Pages:
Author

Topic: How to find "Tom Williams" ... - page 2. (Read 7938 times)

legendary
Activity: 1680
Merit: 1035
August 04, 2011, 12:09:02 PM
#56
Alright, I've had enough of al this nerd bullshit. Let's just go and find this guy and lynch him up by the balls. Angry

Anyone up for a nice week-long vacation in the tropical island of Nevis?
legendary
Activity: 1806
Merit: 1003
August 04, 2011, 12:02:15 PM
#55
the best chance we got is get a court order to force his domain registrar and hosting company to give up his contact information.
newbie
Activity: 28
Merit: 0
August 04, 2011, 11:31:13 AM
#54
Alright, I've had enough of al this nerd bullshit. Let's just go and find this guy and lynch him up by the balls. Angry
sr. member
Activity: 300
Merit: 250
BitcoinStarter.com Support Account
August 04, 2011, 11:29:16 AM
#53
I wouldn't pay attention to his security procedures much.  He outright lied about hashing passwords in the database. 

Quote from that Thread:
Quote
Yes, we use password encryption. We are currently using SHA-256, but
since the recent Mtgox hack we will be upgrading that to something
stronger. It's surprising how many sites still use MD5, even though it
was broken years ago. It is my personal opinion that MD5 be deprecated
from modern operating systems.

We had a password reset issue months ago in which we needed access to our account.  After about a month of lack of communication we finally received access to our account through the original password that was sent to us in plain text from mybitcoin.com .  We "remembered" the password after seeing it again and were shocked that mybitcoin stored passwords in plain text.


Now I'm wondering if MyBitcoin was the one that hacked Mt. Gox.


Very good chance this i the case sense everyone used the same username/password between the 2.
legendary
Activity: 980
Merit: 1004
Firstbits: Compromised. Thanks, Android!
August 04, 2011, 10:55:37 AM
#52
I wouldn't pay attention to his security procedures much.  He outright lied about hashing passwords in the database. 

Quote from that Thread:
Quote
Yes, we use password encryption. We are currently using SHA-256, but
since the recent Mtgox hack we will be upgrading that to something
stronger. It's surprising how many sites still use MD5, even though it
was broken years ago. It is my personal opinion that MD5 be deprecated
from modern operating systems.

We had a password reset issue months ago in which we needed access to our account.  After about a month of lack of communication we finally received access to our account through the original password that was sent to us in plain text from mybitcoin.com .  We "remembered" the password after seeing it again and were shocked that mybitcoin stored passwords in plain text.


Now I'm wondering if MyBitcoin was the one that hacked Mt. Gox.
sr. member
Activity: 339
Merit: 250
August 04, 2011, 08:24:37 AM
#51

I still consider it a reasonably likely scenario that the site was run by a privacy-advocate/cryptographer  - who has simply died.




According to the "from the desk of Tom Williams" statement in June, two technicians have access to the server.

Quote
All disk keys are held off-site and were never generated anywhere near the internet. All server passwords are unique per server and per user, of course. Only two technicians have access to the secure servers. This access is over a VPN and we only use secured workstations running Linux and BSD to access them.

https://bitcointalksearch.org/topic/m.279396

You'd think that by now one of them would have realised that there's something wrong and that if something dramatic has happened to "Tom" they'd be trying to find a way to communicate with the users of the service.

I wouldn't pay attention to his security procedures much.  He outright lied about hashing passwords in the database. 

Quote from that Thread:
Quote
Yes, we use password encryption. We are currently using SHA-256, but
since the recent Mtgox hack we will be upgrading that to something
stronger. It's surprising how many sites still use MD5, even though it
was broken years ago. It is my personal opinion that MD5 be deprecated
from modern operating systems.

We had a password reset issue months ago in which we needed access to our account.  After about a month of lack of communication we finally received access to our account through the original password that was sent to us in plain text from mybitcoin.com .  We "remembered" the password after seeing it again and were shocked that mybitcoin stored passwords in plain text.
hero member
Activity: 868
Merit: 1000
August 04, 2011, 03:42:39 AM
#50
CACert is incorporated in my state - New South Wales, Australia.  I wouldn't count on many of its members being within New south Wales jurisdiction.

My understanding is that the 'jurisdiction' here they are talking about is whatever jurisdiction the identified entity has been certified for - not where CACert is based.
I suspect this will just lead us in a circle back to Nevis though Sad


I am also in NSW by the way Smiley



You're probably right, and it will probably just lead back to the Netherlands or Nevis (and I seriously doubt that Tom Williams is located in either).
legendary
Activity: 1092
Merit: 1001
August 04, 2011, 03:32:01 AM
#49
I've posted to the list [email protected]

I've pretty much given up my own semi-anonymity now by doing this.. oh well. mtgox leaked my email anyway Tongue


Quote
Hello CaCert community,

Firstly - I'm not particularly well versed in certificate issues - just a
lay-geeks basic knowledge.

How would I go about finding information about a CACert certificate that was
issued to 'www.mybitcoin.com'?

The site is no longer reachable - so I can't directly see the certificate any
more, but I understand from an earlier forum posting that they were using
CACert.

There is currently much speculation about what happened to this site and who
the underlying entity is/was.  (A bit late for people who put trust in the site
to be asking this perhaps - but the fact that a CACert was issued is enough for
some to put some trust in a site, so I'm guessing the community here may have
some interest in helping out.. whether they think the people involved were
foolish or not)

A lot of money is involved so there are many claims of fraud, and questions
about whether the operator has died etc.

I would appreciate any leads...
If you're curious - take a look at the bitcoin forums at bitcointalk.org where
there are many threads related to mybitcoin and the disappearing 'Tom Williams'
legendary
Activity: 1092
Merit: 1001
August 04, 2011, 03:27:30 AM
#48
CACert is incorporated in my state - New South Wales, Australia.  I wouldn't count on many of its members being within New south Wales jurisdiction.

My understanding is that the 'jurisdiction' here they are talking about is whatever jurisdiction the identified entity has been certified for - not where CACert is based.
I suspect this will just lead us in a circle back to Nevis though Sad


I am also in NSW by the way Smiley

sr. member
Activity: 294
Merit: 250
August 04, 2011, 03:19:29 AM
#47

I guess the problem with the conjecture that some site at the remote end just fell over, is that theoretically that wouldn't stop the frontend listening on port 443 - and it appears that it's not.   It could be that the frontend automatically closed that off when the backend disappeared though.
Unlikely. I have never seen a reverse proxy or tunneling solution that stopped listening on a local port if the backend/network was not reachable. There would also be no reason to do so.
hero member
Activity: 868
Merit: 1000
August 04, 2011, 03:18:01 AM
#46
CACert is incorporated in my state - New South Wales, Australia.  I wouldn't count on many of its members being within New south Wales jurisdiction.
legendary
Activity: 1092
Merit: 1001
August 04, 2011, 03:11:49 AM
#45
But you don't know which server the underlying HTTPD service (let alone the wallet/database) was on.  It's highly likely to have been a tor hidden service, or an i2p 'eepsite' running who-knows-where. That the leaseweb server has some TOR stuff on it doesn't tell us it was the HTTPD (does it??)
That's true... it could be only a proxy. Though I suspect the site would be very slow if it piped everything though I2P/TOR.

I've never used mybitcoin so I don't know what their speed was.


When I tried some i2p services the speed was tolerable - but I also never used mybitcoin, so I don't know if it's plausible that it was at least partly run over a tunnel.

I guess the problem with the conjecture that some site at the remote end just fell over, is that theoretically that wouldn't stop the frontend listening on port 443 - and it appears that it's not.   It could be that the frontend automatically closed that off when the backend disappeared though.

I'd still like to know if there is any way to research the information associated with the CACert certificate for 'www.mybitcoin.com'
They have an organisation assurance policy which states things like:
# The organisation named within is identified.
# The organisation has been verified according to this policy.
# The organisation is within the jurisdiction and can be taken to Arbitration.

If it turns out that they haven't done this properly - and have allowed a truly anonymous use of an organisational certificate - then CACert may have a stain on it's reputation.   Does anyone know how to proceed with this?  I may just email them and ask about it..






sr. member
Activity: 294
Merit: 250
August 04, 2011, 03:01:30 AM
#44
Considering Leaseweb is fairly popular for somewhat more questionable content (including TOR nodes) it is not unlikely there are simply two unrelated TOR nodes on the same physical server
Yeah, right... they are both called Bitcoin*something*, have the same uptime, and the servers have quite a lot of similar properties. Sure there's a small chance they are unrelated, but I wouldn't bet on it.
Being the same uptime and having similar properties is one of the main characteristics of two VMs on the same host machine. If the host machine gets restarted, so will the VMs, meaning they all have the same uptime if they are on the same machine. A lot of similar characteristics would also be logical if they were two VMs on the same host machine. Of course it's possible that they are from the same owner, and my theory may indeed be unlikely - however, unlikely is not the same as impossible. And in my opinion my theory is reasonable enough to at least consider it, and not blindly assume they are from the same owner. I'm not saying I'm right, just that it may be a possibility Smiley
Quote
Quote
, purely by accident. Not to mention that, as far as I am aware, Blutmagie is a fairly well-known TOR node.
The Blutmagie site has a list of TOR nodes (which I linked to). It is completely unrelated to their own TOR node.
Sorry, I should have said 'fairly often used' rather than 'fairly well-known'. I see people connecting to my own IRC network and other places rather often from Blutmagie, along with formlessnetworking and torservers.net. Probably because they have most bandwidth.
hero member
Activity: 812
Merit: 1022
No Maps for These Territories
August 04, 2011, 02:56:36 AM
#43
But you don't know which server the underlying HTTPD service (let alone the wallet/database) was on.  It's highly likely to have been a tor hidden service, or an i2p 'eepsite' running who-knows-where. That the leaseweb server has some TOR stuff on it doesn't tell us it was the HTTPD (does it??)
That's true... it could be only a proxy. Though I suspect the site would be very slow if it piped everything though I2P/TOR.

I've never used mybitcoin so I don't know what their speed was.
legendary
Activity: 1092
Merit: 1001
August 04, 2011, 02:55:00 AM
#42
"Something went catastrophically" could just be failure to pay for hosting, and having your server shut down.
No, that's not it. The server is still running and routing TOR. Have you read the rest of the topic?


But you don't know which server the underlying HTTPD service (let alone the wallet/database) was on.  It's highly likely to have been a tor hidden service, or an i2p 'eepsite' running who-knows-where. That the leaseweb server has some TOR stuff on it doesn't tell us it was the HTTPD (does it??)

(edit: the leaseweb server may have simply been the HTTPD for static content - the dynamic stuff coming from the other end of the tunnel.
The 'failure' - be it payment or whatever, could be on an entirely different system. maybe even a home desktop.
)
hero member
Activity: 812
Merit: 1022
No Maps for These Territories
August 04, 2011, 02:50:57 AM
#41
"Something went catastrophically" could just be failure to pay for hosting, and having your server shut down.
No, that's not it. The server is still running and routing TOR. Have you read the rest of the topic?
hero member
Activity: 630
Merit: 500
August 04, 2011, 02:40:21 AM
#40
perhaps mybitcoin was running on autopilot til something went catastrophically wrong on about the 29th.

Yes, people have been trying to contact MyBitcoin admin for a while now, since weeks before the outage, with no success. "Something went catastrophically" could just be failure to pay for hosting, and having your server shut down.

This really seems the most likely explanation.
hero member
Activity: 812
Merit: 1022
No Maps for These Territories
August 04, 2011, 02:36:44 AM
#39
Considering Leaseweb is fairly popular for somewhat more questionable content (including TOR nodes) it is not unlikely there are simply two unrelated TOR nodes on the same physical server
Yeah, right... they are both called Bitcoin*something*, have the same uptime, and the servers have quite a lot of similar properties. Sure there's a small chance they are unrelated, but I wouldn't bet on it.
I'm sorry to bring Len Sassaman's name into this again without evidence - but the fact is that he was
This name pops up quite a lot. Now is he Satoshi or the mybitcoin owner? Or both? Smiley
legendary
Activity: 1092
Merit: 1001
August 04, 2011, 02:29:38 AM
#38
PrivacyShark is a company older than bitcoin, who had once created a profile in this forum to answer some criticisms.

I still suspect that this whole problem isn't a scam, but rather that Tom Williams suffered some serious accident or even passed away, and there's currently nobody capable of maintaining the site.
If at least this could be verified, those with money in MyBitcoin could make a bounty to pay for one more month of hostage in leaseweb - if they haven't deleted all the account's data - just in the hope of bringing the MyBitcoin system alive once more and allow everybody to withdraw. But if the claim once done by Tom Williams that most of the coins are on cold storage is true, and if he hadn't told the password to these coins to anybody of his trust, then it's game over.

This fits my impression of the whole thing.
Given that back when mybitcoin was set up - It was far from obvious that speculation would drive such high values, it seems unlikely that this sophisticated privacy arrangement was put in place with the intent to defraud from the outset.  It's far more likely someone who is 'into' cryptography and privacy in the geek/political sense.

I suspect now that the leaseweb server was probably little more than a front-end.. and the real server was somewhere inside the i2p network.

I'm sorry to bring Len Sassaman's name into this again without evidence - but the fact is that he was
a) into cryptography and was a privacy advocate (knew of/used i2p tor etc)
b) at least knew of and has commented on bitcoins (hence having his ascii image imortalized as a tribute in the blockchain - very cool)
c) died at approximately the right time. (3rd july) -  perhaps mybitcoin was running on autopilot til something went catastrophically wrong on about the 29th.

Now it's a big planet with big interwebs - so one shouldn't read much into coincidences (unless you want a career as a conspiracy nut)..  but It'd be great for someone who knew Len to make some gentle enquiries amongst his friends to either rule this out, or see what they can find.








hero member
Activity: 630
Merit: 500
August 04, 2011, 02:06:25 AM
#37
PrivacyShark is a company older than bitcoin, who had once created a profile in this forum to answer some criticisms.

I still suspect that this whole problem isn't a scam, but rather that Tom Williams suffered some serious accident or even passed away, and there's currently nobody capable of maintaining the site.
If at least this could be verified, those with money in MyBitcoin could make a bounty to pay for one more month of hostage in leaseweb - if they haven't deleted all the account's data - just in the hope of bringing the MyBitcoin system alive once more and allow everybody to withdraw. But if the claim once done by Tom Williams that most of the coins are on cold storage is true, and if he hadn't told the password to these coins to anybody of his trust, then it's game over.
Pages:
Jump to: