[ANN] KRAKEN.COM - Exchange with USD EUR GBP JPY CAD BTC LTC XRP NMC XDG STR ETH - page 167.

Atdhe

sr. member

Activity: 326

Merit: 250

Atdhe Nuhiu

Quote from: Dargo on August 03, 2016, 11:11:52 AM

Quote from: Atdhe on August 03, 2016, 10:12:28 AM

Can someone react jesus christ: https://cointelegraph.com/news/enable-2fa-kraken-accounts-compromised-funds-stolen

I recommended Kraken to MANY people and at least one guy got money stolen from Kraken even when he used 2FA and unique passwords (he is not an idiot).

I can not believe nobody responds.

To my knowledge nobody has reported having funds stolen with login 2fa enabled. However, some did have funds stolen with 2fa enabled only for funding. With 2fa for funding, it doesn't increase security unless you also enable the settings lock. This point has confused people and we are currently looking at changing it to eliminate this confusion.

I will send you PM where you can defend yourself and myself now too. Because it was me who recommended Kraken and it would help me a lot if you can put shine on that. I would like to buy a bit more now through Kraken, but I am scared since I do not know what is going on.

MatTheCat

hero member

Activity: 840

Merit: 1000

Quote from: Dargo on August 03, 2016, 11:11:52 AM

Quote from: Atdhe on August 03, 2016, 10:12:28 AM

Can someone react jesus christ: https://cointelegraph.com/news/enable-2fa-kraken-accounts-compromised-funds-stolen

I recommended Kraken to MANY people and at least one guy got money stolen from Kraken even when he used 2FA and unique passwords (he is not an idiot).

I can not believe nobody responds.

To my knowledge nobody has reported having funds stolen with login 2fa enabled. However, some did have funds stolen with 2fa enabled only for funding. With 2fa for funding, it doesn't increase security unless you also enable the settings lock. This point has confused people and we are currently looking at changing it to eliminate this confusion.

Kraken was hacked, probably by the same hackers who just hit Bitfinex, albeit for a much smaller amount of BTC.....

.....and rather than admit it, Kraken opted to raid their own customer's 'unprotected' accounts and then blame the customer for them being robbed.

Admit it u fkn rodent.

Dargo

legendary

Activity: 1820

Merit: 1000

Quote from: Atdhe on August 03, 2016, 10:12:28 AM

Can someone react jesus christ: https://cointelegraph.com/news/enable-2fa-kraken-accounts-compromised-funds-stolen

I recommended Kraken to MANY people and at least one guy got money stolen from Kraken even when he used 2FA and unique passwords (he is not an idiot).

I can not believe nobody responds.

To my knowledge nobody has reported having funds stolen with login 2fa enabled. However, some did have funds stolen with 2fa enabled only for funding. With 2fa for funding, it doesn't increase security unless you also enable the settings lock. This point has confused people and we are currently looking at changing it to eliminate this confusion.

aesma

hero member

Activity: 2604

Merit: 961

fly or die

Quote from: oinquer on August 02, 2016, 01:44:41 PM

Today i had an interesting thing to happen.

Had a position to sell at 545€ XBTEUR done at 9:xx AM
At 15PM a huge spike up to 590€ appears and my trade doesn't execute....really awesome...not.

Care to explain why anyone?

It could just be that there were other people in the order queue before you.

aesma

hero member

Activity: 2604

Merit: 961

fly or die

Quote from: MatTheCat on July 28, 2016, 07:51:02 AM

Quote from: HPt on July 28, 2016, 06:27:09 AM

Quote from: HPt on February 07, 2016, 01:35:29 PM

I wonder, whether I am the only one who considers it disturbing that Kraken's two-factor authentication, e.g. for withdrawing funds, can easily be by-passed by simply changing the authentication method. For example, despite having Yubikey enabled for withdrawing funds, it is possible to withdraw funds without possessing the Yubikey (and without knowing the Master key) as follows:
1. Go to Security/Two-Factor Authentication
2. Click on the "Edit/View details" link for Funding
3. Change Method to Password
4. Set a new password (no Yubikey and no master key is required!)
5. Go to Funding/Withdraw
6. Add a new address and withdraw funds to it using the newly set password
So, anyone who is able to log in to a Kraken account or catches a browser with an open Kraken session is able to deplete this account.
I reported this vulnerability to Kraken more than two weeks ago. According to Kraken, this behaviour is intended and can be suppressed by going to Settings/Account and enabling "Global Settings Lock". However, I wonder who is aware of the fact that, without this "Global Settings Lock", the two-factor authentication is completely ineffective.

I just heard that some Kraken accounts were compromised a week ago. So, I take this opportunity to bring up the issue above (for the third time!), because it is still not addressed.

Kraken's system is set up to facilitate theft, and also offer plausible deniabilty.....i.e. "we offered you the security procedures to protect your account, but u never used them, etc etc".

That's ridiculous. They offer incredible safety features, they just don't impose them on you because they know they will turn off many people.

I have in fact set the global settings lock on my account more than a year ago and now can't change my settings because I've lost the key (I know I have it somewhere, can't remember where). I still can withdraw my funds fortunately.

Atdhe

sr. member

Activity: 326

Merit: 250

Atdhe Nuhiu

Can someone react jesus christ: https://cointelegraph.com/news/enable-2fa-kraken-accounts-compromised-funds-stolen

I recommended Kraken to MANY people and at least one guy got money stolen from Kraken even when he used 2FA and unique passwords (he is not an idiot).

I can not believe nobody responds.

Serpens66

legendary

Activity: 2968

Merit: 1133

Quote from: oinquer on August 02, 2016, 01:44:41 PM

Today i had an interesting thing to happen.

Had a position to sell at 545€ XBTEUR done at 9:xx AM
At 15PM a huge spike up to 590€ appears and my trade doesn't execute....really awesome...not.

Care to explain why anyone?

this is a known bug, it happend 3 times within the past 3 days. It is just a bug that shows an order for ~590€, but this trade did not happen, so nothing else is executed.
You can also see the 3 spikes at bitcoinity

oinquer

member

Activity: 94

Merit: 10

Today i had an interesting thing to happen.

Had a position to sell at 545€ XBTEUR done at 9:xx AM
At 15PM a huge spike up to 590€ appears and my trade doesn't execute....really awesome...not.

Care to explain why anyone?

MatTheCat

hero member

Activity: 840

Merit: 1000

Quote from: HPt on July 28, 2016, 06:27:09 AM

Quote from: HPt on February 07, 2016, 01:35:29 PM

I wonder, whether I am the only one who considers it disturbing that Kraken's two-factor authentication, e.g. for withdrawing funds, can easily be by-passed by simply changing the authentication method. For example, despite having Yubikey enabled for withdrawing funds, it is possible to withdraw funds without possessing the Yubikey (and without knowing the Master key) as follows:
1. Go to Security/Two-Factor Authentication
2. Click on the "Edit/View details" link for Funding
3. Change Method to Password
4. Set a new password (no Yubikey and no master key is required!)
5. Go to Funding/Withdraw
6. Add a new address and withdraw funds to it using the newly set password
So, anyone who is able to log in to a Kraken account or catches a browser with an open Kraken session is able to deplete this account.
I reported this vulnerability to Kraken more than two weeks ago. According to Kraken, this behaviour is intended and can be suppressed by going to Settings/Account and enabling "Global Settings Lock". However, I wonder who is aware of the fact that, without this "Global Settings Lock", the two-factor authentication is completely ineffective.

I just heard that some Kraken accounts were compromised a week ago. So, I take this opportunity to bring up the issue above (for the third time!), because it is still not addressed.

Kraken's system is set up to facilitate theft, and also offer plausible deniabilty.....i.e. "we offered you the security procedures to protect your account, but u never used them, etc etc".

HPt

member

Activity: 70

Merit: 15

Quote from: HPt on February 07, 2016, 01:35:29 PM

I wonder, whether I am the only one who considers it disturbing that Kraken's two-factor authentication, e.g. for withdrawing funds, can easily be by-passed by simply changing the authentication method. For example, despite having Yubikey enabled for withdrawing funds, it is possible to withdraw funds without possessing the Yubikey (and without knowing the Master key) as follows:
1. Go to Security/Two-Factor Authentication
2. Click on the "Edit/View details" link for Funding
3. Change Method to Password
4. Set a new password (no Yubikey and no master key is required!)
5. Go to Funding/Withdraw
6. Add a new address and withdraw funds to it using the newly set password
So, anyone who is able to log in to a Kraken account or catches a browser with an open Kraken session is able to deplete this account.
I reported this vulnerability to Kraken more than two weeks ago. According to Kraken, this behaviour is intended and can be suppressed by going to Settings/Account and enabling "Global Settings Lock". However, I wonder who is aware of the fact that, without this "Global Settings Lock", the two-factor authentication is completely ineffective.

I just heard that some Kraken accounts were compromised a week ago. So, I take this opportunity to bring up the issue above (for the third time!), because it is still not addressed.

MatTheCat

hero member

Activity: 840

Merit: 1000

Quote from: apuestascoin on July 28, 2016, 03:26:30 AM

In bitcoin world always have the 2FA enabled ,

Always trading with them since years without any problem Wink

and what about those who did have 2FA enabled, but who still got robbed, cos the hackers turned 2FA off in the Kraken accounts with simple use of the account password?

My brother traded on MtGox for years without any problems......until one day when there was a problem.

Kraken are either grossly incompetent, corrupt, or both.

THE ONLY exchange that doesn't operate email verification as a bare minimum (they don't do Email verification at all) before processing withdrawals, and then they turn around and tell Joe that their shockingly inept security is Joe's problem!?

Quote

"Dear Joe, we here at Kraken are very sorry about your recent loss, but you never had 2FA enabled, now fuck off!
Yours Sincerely

Kraken Support Team

P.S. If you are one of those who did have 2FA enabled but still got robbed, then you can fuck off as well. You won't get a penny out of us!"

apuestascoin

hero member

Activity: 586

Merit: 500

Gambling bitcoin webmaster

In bitcoin world always have the 2FA enabled ,

Always trading with them since years without any problem Wink

MatTheCat

hero member

Activity: 840

Merit: 1000

Quote from: LouisVuitton on July 20, 2016, 04:45:57 PM

Kraken has definitely improved lately, love it.

LOL...U must be the thief who empited all those Kraken accounts without 2FA enabled?

redsn0w

legendary

Activity: 1778

Merit: 1043

#Free market

Quote from: becoin on July 24, 2016, 03:40:36 AM

Quote from: redsn0w on July 24, 2016, 02:50:34 AM

@Dargo, will you add (as exchange) ethereum classic?

Actaully you can't add something that already exists. Ethereum classic is ethereum. Ethereum forked is the new version that must be added. This trading pair should be represented ETH/ETF. To avoid any confusion with Exchange-Traded Fund (ETF abbr) four letter representation would be better - ETHC/ETHF.

Btw they now have ethereum HF (hardfork) on kraken.com, my question was if they have the intention to add ethereum classic (ETC, the same one on poloniex). Basically the original chain that didn't agree with the DAO hard-fork, just download the client from etheremclassic.org and run it together.

becoin

legendary

Activity: 3431

Merit: 1233

Quote from: redsn0w on July 24, 2016, 02:50:34 AM

@Dargo, will you add (as exchange) ethereum classic?

Actaully you can't add something that already exists. Ethereum classic is ethereum. Ethereum forked is the new version that must be added. This trading pair should be represented ETH/ETF. To avoid any confusion with Exchange-Traded Fund (ETF abbr) four letter representation would be better - ETHC/ETHF.

redsn0w

legendary

Activity: 1778

Merit: 1043

#Free market

@Dargo, will you add (as exchange) ethereum classic?

dsattler

legendary

Activity: 924

Merit: 1000

Quote from: Dargo on July 23, 2016, 04:43:39 PM

Quote from: dsattler on July 23, 2016, 12:48:35 PM

Quote from: Dargo on July 23, 2016, 12:29:57 PM

Quote from: dsattler on July 23, 2016, 12:08:54 PM

I've found it in their support FAQ:

Quote

Lumen (XLM) : Transactions are immediate

(OK, now I'm answering my own questions! Cheesy

)

As my deposit was one hour ago, I've filed a support request... again. Roll Eyes

I guess kraken doesn't like me... Cry

I can help you better if you DM me your support ticket number, but I think I found it and I asked the support team to look into it.

Sent you a PM, thanks!

Our XLM gateway wasn't syncing correctly with the network but it was fixed several hours ago and your deposit should be credited.

Issue resolved and I was immediately contacted by the support about it.
Good job.

Dargo

legendary

Activity: 1820

Merit: 1000

Quote from: Newcoins2020 on July 23, 2016, 03:23:16 PM

Quote from: LouisVuitton on July 20, 2016, 04:45:57 PM

Kraken has definitely improved lately, love it.

I find their support worse then before. it takes more time to answer tickets on basic questions. Withdrawals f.e..
Today I got a mail though that their credited the stellar giveaway automatically which makes me happy..

I think LV meant the performance of the website and API. Our support has been under heavy load for a while now, so yes it's taking longer to reply.

Dargo

legendary

Activity: 1820

Merit: 1000

Quote from: dsattler on July 23, 2016, 12:48:35 PM

Quote from: Dargo on July 23, 2016, 12:29:57 PM

Quote from: dsattler on July 23, 2016, 12:08:54 PM

I've found it in their support FAQ:

Quote

Lumen (XLM) : Transactions are immediate

(OK, now I'm answering my own questions! Cheesy

)

As my deposit was one hour ago, I've filed a support request... again. Roll Eyes

I guess kraken doesn't like me... Cry

I can help you better if you DM me your support ticket number, but I think I found it and I asked the support team to look into it.

Sent you a PM, thanks!

Our XLM gateway wasn't syncing correctly with the network but it was fixed several hours ago and your deposit should be credited.

Newcoins2020

sr. member

Activity: 406

Merit: 250

Quote from: LouisVuitton on July 20, 2016, 04:45:57 PM

Kraken has definitely improved lately, love it.

I find their support worse then before. it takes more time to answer tickets on basic questions. Withdrawals f.e..
Today I got a mail though that their credited the stellar giveaway automatically which makes me happy..

Topic: [ANN] KRAKEN.COM - Exchange with USD EUR GBP JPY CAD BTC LTC XRP NMC XDG STR ETH - page 167. (Read 629033 times)