Author

Topic: Does anyone get the money back from Bitcoinica? (Read 3032 times)

member
Activity: 77
Merit: 10
A Colt Crossed the River
There are dollars and bitcoins in my Bitcoinica account.
The following 5 refunding solutions , which Bitcoinica will choose? :

1. refund dollars AND bitcoins
2. refund dollars ONLY
3. refund bitcoins ONLY
4. exchange bitcoins to dollars at SOME rate, and refund dollars
5. exchange dollars to bitcoins at SOME rate, and refund bitcoins
rjk
sr. member
Activity: 448
Merit: 250
1ngldh
It's inconceivable to me that after the Linode compromise they chose one of the cheapest shared hosting options with Rackspace and that they didn't regard redundancy and being able to shut down access to the server if it was compromised as critical.  They made these choices after they'd performed a security audit which should have revealed that their servers were still vulnerable.
Just to make sure everyone has it straight - Bitcoinica was on the RS cloud long before the Consultancy came along. The Linode VPS was just an attempt to keep the hot wallet off the rackspace cluster to spread the risk around. Obviously we saw how that failed.

I'm sure that excuses them from not tightening up their security at Rackspace after the Linode hack.  They performed a security audit in March according to Tihan - a proper audit should have revealed the Rackspace vulnerability.  Another attack should have been expected.  Even if the same attacker doesn't come back for a second bite at the cherry, once a vulnerability has been exploited other people will try to exploit that same vulnerability in respect of both the company which was originally attacked and similar businesses.
I'm just saying this from the point of view as someone who has read all the things said about this incident and not as defending them in any way, but if an audit had been performed at that time it wouldn't have caught a later security breach. The later breach was that of an insecure server containing the credentials to access an otherwise-secure mail server, which then cascaded into allowing access via a password reset into the control panel. The 2 Bitcoinica incidents had similar qualities, but were not the same hack.

It's kind of hard to audit the hosting provider's control panel from all angles, especially when you have no access to the backend of it. Obviously all this stuff should have been on a dedicated server stack a long time ago.
hero member
Activity: 868
Merit: 1000
It's inconceivable to me that after the Linode compromise they chose one of the cheapest shared hosting options with Rackspace and that they didn't regard redundancy and being able to shut down access to the server if it was compromised as critical.  They made these choices after they'd performed a security audit which should have revealed that their servers were still vulnerable.
Just to make sure everyone has it straight - Bitcoinica was on the RS cloud long before the Consultancy came along. The Linode VPS was just an attempt to keep the hot wallet off the rackspace cluster to spread the risk around. Obviously we saw how that failed.

I'm sure that excuses them from not tightening up their security at Rackspace after the Linode hack.  They performed a security audit in March according to Tihan - a proper audit should have revealed the Rackspace vulnerability.  Another attack should have been expected.  Even if the same attacker doesn't come back for a second bite at the cherry, once a vulnerability has been exploited other people will try to exploit that same vulnerability in respect of both the company which was originally attacked and similar businesses.
rjk
sr. member
Activity: 448
Merit: 250
1ngldh
It's inconceivable to me that after the Linode compromise they chose one of the cheapest shared hosting options with Rackspace and that they didn't regard redundancy and being able to shut down access to the server if it was compromised as critical.  They made these choices after they'd performed a security audit which should have revealed that their servers were still vulnerable.
Just to make sure everyone has it straight - Bitcoinica was on the RS cloud long before the Consultancy came along. The Linode VPS was just an attempt to keep the hot wallet off the rackspace cluster to spread the risk around. Obviously we saw how that failed.
hero member
Activity: 868
Merit: 1000
Maybe only a few would have considered the possibility of a commercial site dealing in tens of thousands of dollars in value every day as not having the basic sense to have offline backups, and not give out root passwords to anybody who stops by THE FIRST TIME.

When a similar, and highly suspect repeat happens a matter of weeks later? Every single person who sent a penny to this service should have been thinking about it. And given the history of the brain trusts that think profit can be fabricated from thin air, I suspect that there were a considerable number who actually were PREDICTING a similar failure, and not investing in this shaky gimmick.

The worst thing is that Bitcoinica Consultancy has actually stated that they believe that their decision to make fixing the code their priority was the correct one in spite of this happening - implying that fixing the code and ensuring that their servers were secure were mutually exclusive options.  It's inconceivable to me that after the Linode compromise they chose one of the cheapest shared hosting options with Rackspace and that they didn't regard redundancy and being able to shut down access to the server if it was compromised as critical.  They made these choices after they'd performed a security audit which should have revealed that their servers were still vulnerable.

And yes, I think that many users only pay lip service to the risk of losing their money when they place it with Bitcoin service providers.  How many times do hacks, scams, account freezings and outright thefts need to happen before people stop being totally blinded by potential profits and accept that few of these services have sufficient resources to absorb significant losses and that many of them are one critical incident away from being insolvent?
sr. member
Activity: 574
Merit: 250

Bitcoinica was a great thing, that could strenghten bitcoin economy. Everybody know that there was a substantial risk. But we have situation that nobody predicted: no offline backups. That could be avoided... But it's a fact.


Maybe only a few would have considered the possibility of a commercial site dealing in tens of thousands of dollars in value every day as not having the basic sense to have offline backups, and not give out root passwords to anybody who stops by THE FIRST TIME.

When a similar, and highly suspect repeat happens a matter of weeks later? Every single person who sent a penny to this service should have been thinking about it. And given the history of the brain trusts that think profit can be fabricated from thin air, I suspect that there were a considerable number who actually were PREDICTING a similar failure, and not investing in this shaky gimmick.
donator
Activity: 452
Merit: 252


This is what I think of when I think of the people who put money back into bitcoinica after the initial fiasco. Not a lot of sympathy really. Some, but not a lot. Learn your lesson.

I never heard about the first bitcoinica fiasco, never lost any money in the first "break in", therefore its kind of hard to make a case for it for me Cheesy
newbie
Activity: 23
Merit: 0

"Anything you are saying about bitcoinica you can say about the whole bitcoin economy."

Bullshit. Idiots like you that put your money in untrustworthy enterprises drag the economy down. Stop being a greedy fool and think.

It's hard to make a sense comment on your opinion. If e.g. Bitcoin collapse (for some reason, probability of such is small but real) there will appear other people calling idiots everyone who invested a cent in bitcoin economy.

Bitcoinica was a great thing, that could strenghten bitcoin economy. Everybody know that there was a substantial risk. But we have situation that nobody predicted: no offline backups. That could be avoided... But it's a fact.

member
Activity: 93
Merit: 10
I still can't believe you all put significant amounts of money in there less than two months after they suffered a serious breach. And all the discussion since then has proven that they still did not take security seriously at all after that breach. Running on VPS? ffs. Perhaps you've learned a valuable lesson. Look into the infrastructure of sites holding your money in the future...

Since first security breach Bitcoinica became "Bitcoinica LP". Anything you are saying about bitcoinica you can say about the whole bitcoin economy. Economy is based on trust much more then the real economy.
I personally still trust bitcoinica owners. However their behaviour and way of how their communicating progress in payouts is not up to standards (actually it's far far from it) I hope they'll do their best.
If they fail giving back our money they should be ready that some of us will take legal action against them (difficult but certainly possible since they're EU citizens).

Good luck Bitcoinica team. I know it's a very difficult situation in your life but you can do it Smiley


"Anything you are saying about bitcoinica you can say about the whole bitcoin economy."

Bullshit. Idiots like you that put your money in untrustworthy enterprises drag the economy down. Stop being a greedy fool and think.

newbie
Activity: 23
Merit: 0
I still can't believe you all put significant amounts of money in there less than two months after they suffered a serious breach. And all the discussion since then has proven that they still did not take security seriously at all after that breach. Running on VPS? ffs. Perhaps you've learned a valuable lesson. Look into the infrastructure of sites holding your money in the future...

Since first security breach Bitcoinica became "Bitcoinica LP". Anything you are saying about bitcoinica you can say about the whole bitcoin economy. Economy is based on trust much more then the real economy.
I personally still trust bitcoinica owners. However their behaviour and way of how their communicating progress in payouts is not up to standards (actually it's far far from it) I hope they'll do their best.
If they fail giving back our money they should be ready that some of us will take legal action against them (difficult but certainly possible since they're EU citizens).

Good luck Bitcoinica team. I know it's a very difficult situation in your life but you can do it Smiley
member
Activity: 93
Merit: 10


This is what I think of when I think of the people who put money back into bitcoinica after the initial fiasco. Not a lot of sympathy really. Some, but not a lot. Learn your lesson.
member
Activity: 93
Merit: 10
Good luck with that, folks.

I still can't believe you all put significant amounts of money in there less than two months after they suffered a serious breach. And all the discussion since then has proven that they still did not take security seriously at all after that breach. Running on VPS? ffs. Perhaps you've learned a valuable lesson. Look into the infrastructure of sites holding your money in the future...

+1. Bitcoin services should disclose that they do append-only backups both cross-datacenter and offsite. common sense and Redundancy 101 for bitcoin services!

But most importantly, keep your main stash of bitcoins offline!

Good luck with that, folks.

I still can't believe you all put significant amounts of money in there less than two months after they suffered a serious breach. And all the discussion since then has proven that they still did not take security seriously at all after that breach. Running on VPS? ffs. Perhaps you've learned a valuable lesson. Look into the infrastructure of sites holding your money in the future...

I found out that this won't work, for once you stop one, 40 more pirates come along and take their place.

~Bruno~


Honestly? ha, ok then... It didn't seem like a bad idea at all to put some more money in bitcoinica? (a bucket shop run by people who were obviously incompetent at security) Somehow I think avoiding getting your money yoinked might just be easier than you think.
legendary
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
Good luck with that, folks.

I still can't believe you all put significant amounts of money in there less than two months after they suffered a serious breach. And all the discussion since then has proven that they still did not take security seriously at all after that breach. Running on VPS? ffs. Perhaps you've learned a valuable lesson. Look into the infrastructure of sites holding your money in the future...

+1. Bitcoin services should disclose that they do append-only backups both cross-datacenter and offsite. common sense and Redundancy 101 for bitcoin services!

But most importantly, keep your main stash of bitcoins offline!

Good luck with that, folks.

I still can't believe you all put significant amounts of money in there less than two months after they suffered a serious breach. And all the discussion since then has proven that they still did not take security seriously at all after that breach. Running on VPS? ffs. Perhaps you've learned a valuable lesson. Look into the infrastructure of sites holding your money in the future...

I found out that this won't work, for once you stop one, 40 more pirates come along and take their place.

~Bruno~
legendary
Activity: 826
Merit: 1001
rippleFanatic
Good luck with that, folks.

I still can't believe you all put significant amounts of money in there less than two months after they suffered a serious breach. And all the discussion since then has proven that they still did not take security seriously at all after that breach. Running on VPS? ffs. Perhaps you've learned a valuable lesson. Look into the infrastructure of sites holding your money in the future...

+1. Bitcoin services should disclose that they do append-only backups both cross-datacenter and offsite. common sense and Redundancy 101 for bitcoin services!

But most importantly, keep your main stash of bitcoins offline!
member
Activity: 93
Merit: 10
Good luck with that, folks.

I still can't believe you all put significant amounts of money in there less than two months after they suffered a serious breach. And all the discussion since then has proven that they still did not take security seriously at all after that breach. Running on VPS? ffs. Perhaps you've learned a valuable lesson. Look into the infrastructure of sites holding your money in the future...
donator
Activity: 1120
Merit: 1001
What is the point of making new new threads about this?  They've already said how the initial payments are going to be made and it's likely that they will start a new thread when those first payments are sent out.  They're also going to need additional information to validate many people's claims and they've given people instructions about how to submit that information.  If you want to blame someone for the delays, blame the people who've attempted to make fraudulent claims.

And nobody should be speculating with money they can't afford to lose or which they need access to for daily living expenses, whether they do it on regulated or unregulated exchanges.  A delay in processing of claims shouldn't have a significantly adverse effect on anyone who didn't unreasonably expose themselves to a risk they couldn't afford in the first place.

Just follow the time line please. When the OP started, bitcoinica still have not admit that they have no backup.
hero member
Activity: 868
Merit: 1000
What is the point of making new new threads about this?  They've already said how the initial payments are going to be made and it's likely that they will start a new thread when those first payments are sent out.  They're also going to need additional information to validate many people's claims and they've given people instructions about how to submit that information.  If you want to blame someone for the delays, blame the people who've attempted to make fraudulent claims.

And nobody should be speculating with money they can't afford to lose or which they need access to for daily living expenses, whether they do it on regulated or unregulated exchanges.  A delay in processing of claims shouldn't have a significantly adverse effect on anyone who didn't unreasonably expose themselves to a risk they couldn't afford in the first place.
hero member
Activity: 672
Merit: 500
same, any idea how much they have manage to steal?
member
Activity: 77
Merit: 10
A Colt Crossed the River

I claimed my accout at the same day and got nothing since now.

There is a large amount of dollar in there.....  Sad
newbie
Activity: 54
Merit: 0
donator
Activity: 452
Merit: 252
read around, were all in the same boat. I'm hoping that they will reimburse us, but at this point I'm starting to get worried that I may never see my precious dollars again.
newbie
Activity: 54
Merit: 0
Does anyone get the money back from Bitcoinica?

I have claimed since 2012.5.18, and now is 2012.5.23 .
There is no response from Bitcoinica until now.
Jump to: