Topic: Bitcoinica MtGox account compromised - page 19. (Read 156012 times)

You're assuming that Bitcoinica has any capital reserves, which is not the case if what Zhou has been saying all along is true - which is that Tihan injected his own money to cover the losses from the Linode hack and further injected some funds to cover some of the losses from the May intrusion.  Those injections of funds were purely to cover losses.  Zhou was quite clear that without that money Bitcoinica did not have enough assets to settle the total amount owed after the May intrusion.

It sounds like a forced reduction of 30%, which means that people would receive a total of 70% of what they are owed (so anyone who has already received 50% would get another 20% when everything has been processed).  Personally, at this stage of the game I wouldn't believe any numbers which aren't determined and verified by an independent auditor.

Found this gem by Tihan elsewhere.

http://news.ycombinator.com/item?id=4239859

I seriously doubt this. This must be an inside job!

So ... if they have stolen a third of the money destined for claims ...

First, this does not include private capital of bitcoinica and since have robbed them of their errors, are private funds that must suffer the 40k btc / usd, not our deposits. I don't understand why pay 50% and less than a reduction to 30%

Second, is the third of the money claimed?, or a third of the 50% they were paying? Because it is very different

Goxxed and Zhoutonged all at one time.

Genjix moved to Berlin some months ago - that's not a vacation. Also the Bitcoin-hackathon there was long since planned and announced by him.

Okay I laughed but said zhou and were really in a cold wallet, then surely he moved for refunds.

I am not defending, after so many security problems, it seems absurd and unnecessary to have these amounts in mtgox, among many other absurdities

I agree these are different things, but:

(emphasis mine)

You even said that this also applies to the pirateat40 case which should at least raise as many red flags as MyBitcoin.

Look, I just don't see much value in adding insult to injury - no matter how the injury came about!
You blamed the victims of MyBitcoin back then, now you're saying that blaming victims is never a good thing. Feel free to point out the whole dozen of my logical fallacies if you will - this is going too far off-topic already so I'm gonna leave it at that.

zhou and the other yes, but there are also transactions> 1000BTC, I doubt they are donations.

Let's wait and see what happens, given that there are dollars involved will surely be easier to take legal action.

They are giving away some funds already, 100btc went to zhoutong's new donation wallet (zhou is promising to match donated funds). But yes, this individual is much less sophisticated than the linode hacker and therefore more likely to be identified (and we know he's reading this forum).

Reviewing the dendrogram of the theft(https://blockchain.info/tree/11978606), these hackers seem more careless, If I'm right they move bitcoins between addresses that have been used, with multiple transactions that reveal more addresses of the same wallet, addresses that receive payments from pools etc ...

Given that more than an planned attack was opportunism in the wake of the publication of source code, it may have been precipitated.


If someone bothers to report them may even catch.

LOL hackathon....... how appropriate

In all, I'm saying, It's not like the hacker stole BTC from a respected member of the community.

It was completely their fault for not securing enough.

Given what I said, If hacker don't agree to this, it is 90%+ likely an inside job.

To be fair, many international students from the Asia-Pacific region who studying at Australian universities go home for the mid-year break.  

I'll post this again, seems nobody read it,

30% cut ?
How can 40k BTC be untraceable or easily spendable ?

Why don't we instead agree to give the hacker an honest and untainted 30% of the BTC he moved ?
By honest I mean we know who he is, we know what he did, we're happy with it, and we respect him for both getting into your gox account and returning funds.
This "hacker" is a "somwhat" tech-savvy person that achieved something worth being rewarded for.

This is not a home invasion or a physical robbery, as much as some may hate it, if we get anything stolen because of a weak password or weak security policy then we should have no-one but our-self to blame.

I think this concept should be well understood by this community.

Pro tip,
When I was using Bitcoinica :
I was doing it with an uncompromised PC, Firewall, AV(s) ect. (HARD)
I was closing my Bitcoinica browser sessions every-time I was done,
I had two account to spread the risk, both were secured with Google Authenticator, (phone app)
I had ~14 char randomly created passwords,
 different ones,
 all stored into LastPass,
With a safe lastpass password,
With a 2nd factor Yubikey, (my home pc is not considered safe on LastPass, so I have to push the button every time.)
The LastPass recovery email is dedicated to this, the password is paper stored in a safe place.
My HDD is truecrypted,
My firewire port are disabled,
I don't use a Wireless keyboard
I never leave the PC with an open session, (session autolock after ~10 min.)
...I do not have any felling it is all secure. I'm by no mean a security expert.

I had nowhere near the same value to protect and ... were not someone else assets.[/b]

IMO, This is rather basic protection scheme for a regular "geek" PC user...

Whatever your previous story, ;
In over 2 months...
You failed to disable Mt.Gox API,
You failed to protect mt. Gox with a Yubikey,
You failed to change Lastpass password,
You failed to protect Lastpass with one of their many 2nd factor auth. (some free)

Don't be surprised if people don't believe you.

WTF! And only two posts down from the above we have the following:

Bruno, I got 8.0 for IELTS, but I can't seem to understand your language.

We got the facepalm part a while ago,

Please go easy on the humor, Some people are really stressed out over this.

I can't take this anymore! My face just cramped up from laughing so hard.

Let's see if I can play just as well as you.

For those playing at home, the powers that be, prior to attending a hacking convention, put a sizable sum of bitcoins in Mt Gox (a.k.a. cold storage) so that many people owed funds to will soon receive half of what is rightfully owed them. It's the safest and best option for all concerns.

But if anything should happen, which we here in Studio A don't see anything nefarious afoot, there is a backup plan. (Zhou, are you ready in studio B?)

~Bruno~

I wish I took a picture of myself after reading the above, for I caught myself doing a real life epic facepalm.

Me: Hey, Joe. I got the $20 I owe you.
Joe: Great!
Me: First I have to take it out of my wallet and put it in Myra's purse. Then she'll take it out and give it to you.
Joe: Cool!
Joe: Waiting!
Joe: Still waiting!
Me: And poof! It's gone!
Joe: Wait, what?
Me: Next!