Pages:
Author

Topic: [Full Disclosure] Live mtgox.com trade matching bug. - page 2. (Read 15367 times)

jr. member
Activity: 42
Merit: 2
Although I dont share the timing of the OP disclosure, I would rather encourage total (and sometimes brutal) honesty in our comunity, rather than half truths and compromises.

Our world is mess right now because of too much double standards, compromises, and falsehood (environmentaly, socially, politically), not because of too much honesty.

Once you start to compromise on truth and openness, you will never know exactly where to draw the line between what is a right compromise, and what is a wrong one. The OP may not know how to compromise on honesty, but I would rather prefer to have people like him in our comunity, than not having them. They are the fresh air on opennes our society needs.

member
Activity: 111
Merit: 10
If the original poster can't adjust the original post such that it stops implying there is some exploit, an admin should remove the post all together. 

Are we really sure this isn't a feature?
newbie
Activity: 67
Merit: 0
They're calling it a way to get "free bitcoins".  Good job OP.  I don't suppose you'd "fully disclose" that the "exploit" as you call it, is not, in fact, a way to get "free bitcoins".  I don't suppose you'd bother to correct the misinformation you've fostered.

Read the comments on that article. I posted a gpg signed comment (that got mangled by their crappy site) calling the author out for irresponsible journalism. Before you even posted this. He made no attempt to contact me and only a cursory attempt to contact tux so that he could add a derisive comment in his "article."

Crappy journalist is crappy. Surprise, surprise.
full member
Activity: 196
Merit: 100
How are you blaming the OP? The OP is trying to make trading safer and more accurate. MT has shown that he doesn't do anything unless his hand is forced.
legendary
Activity: 1092
Merit: 1001
I don't even understand why it's a bug. (unless it affects the current price calculations)

I've put in buy orders without the USD to cover it - based on the assumption that the buy would only occur if my sell orders had executed to provide the funds.
It's a feature!
newbie
Activity: 28
Merit: 0
They're calling it a way to get "free bitcoins".  Good job OP.  I don't suppose you'd "fully disclose" that the "exploit" as you call it, is not, in fact, a way to get "free bitcoins".  I don't suppose you'd bother to correct the misinformation you've fostered.

You can't blame him for 'journalists' writing about matter they have little to no knowledge about.

Oh I very much CAN blame him, as he started the false implication.  The journalist was merely repeating (accurately) what he read in the OP.
member
Activity: 111
Merit: 10
CampBX will be open soon. It looks to be the most thoroughly tested of the exchanges.

I was there the other day - allows logins via http!

p.s.  This OP was very much a dick move.  Either a fool or someone intent on causing as much trouble for the Bitcoin community would create such a post without at least giving the site operator a little time to address the issue.
ius
newbie
Activity: 56
Merit: 0
They're calling it a way to get "free bitcoins".  Good job OP.  I don't suppose you'd "fully disclose" that the "exploit" as you call it, is not, in fact, a way to get "free bitcoins".  I don't suppose you'd bother to correct the misinformation you've fostered.

You can't blame him for 'journalists' writing about matter they have little to no knowledge about.
newbie
Activity: 28
Merit: 0
Well.  I hope OP is happy he got what he wanted:

http://www.thinq.co.uk/2011/6/28/mt-gox-flaw-opens-door-free-bitcoins/

They're calling it a way to get "free bitcoins".  Good job OP.  I don't suppose you'd "fully disclose" that the "exploit" as you call it, is not, in fact, a way to get "free bitcoins".  I don't suppose you'd bother to correct the misinformation you've fostered.
newbie
Activity: 67
Merit: 0
He programs large blocks of code and does insufficient testing leaving the community of users to suffer the consequences. MtGox nolonger deserves the privilege of keeping bugs and security flaws private.
He also has (by his own admission) written his own in house mysql DAO code instead of using a public, well vetted one. He say it doesn't use bind values. He doesn't understand why this is bad.:

(This is edited to leave irrelevant pieces out, please feel free to verify with anyone else logging #mtgox.)
Did you fail to read the part about responsible disclosure?
http://en.wikipedia.org/wiki/Responsible_disclosure
They are two separate but related concepts. I subscribe to the former and deem the latter unnecessary in cases such as these where the company in question has a track record like mtgox.
member
Activity: 70
Merit: 10
MagicalTux is really taking all problems seriously, and has been working almost 24 hours per day last week to resolve issues while being bombarded with crap from all sides.

I can honestly say that man has not been working anywhere near 24 hours per week but the last part is true.
legendary
Activity: 1372
Merit: 1008
1davout
I'm assuming everyone is behind i2p, swarm and/or the onion router, reading this through lynx/links correct?
There is discrepancy between your imagination and reality.
member
Activity: 84
Merit: 10
Where are the full disclosure and exploits for this forum?

I'm assuming everyone is behind i2p, swarm and/or the onion router, reading this through lynx/links correct?

shouldn't everyone know what you trannys are up to?
legendary
Activity: 1372
Merit: 1008
1davout
Please leave possible exploits away from the public.
In other words, keep it private.
Work with them behind closed doors.
Definitely no.

Doesn't mean you shouldn't give the code owner a couple of hours to fix it and advertise the deadline.

CampBX will be open soon. It looks to be the most thoroughly tested of the exchanges.
You can only be sure if the source is open Smiley





member
Activity: 84
Merit: 10

Your reasoning is in conflict with your ability to have a fulfilling conversation.
Lashing out at anyone who does not share your viewpoints, is the key motivator for war.
You are authoritarian.

Another non sequitur.

In reference to your own or do you have comprehension issues?
full member
Activity: 154
Merit: 100

Your reasoning is in conflict with your ability to have a fulfilling conversation.
Lashing out at anyone who does not share your viewpoints, is the key motivator for war.
You are authoritarian.

Another non sequitur.
member
Activity: 84
Merit: 10
That is exactly like saying, woman dresses like slut, woman dress like slut gets raped, woman dress like slut gets raped and deserves it.

Could you be any more offencive? I guess thats just your social mores. We know where you stand on gender equality.

Your reasoning is in conflict with your ability to have a fulfilling conversation.
Lashing out at anyone who does not share your viewpoints, is the key motivator for war.
You are authoritarian.
full member
Activity: 154
Merit: 100
That is exactly like saying, woman dresses like slut, woman dress like slut gets raped, woman dress like slut gets raped and deserves it.

Could you be any more offencive? I guess thats just your social mores. We know where you stand on gender equality.
member
Activity: 84
Merit: 10
MT and MtGox have been given every opportunity to to fix their system. Even after being told there were major exploits MT took his time to fix the exploits until the shit hit the fan. It is clear to me that MT is an egotistical programmer. He programs large blocks of code and does insufficient testing leaving the community of users to suffer the consequences. MtGox nolonger deserves the privilege of keeping bugs and security flaws private.

Every bug or security flaw found at MtGox should be disclosed publicly cutting MT out of the loop. If MT didnt know about the flaw then its his fault for not properly testing his system. Its time to leave MtGox for good. Let MtGox wither in their own mismanagement.

CampBX will be open soon. It looks to be the most thoroughly tested of the exchanges.

If you continue to use a known flawed system then its you who deserves what you get. If you drive a cars that is always over heating and the motor burns up, well then you got what you deserved. You knew of the problem but you kept using the car.

Protect yourself and leave MtGox now!

HAHAHAHAH
My Gox what have done Bipolar internetz!
That is exactly like saying, woman dresses like slut, woman dress like slut gets raped, woman dress like slut gets raped and deserves it. O.O /hides
full member
Activity: 154
Merit: 100
MT and MtGox have been given every opportunity to to fix their system. Even after being told there were major exploits MT took his time to fix the exploits until the shit hit the fan. It is clear to me that MT is an egotistical programmer. He programs large blocks of code and does insufficient testing leaving the community of users to suffer the consequences. MtGox nolonger deserves the privilege of keeping bugs and security flaws private.

Every bug or security flaw found at MtGox should be disclosed publicly cutting MT out of the loop. If MT didnt know about the flaw then its his fault for not properly testing his system. Its time to leave MtGox for good. Let MtGox wither in their own mismanagement.

CampBX will be open soon. It looks to be the most thoroughly tested of the exchanges.

If you continue to use a known flawed system then its you who deserves what you get. If you drive a cars that is always over heating and the motor burns up, well then you got what you deserved. You knew of the problem but you kept using the car.

Protect yourself and leave MtGox now!
Pages:
Jump to: