Topic: [GLBSE] Introducing: Bitcoin Syndicate, a new mining op trading publicly! - page 4. (Read 23339 times)

Any status updates? Dividends from remaining hashing power? Properly redacted police report regarding MTGox theft?

https://mtgox.com/press_release_20120605.html
gox supported google authenticator as early as june 05
hindsight 20/20

https://bitcointalk.org/index.php?topic=95738.0;topicseen
another reused password leads to pwned gox account.

Just a quick update. Still nothing from the police, and I did get the MTGOX Evidence packet, it didn't really tell me anything new other than verify that in the logs the attack came in the stated number of attempts over a couple days. It will be more useful to provide to the police to simplify their job (and hopefully get more traction from them). Also the previous login attempts did come from random IP addresses all over the place.

Interesting enough, I got an email from mtgox yesterday offering me a free yubikey (due to the "rash of security and hacking issues lately") whatever that means. Seemed to be a general form letter they sent out to several customers, and not directly related to the syndicate. Too bad they didn't offer that a month ago...

Anyway, that aside, I'm working on a couple other angles that may result in returning some of the mining power we lost. I don't want to get people's hopes up, so I won't go into detail, but if it pans out it won't quite be back to full strength, but it will be a good boost in the right direction.

Thanks again for your patience.

I completely understand that it will take some time to get an actual police report, in no way did I mean release proof immediately. IMO, when you can get a copy post it on the BTCSYN forum and a link to the post here.

Hearing how closely you were working with Enterpoint I can see why you felt confident swapping hardware out. Shame they were not able to accept your payment in bitcoins in a reasonable timeframe.

Hey, to clarify the decision process there in point form (I believe most of this was clarified in either the discussion about, or the actual motion thread itself, but I may be wrong):
- I was working closely with Enterpoint from before their release
- I was working on a bitstream for their boards which should perform very well
- I was the FIRST person not from Enterpoint to have my hands on a cairnsmore board for development (board serial #0001, first one off the lines). I was well aware of the hardware state, and it's capabilities.
- I was also well aware of their capabilities to release a very high power bitstream
- The hardware was designed to be 100% compatible with an out of the box icarus bitstream, but with twice the FPGA chips it would be twice as powerful as an icarus with no bitstream needed
- Unfortunately what we didn't know when making the decision was a small error was made (swapping the tx/rx pins between first and second fpga for each icarus chain) which made it incompatible.
- I'm also the one who developed the current bitstream for the cairnsmore which is a port of the icarus bitstream (which is FAR more difficult than you would think).
- I'm also currently working on a "fixed" version of the icarus port, in addition to a new completely unique bitstream for the cairnsmore (in parallel to the same effort going on at Enterpoint).
- Regardless, we were having major stability issues with our Icarus boards. Mostly due to the flaky usb chip used by ngzhang (which he admitted he would be replacing in the next gen).
- The cairnsmore boards not only had a nicer "industry standard" FTDI chip, but it was a high end, and capable chip. In addition to their Controller FPGA, and some infrastructure they added, their boards were far superior for stability.
- The cairnsmore boards carry a warranty far superior to Icarus.
- Once the cairnsmore attains it's "potential". It will be at LEAST equal to 2x an icarus, but with the strong suspicion that it will be more like 3x an icarus board in the end
- With this all said, the cairnsmore board is overall far superior to the icarus boards. Even at full retail of $950 USD (compared to over $500 USD per icarus)
- We were only getting about 75% yield out of the icarus due to stability and other issues
- Add in the short term discount to $640 on the cairnsmore boards
- Also consider that for a very short window due to unavailability of icarus, and no news on lancelot, there was a spike in the value of an icarus board due to supply/demand
- Because of all the above factors, we were able to offload our icarus boards for what we paid for them, redirect that money into almost 50% discounted cairnsmore.
- With those things considered, if we had NOT had the money stolen, we would have at LEAST seen a match in hashing power during the development phase while working with a sub-par bitstream
- Once a "Real" bitstream was released, we would see at LEAST double the hashing performance we had before, if not triple the hashing power on the best case.
- I think with that information available, the limited risk at the time (I could not have forseen someone hacking the account and stealing the money). It was a no-brainer move.
- We see 1 month of downtime, to double/triple our returns.

That's the reasoning that went into it. So again, at the time, with the information available, it was an extremely smart move. (unfortunately with the money being stolen any potential benefit has been shot to hell)


As for this, I am currently working to make BTCSYN whole. As you say by continuing to operate with the reduced resources, and seeking other means to improve our position to at the very least something resembling where we started out before the liquidation. Best case, we recover the funds, and can get back on track with just the loss of time, but that's a fairly optimistic view at this time.

As for releasing a copy of the police report. I believe I clarified this in one of my posts on one of the threads here but:
- I went to the police station and filed a police report via their "standard" procedure.
- The proof I got from this is a reciept for the police report, bearing the officers name and badge number which took the report, and a case number for the case we now have open.
- I did NOT get a full paper copy of the report.
- I asked if I could get one, they told me they cannot provide that at this time, First it needs to go to an investigator, and later a full report will be produced. At that time I can request a copy for a fee.
- I have not been contacted by them yet to follow up. The officer who took the report told me that it would be going to either Fraud or CyberCrime (or a joint effort between them). And it may be "several weeks" before I hear anything more.
- Unfortunately since there are only 2 data points on the reciept, both of which are potentially sensitive, Blacking those out would kind of defeat the purpose.
- I don't want to release that reciept to the general public, because I don't know if that would negatively impact the investigation (ie hordes of people inundate the officer with questions, harassment, or any other issues, who knows how it could affect it).
- So until I'm contacted by the investigator, and I am told it is safe to release it (and what I can release) I can't do that.
- What I HAVE done, is release a full scan of this reciept to MagicalTux at MTGox, as well as to Nefario at GLBSE. They are both aware of the situation, and the full details, and they have both offered their support in trying to resolve it.
- If you wish to verify that the report is legit, I suggest you contact one of those 2 individuals (and hopefully they are willing to verify for you).

I hope all this info helps clarify the situation for you, and hopefully re-instates some form of trust in me during this difficult process.

Thanks for your understanding.

I hold a few shares of BTCSYN, was looking at the old motions and then wondering at the recent buy/sell activity. Funnily, I wasn't too happy with the liquidate current FPGAs motion when I read it. Turns out that is the source of the stolen funds. May I ask what the reasoning was behind that move? The Cairnsmore1 devices don't even have a full working bitstream yet. Yes I know you can't rewind, but the whole maneuver there is a bit puzzling without some explanation of the reasoning involved.

Glasswalker continuing to work to make BTCSYN whole (by this I mean continuing to operate with the reduced resources) and also posting a copy of the police report in a timely fashion (blacking out anything sensitive) would help reduce the fallout from this.









-Crosspost from https://bitcointalksearch.org/topic/m.1036967

There is not much to report here at this point. I have discussed further with MTGox, who *may* be offering a loan of some sorts, but they were very unclear and MagicalTux is hard to get in contact with sometimes (I can get him to answer vaguely, but when I ask for more details, he never responds).

As for reimbursing the shareholders. Here is the hard truth, some people may not like it, but that's how it is:

I'm doing my best to rebuild the syndicate. I want to continue operation, meaning shares owned will be shares in the syndicate still. If/Once we can rebuild into something equalling what it was, then your shares will be worth what they were before this incident. And who knows, likely more. But this has been a major setback. This loss is very large for us, and it means that we won't be likely hitting our initial forecasted growth rate.

Regardless of what happens, I'm trying my best to continue operation. I'm not simply folding up shop and walking away.

THAT is how I plan on "compensating" the shareholders. Not by doing something extra to give money back or taking out loans in my own name, or anything along those lines. I am doing what I can within reason to rebuild.

Am I responsible for reimbursing the company for the money lost? no I'm not. And I won't be. I don't have that much cash on hand (hell I'm tight for cash myself at the moment). And I highly doubt anyone will be giving me a loan (even if I was willing to incur that extra liability on my own to rebuild, which I'm not).

There is a reason that in the real world people adopt the incorporation model. It's called protection from liability for the executives/directors. The CEO of a real corporation is not responsible for personally paying back his shareholders in the event there are major losses. The shareholders can vote to dismiss the CEO and put a new one in his place, and if for example the CEO is found guilty of actual fraud (embezzlement, stealing from the company and so on) then there can be criminal charges in place, and perhaps some small form of restitution required to be paid. But under no circumstances in the real world is the CEO responsible for personally injecting funds into the business...

In this case, a terrible thing has happened. We had a large amount of money stolen from us. The person who is responsible is the one who stole it. And to a small degree Enterpoint/MtGox due to the delays. But as I said before already, I stand by my decisions. I didn't do anything WRONG here. There were choices that I could have done differently had I had different information at my disposal at the time (and it's easy to look back and say oh you should have done this instead of that, with the info we have now in hindsight) but in the end. I stand by my decisions, stand by the fact I did nothing wrong, and so I am not responsible for putting $12K back into the syndicate.

I am doing my job to try and rebuild, come up with a plan to continue operation, and hopefully recover the funds if possible.

So far not much progress on support from MtGox, I still have a week or two to wait for an answer from Enterpoint. And I am exploring some other options.

In the meantime I have not heard from law enforcement yet. I was told it could be a number of weeks before they contact me. I will follow up with them in another week or two to check in on status.

I have received the evidence packet from mtgox, and I am reviewing it. If I find anything of use (that wouldn't be damaging to the case to publish) I will post it up.

Until something changes, we will continue mining with the founders rigs, and working towards a plan of action. At that time I will hold a series of motions to decide on a final course of action based on the available options. Once the course of action is chosen by motion. Trading will be un-frozen at glbse.

Again, I'm sorry if this goes against what some people feel they are entitled to. But this is just how it is.

I will post up more information once I have more to post. As I said before, it will be a bit of a long haul here, Police are slow to move on anything, everything else will take weeks at least, and so expect some silence, before I have the information available to me to come up with some meaningful ideas to put forth to a vote.

Thanks for your patience, understanding, and support (for those of you giving any/all of the above)

Just tell everyone what's your plan for compensating the external shareholders. If you have already announced such plan yet,  ignore this post.

FYI, I have no shares anymore since long time ago. It's sharp declining price on GLBSE that draws my intention here. As Glasswalker once claimed ,they don't forced anyone into buying their shares. Those words were said during some not very pleasant topic which ask them to compensate the company when their promised hash rate cannot meet. Glasswalker said, those hash rate is not hard promised, the contract said they will only try their best to do so. So after they say those words, I started to sell shares, a large bunch of shares, until I have none of them.

However, I want to say, talkative Glasswalker, you don't have to explain us the details. I don't think the shareholders really care.

Just tell everyone what's your plan for compensating the external shareholders, if you cannot find the money back with the help of police. those shares  You executive team get by providing several months of hashrate but no firm hardware is really cheap in the accounting standard, which imply you should do good job to the company and create value, not let the money stolen.

Even if you can get a proof from the police that the money is not stolen by yourself or other executive team, this "if" cannot make an excuse for you not to take responsibility after this disaster.

Seek a loan from your relatives and friends or local bank or credit card, or simply withdraw some money from your bank account. Anyway, just make sure that the "company" don't have to pay the theft money.

Give back the company dollars.

Fair enough, thanks. The main reason I only posted in one spot was to try and contain constructive chat to a single spot so I wasn't constantly posting in several spots, but as it seems that's unavoidable... Thanks!

I would like to leave this here, as a backup.
It's a copy of your post at btcsyn forum.

The police report was submitted with the Ottawa Police. I have a reciept from them for it's submission on paper. And I have the name/badge number of the officer that took it, along with an open case number with them.

I will not be posting all this info on the public forum just yet until I hear back from the investigating officer, because I don't want to complicate their case by them suddenly getting inundated with calls about it from speculators and such on this forum.

I can however confirm I have sent scanned copies of this reciept to MagicalTux at MtGox, as well as I have sent the details (and will send the scanned copy upon request) to Nefario at GLBSE.

Yes I can prove I've submitted it. And if you want validation, you can ask one of those 2 individuals. Please keep in mind this is a sensitive situation, and until I know what I can and can't do, I'm being careful with things so that I don't potentially negatively impact the investigation.

As for the password repeats... I maintain, while it's "best practice" to use 100% strong passwords, never repeating, and 2 factor everywhere, VERY FEW people even in the security industry actually do this. I can't quote an exact number, but I do know the percentage is extremely small. Hell, we have national banks here in Canada which don't even ALLOW passwords longer than 6 digit numerical passwords... And none of them that I know of support 2 factor auth for anything less than major corporate accounts doing frequent international wire transfers over $10,000. (and at a significant cost). None of the creditcard companies (or banks who offer creditcards) support 2 factor auth for those at all (to my knowledge)

Have I learned from this, and ramped up my security? yes. I now do use 100% strong passwords, with no repeats, and 2 factor where possible. (and I am still rolling passwords for things, it will likely take me weeks to roll them all). All the ones using this compromised password were rolled already, but I have hundreds of passwords that need to be migrated to the new "proper" setup. (and no that number is not an exaggeration, also it's taking a long time because I already did my best to avoid overlap as much as possible in that large volume of passwords).

And yes I did use a secure password facility for most of the "really important" stuff. But this was my personal mtgox account, which usually doesn't handle more than a couple hundred btc at most once every few months for less than 24h at a time. It wasn't worth the effort/cost in my opinion. But under this freak situation I ended up stuck moving large amounts of syndicate money through that account, and it got stuck there for a long period of time due to circumstances beyond my control.

Lastly, this breach impacted me more heavily than any of the shareholders can even understand. Not only did I have more invested in this than anyone else (to my knowledge, if I'm mistaken, then I apologise). But I also have access to many highly sensitive systems, and classified information. (most of which is not protected to the level everyone here suggests I should have protected my personal mtgox account with by the way). And even the remote chance that my accounts were compromised means that my employer now needs to do a full security audit as well. And lastly there is the reputation hit this causes, combined with the added stress of dealing with the lynch mob that has formed here on these forums. (and attacks on my practices which I'm pretty sure at least 50% of the attackers don't "practice what they preach" but since it isn't their accounts under a microscope they can feel comfortable slinging their hypocrisy at me)

Anyway, sorry if I'm getting a bit touchy on this topic, but it feels kinda shitty when you try and really do something positive, and are trying your best, and it not only blows up in your face, but suddenly people are accusing you of being a criminal because of it... And I'm stressed out dealing with this, and dealing with trying to maintain my day job at the same time (which is very demanding as well right now).

You used the same password on 3 different financial sites .....

Where is the police report and can you prove you have actually submitted it ?

Gewure: What are you talking about? Your whole post was way off base... See inline responses below:

That's completely incorrect. IF we were to liquidate today, we would be worth 700CAD plus the bitcoins still in our wallet right now. But I don't intend to liquidate. I intend to keep operating, and I am trying to piece together several plans of action which the shareholders can then vote on (one of which may be liquidation, but it will be up to a vote, and honestly I would prefer if we can keep it afloat to recover some of the loss).

Lastly, I'm still trying to recover the funds.

Plus if we continue to operate, in a couple months we could have mined a fair bit still even at 5-6 GHash. The 700CAD we have is enough for one cairsmore, which should soon be at 1GHash, so that's a bit more mining power, and so on. And all that is if none of the other plans pan out (help from mtgox, and help from enterpoint, or recovering the stolen funds).

Umm what the hell? The shareholder loan clause was in the bylaws originally BEFORE the IPO. It was altered only once, which was to EXTEND the terms of the loan (to make our commitment longer). That was the only alteration, and it was done under a passed motion. Specifically Motion ID #81 for which more details can be found here http://forum.btcsyn.com/viewtopic.php?f=8&t=22

So if you didn't like those terms, you likely should have read further into the bylaws before investing. Most of our other investors had no problems with those terms.

Also, I'm not sure what that has to do with anything related to the theft of the $12K, or why you're bringing it up now.


I'm not sure where you are getting any of these numbers from. We lost $12K (about 1800BTC roughly, don't have the tx in front of me). not 3000BTC. We never had 3000BTC to loose in the first place. Our stock price fluctuated, and our total stock in circulation might have been at 3000BTC at one time, but that's purely market speculation on our total value. Our actual assets were approximately 1700BTC originally which at the time was worth about $9000, since then we sold the icarus to buy cairsmore, the money from that plus some of our mining profits, totalled up to about 1800btc. Which we sold for $12K USD to use to buy cairsmore boards. Which all said and done would have doubled our mining capacity in mhash/s. But the  $12K was stolen... That's the short version of the syndicate history. I'm not sure where you see loosing 3000BTC anywhere in that.

Overall: There is already enough panic going on around here, not to mention the witch-hunt that has started in the other thread about this theft (apparently I underestimated this communities thirst for blood, that thread has mostly been pure speculation, and aggression toward me personally, without caring about any of the facts, so I refuse to return there, I will however continue to respond here).

Anyway, point being please double-check your facts before throwing additional accusations or statements out there and contributing to the chaos.

Thanks.

we would probably be better off with you beeing a player and loosing half the money to a casino..  

i put 50 btc into this, cause you were sooooo promising. should have sold them 1 month ago, when i stressed that nothing is happening.

..reminds me of southpark.

"AAAAAND ITS GONE."

LOL

So.. basically BTC-SYN will be worth 700 canadian dollars in some months. 700/12000 makes 0.053 Dollar per share! woohoo!

when the fuck did you put up this new contract?!! i didnt vote on it and i doubt anybody would!

..explain this to me. 

bitcoin syndicate lost 3000 bitcoin in under a year?! 100% of its value?

...

hm, different error message would make more sense. sure

GLBSE needs a better system for notifying people a symbol is locked...

password It was re-used on 3-4 sites only, and most of those are full financial institutions.

You can't reuse passwords on any sites anymore, 1 password for each site. There was news about 60-70 banks that got hacked a week or two ago, possible password stolen from your bank.

People need to start using google auth or yubikey.

Hey guys, to answer your questions, there has been a major announcement put up in the announcements forum on btcsyn.com

Please see it here: http://forum.btcsyn.com/viewtopic.php?f=6&t=84

Thanks.