Topic: [Emergency ANN] Bitcoinica site is taken offline for security investigation - page 64. (Read 224562 times)

Do people really still do that?

The last address on the list is bitcoin faucet:

http://blockchain.info/address/15ArtCgi3wmpQAAfYx4riaFmo4prJA4VsK


Way to spread that coinage thin and make sure everybody gets some. Even better than donating some to pools in terms of ensuring the coinage wont be black listed.

Cool way of releasing a message. The thief clearly has some familiarity with Bitcoin.

Well if implemented, it would be to easy to bork the system. By the nature of the system, they are forever marked but with time become but a residue. Just like 90% of Dollars have drug residue on them. You are all suspects now if you have a dollar.

What makes the idea of tainting even worse, is the ability to 'frame' others for something. i.e. 18,000 coins were supposedly stolen, the 'thief' could send 2,000 of them to a reputable person's address. The recipient will claim innocence but who is going to believe that the 'thief' just gave the coins to him? We're talking 10K about now.

So, while they are not anonymous technically, they are anonymous as far as proving anything. And if there are more than 1 'thief' if one gets caught the other can move the coins taking suspicion away from the one that was caught. All the 'what ifs' put it back into the anonymous realm, unlike getting caught with DB Cooper's loot.

Has it been confirmed that people won't be getting coins back?  I thought Z said they'd cover the losses.

He's just fucking with you. The 8 digit remainder is binary. Convert the first 7 to ascii and you get "expect ".

Edit: the whole 21 characters spell "expect mass leak soon".

Edit 2: and given the first three characters of the address are EML, it might have been a vanity account.

this sucks! months of mining and the first time I try bitcoinica my btc get stolen.  stupid hackers!!  
 

LOL, binary...

Oh, at first sight I was tempted to take this approach for a cure of my worries about bitcoin's anonymity.

Imagine exchanges would not refuse tainted coins right out but "untaint" them by sending the tainted fraction to a well known unspendable address (aka destroy the stolen coins). A future recipient would well notice the tainted coins but also the untainting and accept the input for full bitcoins again.

Imagine gox doing this. Who would want tainted coins? All others would follow and refuse to take tainted coins aka untaint them and demand compensation for the tainted fraction of the payment.

I could imagine such a system for the good of bitcoin as the scheme "move your coins -> claim to got hacked -> profit" would get eliminated and bitcoin would be ultimately more secure but I have a problem to decide who should judge which coins are tainted and which not.

Imagine somebody selling bitcoin and only getting 70% of the promised [dirty something]. He could claim he got hacked to piss off his business partner who would not go to a court for [dirty something].

In a case as yesterday, I see no problem to count bitcoins as stolen and therefore nonexistent/invalid. But what if the raid is discovered only 3 months later and many people already accepted them? What if gox is forced into blacklisting coins from Iran? Etc ...

I love these thought experiments but I would prefer it were easier to say once and for all coins will never be tainted. Else mining would be the only way to get clean coins for sure. Mining where I get the created coins ... from blocks without fees

You got it.

found something strange while following the stolen coins.  Sent from the thief to many small accounts and one large one.
 http://blockchain.info/address/1EMLwAwseowTkDtKnEHRKrwQvzi4HShxSX

1.01100101 BTC
2.01111 BTC
3.0111 BTC
4.01100101 BTC
5.01100011 BTC
6.011101 BTC
7.001 BTC
116.4569963 BTC
8.01101101 BTC
9.01100001 BTC
10.01110011 BTC
11.01110011 BTC
12.001 BTC
13.011011 BTC
14.01100101 BTC
15.01100001 BTC
16.01101011 BTC
17.001 BTC
18.01110011 BTC
19.01101111 BTC
20.01101111 BTC
21.0110111 BTC

Why would they split it up like that?  are they trying to hide it by making it whole bunch of small transfers?

This is the big problem with blacklisting coins.  Imagine if a thief of a major theft threw 1-2k coins at various pools.  By the time the pool owners became aware of the problem, there could be hundreds/thousands of pool users who now have coins that originated from the theft.  The pool owner could obviously reimburse the party that had coins stolen from them, but that doesn't change the fact that the coins have been distributed to many innocent parties.

There really is no way to blacklist a theft, outside of the original address used to receive the stolen coins.  Anything after that carries the risk of innocent users being accused of being thieves.

VERY big and slippery.

For example, someone recently wanted to know if they had any coins from the famous 10000 btc pizza sale:

http://bitcoin.stackexchange.com/questions/450/is-there-any-way-to-track-an-individual-bitcoin-or-satoshi

Turns out 29% of currently operating bitcoin addresses contain a little pizzacoin magic:


Rejecting stolen coins would only affect the first person to attempt to use the coins, not the thief. If the pizzacoin example is anything to go by, coins are redistributed fairly rapidly. If I'd stolen coins and was worried about exchanges not accepting them, I send bitdust to as many addresses as I could an exchange refusing them would have trouble keeping the rule implemented without pissing off innocent civilians.

thank you.  i will look at it.

If you aren't reimbursed then your bitcoins are already gone. But if you follow the address trail far enough it might eventually end up somewhere legit that might respond to a request for information on the previous link in the chain.

That is one very big slippery slope.

dbdump.py helps:

https://github.com/gavinandresen/bitcointools

Or you can write a html scraper that reloads a http://blockexplorer.com/address/ page, follows the address trail automatically and saves to a dataframe. Good luck making a visualisation though.

so my bitcoins are gone forever?  why would I want to use it then if I can't get stolen bitcoins back?

You can do it with software.  It is merely a chain of TX's.

One wonders how quickly wallet theft would disappear, if the other major exchanges started rejecting well known, stolen coins.

They are on the move again.

http://blockchain.info/tx-index/5484758/c141115ff13ad9331e0d46776d850f06083a60fab88b15a2a2df35f2fdf565da

Seven 2600 btc transactions, and that one for 347.66367623 BTC goes to
http://blockchain.info/address/1EMLwAwseowTkDtKnEHRKrwQvzi4HShxSX  which then has splits into a bunch of smaller transactions. WTF? how do you follow this many splits?