Pages:
Author

Topic: MemoryDealers.com founder Roger Ver abuses admin access at Blockchain.info - page 5. (Read 28778 times)

legendary
Activity: 1372
Merit: 1002
This is the Internet, there is no 3rd-party provided privacy and whoever thinks there is sure is mistaken and living in a dreamworld
In the Internet, privacy is a DIY thing, almost like in real life, you know...
If you don't want your neighbours to see your johnson you don't go around the house naked with the windows open, do you?
legendary
Activity: 3472
Merit: 4801
This thread is full of spineless morons who would just sit tight while some greek dude rips them off instead of leveraging all the means they can to fuck with the scammer.
Almost gives me a desire to scam you all, just to see your reaction.
Well, I do agree that we need more exacting standards to weed out scum like what BCB does in his scam investigation. If BitcoinStore were an individual, and that individual doxed everything out from the scammer, no one would have had anything to say . . .
And if blockchain.info's privacy policy stated that they release personal information to third parties to assist in investigation of claims of fraud, then no one would have had anything to say either.

The issue isn't that companies shouldn't be allowed to share personal information to assist in fraud investigations.  The issue is that companies need to decide how they will use personal information, and then state that use in a privacy statement so potential customers can make educated decisions about the companies they want to do business with.  Violation of that privacy statement is then a serious breach of trust.
legendary
Activity: 3472
Merit: 4801
This thread is full of spineless morons who would just sit tight while some greek dude rips them off instead of leveraging all the means they can to fuck with the scammer . . .
And a few people who feel that privacy policies matter.

I've got no problem with BitcoinStore using all the resources that are legitimately available to them to track down and leverage the customer who asked for fraudulent legal documentation and then kept money that wasn't his.

I have a big problem with an "employee" of blockchain.info violating their privacy policy to release their own customer's personal information to a third party when that customer has not in any way defrauded blockchain.info and their privacy policy explicitly states that personal information will not be released to third parties except as required by law.
legendary
Activity: 1288
Merit: 1227
Away on an extended break
This thread is full of spineless morons who would just sit tight while some greek dude rips them off instead of leveraging all the means they can to fuck with the scammer.
Almost gives me a desire to scam you all, just to see your reaction.
Well, I do agree that we need more exacting standards to weed out scum like what BCB does in his scam investigation. If BitcoinStore were an individual, and that individual doxed everything out from the scammer, no one would have had anything to say.
Life's full of paradoxes. If we all applied such principles while doing business, scammers would be extinct by now. It's doing nothing that causes the proliferation of dishonest activities.
legendary
Activity: 1372
Merit: 1002
This thread is full of spineless morons who would just sit tight while some greek dude rips them off instead of leveraging all the means they can to fuck with the scammer.
Almost gives me a desire to scam you all, just to see your reaction.
full member
Activity: 126
Merit: 100
It is sad to see BlockChain.info - a superb service - dragged, without merit, into such an display of complete and utter incompetence on the part of the owner of Memory Dealers, Roger Ver. This https://bitcointalksearch.org/topic/please-delete-131574 behavior; publicly displaying the details of a private individual and labeling them a criminal would at best seem morally dubious and at worst defamatory.

I completely agree. I think the best thing for Blockchain.info would be to force Roger Ver out.

Piuk if you wish to do that, and you need capital with which to accomplish it, feel free to PM me in confidence and we will see what we can do.


We?  Who the fuck is We? You? lol.

"We will see what we can do" as in Piuk and I together, idiot.
Owhh.. For a moment i thought you gonna roll out a posse or somthn. lol.You bein the sherif and all..
lol.

Now listen here ya'll we just cant have this vero guy exposing all these scammers i say we run 'm out of town WHOS WITH ME! lol.
legendary
Activity: 3472
Merit: 4801
Took a look at http://blockchain.info/privacy , and I stand corrected. The crux of the issue here is the usage of Blockchain.info database to prove nethead/bitbitman's control over the address, and this is wrong as per the TOS. Oh well, Roger should have had pursued this matter via information from BitcoinStore and not used blockchain.info's info. Dishonest people taking advantage of a honest mistake of others is still bad no matter what.
Agreed, in no way does Roger's violation of blockchain.info's privacy policy make NetHead's decision to keep BTC that were accidentally sent to him any less wrong.  NetHead asked for BitcoinStore to falsify customs information, then he kept money that was accidentally sent to him, and then he lied about having received the money.  In all of those instances he was certainly wrong.

However, the fact that NetHead acted in a fraudulent manner does not have any bearing on whether Roger's actions at blockchain.info were wrong.

Privacy policies matter, otherwise why bother having one?  Violation of a privacy policy is a severe action when it comes to determining the trustworthiness of a business.  blockchain.info recognized the seriousness of the issue and addressed it quickly and appropriately, but we can't just excuse Roger's behavior by saying that since BitcoinStore was being defrauded, it is ok for blockchain.info to violate their privacy policy.
legendary
Activity: 1288
Merit: 1227
Away on an extended break
^. Roger got his phone number, name and address from the order details at bitcoinstore.
Ah.  Yeah I figured that was a reality halfway though writing that so I included it as a theory.  Makes sense.  But even cross-referencing that info with the wallet info as verification seems non-ToS'y to me.
. . . Roger didn't publish or share the details from blockchain.info with a third party though.
Yes, he did.  BitcoinStore.com IS a third party in this action.

People seem to keep getting confused because Roger at blockchain.info and Roger at BitcoinStore.com are the same person, but those are two different companies, and it was imperative on Roger to keep his duties at those two companies separate.  The trick to realizing what was "Wrong" about what Roger did, is to substitute some other person in for his blockchain.info duties and see if the same "communication" would be considered wrong.

Lets say I run a business called BitcoinStore.com.  Lets say I suspect one of my customers of wrongdoing, but don't have enough information to prove it for certain.  If I call up Piuk at blockchain.info and ask him to confirm for me the bitcoin addreses of one of his customers so I can determine if I'm being defrauded, and blockchain.info has a privacy policy that states explicitly that they do not share any personal information with third parties except as required by law, what should Piuk's response to me be?  Has he acted in a fraudulent manner if he shares the customer information with me?  Is it a grey area?
Took a look at http://blockchain.info/privacy , and I stand corrected. The crux of the issue here is the usage of Blockchain.info database to prove nethead/bitbitman's control over the address, and this is wrong as per the TOS. Oh well, Roger should have had pursued this matter via information from BitcoinStore and not used blockchain.info's info. Dishonest people taking advantage of a honest mistake of others is still bad no matter what.
legendary
Activity: 3472
Merit: 4801
^. Roger got his phone number, name and address from the order details at bitcoinstore.
Ah.  Yeah I figured that was a reality halfway though writing that so I included it as a theory.  Makes sense.  But even cross-referencing that info with the wallet info as verification seems non-ToS'y to me.
. . . Roger didn't publish or share the details from blockchain.info with a third party though.
Yes, he did.  BitcoinStore.com IS a third party in this action.

People seem to keep getting confused because Roger at blockchain.info and Roger at BitcoinStore.com are the same person, but those are two different companies, and it was imperative on Roger to keep his duties at those two companies separate.  The trick to realizing what was "Wrong" about what Roger did, is to substitute some other person in for his blockchain.info duties and see if the same "communication" would be considered wrong.

Lets say I run a business called BitcoinStore.com.  Lets say I suspect one of my customers of wrongdoing, but don't have enough information to prove it for certain.  If I call up Piuk at blockchain.info and ask him to confirm for me the bitcoin addreses of one of his customers so I can determine if I'm being defrauded, and blockchain.info has a privacy policy that states explicitly that they do not share any personal information with third parties except as required by law, what should Piuk's response to me be?  Has he acted in a fraudulent manner if he shares the customer information with me?  Is it a grey area?
legendary
Activity: 1288
Merit: 1227
Away on an extended break
^. Roger got his phone number, name and address from the order details at bitcoinstore.



Ah.  Yeah I figured that was a reality halfway though writing that so I included it as a theory.  Makes sense.  But even cross-referencing that info with the wallet info as verification seems non-ToS'y to me.
Yes. Everything was perfectly fine until Roger accessed the blockchain.info database. However, it's still a grey area as Roger didn't publish or share the details from blockchain.info with a third party though.
legendary
Activity: 1190
Merit: 1000
www.bitcointrading.com
^. Roger got his phone number, name and address from the order details at bitcoinstore.



Ah.  Yeah I figured that was a reality halfway though writing that so I included it as a theory.  Makes sense.  But even cross-referencing that info with the wallet info as verification seems non-ToS'y to me.
legendary
Activity: 1288
Merit: 1227
Away on an extended break
^. Roger got his phone number, name and address from the order details at bitcoinstore.

legendary
Activity: 1190
Merit: 1000
www.bitcointrading.com
There are a million ecommerce stores on the internet who get scammed on a regular basis and have the same kinds of problems getting any kind of authority involved - even when the scammer might only be 10 miles away.  They aren't posting customer info publicly everywhere...

Maybe they should? They probably don't, because they have no way of linking a customer to the scam, since it's easy to steal credit cards, but that turned out to be easier in this case. Also, there's a store nearby with  a large section of the wall labeled Wall of Shame. It has photos of people the store caught shoplifting, whom the store banned, up there for everyone to see in public.

Shoplifter? Scammer? I hope next time I'm at walmart and they accidently give me too much change they don't put my picture up on the wall of shame.

And if you were asked for it back and you didn't give it?

ab8989 says it best.. but I do agree that due to the nature of bitcoin, it is relatively easy to prove a user received extra funds.  however, it was a day later that the extra 4.5119 BTC was sent to him.  see the blockchain:  http://blockchain.info/address/1H4UR5M72Ybpo4zrqWe8JKKYSeN1gxqBcU

if walmart calls me up on a phone number I didn't give to them with the intention of them ever calling me and says that at the time of the sale I did receive the correct change, but the next day someone else gave me money randomly and it "should be" in my wallet and it pertained to the previous transaction...  yeah, I would probably hang up too.

.. continued to discuss this with Roger, as opposed to ignoring and hanging up on him, the whole thing would have likely been resolved in private..

Did nethead give Roger his phone number or something?  Or did Roger get it from his blockchain.info account via the sketchy admin console?  He could have put his phone number on the invoice for the video card, totally a reality as well. 

I think if regulations changed and the way things are done at blockchain.info are now different (user info encryption) then that is one benefit of this fiasco. 

There are a million ecommerce stores on the internet who get scammed on a regular basis and have the same kinds of problems getting any kind of authority involved - even when the scammer might only be 10 miles away.  They aren't posting customer info publicly everywhere...

Maybe they should? They probably don't, because they have no way of linking a customer to the scam, since it's easy to steal credit cards, but that turned out to be easier in this case. Also, there's a store nearby with  a large section of the wall labeled Wall of Shame. It has photos of people the store caught shoplifting, whom the store banned, up there for everyone to see in public.

Shoplifter? Scammer? I hope next time I'm at walmart and they accidently give me too much change they don't put my picture up on the wall of shame.

And if you were asked for it back and you didn't give it?

Man that Wall of Shame thing is harsh. If someone is stealing food from a shop I feel sorry for them and I hope they get back on their feet. Thankfully something like that would be illegal here. So, of course, is shoplifting, so there's really no need for public shaming.

As many others have said, keeping the change isn't scamming. It's dishonesty. It's morally wrong. It's taking advantage of another person's honest mistake, but it's not a SCAM. A scam is a deliberate attempt to gain money from someone by deception. That is not what happened here.

All this "This guy is a THIEF and a SCAMMER and he should be vilified and Roger Ver is a poor innocent victim and should be deified" stuff is totally off the mark and at complete odds with how things actually went down.

Roger Ver made a mistake. Sometimes you need to pay for your mistakes. Sadly you can't always count on people being honest enough to help you correct your mistakes when the mistake benefits them directly. That's life. Ver has all the tools he needs to ensure it never happens again. He doesn't have to worry about being scammed or robbed again, because no one scammed or robbed him. All he has to do is make sure he (or his employee) doesn't give people the wrong amount of Bitcoins when he makes a transaction.

Roger Ver should have just asked this guy for the money back. If the guy didn't feel like being honest, too bad. Write off the loss, move on. Take it as a $50 reminder to be more careful in future. That's what any sane human being would do.

My thoughts EXACTLY.

From the dictionary:

Quote
scam
[skam]  Show IPA noun, verb, scammed, scam·ming.
noun
1.
a confidence game or other fraudulent scheme, especially for making a quick profit; swindle.
verb (used with object)
2.
to cheat or defraud with a scam.
Origin:
1960–65;  orig. carnival argot;  of obscure origin

Related forms
scam·mer, noun.
legendary
Activity: 2506
Merit: 1010
I just wanted to mention that a skilled blockchain.info admin can perfectly steal your funds. He just needs to change the javascript sent to your browser in order to get your password.

That is true.  If you are running the Javascript verifier, it will alert you to this happening though:
 - https://blockchain.info/wallet/verifier

But few people run that -- a password-stealing change like you describe would probably go undetected if it were attempted (against a single targeted individual).

This is a good thought exercise here though.

What if this were a hosted Bitcoin EWallet, lets say, and something like this happened?  The hosted EWallet provider could simply adjust your balance to recover the 5 bitcoins that were accidentally sent to you.  They would have the technical ability to confiscate funds.  Now I don't know if this has ever happened but technically it is possible.

And if this were a bank where something like this happened (e.g., someone else's deposit went into your account) I guarantee you they'ld reverse the transaction immediately instead of just politely and firmly asking for a voluntary return of the funds.  A bank might even send its ex-military security officer to ensure the safe return of the funds after they've screwed up:
 - http://www.ft.com/intl/cms/s/2/93a47a62-daf0-11e1-8074-00144feab49a.html

That this incident occurred in the first palce reminds me of Stanislav's admonition:

Quote
The real laugh is that there is no solid reason to believe that the world’s national banks have seen it fit to sweat so much as one drop to vanquish Bitcoin through discreditation.  Bitcoin users themselves have been doing a thorough job of this.
- http://www.loper-os.org/?p=939


full member
Activity: 210
Merit: 100
9_9

Well, you sure showed me! I can't compete with you on the Japanese style emoticon front. I had to look up what that one means. Damn, outsmarted again.
sr. member
Activity: 434
Merit: 250
full member
Activity: 210
Merit: 100
There are a million ecommerce stores on the internet who get scammed on a regular basis and have the same kinds of problems getting any kind of authority involved - even when the scammer might only be 10 miles away.  They aren't posting customer info publicly everywhere...

Maybe they should? They probably don't, because they have no way of linking a customer to the scam, since it's easy to steal credit cards, but that turned out to be easier in this case. Also, there's a store nearby with  a large section of the wall labeled Wall of Shame. It has photos of people the store caught shoplifting, whom the store banned, up there for everyone to see in public.

Shoplifter? Scammer? I hope next time I'm at walmart and they accidently give me too much change they don't put my picture up on the wall of shame.

And if you were asked for it back and you didn't give it?

Man that Wall of Shame thing is harsh. If someone is stealing food from a shop I feel sorry for them and I hope they get back on their feet. Thankfully something like that would be illegal here. So, of course, is shoplifting, so there's really no need for public shaming.

As many others have said, keeping the change isn't scamming. It's dishonesty. It's morally wrong. It's taking advantage of another person's honest mistake, but it's not a SCAM. A scam is a deliberate attempt to gain money from someone by deception. That is not what happened here.

All this "This guy is a THIEF and a SCAMMER and he should be vilified and Roger Ver is a poor innocent victim and should be deified" stuff is totally off the mark and at complete odds with how things actually went down.

Roger Ver made a mistake. Sometimes you need to pay for your mistakes. Sadly you can't always count on people being honest enough to help you correct your mistakes when the mistake benefits them directly. That's life. Ver has all the tools he needs to ensure it never happens again. He doesn't have to worry about being scammed or robbed again, because no one scammed or robbed him. All he has to do is make sure he (or his employee) doesn't give people the wrong amount of Bitcoins when he makes a transaction.

Roger Ver should have just asked this guy for the money back. If the guy didn't feel like being honest, too bad. Write off the loss, move on. Take it as a $50 reminder to be more careful in future. That's what any sane human being would do.
legendary
Activity: 1680
Merit: 1035
However Roger was already wrong from the beginning by jumping the gun...

That I agree with. If the coins had in fact been sent to nethead's anonymous address, they could have gotten stuck in the mixer for a day or so, without nethead even being aware of them. So, I guess patience is also important.
donator
Activity: 2058
Merit: 1054
Bitcoin addresses stored for notification purposes have been deleted. Addresses are now stored as a SHA 256 hash of the address, which removes the ability to lookup a wallet by bitcoin address.
It does not. If that address has received any payment, it's trivial to brute force SHA256 hashes of all addresses on the blockchain until you find a match. If you're serious about preventing lookup by address, use a slow hash.

The secret salt used in the hash should prevent brute force of all addresses.

. . . Addresses are hashed with a secret. With access to the secret it would be possible to hash every bitcoin address with a none zero balance and use that to compare against subscribed hashes to determine addresses in a wallet. The sacrifice of some anonymity when notifications are enabled has always been stated https://blockchain.info/wallet/anonymity. However it is no longer possible for admins to lookup an arbitrary wallet by address.
My comment didn't make sense anyway, I got the process reversed. If the secret is unknown to admins it should work.
legendary
Activity: 3472
Merit: 4801
Bitcoin addresses stored for notification purposes have been deleted. Addresses are now stored as a SHA 256 hash of the address, which removes the ability to lookup a wallet by bitcoin address.
It does not. If that address has received any payment, it's trivial to brute force SHA256 hashes of all addresses on the blockchain until you find a match. If you're serious about preventing lookup by address, use a slow hash.

The secret salt used in the hash should prevent brute force of all addresses.

. . . Addresses are hashed with a secret. With access to the secret it would be possible to hash every bitcoin address with a none zero balance and use that to compare against subscribed hashes to determine addresses in a wallet. The sacrifice of some anonymity when notifications are enabled has always been stated https://blockchain.info/wallet/anonymity. However it is no longer possible for admins to lookup an arbitrary wallet by address.
Pages:
Jump to: