Pages:
Author

Topic: Instawallet claim process - page 46. (Read 79284 times)

full member
Activity: 154
Merit: 100
April 04, 2013, 02:35:26 PM
#21
Ultimately, which information a true client could submit that the hacker could not for the claim?
A true client could potentially get third parties to vouch for their identity, those who had sent bitcoins into and received bitcoins from that address.
Mmm, but to collect that third party's vouch is big pain, may be ask that party to send back 1 satoshi?
legendary
Activity: 1400
Merit: 1013
April 04, 2013, 02:27:21 PM
#20
Ultimately, which information a true client could submit that the hacker could not for the claim?
A true client could potentially get third parties to vouch for their identity, those who had sent bitcoins into and received bitcoins from that address.
full member
Activity: 154
Merit: 100
April 04, 2013, 02:24:52 PM
#19
Ultimately, which information a true client could submit that the hacker could not for the claim?
legendary
Activity: 1400
Merit: 1005
April 04, 2013, 02:14:36 PM
#18
Why not more information?  You failed to answer some very basic questions that everyone is wondering:
- How much was stolen?
- How much will those with more than 50 BTC be missing when they attempt to make a claim?
- Why aren't you covering the stolen amounts out of your own coffers?  It was your site security that failed, not the fault of your users.
- Given that your company is insolvent (obviously, or you would be able to pay everyone back in full), are you not afraid of being sued for the remaining amounts and then being investigated for criminal activity as a result?  It is against the law (at least in the US, not sure about European countries) to display favoritism to one creditor vs another when you know the company is insolvent.  All account holders should be taking the same haircut and be repaid by the same percentage of their original balance.

FWIW, I have no stake in the game.  I am just disappointed in how this is being handled.
hero member
Activity: 756
Merit: 1000
April 04, 2013, 02:00:44 PM
#17
What
This. What info could we have that the hacker does not?

I can name at least one : the IP address(es) from where the wallet were usually accessed. He may know the addresses (if they are stored in the database) but he may have some difficulties submitting the claim from one of them.

I hope (and I think) that Paymium will watch from where the claims are submitted and in case of doubt (TOR exit, known proxy) they will ask for more details from the one who fills the claim.

tough luck then for those that were accessing their wallets through tor

Well I can't imagine someone installing tor and then using instawallet (except for mixing coins on a very short term basis), but why not ? If they previously accessed their wallet from tor and claim it via tor it should be ok.

What about the date that they were created? Do you think the hacker would have this info?
member
Activity: 98
Merit: 10
April 04, 2013, 01:56:05 PM
#16
Whats tor?
sr. member
Activity: 333
Merit: 252
April 04, 2013, 01:43:36 PM
#15
This. What info could we have that the hacker does not?

I can name at least one : the IP address(es) from where the wallet were usually accessed. He may know the addresses (if they are stored in the database) but he may have some difficulties submitting the claim from one of them.

I hope (and I think) that Paymium will watch from where the claims are submitted and in case of doubt (TOR exit, known proxy) they will ask for more details from the one who fills the claim.

tough luck then for those that were accessing their wallets through tor
hero member
Activity: 756
Merit: 1000
April 04, 2013, 01:20:26 PM
#14
steelboy will be a hero member by the time he gets his coins back!!

Have you phoned him steelboy?

Lol

I have called and left a message.
member
Activity: 98
Merit: 10
April 04, 2013, 01:05:31 PM
#13
steelboy will be a hero member by the time he gets his coins back!!

Have you phoned him steelboy?
sr. member
Activity: 352
Merit: 250
April 04, 2013, 01:02:54 PM
#12
Their were people with more than 50BTC on an instawallet?  Shocked
Why would anyone do this... Guess they learned a lesson.
hero member
Activity: 756
Merit: 1000
April 04, 2013, 12:42:44 PM
#11
This. What info could we have that the hacker does not?

Also, did the hacker know the balances of each URL or did they have to search each one?
member
Activity: 68
Merit: 10
April 04, 2013, 12:31:36 PM
#10

An intruder was able to access the instawallet database. As a result, all "hidden" urls, i.e wallets, have been compromised and are no longer safe to store bitcoins.


So, how are they any good to handle the refunds with / base refunds upon? Surely the hacker could just submit all the URL's he found (and copied) straight into the refund process and cash out again?  Tongue
newbie
Activity: 47
Merit: 0
April 04, 2013, 12:17:14 PM
#9
When will you start receiving claims?
legendary
Activity: 4690
Merit: 1276
April 04, 2013, 12:16:40 PM
#8
If you could, please state:

 1) That the claim infrastructure will be accessible by visiting the URL of the instawallet (if true.)

 2) When the infrastructure is in place to make a claim.

 3) The type of information needed to make a holding claim.   Such as:

    - extra contact info such as a bitcointalk.org username of a contact e-mail address if it may be useful in order to resolve conflicting claims.

    - a recollection of the recent utilization patterns.

    - anything else which may require some thought on the user's part.

From a user perspective, I would like to visit the URL one time and input all the necessary information without needing to halt to do a lot of research, etc.

Thanks.
sr. member
Activity: 333
Merit: 252
April 04, 2013, 12:15:31 PM
#7

1) do you still have a database of outgoing transactions that were not broadcast?
For several hours before instawallet went offline, outgoing transactions had not been sent
out. Will you be able to process claims for those? (I'm an unlucky owner of one such wallet,
and it held over 50BTC,  so I'm worried)


2) there's an additional  way to prove ownership of a wallet: sign a message with keys for addresses that
were used to fund a wallet (not everyone has those keys, but some of us do). This can be useful
if more than 1 claim is submitted for the same wallet.

3) can you say how much funds were stolen?
hero member
Activity: 756
Merit: 1000
April 04, 2013, 12:15:07 PM
#6
But the 0.5% of wallets you can't refund in full will contain the majority of the money. How many btc were stolen?

Also, what about transactions over 50btc that were sent out of a wallet before the website went offline but did not reach destination? Support was contacted as was Davout on the forum. Surely this must be repaid in full?

Apologies for my shortness, I am obviously worried about my coins.
hero member
Activity: 756
Merit: 1000
April 04, 2013, 12:06:57 PM
#5
But the 0.5% of wallets you can't refund in full will contain the majority of the money. How many btc were stolen?
legendary
Activity: 1221
Merit: 1025
e-ducat.fr
April 04, 2013, 11:54:38 AM
#4
reserved
legendary
Activity: 1221
Merit: 1025
e-ducat.fr
April 04, 2013, 11:54:15 AM
#3
reserved
legendary
Activity: 1221
Merit: 1025
e-ducat.fr
April 04, 2013, 11:54:01 AM
#2
reserved
Pages:
Jump to: