Pages:
Author

Topic: bitfloor needs your help! - page 23. (Read 177473 times)

legendary
Activity: 2940
Merit: 1090
September 06, 2012, 01:58:30 AM
Well sadly Stephen was misinformed and likely turned a bad situation into a worse one.  His talk of injunctions and criminal activity were simply false.  I am just not certain if it was coming from a place of intentional malfeasance or simple ignorance.

Here:

Quote
But once a corporation reaches insolvency, the fiduciary duties that once flowed to equity-holders divert instead to creditors. Again quoting the Delaware Supreme Court, "the corporation's insolvency makes the creditors the principal constituency injured by any fiduciary breaches that diminish the firm's value.

Quote
But once the moment of insolvency arrives, as the Delaware Court of Chancery has explained, "the creditors become the enforcement agents of fiduciary duties because the corporation's wallet cannot handle the legal obligations owed." The court continued: "Because, by contract, the creditors have the right to benefit from the firm's operations until they are fully repaid, it is they who have an interest in ensuring that the directors comply with their traditional fiduciary duties of loyalty and care."

 - http://www.faegrebd.com/8365

tl;dr: Things change when your organization becomes insolvent.

I am not a lawyer, but I'm aware that in the U.S., bad things can happen to you as an officer or director if you then take action after establishing insolvency that ends up further harming your creditors -- especially actions which might favor one creditor over another.  Now customer funds are even more sacrosanct.  My argument was that legal counsel should be obtained BEFORE paying out one single dime.

Roman had reopened the site to allow ACH withdrawals so I was making the argument that the only way to stop it was to get an injunction filed.

Personally, I don't have that many BTC involved and have already mentally booked mine as a total write off.  I could see though how Roman might be persuaded because releasing USDs to depositors would mean some people (those with USD balances) would be less pissed off -- though others (those with BTC balances), would be more pissed off.  But an insolvent organization no longer does what is best for the company or for its shareholders and instead is in dire need of legal advice before taking further action.

It looks like that might be what then happened.

I hope to cover this stuff for my Open Transactions server by taking the position that although the tokens representing assets are intended to do so in a non fractional reserve manner, nonetheless the actions of theives, acts of god, force majeur etc could contrive to force some of those tokens into being fractional (or even zero) reserve; but that each type of token is independent such that loss of dollars to back dollar tokens would cause only those tokens into being less thasn full reserve, whereas tokens representing assets not lost would remain fully backed.

Not sure how long it would take though for the system to earn itself enough moneu to have that cast into legally airtight form...

-MarkM-
hero member
Activity: 686
Merit: 500
Wat
September 06, 2012, 01:56:34 AM

Sounds like the cold storage was deposited with pirate.
 

That was an obvious idea to jump to right off the bat but seemingly someone has traced some transaction(s) thought to possibly be the thief moving the coins, which would not really be possible if the coins had already been sent to pirate would it?

It is amazing though the clever ways people come up with of making their coins accessible to hackers.

-MarkM-


legendary
Activity: 2940
Merit: 1090
September 06, 2012, 01:52:37 AM
I've already stopped putting any funds in any Bitcoin service. It's obvious few of them have a clue how to secure their sites and there is no way to know who does and who doesn't.
Wrong. There is a way to know. But it requires the code for the entire system, from front end to back end, to be published for public scrutiny. And not just the program code, but the server configs and software versions and everything. In fact, it should be possible for the entire file system of every server to be available via public, read-only, anonymous FTP — minus the one directory containing the private keys and the one directory that holds the database table containing the users' personal information, if such a table exists. There is no reason that the remainder of the systems' contents shouldn't be held out for the light of day to wash over them. Security through obscurity is no security at all. Cryptographic algorithms are secure despite their method of operation being public knowledge. The same should be true of web sites.

Please come help us get Open Transactions polished up...

-MarkM-
hero member
Activity: 686
Merit: 500
Wat
September 06, 2012, 01:50:01 AM

I haven't read much of this thread -- do people think this Bitfloor guy didn't just rip them off?  It's just all the more funny if he's in cahoots with Bruce Pedo Wagner. 

Edit:  But yes, only the same P.O. Box Office.  Coincidence?  Eh...

Roman was on Bruce's show.
legendary
Activity: 2940
Merit: 1090
September 06, 2012, 01:44:07 AM

Sounds like the cold storage was deposited with pirate.
 

That was an obvious idea to jump to right off the bat but seemingly someone has traced some transaction(s) thought to possibly be the thief moving the coins, which would not really be possible if the coins had already been sent to pirate would it?

It is amazing though the clever ways people come up with of making their coins accessible to hackers.

-MarkM-
legendary
Activity: 2940
Merit: 1090
September 06, 2012, 01:40:25 AM
The only people profiting from bitcoin are hackers. Fuck this shit.

I haven't lost anything yet from bitcoin but it does seem like hackers are just having a field day with it.  As much as everyone hates Mt.Gox because of the cost to put money on there and the loss of anonymity, it seems like they have the best methods on there.  I feel like bit floor should have known better than to have all of their coins in a hot wallet after btc-e and other hacks.  

Exchanges are damned if they do and damned if they don't.  People want the convenience of being able to do instant withdrawals and transfers without any of the risk.

Small Bitcoin services which hold large amounts of other people's BTC are hacker magnets and intruders know that such services are often one or two man operations without capital reserves to invest in infrastructure.  They're soft targets.  Security needs to be baked in from the day a service is created but many Bitcoin services are more concerned about rushing to market than they are about security (they probably tell themselves they'll invest in "proper" security once the profits are rolling in, not realising that a rapidly expanding business often makes little or no profit).

Until Bitcoin service providers lift their game security-wise, people should severely limit the amount of BTC they store on such services.   Bitcoins stored on a service are always at risk.  You accept the risk of them being lost or stolen by leaving them on deposit with a service.

Take a look at Open Transactions and help us make it more accessible to people.

I notice this case is yet another Linode case, is there any reason to think there was any real vulnerability other than the fact of being hosted by a third party instead of being a server physically controlled by the operator of the service?

-MarkM-
sr. member
Activity: 275
Merit: 250
September 06, 2012, 01:17:10 AM

I haven't read much of this thread -- do people think this Bitfloor guy didn't just rip them off?  It's just all the more funny if he's in cahoots with Bruce Pedo Wagner. 

Edit:  But yes, only the same P.O. Box Office.  Coincidence?  Eh...
member
Activity: 113
Merit: 10
September 06, 2012, 12:40:00 AM
"It's too much trouble to talk to the police" sounds pretty hollow next to the loss of $250K of other people's money.

Anyone owed even a single satoshi can file a complaint.   Has anyone?
* Stephen Gornick listens to sound of crickets ...

Time not worth the $20USD I "lost."

Which is why it would make a lot of sense for the person(s) last entrusted with the funds before they were stolen to make the report, and cooperate with the investigation.

It's not going to look very good for Bitfloor if someone else (with a loss big enough to attract attention) makes the first report, and the Bitfloor operators were too busy with other projects to take care of business.

If this were a bike store, and there were a lot of customer bikes in the back room being worked on, and someone picked the lock to the back door and stole all of the customers' bikes, but the bike store owner just shrugged and said "oh, the police never do anything anyway, I'll let someone else call if they really care" then they don't seem like a very trustworthy merchant to me.

The lack of law enforcement involvement in the previous hacks didn't leave me with a very good impression of those exchange operators. Ignoring for a moment the possibility of inside jobs, it's possible that there's one guy/crew doing all of these hacks, and they're going to keep going until they're caught.
legendary
Activity: 1680
Merit: 1035
September 06, 2012, 12:29:17 AM
"It's too much trouble to talk to the police" sounds pretty hollow next to the loss of $250K of other people's money.

Anyone owed even a single satoshi can file a complaint.   Has anyone?
* Stephen Gornick listens to sound of crickets ...

Time not worth the $20USD I "lost."
legendary
Activity: 2506
Merit: 1010
September 06, 2012, 12:23:23 AM
"It's too much trouble to talk to the police" sounds pretty hollow next to the loss of $250K of other people's money.

Anyone owed even a single satoshi can file a complaint.   Has anyone?
* Stephen Gornick listens to sound of crickets ...
member
Activity: 113
Merit: 10
September 06, 2012, 12:09:48 AM
As far as why the operator doesn't?  There's really no upside.  The coins are gone.  Nobody has ever been charged with a crime, even those holding customer's funds that didn't use cold storage. Also, BitFloor's operator is out of the country.

One upside would be potential identification or incapacitation of the criminals, even if the stolen funds cannot be recovered. This would be good for everyone but the criminals; it would be especially good for Roman because it would help address suspicions that this was an inside job.

On the other hand, if the operator of a business that has experienced the mysterious disappearance of other people's property decides not to involve law enforcement, I would certainly be more inclined to imagine they were complicit in the crime, or that they were afraid that investigation of the crime would reveal other misbehavior with serious consequences.

I am more sympathetic to the "it's the operator's choice" argument if the operator is in a position to make good the customer losses out of his own funds - but if his story for his customers is "I can't be bothered to cooperate with the police in tracking down the people who stole your stuff, also the loss of your stuff is not my problem, too bad for you!", well, that doesn't leave a very nice taste in anyone's mouth.

"It's too much trouble to talk to the police" sounds pretty hollow next to the loss of $250K of other people's money.
legendary
Activity: 2506
Merit: 1010
September 05, 2012, 11:36:05 PM
Is there any reason a police report should not be filed?

Those with USDs will likely get most / all of their funds back, so them filing a complaint with the police is not probably seen as being necessary.

Those with BTCs were there for a variety of reasons.  Some might have just been using BitFloor as a hosted (shared) EWallet  (there aren't many options for EWallets like BitFloor's which have one-time password protection and no fees)  Others had funds there for doing market timing trades, without ever intending to withdraw USDs.  They may not even be from the U.S.  Filing a complaint with the police would require providing identity, which is not always desirable.  Others had amounts too small to bother trying to recover by going to the police.

So that might explain why no customers might be filing a complaint.  As far as why the operator doesn't?  There's really no upside.  The coins are gone.  Nobody has ever been charged with a crime, even those holding customer's funds that didn't use cold storage. Also, BitFloor's operator is out of the country.

The Bitcoinica lawsuit is the first publicly known lawsuit regarding breach of contract, negligence, etc., and that hasn't been decided or settled yet so there's no great worry about covering your ass by filing a complaint with the police.

[Edit: There may be laws in BitFloor's jurisdiction that could require contacting the police or federal agency in cases of theft of customer funds, I've no idea]
newbie
Activity: 10
Merit: 0
September 05, 2012, 11:13:12 PM
Seems like you'd want to be insured.  Insurance Co likes police reports.  In general, having a police report isn't a bad idea.  It can't work against you.  If they will take a report, one should be filed.  Not to suggest they'll do anything about it, but at least there is a record that a crime occurred.

Is there any reason a police report should not be filed?
sr. member
Activity: 386
Merit: 250
September 05, 2012, 10:31:46 PM
FYI - I had some ACH (USD) transactions from the weekend pending when bitfloor went down that *did* complete this afternoon.

As Roman promised these transactions were not stopped/interrupted.  

I would assume that had he been the culprit these monies would also have disappeared.

Our pending ACHs also cleared today.  Not insignificant sums.
For what it is worth we have done a lot of business with Roman and honestly I just don't see him pulling any kind of scam or fake hack.

I can +1 this.

I've met Roman many times, and lives/works not far from our NYC office.

I dont see him pulling any scams...but you never know!

-Charlie
I can say that funds I pulled on Sunday did show up as normal.  Funds I pulled Tuesday during that small window of time are on hold.  Wish I had pulled my coins too on Sunday.
legendary
Activity: 1680
Merit: 1035
September 05, 2012, 10:14:09 PM
Regarding reporting this to police, other than covering his butt and adding to their list of crimes, I just don't think police have the resources to track this theft down. If it's through an anonymous proxy, from Russia, and in a currency that's easily "mixed," there's really noting they can do. Not even sure the FBI would have the resources to track this down.
legendary
Activity: 1078
Merit: 1000
Charlie 'Van Bitcoin' Shrem
September 05, 2012, 09:26:34 PM
FYI - I had some ACH (USD) transactions from the weekend pending when bitfloor went down that *did* complete this afternoon.

As Roman promised these transactions were not stopped/interrupted.  

I would assume that had he been the culprit these monies would also have disappeared.

Our pending ACHs also cleared today.  Not insignificant sums.
For what it is worth we have done a lot of business with Roman and honestly I just don't see him pulling any kind of scam or fake hack.

I can +1 this.

I've met Roman many times, and lives/works not far from our NYC office.

I dont see him pulling any scams...but you never know!

-Charlie
legendary
Activity: 1692
Merit: 1018
September 05, 2012, 09:05:37 PM
Is this going to be yet another theft which doesn't get reported to the police?

yeah go run to the daddy/god/state

"oooh look, the bitcoin kiddies need their diapers changed again"

Sounds like stealing bitcoins IS the perfect crime.  Difficult to track the attacker, commodity is easily convertible into the currency of the attacker's choice, and the police (in every country) don't care.  If it's an inside job then even better.  Just declare the hax0rz got the goodies and close up shop.
Pages:
Jump to: