Let me start off by saying the information in this post is gathered from already public statements, separate knowledge or, in individual cases has been preapproved. We have been disgusted by the fact that we cannot speak liberally. Once the reclaims process is finished, if we are not allowed to speak publicly we will stop all activity with bitcoinica.
Right now, we believe the best thing for all parties involved is that we continue with the reclaims process. We have investigated many of the claims but have many left. There were still claims being filed as of at least yesterday. Our intention is to have a secure platform where users can claim their accounts and everyone will be able to claims their accounts once the claims process is finished. We cannot offer a concrete timeline for exactly when this will happen but we are working as fast as possible. Please be patient. We are truly sorry for the grave inconveniences.
As for recent incidents:
We first got involved with Bitcoinica after we discovered a security vulnerability where we could liberally withdraw and empty bitcoinica's live wallet. It became apparent to us that the site was a poorly constructed security nightmare. We started talks with bitcoinica in the hopes that they would see us as being an indispensable asset to help secure their site. The site currently is far more secure then previously.
While Zhou has made a lot of public statements, I assume his doing so has violated agreement(s) which he may have. He has stated publicly that he does have some non-disclosure agreement. Many of his posts were either untrue or certainly misleading. Many of these posts were directed at us. After being confronted on the issue, he agreed not to post anymore. After breaking that promise only hours later, we confronted him again privately.
He posted an insincere and politically worded apology.
Within the apology he made it sound as though we were trying to stop him from posting. As if he had not respected some secrecy that we wished to maintain. This of course is entirely misleading. He also posted the link to the reclaims page before it was finished and without our consent. He also continued to make very important decisions without our consent which has effected our ability to recover. In fact, even as of the 17th, we were often still in the dark and learning things through Zhou's posts on the forums. We may decide later to take action against Zhou as he has offered no public recompense. He was the owner of bitcoinica, sold bitcoinica keeping earlier profits and it seems he was paid and that he was responsible for its security until at least very recently. We even hope to release our private conversations with him if there is deemed to be no liability for us doing so. These issues should never have been made public and we took many measures speaking with him many times so that it would not get to this level. Right now though this needs to be put on the back-burner. It is immaterial until the claims process if resolved.
As for the current owners of Bitcoinica, they have by far exceeded their legal obligations in helping Bitcoinica recover from the previous hack and have pledged their continued support in seeing this incident fully resolved. I am not sure they knew how insecure the site was when they first bought it. We applaud their generosity. The inability to disclose pertinent information however we vehemently disagree with. We believe this information is critical to restoring the trust a business like bitcoinica requires.
The only agreement I have signed is in last year, with a non-disclosure clause.
I have already apologised about the violation with a Skype message promise. And I confirm that all I stated was pure fact. (You are welcome to take legal actions against me if anything in the apology post in untrue.) Sincerity is rather a subjective concern. I think I'm sincere.
In the past few days, I have been quite supportive about the account claim issue. I have communicated some ideas with Patrick.
I admit that the security features of the site are not up to standard. But the compromised system belongs to Bitcoinica Consultancy, and I have neither knowledge nor control. Being a target is the worst thing to have in the security world, and no system is 100% secure. The uncompromised systems are simply not the targets. Bitcoinica was not the initial target of the hacker.
These statements are not directed to Bitcoinica Consultancy. They are directed to facts. I officially grant Donald Norman the right to disclose any private communication on Skype between Donald and me in recent 14 days.
Unfortunately, disclosing the skype conversations of our group would would largely be in violation of our NDA. You know this though. We would also like to give much greater detail as to the nature of the incident but are not able to due to our inability to disclose information.