Pages:
Author

Topic: Another Hack https://bitcoin-central.net/ (Read 3019 times)

hero member
Activity: 756
Merit: 522
Good security approach. Hackers you are welcome to inspect code and hack us!

https://github.com/davout/bitcoin-central
You'd prefer a security through obscurity approach?

What are passwords iyo?
newbie
Activity: 11
Merit: 0
Good security approach. Hackers you are welcome to inspect code and hack us!

https://github.com/davout/bitcoin-central
You'd prefer a security through obscurity approach?
hero member
Activity: 868
Merit: 1000
Well, as far as i can tell this isn't exactly their fault. I'm assuming that they'll actually be installing their own servers in a data center instead of renting a VPS at OVH...

I'd be surprised if the top level package offered by OVH allowed for password reset without some kind of verification.  We've had this situation before where it turns out that hosting services had available top tier packages but Bitcoin services were using lower tier packages meant for less critical operations.

It is the fault of service providers if they choose hosting services without knowing that a password can be reset without verification.  That's the kind of stuff you research before you choose a provider.
sr. member
Activity: 462
Merit: 250
Clown prophet
Good security approach. Hackers you are welcome to inspect code and hack us!

https://github.com/davout/bitcoin-central
hero member
Activity: 868
Merit: 1000
Well, as far as i can tell this isn't exactly their fault. I'm assuming that they'll actually be installing their own servers in a data center instead of renting a VPS at OVH...

If you have something that's very important to take care of, would you leave it in the hands of some random service provider, og would you ensure you hosted it on a dedicated server, in an environment or facility where you had physical access to it, and where strict security restrictions were present ?

Using a third party hosting provider that might not even be aware of all the valuable information stored on your servers, that's asking for a disaster to happen. Although it might be a breach at the hosting provider, that's still Paymium's fault, as they trusted them with the responsibility in the first place.

To me, it seems like their security is not up to bank level standards at the very least.. They're hacked 3 times now (that we know of), bitcoin-central twice and instawallet once.
newbie
Activity: 11
Merit: 0
Well, as far as i can tell this isn't exactly their fault. I'm assuming that they'll actually be installing their own servers in a data center instead of renting a VPS at OVH...
member
Activity: 106
Merit: 10
sr. member
Activity: 280
Merit: 250
BTC-E are Russian. In Russia, Exchanges don't get hacked, Hackers runs the Exchange.

In America you can hack an exchange, in Russia exchange hacks you.
hero member
Activity: 714
Merit: 500
Psi laju, karavani prolaze.
Yet another disconcertingly amateurish operation. I am curious what your 'banking partner' thinks of your clearly lax approach to security? Your services appear to have more holes than one of your expensive French cheeses.
Swiss cheese have holes, not french ones.

Mimolette has holes though not quite so many as a Swiss Emmentaler. Funny enough France is one of the biggest producers of Emmentaler regardless due to a legal loophole.

According to sloveny somalians, cheese is also an expression for money.
full member
Activity: 134
Merit: 100
Yet another disconcertingly amateurish operation. I am curious what your 'banking partner' thinks of your clearly lax approach to security? Your services appear to have more holes than one of your expensive French cheeses.
Swiss cheese have holes, not french ones.

Mimolette has holes though not quite so many as a Swiss Emmentaler. Funny enough France is one of the biggest producers of Emmentaler regardless due to a legal loophole.

As does the French edition of Gruyère: http://www.frenchfoodintheus.org/spip.php?article4173 - but pedantry aside, it should not distract from the serious issue of trusting your funds to a company which seems wholly incapable handling them securely. 
hero member
Activity: 952
Merit: 1009
Yet another disconcertingly amateurish operation. I am curious what your 'banking partner' thinks of your clearly lax approach to security? Your services appear to have more holes than one of your expensive French cheeses.
Swiss cheese have holes, not french ones.

Mimolette has holes though not quite so many as a Swiss Emmentaler. Funny enough France is one of the biggest producers of Emmentaler regardless due to a legal loophole.
member
Activity: 83
Merit: 10
Yet another disconcertingly amateurish operation. I am curious what your 'banking partner' thinks of your clearly lax approach to security? Your services appear to have more holes than one of your expensive French cheeses.
Swiss cheese have holes, not french ones.
full member
Activity: 134
Merit: 100
Yet another disconcertingly amateurish operation. I am curious what your 'banking partner' thinks of your clearly lax approach to security? Your services appear to have more holes than one of your expensive French cheeses.
hero member
Activity: 868
Merit: 1000
Herodes, instead of posting condescending stupidities, I advise you to read our annoucement regarding this hack.
I do have a report from the security consultants  but will not share it with you since you seem to know everything on anything already.
By the way, get a life: it seems you are lurking on this forum just to spit your venom.

Here we have the sign of who and what Boussac represents. Don't give bitcoin-central any business.
hero member
Activity: 952
Merit: 1009
What does bitcoin-central have to do with btc-e?

If BTC-e claim to have full reserve backing of funds....was my question

Now, now, what have we learned about claims in the BTC economy?
legendary
Activity: 1221
Merit: 1025
e-ducat.fr
Herodes, instead of posting condescending stupidities, I advise you to read our annoucement regarding this hack.
I do have a report from the security consultants  but will not share it with you since you seem to know everything on anything already.
By the way, get a life: it seems you are lurking on this forum just to spit your venom.
hero member
Activity: 868
Merit: 1000
Congratulations Bitcoin-Central.

Just putting this up here for everyone to gawk at:
Source: https://bitcointalksearch.org/topic/m.1783407

I would advise them to consult an indpendent company for a complete security audit of their IT systems.

How condescending .
Had you read my posts, you would have known that we did hire experts without waiting for your advice..
We rebuilt a complete production environment from scratch.


Yepp, it really is a shame, that there are persons that act in a seemingly 'condescending' way. Let's be personally insulted, and don't care for real security.
full member
Activity: 140
Merit: 100
Mining FTW
https://bitcoin-central.net/
Were hacked....I maybe slowpoke.jpg but at least they claim they have full reserve...does BTC-e make this claim?Huh

BTC-E are Russian. In Russia, Exchanges don't get hacked, Hackers runs the Exchange.
Hence why Russian Exchanges are so good for BTC Smiley
hero member
Activity: 602
Merit: 500
Vertrau in Gott
https://bitcoin-central.net/
Were hacked....I maybe slowpoke.jpg but at least they claim they have full reserve...does BTC-e make this claim?Huh

BTC-E are Russian. In Russia, Exchanges don't get hacked, Hackers runs the Exchange.

 Grin Grin
legendary
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
https://bitcoin-central.net/
Were hacked....I maybe slowpoke.jpg but at least they claim they have full reserve...does BTC-e make this claim?Huh

For all we know this is an emotional fallacy, where the reputation increases with more "illusion of trust" while there is no hacking going on all while at the same time showing trust that the hacks will get fix.
Pages:
Jump to: