Topic: Bitcoin Conference 2012- London 15-16 Sept | ANNOUNCEMENT sponsorship available! - page 8. (Read 60311 times)

You've brought this point a few times and it's total nonsense.

Nobody cares what you value the source code. The fact here is someone was willing to pay a lot of money, and releasing the source was the direct cause that they pulled back the offer. So it costed the IP valuation of whatever remains of Bitcoinica a substantial amount of money, of which whoever released the code is liable.

Perhaps because people were overestimating the quality of the code, perhaps because of the "brand name" Bitcoinica once had (also severely damaged by the release), perhaps because it wasn't worth it and the release just proved it. Or simply because it made it trivial to make a clone that people would immediately recognise as equivalent. If doesn't f***ing matter. It also doesn't matter what you would pay a developer to do it from scratch, if it was secret nobody would know if there was something really unique and unbeatable in that code that wouldn't be doable within that budget. Your hindsight reasoning simply doesn't matter.

It was a mistake with serious implications for everybody affected. And that's not even touching the issue about the MtGox key working as password in lastpass.

It's the explanation which fits the narrative offered by Zhou.  That by no means validates its truth.  As Amir pointed out just after the discovery of the MtGox intrusion, whoever perpetrated the Rackspace hack gained access to the information required to breach the MtGox account. 

Given the friction which existed at camp Bitcoinica following the Rackspace hack, it's also entirely possible that while bitching to other people about one another's perceived failings, one of the insiders inadvertently disclosed critical information to an outsider.

That's because you've only met failures then.

It seems to me that Amir's involvement and level of culpability are grossly exaggerated, just like here bringing up the murder. Why not take out the big guns and bring up the Hitler analogy, shall we?

Whatever his transgressions might have been, they were outside of his area of expertise. He should be held accountable for them, but I see no reason why he shouldn't be useful to the Bitcoin community in other capacity. Calling for revenge is emotional and counterproductive.

Amir was under no obligation towards Bitcoinica's customers to keep the source code confidential. That is an internal Bitcoinica issue. And since he did not appear to have had much control over Bitcoinica in the first place, I don't see how refusing to relinquish said control could have had much effect on anything.

If anything, this says much more about the people who wish him unwell than about Amir himself.

I'm guilty, too. Too easy to get dragged in.

Back on topic: where are you guys staying... can't seem to find an affordable place. Let's start the berlin vs. london discussion again while we're off-topic?

kicking him out? what the fuck, man! the conference wouldn't even exist without him. Anyone can organize a conference, it's a free market for bitcoin conferences, dude. Don't like this one? Roll your onw. Shut up or put up!

From what I understand, it is.

With due respect, although the posting of the source code is a possible means by which someone gained the information needed to breach the MtGox account, it is not the most likely or credible explanation for how the MtGox thief obtained those credentials.

I sent a report to the mods asking them to split the thread when the derail first happened.  As they didn't do so (and it would have been easy to do it a few posts in), I'm guessing that they don't regard the posts as off-topic.

Perhaps we should request that Nefario lock this thread, and create a new one.

There are already many Bitcoinica threads...  please use those.

No matter your position on this issue, you are spamming this thread with off-topic content.  Yes, even you, genjix

Lol, is that like saying murderers are ok to murder because that's their personality type?

Putting the legalities of what Amir did aside, he DID violate his ethical obligations to Bitcoinica's customers by releasing the source code and by refusing to relinquish his control of Bitcoinica.  I don't think anyone here is questioning the legality of Amir's actions - that'll all get figured out in court.  But they have every reason to be upset at him for his actions because of the delay and potential reduction of the refunds they will now be getting as a direct result of his actions.  And those sorts of actions can't be passed off as a "personality" type.

He absolutely should be condemned by those attending the conference (and he should step out of it too).  You wouldn't sit down for lunch with a criminal after prosecuting him in the courtroom minutes earlier, so why do you expect those who are owed so much money by Amir to act cordially around him and the other Intersango guys as if they don't still owe them hundreds of thousands of dollars?

If I was in his position, I would definitely fear for my life, and wouldn't set foot anywhere near a Bitcoin gathering of any kind until the situation was resolved.  I don't know why he is so anxious to put his life in danger.  People have been killed over much smaller things.

Its quite simple really, EVERY PERSON involved or connected to Bitcoinica, its operation and ownership should NOT be involved in the operation or ownership of ANY other bitcoin-related venture because their reputation has been tainted (whether guilty or not) and will therefore taint anything they're involved with.

The bitcoin conference must be spared the controversy, or become a victim of it.


BB.

I'm picturing the head lines in 'The Sun' now:

"Silkroad induced cryptocurrency roid rage ensues!"

Several pages of arguing about Amir's involvement and responsibility instead of just kicking him out of conference planning? This won't end well.

If I understand that correctly, this API key has long been revoked. But the key was also used as a password for an entirely unrelated lastpass account. Even though this has not been said explicitly, Amir probably had no way of knowing that this is the case. Allegedly, it was Tihan who set the password, and Patrick who left it unchanged. Are you going to blame Tihan too with the same ferocity?

The developers should not have access to live system credentials anyway. That being said, if I was doing the leak, I would have sanitised the config files, even if they only contained references to testing environment access.

The hacker had to understand it as well, and realise that the key is reused in a different system.

Releasing the code may have violated the contractual obligations he had with Bitcoinica. I even agree with you it was stupid and to the extent the config files were not sanitised, negligent.

But you need to view it from the perspective of Amir's hacker-type personality. Confidential arrangements are simply not suitable for him. He should have realised this himself before getting involved in Bitcoinica and explained that he can only get involved if he is not required to compromise his ideals. It might sound silly, but that's the way it is.

For past transgressions, this of course should have no effect on the responsibilities and/or punishment. But the future is what I'm worried about. People who are different should not be condemned for all eternity. Rather, their qualities and peculiarities should be assessed impartially and not hinder mutually beneficial arrangements, as I believe the conference can be.

does _EVERY_ fucking thread have to either be about pirate or bitcoinica?

The MtGox API Key was inside the source code that Amir released!!!!

All the hacker had to do was open the file and read the code.

He had no legal right to do that, nor a moral right. It's stupid negligence.

The problem is Bitcoinica refusing refunds, not money being stolen. Money being stolen is an internal Bitcoinica issue. If anything, the loss of the database was much more influential than the loss of funds.

I would not value the source code for more than 10k, that's how much I estimate it would cost to pay a developer to write it from scratch. The value of Bitcoinica, in my opinion, was in its market share and alleged regulatory compliance. The value of infrastructure, security and business processes is zero as it was a total disaster.

Also he did not "open source" it, that's not the correct legal term.

It is sad that the deal fell apart, but again this is an internal Bitcoinica issue. Even if you were involved in the process, you're not the owner of Bitcoinica and this did not violate a contract between you and Amir, nor your property rights.

Amir != Patrick and Amir != Donald.

Amir is a hacker (in the original sense) and an activist. He's not a businessman and has, in my opinion, a poor business judgement. But with respect to the objections brought here against him, even when they are in a causal connection with the fiasco, the relationship is either weak or not legally relevant for the creditors.

To the extent where he violated contracts and/or property rights, he can be sued, in particular the Wendon group (and now Bitcoinica represented by the receiver/liquidator) probably has a strong claim. Other than that, simply don't entrust him with confidential information and larger amounts of money. There is no reason for hostilities.

1.  It is my problem because it was my money that was stolen.

2. There was a deal in the works for Bitcoinica to be sold for enough money to cover the entire shortfall for returning customer funds. That deal fell apart because Amir open sourced the code. Open sourcing it destroyed most of its value in the eyes of the potential buyers.

3.  Between Amir, Patrick, and Donald, they had total control.  All we needed was for two of the three to cooperate and every creditor would be much better off today, and likely have %100 of their money back.  Instead Patrick lied to me via email, and again right to my face when I met him in SF. Amir and Donald refused to even reply to emails.

The best thing they the three of them can do for Bitcoin is to leave forever!

The theft is an internal issue of Bitcoinica. Yes, it's a bad security practice, yes, it could be a contract violation. But it's not our (creditors') problem.

Amir did not destroy it, he published it. This does not invalidate the copyright claim of Bitcoinica so it cannot be used by a competitor directly without approval. Furthermore, the hedging algorithm (which is the only thing that can hypothetically be considered valuable, everything else is glue and UI) wasn't performing well and was supposed to be changed anyway. I looked at the the source code, and the hedging algorithm appears to be very simple (I wrote and ran an arbitrage bot between Mt. Gox and Tradehill in the past so I know a bit about it). It appears to me that it just sets up a single order in the "underhedged" sum per job run and then leaves the position open until it either executes or the available reserves go to zero and then it cancels all open orders. That's not exactly rocket science.

I don't know the exact contents of your negotiations, but since he did not appear to have much control in the first place, it probably would have had very little practical effect if he agreed.