Pages:
Author

Topic: BTC Stolen from Poloniex - page 31. (Read 167464 times)

newbie
Activity: 9
Merit: 0
March 04, 2014, 09:30:10 AM
I sent two hours ago BTC from a purse - didn't reach yet. They were gone?
legendary
Activity: 1372
Merit: 1022
Anarchy is not chaos.
March 04, 2014, 09:30:03 AM


Haven't followed the link yet, so no comment so far Cheesy . As to fractional reserve, we are on the same page. I'm a student of the Austrian school of economics. While insurance can be abused, it's not fractional reserve in any sense.

I'm running low on caffeine, so I'll leave it at that for now. No offense taken, other than the shill remark. I'll sell shit, but I won't hide it or mount a pretense. I'm far too arrogant for such tactics Cheesy

Ah a student.....keep up with your studies. Grin Grin Grin

Always. About a decade in so far Cheesy
newbie
Activity: 14
Merit: 0
March 04, 2014, 09:27:41 AM
when is normal again?  Huh
newbie
Activity: 25
Merit: 0
March 04, 2014, 09:17:40 AM
Make these debt instruments trade able, issue them with an annual coupon of 30%, and the market would bid them up to likely 15% or 10%. 

Victims here would turn into investors, who would likely see an instant PROFIT.

This would also give you a means to issue more debt, after you know your cost of capital (that the market is willing to lend to you at) and allow you to invest in security/marketing/etc.

(To understand how this is likely the guaranteed outcome, one would need to understand how bonds move inverse to interest rates.)

What part of the negociable instrument fraud did you not understand when it was used to destroy global economies back in 08 ?

getting sick of listening to this mindless shit

If you don't have coins you shouldn't be able to trade on promissory notes
If an exchange gets hacked THEY should be replacing it from fee's acrued from transactions, if no rainy day fund is set aside then use a different exchange. I certainly don't need more fee's and more complications being tossed into the crypto movement so a bunch of useless middle class twats can skim off the top and hobble our ability to find fiscal freedom while not actually providing value.

I am done here and with this bullshit
full member
Activity: 124
Merit: 100
March 04, 2014, 09:14:47 AM
I guess i lost around .1-.2 btc, anyway, id recommend just raising fees to 50% current level as another suggested to try and recoup some cost. Thanks that you only lost a bit and not all of it. Its a risk of using an online exchange...
legendary
Activity: 924
Merit: 1000
March 04, 2014, 09:10:36 AM
newbie
Activity: 6
Merit: 0
March 04, 2014, 09:09:40 AM
I was not aware of this theft, and I stupidly sent in 10 BTC about 7 hours after your twitter announcement

https://blockchain.info/address/16CBhYouzdB4xgxeZ76RjF8wBRimtvMB2k

https://twitter.com/Poloniex/status/440734781689446400

I expect to get the entire 10BTC balance back, and NOT 12.3% less, as I would've expected you to block deposits as well, or at least put up a sign on the front page of the site waring about the hack.

Please confirm that you agree and will do so. Thank you.
i have the same problem with my 5 btc!!!!!!
http://blockchain.info/tx-index/435694ebe83387286e95a30d866768df4dc617ceab88b5a4aa8b691dbac8ba63
what now?Huh
full member
Activity: 194
Merit: 100
March 04, 2014, 09:08:35 AM
Same thing for me too. I deposited half of my btc there and it hasn't shown up yet.
newbie
Activity: 15
Merit: 0
March 04, 2014, 09:05:56 AM
I was not aware of this theft, and I stupidly sent in 10 BTC about 7 hours after your twitter announcement

https://blockchain.info/address/16CBhYouzdB4xgxeZ76RjF8wBRimtvMB2k

https://twitter.com/Poloniex/status/440734781689446400

I expect to get the entire 10BTC balance back, and NOT 12.3% less, as I would've expected you to block deposits as well, or at least put up a sign on the front page of the site waring about the hack.

Please confirm that you agree and will do so. Thank you.
legendary
Activity: 3444
Merit: 1061
March 04, 2014, 09:00:00 AM
thieving can be detected like this..mt gox lost so many, unbelievable..
hero member
Activity: 728
Merit: 500
March 04, 2014, 08:57:59 AM
BTW: this is the by-the-book definition of a bail-in. Isn't it ironic?
member
Activity: 115
Merit: 10
March 04, 2014, 08:50:09 AM
i deposit 5 btc 1 hour ago and what next?HuhHuhHuhHuhHuh
my btc are frozen in network
and where exactly does it say please don't make any btc deposits!!!!!

+1
sr. member
Activity: 350
Merit: 250
March 04, 2014, 08:49:14 AM
This is more of a successful scam than good old gox.

Nobody seems to care?
member
Activity: 98
Merit: 10
March 04, 2014, 08:48:38 AM
The major problem here is that the auditing and security features were not explicitly looking for negative balances. They add deposits and withdrawals and check that accounts are in balance. If you have 2 BTC, withdraw 10 BTC, and are left with -8 BTC, the software would see that you deposited 2, withdrew 10, and have exactly what you should: -8.


This is pathetic. Any programmers would not have allowed this to happen in the first place. It's basic programming level. If you have 2 BTC, withdraw 10 BTC, then "withdrawal rejected due to lack of funds."

I think you've misunderstood. The problem wasn't that it didn't check for negative balance. If you had 2 BTC, it would not let you withdraw a single amount of 10 BTC. The problem was that the withdrawals did not have atomicity, meaning that you could withdraw 10 BTC from a balance of 2 BTC by spamming lots of withdrawals for 1 BTC in a very short space of time.
member
Activity: 98
Merit: 10
March 04, 2014, 08:46:08 AM
(copy from my post on Reddit)

I understand that the updates to users' balances in the database are not of the atomic-test-and-set kind.
The workaround that the site owner says will implement is still allowing for parallel operations, although now the operations will test the balance first.
IMO that is not good enough. You need atomic test-and-set, point. Without it you'll have other race conditions and it is just a matter of time until next vulnerability is found no matter how good you think you have mitigated the problem today.

I think you're misunderstanding. That's just his temporary hotfix. He said that he will be adding atomicity to the entire withdrawal process (not just the balance in the database) as the long-term solution.
member
Activity: 98
Merit: 10
March 04, 2014, 08:44:57 AM
So let me get this straight.

You got hacked because your system was faulty and didn't check for negative balances.
You have no money to reimburse your users so you're going to deduct a percentage of everyone's BTC.
You're then going to make this money back by temporarily increasing trading fees which your users will incur whilst using the site.

10/10 top ruse

But there's a big difference between everyone with balances on the exchange losing 12% and increasing fees for a while. If everyone loses 12%, then that's something that's happened to them without any knowledge of it. They're an innocent victim. If he raises the fees, however, then anyone trading will be aware of this, and it's their decision whether they choose to pay the 1.5% fee or not. It's completely fair.
legendary
Activity: 1372
Merit: 1022
Anarchy is not chaos.
March 04, 2014, 08:44:29 AM
newbie
Activity: 6
Merit: 0
March 04, 2014, 08:44:19 AM
i deposit 5 btc 1 hour ago and what next?HuhHuhHuhHuhHuh
my btc are frozen in network
and where exactly does it say please don't make any btc deposits!!!!!
sr. member
Activity: 1176
Merit: 265
March 04, 2014, 08:40:01 AM
I can't help thinking that some kind of agreement between entities like exchanges and wallets to blacklist addresses and make conversion harder would help. Not much point in stealing BTC if you can't exchange it to currency. We're all sitting here able to watch that guy move his ill gotten gains around, we see all the wallet addresses, if they were blacklisted, what could he do with it?
member
Activity: 115
Merit: 10
March 04, 2014, 08:34:19 AM
If coinmarket is suffering from similar issues but is really bad at PR then its all good lads, both markets have shown promise and i would, despite my previous rants like to see both move forwards better and stronger.

In the meantime perhaps the group known as annonymous would consider digging out those trying to destroy the credibility of the coin exchanges and have a quiet word in their shell like and maybe empty thier wallets to enable those without food on the table to get by a bit better where therse are no opportunities such as we have here.

If annonymous is truly the internet version of the A team and you can find them and hire them i would really like to see a plan come together, I am just a little man and this shit is way above my head.

+1 to Poloniex for biting the bullet and being straight up with us

I don't see how they are being straight up. Where are our deposits.

You mean you attempted to send coins to a paused trading engine without realising the site was down bud ? In the first description of the problem there was a suggestion that pending transactions would be reset for the resumption of trading.

If you had stuff on deposit then you will have to wait because the engine was shut down to an exploit, its inconvinient but I am not doubting the sincerity of the people running the two exchanges, I hope they just don't say fuckit and throw the towel in as it would be a mutual loss.

Correct me if im wrong but where exactly does it say please don't make any btc deposits. They will happily take them, just not credit them to my account
Pages:
Jump to: