compromised  (Read 145927 times)
mc_lovin
Legendary
*
Offline Offline

Activity: 1134


www.bitcointrading.com


View Profile WWW
July 13, 2012, 05:01:12 PM
 #221

did anyone else find it ironic that this happened on friday the 13th?  

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481326013
Hero Member
*
Offline Offline

Posts: 1481326013

View Profile Personal Message (Offline)

Ignore
1481326013
Reply with quote  #2

1481326013
Report to moderator
1481326013
Hero Member
*
Offline Offline

Posts: 1481326013

View Profile Personal Message (Offline)

Ignore
1481326013
Reply with quote  #2

1481326013
Report to moderator
Vod
Legendary
*
Offline Offline

Activity: 1862


Licking my boob since 1970


View Profile WWW
July 13, 2012, 05:07:01 PM
 #222

did anyone else find it ironic that this happened on friday the 13th?  

Nope.  But I don't believe in a sky fairy either...

I'm into creating universes, smiting people, writing holy books and listening to prayers.
If you want your prayers answered, you must donate to 1CDyx8AUTiYXS1ThcBU3vy4SJWQq6pdFMH
wknight
Legendary
*
Offline Offline

Activity: 889


Bitcoin calls me an Orphan


View Profile WWW
July 13, 2012, 05:07:30 PM
 #223

Bitcoinica is a fucking joke

Mining Both Bitcoin and Litecoin.
muyuu
Donator
Legendary
*
Offline Offline

Activity: 924



View Profile
July 13, 2012, 05:15:22 PM
 #224

Fool me once, shame on you.
Fool me four times, I'm a fucking idiot  Cheesy

GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
doobadoo
Sr. Member
****
Offline Offline

Activity: 364


View Profile
July 13, 2012, 05:18:02 PM
 #225

Dont Get Zhou Tong'd!

https://www.youtube.com/watch?v=kdvTkddp1F0

Bam, Bam, Dilla!

"It is, quite honestly, the biggest challenge to central banking since Andrew Jackson." -evoorhees
tseale
Donator
Newbie
*
Offline Offline

Activity: 18


View Profile
July 13, 2012, 05:18:05 PM
 #226

Suffice to say that Mr Taaki's statement grossly misportrays circumstances of the theft and fails to acknowledge his ultimate responsibility.
aq
Full Member
***
Offline Offline

Activity: 238


View Profile
July 13, 2012, 05:20:44 PM
 #227

Fool me once, shame on you.
Fool me four times, I'm a fucking idiot  Cheesy

There is probably a lot of truth in this.

whoBTCUSDTotal @5Total @7.75
BadBitcoin0500050005000
lonelyminer476602383035745
MemoryDealers248410124205192517.75
guruvan5000500500
ninjarobot??3862638626
Yankee (BitInstant)????
xjin50080001050011875
dizzy1500250387.5

Maybe we should ask why all those people had that much funds there...?
dancingnancy
Sr. Member
****
Offline Offline

Activity: 407


View Profile
July 13, 2012, 05:23:33 PM
 #228

Fool me once, shame on you.
Fool me four times, I'm a fucking idiot  Cheesy

There is probably a lot of truth in this.

whoBTCUSDTotal @5Total @7.75
BadBitcoin0500050005000
lonelyminer476602383035745
MemoryDealers248410124205192517.75
guruvan5000500500
ninjarobot??3862638626
Yankee (BitInstant)????
xjin50080001050011875
dizzy1500250387.5

Maybe we should ask why all those people had that much funds there...?


Why the fuck is it your business?
proudhon
Legendary
*
Offline Offline

Activity: 1148



View Profile
July 13, 2012, 05:23:33 PM
 #229

Bitcoinica is a fucking joke

The bigger joke is on us, the community of bitcoin users, for putting so much value in a 3rd party service.  In our craze to accumulate more bitcoins we basically brushed off the one of the biggest features - that we can secure the money ourselves.  I was part of it for a time, regretfully.  I almost transferred over 1000BTCs to bitcoinica at one point, and then at the last minute decided it was too risky.  Not long after that everything went to shit.  I got extremely luck that I only had 170 or so bitcoins in there, and now more than ever I appreciate the value of being able to secure them myself.
elux
Legendary
*
Offline Offline

Activity: 1454



View Profile
July 13, 2012, 05:24:42 PM
 #230

Dont Get Zhou Tong'd!

https://www.youtube.com/watch?v=kdvTkddp1F0

Bam, Bam, Dilla!


It would appear that a lot of misinformation has circulated since the date of my last post. Considering the many inconsistencies, I will assume astute readers here have already discounted the versions of facts presented by the Consultancy.

Since some of the story-telling is directed at me personally I wish to make a few things clear. I had no responsibility for Bitcoinica security ever. That would certainly be an improper role for me. I am not a security expert, nor have I ever claimed to be. My role was to oversee the investment in Bitcoinica and help facilitate the transfer to new management.

The Consultancy members accepted that responsibility on April 24 as operators and General Partners of Bitcoinica LP. There is ample written documentation to confirm this.  

Upon closing of that transaction, login credentials for all services were handed off to the Consultancy in person. All credentials were encrypted by a reputable password management service. I claim no expertise to judge the security of the master password but it was very long. Its status as a master password and its use in all respects were fully understood by the Consultancy upon acceptance.


You got Zhou Tonged, Tihan.
kokjo
Legendary
*
Offline Offline

Activity: 1050

You are WRONG!


View Profile
July 13, 2012, 05:25:30 PM
 #231

It would appear that a lot of misinformation has circulated since the date of my last post. Considering the many inconsistencies, I will assume astute readers here have already discounted the versions of facts presented by the Consultancy.

Since some of the story-telling is directed at me personally I wish to make a few things clear. I had no responsibility for Bitcoinica security ever. That would certainly be an improper role for me. I am not a security expert, nor have I ever claimed to be. My role was to oversee the investment in Bitcoinica and help facilitate the transfer to new management.

The Consultancy members accepted that responsibility on April 24 as operators and General Partners of Bitcoinica LP. There is ample written documentation to confirm this.  

Upon closing of that transaction, login credentials for all services were handed off to the Consultancy in person. All credentials were encrypted by a reputable password management service. I claim no expertise to judge the security of the master password but it was very long. Its status as a master password and its use in all respects were fully understood by the Consultancy upon acceptance.

If the Consultancy deemed this password to be unfit for ongoing use, they certainly had the opportunity and the duty to change it. Their reputation and claims of being security experts was a primary consideration for entrusting them with Bitcoinica's management.  

There are still a lot of unknowns surrounding recent events but the Consultancy's responsibility for Bitcoinica and its password security is not one of them. The fund will be considering all legal options.
would you please post here more offen? i would be good, the intersango/bitcoin consultancy/bitcoinica consultancy people, seems not to know shit about anything, and they are really good at fucking up PR...

also they said that you was fired? is it true? or just another lie from them?

"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell
BadBitcoin (James Sutton)
Donator
Sr. Member
*
Offline Offline

Activity: 451



View Profile
July 13, 2012, 05:25:35 PM
 #232

Fool me once, shame on you.
Fool me four times, I'm a fucking idiot  Cheesy

There is probably a lot of truth in this.

whoBTCUSDTotal @5Total @7.75
BadBitcoin0500050005000
lonelyminer476602383035745
MemoryDealers248410124205192517.75
guruvan5000500500
ninjarobot??3862638626
Yankee (BitInstant)????
xjin50080001050011875
dizzy1500250387.5

Maybe we should ask why all those people had that much funds there...?



I read the entire TOS, I felt protected.

The level of personal security of each account was an order of magnitude higher than my banks, I had a 24 character password that was essentially a hash key, as well as a google authenticator with my smart phone, best part?
 I was using bitcoinica as an exchange, I just deposited my money in my account and was planning on turning into btc that same day for an investment with starfish BCB, then the hack happened.

I did my due dilligence on the company, and the risk of the company becoming insolvent was low at that time, please don't get angry at me for believing personal security measures was enough.

Take a look at my  machine learning/economics/engineering blog!
www.learningann.wordpress.com
Luceo
Sr. Member
****
Offline Offline

Activity: 350


Per aspera ad astra!


View Profile
July 13, 2012, 05:34:38 PM
 #233

So glad that I bypassed this nightmare of a service, personally.

I'm sorry to say that I foresee a long and bloody legal battle ahead for all those involved with Bitcoinica. I fully expect this to be the basis of the first Bitcoin class action lawsuit.

You do not handle a million dollars without insurance, lessons will be learned and the users should not be the ones paying for your gross negligence.

officialsavage
Full Member
***
Offline Offline

Activity: 154



View Profile
July 13, 2012, 05:35:51 PM
 #234

https://bitcointalk.org/index.php?topic=53315.msg635291#msg635291

I thought you needed a YUBIKEY to withdrawal that amount!

PLAN B

Doesn't this make the case right here?  It was admitted they needed a YUBIKEY to make a withdrawal from MT Gox in that post.
defxor
Hero Member
*****
Offline Offline

Activity: 530


View Profile
July 13, 2012, 05:42:50 PM
 #235

All credentials were encrypted by a reputable password management service. I claim no expertise to judge the security of the master password but it was very long. Its status as a master password and its use in all respects were fully understood by the Consultancy upon acceptance.

If the Consultancy deemed this password to be unfit for ongoing use, they certainly had the opportunity and the duty to change it.

Who created that account and configured it to use that particular master password?

If it was someone with basic security knowledge, it's a setup to be able to claim plausible deniability later.

If it wasn't, well, then it's just bad security practices not having changed it knowing its origin.

caveden
Legendary
*
Offline Offline

Activity: 1106



View Profile
July 13, 2012, 05:45:51 PM
 #236

https://bitcointalk.org/index.php?topic=53315.msg635291#msg635291

I thought you needed a YUBIKEY to withdrawal that amount!

PLAN B

Doesn't this make the case right here?  It was admitted they needed a YUBIKEY to make a withdrawal from MT Gox in that post.

The post says that they had two accounts, one with Yubikey, another without, and that they were trying to get the limits of the one without Yubikey raised...

18rZYyWcafwD86xvLrfuxWG5xEMMWUtVkL
aq
Full Member
***
Offline Offline

Activity: 238


View Profile
July 13, 2012, 05:49:05 PM
 #237

I read the entire TOS, I felt protected.

The level of personal security of each account was an order of magnitude higher than my banks, I had a 24 character password that was essentially a hash key, as well as a google authenticator with my smart phone, best part?
 I was using bitcoinica as an exchange, I just deposited my money in my account and was planning on turning into btc that same day for an investment with starfish BCB, then the hack happened.

I did my due dilligence on the company, and the risk of the company becoming insolvent was low at that time, please don't get angry at me for believing personal security measures was enough.
So it was no issue for you that they had been hacked a few times before?
Slowly I am starting to understand why they still believe that they can continue running Bitcoinica in the future. In a year from now, everyone will say "yes, they got hacked some 20 times, but I feel that it wont happen again".
hazek
Legendary
*
Offline Offline

Activity: 1078


View Profile
July 13, 2012, 05:50:18 PM
 #238

The fund will be considering all legal options.

Uh oh

That's exactly what my reaction was.

My personality type: INTJ - please forgive my weaknesses (Not naturally in tune with others feelings; may be insensitive at times, tend to respond to conflict with logic and reason, tend to believe I'm always right)

If however you enjoyed my post: 15j781DjuJeVsZgYbDVt2NZsGrWKRWFHpp
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
July 13, 2012, 05:50:36 PM
 #239

i'm so glad i avoided Bitcoinica like a plague as well.  i spent 2 solid months late last yesterday grilling Zhou on his Bitcoinica threads and pointing out flaws in his trading algorithm.  turns out his security skills were just as bad.
iCEBREAKER
Legendary
*
Offline Offline

Activity: 1512


Crypto is the separation of Power and State.


View Profile WWW
July 13, 2012, 05:51:31 PM
 #240


As far as Mt.Gox is concerned and as Genjix explained, we did not suffer any breach or any hack, all other account are safe and the thief only targeted Bitconica's account. Mark (MagicalTux) has been in contact with many Bitcoin players since this announcement and offered any help we can give, but unfortunately all funds (USD & BTC) are no longer within our reach.

Once again, someone with a US IP succeed to get Bitcoinica's account credential which did not trigger any alarms since they were fully identified. Since Bitconica's account was a verified account the owner of this account asked (This happened when Zhou was still controlling Bitconica) to have his limits lifted to the maximum possible, giving the possibility to the thief to move Bitcoinica's assets to another external account (External to MtGox).

Despite our effort on securing Mt.Gox and protecting everyone's asset I would like to remind everyone that it is also your responsibility to secure your account with a very strong password and use either a Yubikey or Google Auth (You can even use both at the same time).

Mt.Gox

-- EDIT --

We would like to stress that Mt.Gox Verified Bitconica as a Company and NOT as an Individual.


The difference between bad and well-developed digital cash will determine whether we have a dictatorship or a real democracy.  David Chaum 1996
Fungibility provides privacy as a side effect.  Adam Back 2014
"Monero" : { Private - Auditable - 100% Fungible - Flexible Blocksize - Wild & Free® - Intro - Wallets - Podcats - Roadmap - Dice - Blackjack - Github - Android }


Bitcoin is intentionally designed to be ungovernable and governance-free.  luke-jr 2016
Blocks must necessarily be full for the Bitcoin network to be able to pay for its own security.  davout 2015
Blocksize is an intentionally limited resource, like the 21e6 BTC limit.  Changing it degrades the surrounding economics, creating negative incentives.  Jeff Garzik 2013


"I believed @Dashpay instamine was a bug & not a feature but then read: https://bitcointalk.org/index.php?topic=421615.msg13017231#msg13017231
I'm not against people making money, but can't support questionable origins."
https://twitter.com/Tone_LLT/status/717822927908024320


The raison d'être of bitcoin is trustlessness. - Eric Lombrozo 2015
It is an Engineering Requirement that Bitcoin be “Above the Law”  Paul Sztorc 2015
Resiliency, not efficiency, is the paramount goal of decentralized, non-state sanctioned currency -Jon Matonis 2015

Bitcoin is intentionally designed to be ungovernable and governance-free.  luke-jr 2016

Technology tends to move in the direction of making surveillance easier, and the ability of computers to track us doubles every eighteen months. - Phil Zimmerman 2013

The only way to make software secure, reliable, and fast is to make it small. Fight Features. - Andy Tanenbaum 2004

"Hard forks cannot be co
Pages: « 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!