Pages:
Author

Topic: BTC Stolen from Poloniex - page 15. (Read 167464 times)

newbie
Activity: 42
Merit: 0
March 05, 2014, 08:53:57 PM
This has probably already been mentioned, but am I the only one that just got an email from Polo that says:
"Any exchange fees collected since the incident will be used to pay back the debt at regular intervals. Exchange fees will not be raised."

Yet when I follow the link in the email, the first thing I read is:
"Exchange fees will be raised to expedite the recovery of the debt."

 Huh
sr. member
Activity: 415
Merit: 250
March 05, 2014, 08:31:38 PM
I wish Karpeles is just as honest & transparent as you do.
This^ Smiley

Good luck in these tough times. Shame this hack was possible, but you are handling it in the best way possible
sr. member
Activity: 425
Merit: 253
March 05, 2014, 08:03:32 PM
So my idea would be this:  
Do an IPO on Cryptostock to immediately cover the loss and pay off the debt.  Decide how much you are going to pay back to the investors.  Lets say that I can invest 1 BTC and you will pay back 2 BTC over six months.  I would do that... I would pitch in 1 BTC to help the fix... and others would too....  its an immediate fix.... then we can trade the shares on cryptostock like coins... If you are interested... I would sponsor the IPO....since I am already set up on Cryptostock.
/fasbit
member
Activity: 112
Merit: 10
March 05, 2014, 07:57:02 PM
newbie
Activity: 22
Merit: 0
March 05, 2014, 07:48:01 PM
Taking full responsibility yet let the users pay for it? Hmmm....

If you run an exchange and it's possible to end up with negative account balances, that is unforgivable. Something is fundamentally wrong then.
Then your solution is letting your batch job checking for negative balances? Man oh man.

Race conditions are the first thing you prevent when you do financial transactions.
Use transactions, never use queues and of course, make sure your DB is truly MCC/MVCC and ACID compliant.

With your suggested solution, I wouldn't even be surprised if you're using MySQL and floats for the currency fields.
Please use something decent. You're handling other peoples money.
legendary
Activity: 1372
Merit: 1022
Anarchy is not chaos.
March 05, 2014, 07:41:50 PM
At the risk of being flamed into molecular ashes...

I think you are doing the right thing.  Good on you.  Couple of questions...

Are you planning to keep the exchange open just long enough to pay everyone back?  Or do you plan to continue the business indefinitely?  If the latter, do you plan for the exchange to stay within its existing niche?  Or for it to grow/evolve into something larger? 

I do think you need to retain some seriously competent human resources to upgrade your overall security, outward-facing interface(s), internal accounting & processing, etc, etc. 

I do not currently have an account with your...virtual currency entity.  VCE?  But I'm willing to open an account (and move my BtC and U$D into it) if two conditions are met.  (1) Tighten-up your security and verification.  A lot.  (2) Save all the transaction data, for clients who are paying the higher fees & commissions.  After the stolen currency/funds are paid off, offer us the occasional frequent "free trade" or "half rate commission" until the higher fees & commissions are balanced out. 

It should go without saying, that any sort of professional & impersonal facade...of the nature MTGOX likes (liked?) to present to clients & customers...would need to go away forever.  If you want the community to help you through this hiccup, then it's only fair to offer some sort of reward to the folks who stick by you. 

I don't know much about the personality/character of your operation.  Never had an account there.  It may be that you already have "operators standing by" who know many of your customers by name. 



I think you are doing the right thing.  Good on you.

blah

blah

blah

blah

I do not currently have an account with your...virtual currency entity.  VCE?  But I'm willing to open an account


WHAT!!!


You do not even have an account, so you can not make any judgements, especially compliments.




Funny thing is, he actually can. It's called freedom of speech, and I for one believe that to be a basic human right.

Nothing to do with freedom of speech............but bias. Only those who were affected by the theft can comment, others not affected can advice but not make compliments.

Freedom of speech isn't an excuse to make oneself look stupid.

Funny, I said something similar a few pages back and you didn't jump me.

Still, if your last line there were true, the news industry would have dried up about the time of its birth. Not altogether sure where I stand on that, but frankly, yes, freedom of speech most assuredly implies the ability and right to make an ass of yourself.

Perhaps if he'd had more observers analyzing his site in the first place, this wouldn't have happened. Those who were not affected can be more objective than those who were.
legendary
Activity: 1372
Merit: 1022
Anarchy is not chaos.
March 05, 2014, 07:26:48 PM
My interest rate is .33% per day.
rot in hell

 Huh Huh Huh

Perhaps you do not understand basic natural human right, not man-made Mickey Mouse human rights, called 'voluntary contract'.
rot in hell

Fecking socialist. Grin Grin Grin

You should try to get whatever you can instead of crying like a idiot. You always know the risks with these new exchanges and you put your money in them.


So when someone robs your bank....do the bank deduct the losses from your bank account?

Do the bank say, "You should try to get whatever you can instead of crying like a idiot. You always know the risks with these banks and you put your money in them."

Please do think on a higher level of intellect like some humans are capable of.....but i know you are not.


Hmm. US circa 1937, Germany Circa 1933, Cyprus circa 2013... I could go on.
legendary
Activity: 1105
Merit: 1000
March 05, 2014, 07:16:59 PM
At the risk of being flamed into molecular ashes...

I think you are doing the right thing.  Good on you.  Couple of questions...

Are you planning to keep the exchange open just long enough to pay everyone back?  Or do you plan to continue the business indefinitely?  If the latter, do you plan for the exchange to stay within its existing niche?  Or for it to grow/evolve into something larger? 

I do think you need to retain some seriously competent human resources to upgrade your overall security, outward-facing interface(s), internal accounting & processing, etc, etc. 

I do not currently have an account with your...virtual currency entity.  VCE?  But I'm willing to open an account (and move my BtC and U$D into it) if two conditions are met.  (1) Tighten-up your security and verification.  A lot.  (2) Save all the transaction data, for clients who are paying the higher fees & commissions.  After the stolen currency/funds are paid off, offer us the occasional frequent "free trade" or "half rate commission" until the higher fees & commissions are balanced out. 

It should go without saying, that any sort of professional & impersonal facade...of the nature MTGOX likes (liked?) to present to clients & customers...would need to go away forever.  If you want the community to help you through this hiccup, then it's only fair to offer some sort of reward to the folks who stick by you. 

I don't know much about the personality/character of your operation.  Never had an account there.  It may be that you already have "operators standing by" who know many of your customers by name. 



I think you are doing the right thing.  Good on you.

blah

blah

blah

blah

I do not currently have an account with your...virtual currency entity.  VCE?  But I'm willing to open an account


WHAT!!!


You do not even have an account, so you can not make any judgements, especially compliments.




Funny thing is, he actually can. It's called freedom of speech, and I for one believe that to be a basic human right.

Nothing to do with freedom of speech............but bias. Only those who were affected by the theft can comment, others not affected can advice but not make compliments.

Freedom of speech isn't an excuse to make oneself look stupid.

You're doing a rather bang-up job all by yourself.
legendary
Activity: 924
Merit: 1000
March 05, 2014, 06:46:01 PM
At the risk of being flamed into molecular ashes...

I think you are doing the right thing.  Good on you.  Couple of questions...

Are you planning to keep the exchange open just long enough to pay everyone back?  Or do you plan to continue the business indefinitely?  If the latter, do you plan for the exchange to stay within its existing niche?  Or for it to grow/evolve into something larger? 

I do think you need to retain some seriously competent human resources to upgrade your overall security, outward-facing interface(s), internal accounting & processing, etc, etc. 

I do not currently have an account with your...virtual currency entity.  VCE?  But I'm willing to open an account (and move my BtC and U$D into it) if two conditions are met.  (1) Tighten-up your security and verification.  A lot.  (2) Save all the transaction data, for clients who are paying the higher fees & commissions.  After the stolen currency/funds are paid off, offer us the occasional frequent "free trade" or "half rate commission" until the higher fees & commissions are balanced out. 

It should go without saying, that any sort of professional & impersonal facade...of the nature MTGOX likes (liked?) to present to clients & customers...would need to go away forever.  If you want the community to help you through this hiccup, then it's only fair to offer some sort of reward to the folks who stick by you. 

I don't know much about the personality/character of your operation.  Never had an account there.  It may be that you already have "operators standing by" who know many of your customers by name. 



I think you are doing the right thing.  Good on you.

blah

blah

blah

blah

I do not currently have an account with your...virtual currency entity.  VCE?  But I'm willing to open an account


WHAT!!!


You do not even have an account, so you can not make any judgements, especially compliments.




Funny thing is, he actually can. It's called freedom of speech, and I for one believe that to be a basic human right.

Nothing to do with freedom of speech............but bias. Only those who were affected by the theft can comment, others not affected can advice but not make compliments.

Freedom of speech isn't an excuse to make oneself look stupid.
legendary
Activity: 1105
Merit: 1000
March 05, 2014, 06:25:21 PM
At the risk of being flamed into molecular ashes...

I think you are doing the right thing.  Good on you.  Couple of questions...

Are you planning to keep the exchange open just long enough to pay everyone back?  Or do you plan to continue the business indefinitely?  If the latter, do you plan for the exchange to stay within its existing niche?  Or for it to grow/evolve into something larger? 

I do think you need to retain some seriously competent human resources to upgrade your overall security, outward-facing interface(s), internal accounting & processing, etc, etc. 

I do not currently have an account with your...virtual currency entity.  VCE?  But I'm willing to open an account (and move my BtC and U$D into it) if two conditions are met.  (1) Tighten-up your security and verification.  A lot.  (2) Save all the transaction data, for clients who are paying the higher fees & commissions.  After the stolen currency/funds are paid off, offer us the occasional frequent "free trade" or "half rate commission" until the higher fees & commissions are balanced out. 

It should go without saying, that any sort of professional & impersonal facade...of the nature MTGOX likes (liked?) to present to clients & customers...would need to go away forever.  If you want the community to help you through this hiccup, then it's only fair to offer some sort of reward to the folks who stick by you. 

I don't know much about the personality/character of your operation.  Never had an account there.  It may be that you already have "operators standing by" who know many of your customers by name. 



I think you are doing the right thing.  Good on you.

blah

blah

blah

blah

I do not currently have an account with your...virtual currency entity.  VCE?  But I'm willing to open an account


WHAT!!!


You do not even have an account, so you can not make any judgements, especially compliments.




Funny thing is, he actually can. It's called freedom of speech, and I for one believe that to be a basic human right.
legendary
Activity: 924
Merit: 1000
March 05, 2014, 06:19:54 PM
At the risk of being flamed into molecular ashes...

I think you are doing the right thing.  Good on you.  Couple of questions...

Are you planning to keep the exchange open just long enough to pay everyone back?  Or do you plan to continue the business indefinitely?  If the latter, do you plan for the exchange to stay within its existing niche?  Or for it to grow/evolve into something larger? 

I do think you need to retain some seriously competent human resources to upgrade your overall security, outward-facing interface(s), internal accounting & processing, etc, etc. 

I do not currently have an account with your...virtual currency entity.  VCE?  But I'm willing to open an account (and move my BtC and U$D into it) if two conditions are met.  (1) Tighten-up your security and verification.  A lot.  (2) Save all the transaction data, for clients who are paying the higher fees & commissions.  After the stolen currency/funds are paid off, offer us the occasional frequent "free trade" or "half rate commission" until the higher fees & commissions are balanced out. 

It should go without saying, that any sort of professional & impersonal facade...of the nature MTGOX likes (liked?) to present to clients & customers...would need to go away forever.  If you want the community to help you through this hiccup, then it's only fair to offer some sort of reward to the folks who stick by you. 

I don't know much about the personality/character of your operation.  Never had an account there.  It may be that you already have "operators standing by" who know many of your customers by name. 



I think you are doing the right thing.  Good on you.

blah

blah

blah

blah

I do not currently have an account with your...virtual currency entity.  VCE?  But I'm willing to open an account


WHAT!!!


You do not even have an account, so you can not make any judgements, especially compliments.


jr. member
Activity: 49
Merit: 1
March 05, 2014, 05:36:39 PM
At the risk of being flamed into molecular ashes...

I think you are doing the right thing.  Good on you.  Couple of questions...

Are you planning to keep the exchange open just long enough to pay everyone back?  Or do you plan to continue the business indefinitely?  If the latter, do you plan for the exchange to stay within its existing niche?  Or for it to grow/evolve into something larger? 

I do think you need to retain some seriously competent human resources to upgrade your overall security, outward-facing interface(s), internal accounting & processing, etc, etc. 

I do not currently have an account with your...virtual currency entity.  VCE?  But I'm willing to open an account (and move my BtC and U$D into it) if two conditions are met.  (1) Tighten-up your security and verification.  A lot.  (2) Save all the transaction data, for clients who are paying the higher fees & commissions.  After the stolen currency/funds are paid off, offer us the occasional frequent "free trade" or "half rate commission" until the higher fees & commissions are balanced out. 

It should go without saying, that any sort of professional & impersonal facade...of the nature MTGOX likes (liked?) to present to clients & customers...would need to go away forever.  If you want the community to help you through this hiccup, then it's only fair to offer some sort of reward to the folks who stick by you. 

I don't know much about the personality/character of your operation.  Never had an account there.  It may be that you already have "operators standing by" who know many of your customers by name. 

member
Activity: 99
Merit: 91
March 05, 2014, 05:25:56 PM
Does this also apply to non-BTC balances?
legendary
Activity: 2198
Merit: 1000
March 05, 2014, 05:23:14 PM
You should post a Donation wallet address for Poloneix recovery on your original post. I'm sure there are plenty of like-minded people out there willing to help so you don't have to take on the full burden of recovery yourself. Just a thought.
_______________________________________________________________________________ ________________________________

Yes I had made mention of a donation fund to help yesterday, I thought it would work. Just be transparent with all donators. But please be sure the bugs a security holes are fixed first  Wink

legendary
Activity: 2198
Merit: 1000
March 05, 2014, 05:19:42 PM
legendary
Activity: 1105
Merit: 1000
March 05, 2014, 05:15:31 PM
My interest rate is .33% per day.
rot in hell

 Huh Huh Huh

Perhaps you do not understand basic natural human right, not man-made Mickey Mouse human rights, called 'voluntary contract'.
rot in hell

Fecking socialist. Grin Grin Grin

You should try to get whatever you can instead of crying like a idiot. You always know the risks with these new exchanges and you put your money in them.


So when someone robs your bank....do the bank deduct the losses from your bank account?

Do the bank say, "You should try to get whatever you can instead of crying like a idiot. You always know the risks with these banks and you put your money in them."

Please do think on a higher level of intellect like some humans are capable of.....but i know you are not.


Why do you come off as so ignorant?
member
Activity: 114
Merit: 11
March 05, 2014, 05:11:42 PM
legendary
Activity: 2198
Merit: 1000
March 05, 2014, 05:11:00 PM
Wow Tristan! You made the front page headlines on Coindesk Smiley maybe not how you wanted it to be, but was well written in explaining your issue and your resolve. hang in there!

Here is the link
http://www.coindesk.com/poloniex-loses-12-3-bitcoins-latest-bitcoin-exchange-hack/
oops Thanks! Smiley
legendary
Activity: 2198
Merit: 1000
March 05, 2014, 05:10:26 PM
busoni, you need to shut down Poloniex now and try to make your users whole from your own funds and debt. Do not continue trying to run an exchange. Your post mortem indicates that you do not have sufficient programming ability to handle other peoples money - no mention was even made of database transactions, which are a basic "database programming 101" topic. Your proposed fix of checking for negative balances is wrong and indicates that your code is almost certainly riddled with other exploitable bugs.

Please do the right thing and refund everyones outstanding balances, then wind up your operation.
Oh my gosh, what a reaming from Mike Hearn of all people! Hmmm not sure what to think. I prefer to see the site stay up and moving forward. Perhaps Mike could help fix some of the bugs. lol,

Lets face it, if exchanges were an easy hurtle to create and run without issues, everyone including myself would be doing it. I know of 5 or so that have come and gone recently or are up for sale such as Crypto St. They had all the experts, but failed. ok, Not an easy task. Follow your instincts and heart Tristan.
legendary
Activity: 2114
Merit: 1040
A Great Time to Start Something!
March 05, 2014, 05:06:29 PM
Wow Tristan! You made the front page headlines on Coindesk Smiley maybe not how you wanted it to be, but was well written in explaining your issue and your resolve. hang in there!

Here is the link
http://www.coindesk.com/poloniex-loses-12-3-bitcoins-latest-bitcoin-exchange-hack/
Pages:
Jump to: