Topic: [Emergency ANN] Bitcoinica site is taken offline for security investigation - page 57. (Read 224562 times)

Speculation in general and Bitcoinica in particular reduce volatility. Bitcoinica going away will not make things more stable, but will have the opposite effect. Thankfully Kronos.io arrives just in time.

Are you serious?

The value would go to Zero. Heck, the negative Bitcoins would be spent.

And who decides what coins should be disabled? And who makes sure that those people in charge aren't corrupted or influenced? And how do they enforce it, and how could others be prevented from exploiting it?

Why can't they just "disable" stolen bitcoins. I mean we are in the 21st century we should use the digital aspect of this to our advantage yes?

this would also raise the value of bitcoins if we can say "stolen proof" also 

http://www.theskull.com/javascript/ascii-binary.html

Totally. Thieves should be given a choice on who to steal from. It's not funny doing it to the same dudes over and over

So easy to say when it's not you that lost coins, but it is true.

As much as I liked Bitcoinica and wished for their success, I never felt uncomfortable leaving
deposits with them for an extended period of time.

Just be grateful for any reimbursement you get.

I'm now hoping for some competition to rise out of this dust.

The best part about this is that its a so called "registered FSP"...just shows what that amounts to.

Don't worry. Soon enough you'll have some of it in your wallet also, wether you want it or not

I haven't been a great fan of Bitcoinica in the past.  The service introduced, at times, great volatility into bitcoin's price and I felt bitcoin itself was too immature to sustain a leveraged short selling system.

But I do admire what Zhoutong and the team he works with have achieved, and I hope they get the site running within a few weeks.  No doubt there will be many sleepless nights ahead.  There seems to be a lot of criticism aimed at Zhoutong at the moment regarding the hack.  Some probably justified, but let's all remember that Bitcoinica is the victim.  There's a thief out there with quite a bit of stolen money.

It is Bitcoin. The original owners are liable for their 'own' bitcoins. If they chose to give that responsibility to someone else, it is on them.

If we start holding 'others' responsible for the control of our money, lets just stick with the FED, Banks, CU's. They have a system already in place and there is no need to re-invent the wheel.

Everyone likes pointing fingers but quite often forget to look in the mirror. The key word in the above quote is 'customer'. If the business wants to keep them, they'll come up with a solution to make them happy and relatively soon. But the 'customers' knew what Bitcoinica was when they put money into them, so it is their liability.

Did anyone ever lose a wallet with everything in it?  Who are you the most mad at? Be honest. Yourself.

What I love about these hacks :

-no IPs posted
-no logs
-no other evidence except zhoutong's transaction proving he got 18k richer imho

I got hacked as well !!! Where's my intersango bailout folks

It will be time who'll prove if I'm right or wrong, not your schizophrenic ramblings.
But I'm quoting your text and reserving the right to call you out when I'm proved right...

MyBitcoin was a registered company (LLC) too. Pretty useless if you ask me.

I do believe the Intersango people will make everything whole again though.

I think it's Bitcoinica's database that will be leaked
If they are really nasty they'll leak their codebase also lol

My guess is that before the FIRST loss hey had a bunch of BTC due to the quite high fees they charge.  After the loss they were probably doing fractional reserve and rebuilding but had enough to cover what people wanted to withdraw.  My guess is now they do not have enough to cover the expected withdrawals and would need to 'invest' real money into bitcoinica to re-start it.

I'm not very fond of bitcoinica, like some of you already know, but i only hope this issue is resolved in a professional manner by whoever is in charge right now and the bitcoin ecosystem continue evolving at it's normal course. I will be following updates on this thread.

If I have a wallet to run my business, how can it be a good idea to have more than one person having access to the private keys? In this case at least 4 people (owners and zhoutong) had officially access to the key, a dozen others to the server physically and many others had access to root-password-reset-email-account-servers. Any theft is perfectly deniable by the thief if it's any of them.

Bitcoinica can have mechanisms when cashing out that put certain amounts on hold if they look fishy by some metrics but that's application layer and with the unencrypted keys on the machine many people can just circumvent that layer.

If I wanted to do it right, how should I do it? Keep the private keys at home providing signatures to the application after sanitizing? This way I could reduce the access to the wallet from many to one. I could have a fraction of the wallet in each owner's machine or one takes full responsibility. Then the attacker would have to forge legit api requests to sign transactions flying under the radar and the parameters of the radar would not be public. Worst case would be pissed customers waiting longer than necessary and apparently legit cash outs that weren't but that will not sum up to 20k in one day. If one customer cashes out 20kBTC, I call him. Twice. And he will thank me for the nice chat.

On my "laptop" with the wallet I could have a service running that constantly polls a bitcoinica api for transactions to be signed. Small amounts summing up to less than x BTC get cleared automatically, bigger amounts get delayed by an hour for random review and checkpot amounts are put on hold indefinitely until clearing them manually.

This would not require any trust to more than one person and the PC at home would not even require to accept inbound traffic.

... crazy ...

that or better, as a customer I would accept that any withdrawal above 100 btc / day will be delayed up to 24 hours, ( only 100 /day/customer is immediate ).

I apologize, 'the curse of knowledge' got the best of me I'm afraid. ('curse of knowledge' also is a thing that you might find interesting to learn about )