Author

Topic: every exchange will be hacked? (Read 2849 times)

sr. member
Activity: 476
Merit: 250
April 12, 2014, 01:24:47 AM
#41
Every exchange undoubtedly is going to have an attempt at hacking it. I don't know if every exchange WILL be hacked although.
yeah especially smaller exchanger with lower security
minimum attemp is DDOS that website
member
Activity: 99
Merit: 10
April 12, 2014, 01:21:48 AM
#40
I found this when I searched for the new heartbleed bug
http://pastebin.com/Zaaun8kz
Hope It's not true.  Shocked

Let's send $500 to some anonymous guy who posted a pastebin, great idea!
I will write an email to every email address from the short leak. I will show them all the informations (ip phone numbers, name etc.) what are included in the leak, if they said this is legit the pastebin is also legit.
they not response a day ago maybe they think its a phishing action Cheesy. I suggest password change for everybody.
legendary
Activity: 1540
Merit: 1029
April 10, 2014, 04:27:52 PM
#39
Every exchange undoubtedly is going to have an attempt at hacking it. I don't know if every exchange WILL be hacked although.
newbie
Activity: 42
Merit: 0
April 10, 2014, 04:24:36 PM
#38
Blockchain's next, hurrhurr
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
April 10, 2014, 04:23:37 PM
#37
You could just use an exchange which never holds a single satoshi belonging to users.  Kinda hard to steal (or "steal") what isn't there.
You could also just pool all the money in the world into one public address that we all used together.

Teach a culture of humility and compassion to our children, end the dog-eat-dog wage-slave ratrace bullshit of capitalism. The end of empires. Of poverty and war. And borders.

Be honest with the next generation about how badly we've mismanaged this project called "Earth", and they just might be able to fix it.


That's called communism.  It's been tried and it generally has failed.

This is a mistake of mixing levels.

Humility and compassion are powerful spiritual principles,
however those principles are not mutually exclusive
with value-creation and business dynamics.

Most of the things that make life comfortable and enjoyable
are the results of competitive business and mass marketing.
(Even homeless people in America today are enjoying
their mobile devices.)

That didn't happen by accident.  It happened as a result of
people and companies wanting to make money by
creating products and services that other people
are willing to pay for in the marketplace.

Communist societies have failed because people
were de-incentived to work hard, rather than
being rewarded for hard work in creating wealth and jobs.

The solution is not putting all wealth in one account.
People are too greedy and selfish for that to work right now.
Perhaps in another eon, when we all have all evolved
spiritually.  

The "ratrace" dynamics are not
the result of capitalism because capitalism doesn't
exist anymore.  Instead, in America, we have corporatism,
which combines some free market dynamics with
a lot of beuracracy, regulation, and political cronyism.

This is essentially fascism.  Fascism and communism
are two sides of the same coin....ultimately both relying
on force and coercion against innocent value producers.

The deepest layer of exploitation comes from the money
system itself.  As Thomas Jefferson famously said:  "I believe that
banking institutions are more dangerous to our liberties than standing armies."

It is therefore in Bitcoin that lies society's greatest hope
of evolving to the next level of freedom.

member
Activity: 99
Merit: 10
April 10, 2014, 03:16:26 PM
#36
I found this when I searched for the new heartbleed bug
http://pastebin.com/Zaaun8kz
Hope It's not true.  Shocked

Let's send $500 to some anonymous guy who posted a pastebin, great idea!
I will write an email to every email address from the short leak. I will show them all the informations (ip phone numbers, name etc.) what are included in the leak, if they said this is legit the pastebin is also legit.
newbie
Activity: 56
Merit: 0
April 10, 2014, 07:16:39 AM
#35
I think every exchange will become the next one, sooner or later!
b!z
legendary
Activity: 1582
Merit: 1010
April 10, 2014, 04:37:21 AM
#34
I found this when I searched for the new heartbleed bug
http://pastebin.com/Zaaun8kz
Hope It's not true.  Shocked

Let's send $500 to some anonymous guy who posted a pastebin, great idea!
sr. member
Activity: 364
Merit: 250
April 10, 2014, 04:10:25 AM
#33
What has been proven is that Bitcoin trading sites can be hacked.  
 There is more than one way a hacker could benefit. A hacker working for a government could steal the coins just to make them less desirable to own or trade in. Such a hacker’s motivation would be to eliminate digital currencies as viable. Numerous central banks and governments are so motivated (China?).A group who borrowed Bitcoin or shorted Bitcoin could profit from a hack as they repay their loans in cheaper Bitcoin. A hacker assisted carry trade.Finally there is the classic motivation to steal and turn your stolen Bitcoin in to paper currencies or other easily moved assets. 
member
Activity: 99
Merit: 10
April 10, 2014, 03:56:18 AM
#32
I found this when I searched for the new heartbleed bug
http://pastebin.com/Zaaun8kz
Hope It's not true.  Shocked

That better not be true... Anyone got 1 BTC to spare? xD
Bad news if that is true for sure.
changed my password on bitstamp for sure
hero member
Activity: 812
Merit: 1000
April 10, 2014, 01:28:35 AM
#31
I found this when I searched for the new heartbleed bug
http://pastebin.com/Zaaun8kz
Hope It's not true.  Shocked

That better not be true... Anyone got 1 BTC to spare? xD
Bad news if that is true for sure.
member
Activity: 99
Merit: 10
April 10, 2014, 01:23:32 AM
#30
I think its a big news (or a big scam Cheesy), but nobody replyed. Should I make a new topic for this? Bitstamp was really vulnerable for heartbleed bug?
member
Activity: 99
Merit: 10
member
Activity: 99
Merit: 10
April 09, 2014, 03:28:40 PM
#28
I found this when I searched for the new heartbleed bug
http://pastebin.com/Zaaun8kz
Hope It's not true.  Shocked
I sent him an email to show me proof. If he response i will post it.
phm
full member
Activity: 378
Merit: 110
DATABLOCKCHAIN.IO SALE IS LIVE | MVP @ DBC.IO
April 09, 2014, 03:48:15 AM
#27
mtgox, coinex.pw, vircurex, cryptorush  Embarrassed
Whats next? Cry

No, I do not believe every exchange will be hacked.
The ones with the best security will win (long-term) in a free-market.

Bitcurex has been recently hacked too, also c-cex and poloniex. Many exchanges have ridiculous security level on launch. I remember one that kept sending me funds for every page reload during withdrawal. I didn't even notice it (kept reloading because I was getting some timeout errors or sth), only later I found about it when the owner contacted me, so I returned the funds.
legendary
Activity: 2114
Merit: 1040
A Great Time to Start Something!
April 09, 2014, 03:29:05 AM
#26
mtgox, coinex.pw, vircurex, cryptorush  Embarrassed
Whats next? Cry

No, I do not believe every exchange will be hacked.
The ones with the best security will win (long-term) in a free-market.
legendary
Activity: 1008
Merit: 1007
April 09, 2014, 02:41:38 AM
#25
Open source exchanges will help with security too.

Actually, this is a two edged sword. If you open up your code, you get peer reviews which is good, but you also give away in explicit detail how everything works including any vulnerabilities which are likely to get spotted first by hackers.
legendary
Activity: 1260
Merit: 1029
April 09, 2014, 01:29:21 AM
#24
Open source exchanges will help with security too.
hero member
Activity: 632
Merit: 500
April 09, 2014, 01:26:40 AM
#23
...Every exchange but the coming decentralized exchanges.

Because users hold the private keys a hack on a decentralized exchange is impossible.

In the meantime there's no reason central exchanges could not architect their system with multi-sig wallets... making a hack on them impossible too.

(For every problem there is a solution!)
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
April 09, 2014, 12:50:15 AM
#22
You could just use an exchange which never holds a single satoshi belonging to users.  Kinda hard to steal (or "steal") what isn't there.

There's a reason today's exchanges are off the blockchain. They talked about it today on the CoinSummit. I'm not saying that an exchange that works on the blockchain is impossible, but it would be quite a complicated thing to pull off, and fita holdning would still be subject to fractional banking — Just like was the case with MtGox! (They blaimed fiat delays on the banks but in reality were probably using other customer's funds to fill Bitcoin withdrawals)

I guess I should be less subtle.  BitSimple never hold any customer bitcoins.  Your coins stay in your wallet, under your control, where they belong IMHO.

It is cool that you run a bitcoin brokerage and are also active on the forum.  I appreciate your posts.
hero member
Activity: 784
Merit: 1000
https://youtu.be/PZm8TTLR2NU
April 09, 2014, 12:49:15 AM
#21
You could just use an exchange which never holds a single satoshi belonging to users.  Kinda hard to steal (or "steal") what isn't there.
You could also just pool all the money in the world into one public address that we all used together.

Teach a culture of humility and compassion to our children, end the dog-eat-dog wage-slave ratrace bullshit of capitalism. The end of empires. Of poverty and war. And borders.

Be honest with the next generation about how badly we've mismanaged this project called "Earth", and they just might be able to fix it.
member
Activity: 99
Merit: 10
April 09, 2014, 12:16:36 AM
#20
I found this when I searched for the new heartbleed bug
http://pastebin.com/Zaaun8kz
Hope It's not true.  Shocked
legendary
Activity: 1190
Merit: 1001
March 29, 2014, 09:49:40 AM
#19
Crypto-exchange is a constant tug of war between convenience and safety.

For every convenience to the users there is a security trade off, example:

Customers want instant withdraws = Automated withdraws = not checked by human eyes = more risky

Customers want large amount of funds available quickly = Large hot wallet = more risky

Customers want more ways to deposit money = exchange start using questionable funding sources or countries = more risky

Those exchanges which lean too far over onto the side of convenience inevitably end up getting cleaned out.


You may be thinking "Yay my deposits hit my balance in 1 confirmation, and my withdrawals hit the blockchain in 5 seconds"....instead you should be worried.
legendary
Activity: 1008
Merit: 1007
March 29, 2014, 06:32:54 AM
#18
There's a possible solution to this: pull all the funds off-line and ask customers to digitally sign all the actions (buy orders, sell orders, and order cancellations, etc.), and perform manual withdrawal.

Having everything on chain? Yes, this is indeed a solution of a kind, but it poses problems:

* Atomicity of trades (you can no longer rely on your database to help you here)
* High per-trade fees (standard coin transaction fees)
* Bloated blockchains

Cheers, Paul.
full member
Activity: 173
Merit: 100
March 28, 2014, 05:25:41 AM
#17
There's a possible solution to this: pull all the funds off-line and ask customers to digitally sign all the actions (buy orders, sell orders, and order cancellations, etc.), and perform manual withdrawal.
sr. member
Activity: 476
Merit: 250
March 27, 2014, 03:24:40 AM
#16
the hacker was from inside exchanger, i'm sure about it  Grin
they will run with your BTC
legendary
Activity: 1008
Merit: 1007
March 27, 2014, 03:20:47 AM
#15
I guess I should be less subtle.  BitSimple never hold any customer bitcoins.  Your coins stay in your wallet, under your control, where they belong IMHO.

"BitSimple isn't an exchange, it is a direct broker for bitcoins."

Presumably meaning you're selling OTC, which means you have no need to hold customer's funds anyway. An exchange must work differently, as I'm sure you're well aware.
legendary
Activity: 1001
Merit: 1005
March 27, 2014, 02:00:32 AM
#14
yes ... sooner or later.
donator
Activity: 1218
Merit: 1079
Gerald Davis
March 26, 2014, 09:40:03 PM
#13
You could just use an exchange which never holds a single satoshi belonging to users.  Kinda hard to steal (or "steal") what isn't there.

There's a reason today's exchanges are off the blockchain. They talked about it today on the CoinSummit. I'm not saying that an exchange that works on the blockchain is impossible, but it would be quite a complicated thing to pull off, and fita holdning would still be subject to fractional banking — Just like was the case with MtGox! (They blaimed fiat delays on the banks but in reality were probably using other customer's funds to fill Bitcoin withdrawals)

I guess I should be less subtle.  BitSimple never hold any customer bitcoins.  Your coins stay in your wallet, under your control, where they belong IMHO.
legendary
Activity: 2632
Merit: 1023
March 26, 2014, 09:04:17 PM
#12
I am kind of coming to this conclusion for conventional exchanges. But its not fatal

you just have a very short small exposure on any exchange at any time, so you can afford to loose that amount during the hack

get in and out of the exchange quickly with small amounts.

Cyprto P2P exchanges are on the way eg nxt.

also checksums that allow total BTC holding of an exchange will become the norm. Eg every person that send in BTC and withdraws will go through a set clearing addresses, so you can keep track of how much the exchange has.

This ensures you can tell if they have fractional reserve going on....though it does still not stop them from running off with an internal address, though it would make the claim that they have been hacked harder as you could see where the BTC was, they would have to convince you they had lost the private key.

A bitcoin tech based exchange will be much safer imho, and is the next step, even though they are no real P2P until they get the fiat side in as well.
newbie
Activity: 42
Merit: 0
March 26, 2014, 09:01:10 PM
#11
 Yeah, it's because people here have no fucking clue what is a scam and what isn't. If you retards didn't trust everything you read we wouldn't be hearing about this.
full member
Activity: 164
Merit: 100
Indie Developer
March 26, 2014, 08:58:10 PM
#10
You could just use an exchange which never holds a single satoshi belonging to users.  Kinda hard to steal (or "steal") what isn't there.

There's a reason today's exchanges are off the blockchain. They talked about it today on the CoinSummit. I'm not saying that an exchange that works on the blockchain is impossible, but it would be quite a complicated thing to pull off, and fita holdning would still be subject to fractional banking — Just like was the case with MtGox! (They blaimed fiat delays on the banks but in reality were probably using other customer's funds to fill Bitcoin withdrawals)
donator
Activity: 1218
Merit: 1079
Gerald Davis
March 26, 2014, 08:13:13 PM
#9
You could just use an exchange which never holds a single satoshi belonging to users.  Kinda hard to steal (or "steal") what isn't there.
full member
Activity: 164
Merit: 100
Indie Developer
March 26, 2014, 08:12:19 PM
#8
I think the incentives to claim they're hacked and run with the money is just to big, considering that it's impossible to prove that the hacking were inside jobs.

MtGox is not the first exchange were owners claimed they were robbed, ran with the money and later gave the victims part of the money back:

Quote
According to an anonymous high-profile source, the first and original bitcoin scam was the online coin wallet Mybitcoin.com. People would deposit hundreds of thousands of coins there, as the currency was new and hundreds of thousands of coins weren’t yet worth a lot.

Then, on July 29, 2011, the site went blank, just like the Gox website did. People panicked and gradually accepted a catastrophic loss of funds.

On August 11, 14 days later, the site came back online and declared – just like Gox – that they “had been hacked”, had filed for bankruptcy protection, just like Gox, but “had managed to recover” 49% of the funds. People could fill out claim forms to recover these funds – 49% of their original balance. As this was enough time for most people to internalize the loss, they were happy again at the sudden windfall; things suddenly weren’t as bad as they had seemed. In the meantime, the anonymous person who ran mybitcoin.com disappeared with a huge amount of money, according to the source.

In other words, the scam cynically exploited people’s loss and grief to actually make them happy when they got something back. Most “hacks” of bitcoin sites since then have actually been copycat scams of mybitcoin.com, again according to this source. - See more at: http://www.dailytech.com/Bitcoin+King+Pt+II+Mt+Goxs+Dictator+Karpels+Proves+Tragically+Flawed/article34452.htm#sthash.upwWVHJk.dpuf
legendary
Activity: 3038
Merit: 1032
RIP Mommy
March 26, 2014, 08:00:44 PM
#7
Add Bitfloor to OP
sr. member
Activity: 434
Merit: 251
March 26, 2014, 07:59:17 PM
#6
i think that eventually things will stop getting hacked and things will calm down. people have to be working on fixing these things daily ya know.
member
Activity: 99
Merit: 10
March 26, 2014, 07:30:47 PM
#5
every exchange will steal btc, that's almost for sure, unless those suckers will be put a price on their heads by all community victims, otherwise, better buy and send it your private pc wallet
0.5 Bounty for cryptorush hackers!
newbie
Activity: 23
Merit: 0
March 26, 2014, 07:14:37 PM
#4
every exchange will steal btc, that's almost for sure, unless those suckers will be put a price on their heads by all community victims, otherwise, better buy and send it your private pc wallet
newbie
Activity: 56
Merit: 0
March 26, 2014, 07:08:23 PM
#3
mtgox, coinex.pw, vircurex, cryptorush  Embarrassed
Whats next? Cry

This is why Coinbase hired the Facebook security directory.
full member
Activity: 126
Merit: 100
March 26, 2014, 07:06:20 PM
#2
What makes you think every exchange will be hacked?
member
Activity: 99
Merit: 10
March 26, 2014, 06:49:11 PM
#1
mtgox, coinex.pw, vircurex, cryptorush  Embarrassed
Whats next? Cry
Jump to: