Topic: [Emergency ANN] Bitcoinica site is taken offline for security investigation - page 18. (Read 224562 times)

So the only person can shed some light on this all and is not bound by some NDA and has/had access to all the information is the very hacker. IIRC he has/had access to Patrick computer or at least his emails. Maybe we can convince him to publish Patricks email database. I am pretty sure he copied all of them, hackers usually do this.

BTW, am I the only one that feels a little strange that apparently Patrick does the claim thing alone? The very person that shared this computer with the hacker. Now I should send him all of private data?

WOW, he even delivers on the previous request for quality comedy in this thread...

Zhou, you are indeed one stand-up dude!  (pun intended)

Indeed! If he does not have non-competition agreement. Zhou could should develop a new Bitcoinica in the next 4 days and many people would transfer deposits from old Bitcoinica to new one at the first opportunity.

Agreed.  Zhou Tong -- a person I hope to get to know better.

I agree with you. I only have some experience in web security and that's why Bitcoinica didn't even take Bitcoins initially. (Remember the original FAQ sentence "There are no deliveries of Bitcoins"?) The entire security system was outsourced to Heroku and Mt. Gox at that time (and they did an extremely well job!).

We stopped doing that after some customers suggesting us not to over-rely on Mt. Gox, and we accepted the suggestions. And everything took off: internal matching, starfish, snowballs, interest system, and the hacks. The troubles started when we stopped being small and lean. I definitely bear some responsibility for the bad decisions.

Not a single cent from Mt. Gox account was stolen.

LOL, Zhou is running a pro PR campain here (and winning this little PR war hands down). Bravo! Something to learn for many parties involved.

Yep, security experts are being compromised all the time. They are on forefront so they get hit more often. The fact of compromise is not that important as how they prepare for it, assess the risks and mitigate them on ongoing basis.

I dread the moment any of my servers get compromised some day, for the first time.

Yes, we are essentially the same. We have nothing to do here.

You don't know the technical stuff, and I can't touch the technical stuff. We are both disallowed to talk too much. And we are all waiting for the same things to happen.

I have browsed through both. I have not responded you in the group. It's just a few consecutive complaints of you about my wrong-doing.

I received some advise from other people too, but the "advise" is irrelevant here.

We'll never have permission to post the group chat most likely. And you don't give me the permission to post the private chat. The private chat starts with a greeting and was never continued after the day. It's not partial log.

They only have one question: "When will I get my money back?"

The other questions are really not important.

You can blame me however you want on the troubles I have caused (and I did apologize for denying full responsibility), but I'm not in the dispute resolution team.

I'm here because I have nothing to do, I don't even know how many claims we have currently (I have to chat with Patrick to get some information). Am I associated with Bitcoinica at all? Well I don't know. Can I resign? No, because that will imply that you're unreasonable and such implication can damage your reputation, even though I have no such feeling.

I'm taking all the responsibility here. If customers are not getting their money back I'm the one being hurt, because a lot of people trusted me with their funds and they assumed that I have major controlling power over Bitcoinica.

I have honestly posted everything according to all the information I have. If there are more changes on the Bitcoinica's ownership structure beyond my information, and you identify the misinformation as "lie", please go ahead.

Here's the a list of statements that are currently verifiable without violating any NDAs:

1. I assume I don't have any control over Bitcoinica, at least over the dispute resolution process.
2. Some customers are blaming me for the problem (especially in first 20 pages of this thread).
3. I apologised and gave a self-criticism publicly (about my incompetency in security system).
4. Bitcoinica Consultancy is not paying for the losses directly.
5. Bitcoinica Consultancy's compromised system (which was already in production before Bitcoinica's transition period) is the direct cause (i.e. if the transition didn't start the problem wouldn't have happened, and the transition didn't cause the initial compromise on the email server).
6. Customers have waited 7 days for a claim form (please don't bring up the 3rd party form issue, I suggested that only because you are taking too much time. I could have done it must faster with same security features).
7. I was prohibited from expressing anything that may damage Bitcoinica Consultancy's reputation (this is from your long post recently [1]).
8. I have not officially resigned from Bitcoinica, and my current position is unknown.
9. I have not signed any NDA with any one in 2012.
10. I do not have access to the funds and the claims form.
11. I have suggested several ideas to speed up the claim process in Skype group chat, and Patrick has selectively adopted some. (Not really valuable ones I admit.)
12. I assume that I obtained the permission from the person who may grant you the transparency (I'm not sure) to post the apology.
13. I have been asked to co-author an apology in my name. (And my own one doesn't sound sincere enough. [2])
14. I'm neither an insider who has access to information, nor an outsider who is not liable for communicating information (which should be treated as pure speculation).
15. I have not been paid by Bitcoinica for any work since 1 April 2012 and I have voluntarily given up the payment.

I kindly ask whoever working on the dispute resolution to work more efficiently. My original intent was to deny the responsibility considering the customers are blaming me, who has no control over the dispute resolution for the unresponsiveness of the team. My words have damaged Bitcoinica Consultancy's reputation because I should take part of the responsibility.

Everything here is in no way criticism. I'm willing to take responsibility on anything that I'm involved.

But honestly, customers are not satisfied. That's the worst reputation damage you want to have. Again, I have nothing to do here. I know everyone could be happier if I post the evaluation result of this Ruby statement here everyday:

["We are working on the claim process.", "You'll get paid very soon!", "Our team is working 24/7 to deliver our promise.", "We are working extremely hard.", "I'm very happy that the whole team is working together.", "You have been trusted Bitcoinica for over half a year, and we won't disappoint you this time."][(rand()*6).to_i]

But it's just not how PR works (in my opinion).

I might be immature (I have no age privilege to disprove this). I might just suck at PR. I might be the 17-year-old kid causing endless troubles for you. I'm truly sorry.

My final suggestions:

- Return the money as soon as you can.
- Tell the truth.


[1]:


[2]:

While the account is speaking for the group as a whole, it is the other two members which after many days of unrest thought it was best to break this silence. Patrick is working on the claims and right now we have to wait on Patrick before we can continue.

We agree that the statements we have had to release are not the ones we would have liked to, it was the only option at our disposal. It has come after over a week of silence where we were trying to resolve the misinformation issues in a more appropriate manner.

And instead of tending to the matters at hand that are truly important, I see childish bickering among partners(?!) in the forums

Seriously, how professional can you get?

This is the same type of behaviour I saw in the logs of the 511BTC affair at intersango. Same tone, same voice. Same immature way of dealing with personal mistakes. When are you going to grow up, and stop with the idle attempts at intimidation? It doesn't become you, Patrick.

It's truly disappointing that you continue to engage each other in the forum instead of working on the claims process.

We will try to stop the drama. It is secondary or tertiary to the claims process. As stated in the earlier post we can't give a definite date now. We will be providing information as we can with regards to the claims process and all else.



This would potentially be illegal and certainly unethical.

please state a date when you plan to close the claim process and start to refund people.
i just want to know when i can expect to get my money back.

a simple "there where claims made just yesterday" is not enough. you can not proove that.

we already waited much too long for OUR money.

btw: if you are so sure that we all will get our money back: why dont you just buy my 100btc debt for 80btc?

The owner of Bitcoinica is clearly Bernie Maddoff.

He is a smart guy. He knows I wouldn't need his permission at all to post it. We do however need the permission of another person/other people. He knows this.

If you get the consent to publish both in full please do. Realise that "cherry picking" though through a partial log might not be a smart long term strategy.

 

The group conversation would establish essentially the entire history of what happened and would conflict with some of your forum posts.

The whole private conversation was founded on your gross misrepresentations and inaccurate statements.

+1

BOOM!

Bitcoinica took a lot of my money, and arguably all of it was due to my own gambling.  But I always believed in Zhou.  I know you'll do the right thing, buddy.