Pages:
Author

Topic: Bitfloor status update - September 6, 2012 (Read 7717 times)

member
Activity: 98
Merit: 10
(:firstbits => "1mantis")
September 08, 2012, 05:11:23 PM
#39
Is it just me or was there a part missing from his update about how people owed BTC would be repaid? I'm not sure its a good idea for the community to back someone who can leave unencrypted wallets on the server and when it gets hacked say "oops my bad. Your bitcoins are gone but good news you can deposit more soon and hope I do a better job securing them this time."

Shit happens.
You weren't saying that back when it was your money on the line too...

I did say I was sorry. Damn. Forgive me not.
legendary
Activity: 3318
Merit: 4606
diamond-handed zealot
September 08, 2012, 07:39:42 AM
#38
dry man...dry
legendary
Activity: 1596
Merit: 1012
Democracy is vulnerable to a 51% attack.
September 08, 2012, 05:41:45 AM
#37
What if the wallet we kept on some sort of special purpose Wallet device? Something like a powerful microcontroller that was not running an operating system but rather had a specific implementation for controlling it. What if this this microcontroller did thing for example like measure the statistical frequency and amount of withdrawals and limited withdrawals that were outside of the statistical frequency? What if this device were even located somewhere at an IP address that only listens to the ip address of the server and vic versa, or physically located next to the server. What if the access to the 'hot wallet' was controlled through some sort of automated ubi-key type thing?
That's exactly how cold wallets are supposed to work. This fancy device you are imagining is commonly referred to as a "computer".
legendary
Activity: 1204
Merit: 1002
RUM AND CARROTS: A PIRATE LIFE FOR ME
September 08, 2012, 05:13:27 AM
#36
A question I thought was serious from the other thread;

What of those who deposited BTC, either manually or automated, after the hack?  There was, as far as I have heard, no email notification, and the website message was ambiguous.

Starting a thread on this forum is not exactly a high standard of damage control for your users.

I think after ever incident "we" as a community of service providers can learn.  These are IMHO very good questions and ones that we have been discussing inside our own company.  Far too often this forum is used as the sole communication mechanism to the customer base.  Some ideas we have been brainstorming, a good starting point for a discussion I think (feel free to add details and more bullet points).

In a hack (or failed hack or suspected hack in progress):
  • The service should be halted.  This includes immediate deletion of all hot wallets and in the case of encrypted databases immediate destruction of host encryption key.  Obviously both of these should be available in offline form.
  • If there is no loss of control of the server the site should be replaced with a static page indicating in general terms the issue and warning users not to deposit coins.  This page likely should be pre-created and have an offline backup as time is of the essence in any hack or attack.
  • If there is a loss of control of the server, the server should be taken completely offline (hard power switch at datacenter if necessary). One idea would be to have a status.domainname.com site on another server (probably a low powered VPS in a different hosting provider).  It would at least provide partial communication.  Nameserver change could redirect traffic to the status server although that change will take time to propogate.
  • If the service uses social media those could be used to communicate with users.
  • All registered users should receive an email with similar information.  User email list should be stored off site in a fast accessible form in the event that access to server or database is lost.  The mass email should be tested before needed to ensure it won't get caught by spam filters.
  • If cellphone numbers are available users should receive a text notification & warning.
  • Moderators of bitcointalk should be notified so an "Important News" thread can be created.

I would point out that the scenario you described above is exactly why a cold wallet should be used.  If hot wallet is also used "incoming client addresses" should always be directed to the cold wallet.  The hot wallet is then only filled from the cold wallet. 

What if the wallet we kept on some sort of special purpose Wallet device? Something like a powerful microcontroller that was not running an operating system but rather had a specific implementation for controlling it. What if this this microcontroller did thing for example like measure the statistical frequency and amount of withdrawals and limited withdrawals that were outside of the statistical frequency? What if this device were even located somewhere at an IP address that only listens to the ip address of the server and vic versa, or physically located next to the server. What if the access to the 'hot wallet' was controlled through some sort of automated ubi-key type thing?

just musing,
crazy_rabbit
hero member
Activity: 952
Merit: 1009
September 07, 2012, 08:44:42 PM
#35
Is it just me or was there a part missing from his update about how people owed BTC would be repaid? I'm not sure its a good idea for the community to back someone who can leave unencrypted wallets on the server and when it gets hacked say "oops my bad. Your bitcoins are gone but good news you can deposit more soon and hope I do a better job securing them this time."

Shit happens.
You weren't saying that back when it was your money on the line too...

"Fuck you, got mine!" - The Bitcoiner's Creed
legendary
Activity: 1400
Merit: 1005
September 07, 2012, 06:03:39 PM
#34
Is it just me or was there a part missing from his update about how people owed BTC would be repaid? I'm not sure its a good idea for the community to back someone who can leave unencrypted wallets on the server and when it gets hacked say "oops my bad. Your bitcoins are gone but good news you can deposit more soon and hope I do a better job securing them this time."

Shit happens.
You weren't saying that back when it was your money on the line too...
member
Activity: 98
Merit: 10
(:firstbits => "1mantis")
September 07, 2012, 06:02:02 PM
#33
Is it just me or was there a part missing from his update about how people owed BTC would be repaid? I'm not sure its a good idea for the community to back someone who can leave unencrypted wallets on the server and when it gets hacked say "oops my bad. Your bitcoins are gone but good news you can deposit more soon and hope I do a better job securing them this time."

Shit happens.
newbie
Activity: 21
Merit: 0
September 07, 2012, 04:14:59 PM
#32
Is it just me or was there a part missing from his update about how people owed BTC would be repaid? I'm not sure its a good idea for the community to back someone who can leave unencrypted wallets on the server and when it gets hacked say "oops my bad. Your bitcoins are gone but good news you can deposit more soon and hope I do a better job securing them this time."
donator
Activity: 1218
Merit: 1079
Gerald Davis
September 07, 2012, 08:04:59 AM
#31
A question I thought was serious from the other thread;

What of those who deposited BTC, either manually or automated, after the hack?  There was, as far as I have heard, no email notification, and the website message was ambiguous.

Starting a thread on this forum is not exactly a high standard of damage control for your users.

I think after ever incident "we" as a community of service providers can learn.  These are IMHO very good questions and ones that we have been discussing inside our own company.  Far too often this forum is used as the sole communication mechanism to the customer base.  Some ideas we have been brainstorming, a good starting point for a discussion I think (feel free to add details and more bullet points).

In a hack (or failed hack or suspected hack in progress):
  • The service should be halted.  This includes immediate deletion of all hot wallets and in the case of encrypted databases immediate destruction of host encryption key.  Obviously both of these should be available in offline form.
  • If there is no loss of control of the server the site should be replaced with a static page indicating in general terms the issue and warning users not to deposit coins.  This page likely should be pre-created and have an offline backup as time is of the essence in any hack or attack.
  • If there is a loss of control of the server, the server should be taken completely offline (hard power switch at datacenter if necessary). One idea would be to have a status.domainname.com site on another server (probably a low powered VPS in a different hosting provider).  It would at least provide partial communication.  Nameserver change could redirect traffic to the status server although that change will take time to propogate.
  • If the service uses social media those could be used to communicate with users.
  • All registered users should receive an email with similar information.  User email list should be stored off site in a fast accessible form in the event that access to server or database is lost.  The mass email should be tested before needed to ensure it won't get caught by spam filters.
  • If cellphone numbers are available users should receive a text notification & warning.
  • Moderators of bitcointalk should be notified so an "Important News" thread can be created.

I would point out that the scenario you described above is exactly why a cold wallet should be used.  If hot wallet is also used "incoming client addresses" should always be directed to the cold wallet.  The hot wallet is then only filled from the cold wallet. 
member
Activity: 109
Merit: 10
September 07, 2012, 07:43:23 AM
#30
Nah, I'll just wait until I can get the money in bitcoins at some point in the future Smiley
member
Activity: 69
Merit: 10
September 07, 2012, 07:38:56 AM
#29
International users can request a wire transfer. I will not be giving out MtGox codes. ACH and Wire are the only options for USD withdrawal.

What's the fee for those? I only have 9 usd in the account. For international wire transfers usually eat that for breakfest Wink

You could have the USD deposited to a US account with ACH and have them send you $9 worth of BTC?  If you needed the $9 badly enough that is.
sr. member
Activity: 243
Merit: 250
September 07, 2012, 03:16:57 AM
#28
International users can request a wire transfer. I will not be giving out MtGox codes. ACH and Wire are the only options for USD withdrawal.

What's the fee for those? I only have 9 usd in the account. For international wire transfers usually eat that for breakfest Wink

The fees as the same as before.

ACH is free. Wire $15.
member
Activity: 109
Merit: 10
September 07, 2012, 03:15:31 AM
#27
International users can request a wire transfer. I will not be giving out MtGox codes. ACH and Wire are the only options for USD withdrawal.

What's the fee for those? I only have 9 usd in the account. For international wire transfers usually eat that for breakfest Wink
sr. member
Activity: 243
Merit: 250
September 07, 2012, 03:13:38 AM
#26
What are the options for us non-US folks that ACH doesn't apply to.
I'd love to be able to get e.g. a mtgox code or something.

Any ETA on when we'll have options available?

International users can request a wire transfer. I will not be giving out MtGox codes. ACH and Wire are the only options for USD withdrawal.
member
Activity: 109
Merit: 10
September 07, 2012, 02:53:55 AM
#25
What are the options for us non-US folks that ACH doesn't apply to.
I'd love to be able to get e.g. a mtgox code or something.

Any ETA on when we'll have options available?
legendary
Activity: 2506
Merit: 1010
September 07, 2012, 02:08:05 AM
#24
Starting a thread on this forum is not exactly a high standard of damage control for your users.

There is an Important Announcements forum board.  A thread for this issue was (eventually) created there:
 - http://bitcointalk.org/index.php?board=87.0


Some people got an e-mail initially ... though it was only saying API keys might have been compromised.  It even said "No accounts were compromised financially nor was there any access to coins or any funds. Our system are separated to protect against this.":

 - https://bitcointalksearch.org/topic/m.1159003

There was then many hours that passed before the "bitfloor needs your help!" forum post.

The normal procedure for using a hosted (shared) EWallet is to create a new deposit address before each transfer.

Anyone not doing that but instead is re-using a BitFloor deposit address is probably a miner or for receiving some other type of withdrawal.  If BitFloor was offline, then there was no was no way to obtain a new Bitcoin deposit address.   If it was a miner payout, the upside was that the amount sent was probably not all that much (e.g., just hit the payout threshold).

Of course, the best course of action would have been for BitFloor to send an E-mail to all users immediately when it was ascertained that there had been a compromise -- and included explicit instruction to no longer deposit funds and to halt any automated transfers.

After the Linode outage a few days earlier which took BitFloor down, written was:

Going forward I will be looking at using multiple data center locations and/or a separate status page to indicate the current situation and not keep you (our users) in the dark about what is going on.

But that had not been implemented yet.

If you wish to have automated transfers to a static bitcoin address then the most secure solution is likely to have it be an address that you control.  Creating a paper bitcoin and using that for your mining payouts or dividends or whatever is a good approach.  Then when you want to spend using those funds, you simply scan the QR code and spend then (e.g., on Blockchain.info/wallet - import function).

 - http://www.BitAddress.org
legendary
Activity: 3318
Merit: 4606
diamond-handed zealot
September 07, 2012, 01:24:43 AM
#23
A question I thought was serious from the other thread;

What of those who deposited BTC, either manually or automated, after the hack?  There was, as far as I have heard, no email notification, and the website message was ambiguous.

Starting a thread on this forum is not exactly a high standard of damage control for your users.
legendary
Activity: 1022
Merit: 1001
I'd fight Gandhi.
September 07, 2012, 12:09:54 AM
#22
Thanks for opening the website so we could withdraw our USD. I have got all my funds back now. I appreciate this. Money is really tight for me. So the only thing I have lost is one heck of an exchange that I will miss for the time being.

I really hope Bitfloor can launch again. I enjoyed it MUCH more then MtGox. I wish you the best, and hope to use your service again in the future.
legendary
Activity: 1316
Merit: 1005
September 06, 2012, 10:37:43 PM
#21
It's a good idea to allow them to be traded for bitcoin but it would require adding a lot of new functionality to bitfloor, since there would be 3 currencies: USD, BTC, and BTC IOU's. Roman probably doesn't have time for that...

A solution of making BTC holders whole might best be solved by providing bonds in exchange for the losses.
legendary
Activity: 2156
Merit: 1072
Crypto is the separation of Power and State.
September 06, 2012, 10:22:10 PM
#20
After careful consideration, ACH withdrawals of USD from Bitfloor will soon be re-enabled, with details to be posted on bitfloor.com. You are welcome to continue keeping your USD funds at Bitfloor if you choose to do so. I feel that this is the first step in rebuilding the reputation of Bitfloor and regaining the trust of the community. As I have previously stated, all USD funds are available as no theft of USD occurred.

Sorry you got hacked and had all those silly people spreading FUD, demanding that you *must* pull a Corzine and merge all the remaining assets into one big, damaged pool to be eventually redistributed after the lawyers took some outrageous percentage.  I never believed it for one second and said so, vehemently.

I'm not at all surprised to hear that your lawyer(s) agreed with me about the blatant illegality of holding USD against their owners' consent.

The correct course of action was completely obvious all along and I'm convinced you knew that, especially given your initial response.

Bitfloor is a really nice exchange and I look forward to using it more in the future.


Quote
I have filed reports with the FBI and the IC3 regarding the theft. It was a cybercrime and as such am following up with the proper agencies to attempt to track down the perpetrator.

Nevar fear, Bitcoin Police are on teh case!
Pages:
Jump to: