every exchange will be hacked? - page 2.

Beliathon

hero member

Activity: 784

Merit: 1000

https://youtu.be/PZm8TTLR2NU

Quote from: DeathAndTaxes on March 26, 2014, 09:13:13 PM

You could just use an exchange which never holds a single satoshi belonging to users. Kinda hard to steal (or "steal") what isn't there.

You could also just pool all the money in the world into one public address that we all used together.

Teach a culture of humility and compassion to our children, end the dog-eat-dog wage-slave ratrace bullshit of capitalism. The end of empires. Of poverty and war. And borders.

Be honest with the next generation about how badly we've mismanaged this project called "Earth", and they just might be able to fix it.

escrowguy

member

Activity: 99

Merit: 10

I found this when I searched for the new heartbleed bug
http://pastebin.com/Zaaun8kz
Hope It's not true. Shocked

dave111223

legendary

Activity: 1190

Merit: 1001

Crypto-exchange is a constant tug of war between convenience and safety.

For every convenience to the users there is a security trade off, example:

Customers want instant withdraws = Automated withdraws = not checked by human eyes = more risky

Customers want large amount of funds available quickly = Large hot wallet = more risky

Customers want more ways to deposit money = exchange start using questionable funding sources or countries = more risky

Those exchanges which lean too far over onto the side of convenience inevitably end up getting cleaned out.

You may be thinking "Yay my deposits hit my balance in 1 confirmation, and my withdrawals hit the blockchain in 5 seconds"....instead you should be worried.

monsterer

legendary

Activity: 1008

Merit: 1007

Quote from: ning on March 28, 2014, 06:25:41 AM

There's a possible solution to this: pull all the funds off-line and ask customers to digitally sign all the actions (buy orders, sell orders, and order cancellations, etc.), and perform manual withdrawal.

Having everything on chain? Yes, this is indeed a solution of a kind, but it poses problems:

* Atomicity of trades (you can no longer rely on your database to help you here)
* High per-trade fees (standard coin transaction fees)
* Bloated blockchains

Cheers, Paul.

ning

full member

Activity: 173

Merit: 100

There's a possible solution to this: pull all the funds off-line and ask customers to digitally sign all the actions (buy orders, sell orders, and order cancellations, etc.), and perform manual withdrawal.

Icardi09

sr. member

Activity: 476

Merit: 250

the hacker was from inside exchanger, i'm sure about it Grin

they will run with your BTC

monsterer

legendary

Activity: 1008

Merit: 1007

Quote from: DeathAndTaxes on March 26, 2014, 10:40:03 PM

I guess I should be less subtle. BitSimple never hold any customer bitcoins. Your coins stay in your wallet, under your control, where they belong IMHO.

"BitSimple isn't an exchange, it is a direct broker for bitcoins."

Presumably meaning you're selling OTC, which means you have no need to hold customer's funds anyway. An exchange must work differently, as I'm sure you're well aware.

Amitabh S

legendary

Activity: 1001

Merit: 1005

yes ... sooner or later.

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Quote from: Satosh¡ Slot on March 26, 2014, 09:58:10 PM

Quote from: DeathAndTaxes on March 26, 2014, 09:13:13 PM

You could just use an exchange which never holds a single satoshi belonging to users. Kinda hard to steal (or "steal") what isn't there.

There's a reason today's exchanges are off the blockchain. They talked about it today on the CoinSummit. I'm not saying that an exchange that works on the blockchain is impossible, but it would be quite a complicated thing to pull off, and fita holdning would still be subject to fractional banking — Just like was the case with MtGox! (They blaimed fiat delays on the banks but in reality were probably using other customer's funds to fill Bitcoin withdrawals)

I guess I should be less subtle. BitSimple never hold any customer bitcoins. Your coins stay in your wallet, under your control, where they belong IMHO.

jubalix

legendary

Activity: 2618

Merit: 1022

I am kind of coming to this conclusion for conventional exchanges. But its not fatal

you just have a very short small exposure on any exchange at any time, so you can afford to loose that amount during the hack

get in and out of the exchange quickly with small amounts.

Cyprto P2P exchanges are on the way eg nxt.

also checksums that allow total BTC holding of an exchange will become the norm. Eg every person that send in BTC and withdraws will go through a set clearing addresses, so you can keep track of how much the exchange has.

This ensures you can tell if they have fractional reserve going on....though it does still not stop them from running off with an internal address, though it would make the claim that they have been hacked harder as you could see where the BTC was, they would have to convince you they had lost the private key.

A bitcoin tech based exchange will be much safer imho, and is the next step, even though they are no real P2P until they get the fiat side in as well.

BitEscrow

newbie

Activity: 42

Merit: 0

Yeah, it's because people here have no fucking clue what is a scam and what isn't. If you retards didn't trust everything you read we wouldn't be hearing about this.

Satosh¡ Slot

full member

Activity: 164

Merit: 100

Indie Developer

Quote from: DeathAndTaxes on March 26, 2014, 09:13:13 PM

You could just use an exchange which never holds a single satoshi belonging to users. Kinda hard to steal (or "steal") what isn't there.

There's a reason today's exchanges are off the blockchain. They talked about it today on the CoinSummit. I'm not saying that an exchange that works on the blockchain is impossible, but it would be quite a complicated thing to pull off, and fita holdning would still be subject to fractional banking — Just like was the case with MtGox! (They blaimed fiat delays on the banks but in reality were probably using other customer's funds to fill Bitcoin withdrawals)

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

You could just use an exchange which never holds a single satoshi belonging to users. Kinda hard to steal (or "steal") what isn't there.

Satosh¡ Slot

full member

Activity: 164

Merit: 100

Indie Developer

I think the incentives to claim they're hacked and run with the money is just to big, considering that it's impossible to prove that the hacking were inside jobs.

Quote from: Satosh¡ Slot on March 25, 2014, 11:41:08 PM

MtGox is not the first exchange were owners claimed they were robbed, ran with the money and later gave the victims part of the money back:

Quote

According to an anonymous high-profile source, the first and original bitcoin scam was the online coin wallet Mybitcoin.com. People would deposit hundreds of thousands of coins there, as the currency was new and hundreds of thousands of coins weren’t yet worth a lot.

Then, on July 29, 2011, the site went blank, just like the Gox website did. People panicked and gradually accepted a catastrophic loss of funds.

On August 11, 14 days later, the site came back online and declared – just like Gox – that they “had been hacked”, had filed for bankruptcy protection, just like Gox, but “had managed to recover” 49% of the funds. People could fill out claim forms to recover these funds – 49% of their original balance. As this was enough time for most people to internalize the loss, they were happy again at the sudden windfall; things suddenly weren’t as bad as they had seemed. In the meantime, the anonymous person who ran mybitcoin.com disappeared with a huge amount of money, according to the source.

In other words, the scam cynically exploited people’s loss and grief to actually make them happy when they got something back. Most “hacks” of bitcoin sites since then have actually been copycat scams of mybitcoin.com, again according to this source. - See more at: http://www.dailytech.com/Bitcoin+King+Pt+II+Mt+Goxs+Dictator+Karpels+Proves+Tragically+Flawed/article34452.htm#sthash.upwWVHJk.dpuf

TheButterZone

legendary

Activity: 3010

Merit: 1031

RIP Mommy

Add Bitfloor to OP

durrrr

sr. member

Activity: 434

Merit: 251

i think that eventually things will stop getting hacked and things will calm down. people have to be working on fixing these things daily ya know.

escrowguy

member

Activity: 99

Merit: 10

Quote from: wo4baba on March 26, 2014, 08:14:37 PM

every exchange will steal btc, that's almost for sure, unless those suckers will be put a price on their heads by all community victims, otherwise, better buy and send it your private pc wallet

0.5 Bounty for cryptorush hackers!

wo4baba

newbie

Activity: 23

Merit: 0

every exchange will steal btc, that's almost for sure, unless those suckers will be put a price on their heads by all community victims, otherwise, better buy and send it your private pc wallet

irrational

newbie

Activity: 56

Merit: 0