[Full Disclosure] Live mtgox.com trade matching bug.

Dirt Rider

member

Activity: 111

Merit: 10

Quote from: akcom on June 28, 2011, 08:19:11 PM

I really appreciate people bringing this out in the open. I'd rather know how insecure my trading platform is so I can make an informed decision to take my business somewhere else.

Thanks to the OP for keeping us in the loop!

You do realize that there really was no problem to begin with, right? This is complete BS and should simply be ignored.

akcom

newbie

Activity: 24

Merit: 0

I really appreciate people bringing this out in the open. I'd rather know how insecure my trading platform is so I can make an informed decision to take my business somewhere else.

Thanks to the OP for keeping us in the loop!

CurbsideProphet

hero member

Activity: 672

Merit: 500

Dear MtGox:

Nescio

jr. member

Activity: 56

Merit: 1

Quote from: psyborgue on June 28, 2011, 12:08:27 PM

Well. I hope OP is happy he got what he wanted:

http://www.thinq.co.uk/2011/6/28/mt-gox-flaw-opens-door-free-bitcoins/

This isn't any kind of serious journalism, it's some dyslexic hit piece ("psuedo-currency", also check out the article heading beneath: "Court scambles to accommdate Ryan Cleary" - noone even proof reads this stuff).

BTW, respect to OP's convictions.

Tasty Champa

member

Activity: 84

Merit: 10

thread went from this:

to this:

dazedtrader

newbie

Activity: 25

Merit: 0

Quote from: bolapara on June 28, 2011, 05:35:53 PM

Guys, the hate isn't necessary. Full Disclosure vs. other methods is a (computer) age old debate that is like arguing Right Wing politics vs. Left Wing. No one is right, no one is wrong. They are opinions on how to handle these situations. If MtGox wants people to minimize impact of disclosed security vulnerabilities, they need to fix them promptly. I assume they are doing so.

Absolutely. And what people don't seem to realize is that Full Disclosure is infinitely better than No Disclosure, which was another option open to the OP.

Shinobi

full member

Activity: 196

Merit: 100

Quote

I really doubt either of you have the slightest clue what "anarchist philosophy" actually is.

Only to the extent that self-professed anarchists don't. Its always such an elusive thing, as every time something about it is mentioned, someone will conveniently float in to say that this or that "isn't true anarchist thought".

BitterTea

sr. member

Activity: 294

Merit: 250

Quote from: Shinobi on June 28, 2011, 05:29:24 PM

Quote

I've seen things get fractured like this before in other like minded anarchist underground communities, it creates an us versus them mentality against it's very own, which essentially destroys the entire community, partitioning it into very small stagnant circle jerks.

I'm not surprised, as this is the logical conclusion of anarchist philosophy.

I really doubt either of you have the slightest clue what "anarchist philosophy" actually is.

bolapara

member

Activity: 78

Merit: 10

Guys, the hate isn't necessary. Full Disclosure vs. other methods is a (computer) age old debate that is like arguing Right Wing politics vs. Left Wing. No one is right, no one is wrong. They are opinions on how to handle these situations. If MtGox wants people to minimize impact of disclosed security vulnerabilities, they need to fix them promptly. I assume they are doing so.

Shinobi

full member

Activity: 196

Merit: 100

Quote

I've seen things get fractured like this before in other like minded anarchist underground communities, it creates an us versus them mentality against it's very own, which essentially destroys the entire community, partitioning it into very small stagnant circle jerks.

I'm not surprised, as this is the logical conclusion of anarchist philosophy.

KMBTC11

newbie

Activity: 57

Merit: 0

I've finally had enough of MtGox. Orders not executing, security issues, poor communication, bugs and God knows what else have eroded my trust. Until they get their act together and fix these lingering problems I'm moving out of their exchange.

MT, if you're reading this, best of luck. I'm taking my ball and going home.

(read I took the small amount of cash and BTCs in my MtGox account and moved them to other exchange accounts I use)

Tasty Champa

member

Activity: 84

Merit: 10

Quote from: Shinobi on June 28, 2011, 03:09:06 PM

Everyone here who is mad because something less-than-perfect was disclosed and may threaten their investment is an absolute FOOL and are behaving in the same way as the investment bankers who tried to cover up the imperfections in the real market. Yet many of you are the same anti-establishment zealots who wear your militia jackets and talk about the underhanded skulduggery of the Federal Reserve and the powers-that-be. Look at yourselves.

I've seen things get fractured like this before in other like minded anarchist underground communities, it creates an us versus them mentality against it's very own, which essentially destroys the entire community, partitioning it into very small stagnant circle jerks.
You might think you are doing a favor to justice, but really it's just reaping what you sow.

Tasty Champa

member

Activity: 84

Merit: 10

Quote from: davout on June 28, 2011, 06:19:53 AM

Quote from: Tasty Champa on June 28, 2011, 06:17:43 AM

I'm assuming everyone is behind i2p, swarm and/or the onion router, reading this through lynx/links correct?

There is discrepancy between your imagination and reality.

You imply this forum is secure?

Shinobi

full member

Activity: 196

Merit: 100

Everyone here who is mad because something less-than-perfect was disclosed and may threaten their investment is an absolute FOOL and are behaving in the same way as the investment bankers who tried to cover up the imperfections in the real market. Yet many of you are the same anti-establishment zealots who wear your militia jackets and talk about the underhanded skulduggery of the Federal Reserve and the powers-that-be. Look at yourselves.

TraderTimm

legendary

Activity: 2408

Merit: 1121

Someone's 15 minutes of 'fame' are over, but like a bad houseguest, he just doesn't get the hint he should head home.

Maybe this will help:

"Okay, you are super-smart, good job propeller-head. Now go away."

Dirt Rider

member

Activity: 111

Merit: 10

Quote from: jrmithdobbs on June 28, 2011, 02:16:13 PM

If you're so worried feel free to stop using the services provided by companies with horrible security records or, as previously stated, petition said service providers to open their code and/or make public the results of 3rd party code/security audits.

So what alternative services would you recommend, that are guarenteed to be perfect?

BTC Economist

member

Activity: 112

Merit: 10

I applaud the OP. The idiots who still trust in Mt Gox deserve to get defrauded in every way possible. I'd recommend informing hacker forums every time you find an exploit in that shithole of a business.

jrmithdobbs

newbie

Activity: 67

Merit: 0

Quote from: Dirt Rider on June 28, 2011, 02:02:16 PM

I for one hope that when/if someone does discover some potentially damaging exploit that they won't put us all at risk by instantly sharing it with everyone, including those who will jump at an opportunity to take advantage, at least until site admin has had an opportunity to take action.

If you're so worried feel free to stop using the services provided by companies with horrible security records or, as previously stated, petition said service providers to open their code and/or make public the results of 3rd party code/security audits.

To everyone sending me hate-filled PMs:

I don't care. See the above.

Additionally:

It is not my responsibility to enforce responsible journalism. If the blog d'jour is posting ill-informed "articles" about your pet bitcoin project, petition them to hold themselves to a higher standard of journalism.

I thought this forum was full of lolbertarians who believe in "absolutely free market capitalism?" Vote with your feet and your wallet.

Oh wait, I get it, your idealistic "free market" concepts only apply when they work in your favor. Brilliant!

Dirt Rider

member

Activity: 111

Merit: 10

I don't think anyone is suggesting anything but truth and honesty and disclosure, but when someone doesn't even give the site admin a chance to correct a potential problem (good thing this wasn't actually a serious exploit), they are just being irresponsible towards the users of the site in question and the community as a whole. I for one hope that when/if someone does discover some potentially damaging exploit that they won't put us all at risk by instantly sharing it with everyone, including those who will jump at an opportunity to take advantage, at least until site admin has had an opportunity to take action.

bitsnbytes

newbie

Activity: 7

Merit: 0

Quote from: MagicalTux on June 27, 2011, 11:05:34 PM

Quote from: jrmithdobbs on June 27, 2011, 10:55:41 PM

I cannot guarantee this order will execute but from everything I've observed about the new trade matching code I have no reason to believe it will not.

It will not execute, and I told you it'll be fixed in a couple of hours. Thanks for disclosing this before.

Yes, it is all our fault:

Quote

Today 16:51 GMT on #mtgox
anyone know what that weird spike around 18:00 is? looks erroneous to me, no? it went up to 17.52 apparently, but my order at 17.25 did not get filled.
molecular: it's the closing of a bug, some orders were blocked and are now freed

It is because we let such people have our money!

Topic: [Full Disclosure] Live mtgox.com trade matching bug. (Read 15309 times)