Topic: BTC Stolen from Poloniex - page 2. (Read 167416 times)

yeah, where the hell is the website ?


EDIT:

Well with the large amount of coins going missing these days it wouldn't surprise me if there was an elite group of scammers pulling off these heists.

I didn't read the 35 middle pages of this thread but have you guys done much exploration of what kinds of transactions the thief address leads to??? He gave a lot of this money to an account that has over $150 million worth of transactions in it!!

Address    1N2f642sbgCMbNtXFajz9XDACDFnFzdXzV

Are they some sort of underground criminal enterprise or something? Dr. Evil would be quite jealous... I hope the feds find this information and bust their stupid asses. Yes, if you make the world a stupider place for a living, you are stupid. It doesn't matter how much money it nets you, you're an idiot.

In case you're wondering if I'm a noob:

<------------ its right under my name.

I'm a customer, after the hack, and while I think the interface is ugly, I've had no problems. After the hack, he was warned in this thread about some of his practices and (lack of) knowledge. While I do not think he publicly stated one way or the other if he was hiring programmers, I doubt that he ignored the people who spoke with him on the issue. I don't see it as a huge issue, as long as he HAS implemented better security. That being said, I never leave much in an exchange unless I'm actively trading. It just seems unwise.

No, because none of your arguments make any sense for how an exchange works. You're telling them, and I, that we have no idea how to run an exchange, when you've obviously no idea how they work. You're using hyperbole and silly arguments to try and prove me wrong, and at this point, it's clear that you know you're right even though you obviously don't fully understand how these systems work, and not a damn thing I say will convince you otherwise.

A debate or discussion with someone who is not interested in anything but proving they are right is one not worth having. So, I'm out. Gotta go remove all those silly and unnecessary checkpoints from the code.

Database operations involving financial data should be atomic.  If you have implicit atomic operation that are not atomic, you have a lot bigger problems and your dubious "double check" is unlikely to catch them either.  


Do you double check all your math operations as well I mean they might not be right as well?

x= x +5

vs
y = x
y = y +5
assert (y = x + 5)
x = y

my guess is you don't do such silly and worthless double checks because it would be pointless.  If the processor is setting x to anything other than five more than its existing value then well your "double check" is affected as well.  Writing checks to protect yourself from that kind of failure serves no purpose.  When your users login do you hash their password and if it matches then check again?  What if the deterministic computer made a mistake and the password was wrong but it returned true?  Maybe you should do it three times just to "super duper" make sure?

No you perform the operation once and you (should) check once and validate those operations using unit tests.  You use code coverage tools to ensure you are covering all scenarios. If you find bugs then you add unit and integration tests to cover those conditions as well.
Writing code that requires "double checks" is insecure code.  I guarantee your bank doesn't do such nonsense. Please cite a single reputable advising to "double check" atomic operations.

However all that is side tangent to the fact that the site was "hacked" (if you call someone asking for money more than once and getting it a "hack") because FINANCIAL TRANSACTIONS WERE NOT ATOMIC.  The issue wasn't that the double checks weren't "good enough" it was because the site didn't use atomic operations to begin with.  If the site had better "double checks" then it is possible they would have avoided that attack and just fallen for another one.  That is a fundamental flaw, it isn't a bug in the code it is a conceptual problem.   It would be like building a car with no brakes and saying if the person wants to stop they will just take their foot off the gas (as far in advance as necessary).   A car like that wouldn't be one which has some technical issues to work out, it would be fundamentally flawed.  Then you have someone like yourself come along and say it isn't a fundamental flaw, just a bug in development.  Obviously the answer is to make sure the dashboard has a warning light so the user can double check if they should stop accelerating before they end up in a situation where they can't stop in time.  Of course that scenario is just stupid as is a scenario where you use double checks instead of atomic operations to handle money.

Do you think your Bitcoin wallet performs double checks?  Create the tx, then create it again just to be sure it isn't different and if tx1 == tx2 then you are safe?  Why not?  Do you feel it is insecure that it instead relies on atomic operations instead of pointless double checks?

There is no such thing as "doubly sure".  You are either right or you are wrong.   A single deterministic check is as good as it gets.  If your check was deterministic then you don't need to double check and if it wasn't then it is a flaw and should be fixed rather than relying on a second (possibly also non-deterministic) check.

So, double checking, to be doubly, quadruply sure, is a flawed idea?

So, do it "right" and then assume that NOTHING ELSE COULD EVER POSSIBLY GO WRONG, and there's no need to double check, because you did it the right way, and it's utterly impossible that anything could be flawed?

Thats thinking is just AS wrong.

Edit: As a side note, all our database operations are transactional. THAT BEING SAID, we also doublecheck at EVERY point of possible failure to ensure that JUST IN CASE, nothing bad happens.

For you to dismiss my argument because they should have been doing what you argue is asinine. Doing single threaded database transactions is absolutely zero guarantee that something can't break.

You double check. Always.

Your missing the point.  There shouldn't be any double checking.  That is an idiotic (and very flawed) "solution".   This wasn't a bug in the code it was a fundamental misunderstanding of transaction processing.  This is databases 101.  The operations updating the balances should be database transactions.   It would be IMPOSSIBLE for a double payment to occur if the updates were done ATOMICALLY.  http://en.wikipedia.org/wiki/Atomicity_(database_systems)

It is a basic cornerstone of data integrity.  The language, application, or actual code used is irrelevant.  This is something taught at the freshman level in computer science curriculum.  That fact that this seems to come as news to your (or you think the solution is some flawed double checking system) is scary as you are also running an exchange.

When does the money get paid back to those who lost?

I cannot actually believe I just had a sane adult discussion on the internet.

Mind. Blown.



I agree - a  situation that allowed multiple threads to submit multiple deposit requests at the same time, and the withdrawal daemon not doublechecking balances before sending the funds is a born of inexperience. I guess my defense comes against all the other accusations - like not paying a "real" programmer, or the call that it's a bad exchange because of a singular, well handled issue.

That being said - our terms and conditions clearly states that if a hack happens that could have been prevented by a user using the security features we make available, we're not taking responsibility for the loss of your coin. When we were hacked, 3 people lost coins. Not a single one had 2FA or locked/saved withdrawal addresses. Four others (I think it was four) were targeted, and lost nothing, because they had 2FA turned on.

Users need to take responsibility also. In Poloniex's case - it wouldnt have mattered. It seemed like it was one jackass user who found an exploit and stole from the main wallet.

I would say that the difference between this situation and Poloniex's hack, is that the root cause of your hack is a simple human error that anyone could have done, whereas the root cause of Poloniex's hack is a fundamental lack of understanding.

To have a problem like that, you would essentially have to do something like this:


You surely must agree that someone doing that in a web application with concurrent queries and no database transactions is making a very serious error borne of inexperience. There is no way to accidentally do that. You can only do it by being inexperienced and not realising the peril.

A lot of people have said this over and over in this thread, and I don't want to labour the point. It's just that there were a few posts along the lines of "yay, we're being paid back bit by bit, everything's okay" and I just wanted to reiterate that the root cause here has not been addressed.

I completely agree that the way Poloniex owned up to the hack, gave a description of how it happened, and started paying customers back is admirable. A lot of other Bitcoin enterprises would do well to follow that example.

I also agree with you that laying out money for developers and audits may not have been possible, would certainly enrage customers who are out of pocket and would be no guarantee of future success.

Yet what else is there? This is other people's money. I am concerned that another one of these logic bombs is going to be discovered and the exchange will be emptied, at which point it doesn't matter if it's being operated by Gandhi or Mark Karpeles — everyone's money is still gone!

Any exchange can have bugs but also people must take prior information into account.

Gotcha. Thanks for the explanation. I did read that as "he was warned" and my response was "Yeah, after it happened?"

I also run an exchange. We coded everything internally. I personally have been writing code for about 15 years. While the mistake poloniex made was a bad one (you check balances at every step) people are not infallable. There is always someone out there smarter than you, faster than you, trickier than you.

The claim that he didnt prove he hired a competent programmer is, again, disingenuous. There is no such thing as a programmer you can hire that can make you hack proof. I used to work for an IT company that was poor, and it was the most amazing job ever. We have $57 and need a new mail server. Go. And I rocked that.

Then we got money and grants and it was here's a $25,000 grant, we need a new fileserver, go. So I went, and said we can do it for $5k, and I was told no, we need to hire a competent company to oversee the project.

Nevermind the fact I could save them $20,000, nevermind the fact I had more years experience than the company we hired was in business, nevermind the fact that what they wound up with was a slow, bloated system with a $6,000 a year maintenance agreement on top of the $25k they spent...

People seem to think that throwing money at a problem makes a better product.

I personally code AllCrypt.com - and "it's a homemade piece of junk". But I could contract myself out at $200 an hour and someone pays me $20k to make an exchange for them and slap a "Built by CyberSystems Security and Code" label on it, and wow, it's such a well made system.

Money doesn't fix problems. Money makes you feel better that there are no problems, when no one, NO ONE, is infallible and there is ALWAYS a hacker out there who's better than you, or better than the money you spent.

We got hacked. Because I had a stupid typo in one of the files (a 'are you logged in as the user that this email change request was for' always evaluated true). Someone who was a lot more inventive than I was found it. It wasnt an error, it wasn't poor database coding, it wasn't something that would even be seen on a security scan or site checkout. It was someone, who intended to steal coins, tried to do, thinking "Hmm lets try this" - and found the hole.

It does not mean that the site was poorly made. It does not mean that I'm an idiot who cannot be trusted. It does not mean that if I throw $10,000 at someone the site will magically be better.

It means a human mistake was made a a tricky bastard found it. We fixed it, we were back up in less than 48 hours, and as a result did another security audit and tightened up other areas just to be sure. I'm glad the hack happened how and when it did. We were open and honest about it. Thats what matters.

Berating someone for doing the right thing (in SO many ways) and then saying their site is crap because they didn't throw a pile of money at someone to make you feel better is just absurd.

Target was recently the victim of a huge credit card hack. I will admit I don't know all the details, too busy to read it all, but last I heard they thought it was an inside job. Will you never shop there again because they didnt fire everyone and pay a company millions to do a security audit of every person working there?

Of course not. A bad thing happened, Target apologized, did what they could to make it right, and moved forward.

Bashing Poloniex because they made a mistake, and then didnt throw money around (that should be used to pay back losses, mind you) is just stupid. And if they DID spend $20k to "hire a competent programmer" - the cries of "You should have paid us back with that money!!!" would have been insane.

I'm all about transparency and integrity. I think Poloniex went above and beyond in that department. They are the first (not only - we followed in their footsteps) exchange to have an issue and publicly admit fault, admit what happened, and assist other exchanges in making sure they didnt make the same mistake.

That alone should garner more trust than any bag of money thrown at a "competent programmer".

I think you have misunderstood.

No one is saying that the operator of Poloniex was warned about his poor programming ability before his exchange was hacked. That would be impossible since no one has seen the code.

The only reason that anyone is able to accuse Poloniex's operator of not knowing what they are doing code-wise is due to the explanation of the root cause — multiple in-flight database transactions all being allowed to go through resulting in negative account balance.

After that revelation, many people warned that this level of ability is not sufficient to run something that is managing other people's money. For that reason it was suggested it should shut down, or at least hire competent developers to perform an an audit and provide ongoing development.

There has been no indication that Poloniex has hired more skilled developers, done a code audit or any of that.

Once again, no one is suggesting that Poloniex was warned of this problem before it was actually exploited. That would be impossible. The issue is that it hasn't been mitigated — nothing's actually been fixed (apparently)! The warnings have been ignored.

So, this thread, that was posted AFTER the hack happened, is full of warnings?

And you're saying he ignored those warnings. After the hack happened.

Thats helpful.

Does Mike Hearn understand why redlisting bitcoins cannot operate?

This very thread is full of warnings that someone who doesn't understand database transactions should not be operating a currency exchange. He's still operating a currency exchange. You just have to read it from the start. You're not seriously suggesting that we have to do that for you, are you?

That's hearsay unless you can provide links to comments. Anyone can claim "he was warned!" Just to make him look bad. But that's disingenuous without links to back that up. He cannot disprove a negative. It's on you to show that it happened.

While he showed he is transparent and honest, has he done anything to show that he has hired a competent programmer?

The problem didn't occur because Poloniex was secretive or dishonest. It occurred because the developer didn't understand the very basics of how web applications talk to databases. Has that been fixed?

This is good, HOWEVER he also received strong warnings from several respected members, pointing out how he was clearly clueless about what he was doing, and he completely ignored them.
Even if he's not actively scamming you, he'll most likely be brought down by "the next big break". It's only a matter of time.

Ive been trading for a while now at poloniex... Luckily I didnt have any BTC there at the time of the hack... only other alts that didnt got effected by the hack

The way Poloniex (Busoni etc.)  Handled this situation is a big first in crypto for me... This is the only exchange as far as I know that is paying back its customers... yeah thats right... he sees us as customers.. and treats us like customers as well

Having said that... Honesty builds trust... The dev AND his/her moderators are very active in the trollbox... Just ask something and you will get a respond almost instantly... And most of the time the issue you have, is solved without even filling in a supportticket...  ive seen moderators spending lots of time to solve an issue for someone...


So the question is:

Can you trust an exchange wich got hacked in the past? in the case of poloniex... YES! transparancy and honesty are always best