Topic: MemoryDealers.com founder Roger Ver abuses admin access at Blockchain.info - page 5. (Read 28752 times)

This is the Internet, there is no 3rd-party provided privacy and whoever thinks there is sure is mistaken and living in a dreamworld
In the Internet, privacy is a DIY thing, almost like in real life, you know...
If you don't want your neighbours to see your johnson you don't go around the house naked with the windows open, do you?

And if blockchain.info's privacy policy stated that they release personal information to third parties to assist in investigation of claims of fraud, then no one would have had anything to say either.

The issue isn't that companies shouldn't be allowed to share personal information to assist in fraud investigations.  The issue is that companies need to decide how they will use personal information, and then state that use in a privacy statement so potential customers can make educated decisions about the companies they want to do business with.  Violation of that privacy statement is then a serious breach of trust.

And a few people who feel that privacy policies matter.

I've got no problem with BitcoinStore using all the resources that are legitimately available to them to track down and leverage the customer who asked for fraudulent legal documentation and then kept money that wasn't his.

I have a big problem with an "employee" of blockchain.info violating their privacy policy to release their own customer's personal information to a third party when that customer has not in any way defrauded blockchain.info and their privacy policy explicitly states that personal information will not be released to third parties except as required by law.

Well, I do agree that we need more exacting standards to weed out scum like what BCB does in his scam investigation. If BitcoinStore were an individual, and that individual doxed everything out from the scammer, no one would have had anything to say.
Life's full of paradoxes. If we all applied such principles while doing business, scammers would be extinct by now. It's doing nothing that causes the proliferation of dishonest activities.

This thread is full of spineless morons who would just sit tight while some greek dude rips them off instead of leveraging all the means they can to fuck with the scammer.
Almost gives me a desire to scam you all, just to see your reaction.

Owhh.. For a moment i thought you gonna roll out a posse or somthn. lol.You bein the sherif and all..
lol.

Now listen here ya'll we just cant have this vero guy exposing all these scammers i say we run 'm out of town WHOS WITH ME! lol.

Agreed, in no way does Roger's violation of blockchain.info's privacy policy make NetHead's decision to keep BTC that were accidentally sent to him any less wrong.  NetHead asked for BitcoinStore to falsify customs information, then he kept money that was accidentally sent to him, and then he lied about having received the money.  In all of those instances he was certainly wrong.

However, the fact that NetHead acted in a fraudulent manner does not have any bearing on whether Roger's actions at blockchain.info were wrong.

Privacy policies matter, otherwise why bother having one?  Violation of a privacy policy is a severe action when it comes to determining the trustworthiness of a business.  blockchain.info recognized the seriousness of the issue and addressed it quickly and appropriately, but we can't just excuse Roger's behavior by saying that since BitcoinStore was being defrauded, it is ok for blockchain.info to violate their privacy policy.

Took a look at http://blockchain.info/privacy , and I stand corrected. The crux of the issue here is the usage of Blockchain.info database to prove nethead/bitbitman's control over the address, and this is wrong as per the TOS. Oh well, Roger should have had pursued this matter via information from BitcoinStore and not used blockchain.info's info. Dishonest people taking advantage of a honest mistake of others is still bad no matter what.

Yes, he did.  BitcoinStore.com IS a third party in this action.

People seem to keep getting confused because Roger at blockchain.info and Roger at BitcoinStore.com are the same person, but those are two different companies, and it was imperative on Roger to keep his duties at those two companies separate.  The trick to realizing what was "Wrong" about what Roger did, is to substitute some other person in for his blockchain.info duties and see if the same "communication" would be considered wrong.

Lets say I run a business called BitcoinStore.com.  Lets say I suspect one of my customers of wrongdoing, but don't have enough information to prove it for certain.  If I call up Piuk at blockchain.info and ask him to confirm for me the bitcoin addreses of one of his customers so I can determine if I'm being defrauded, and blockchain.info has a privacy policy that states explicitly that they do not share any personal information with third parties except as required by law, what should Piuk's response to me be?  Has he acted in a fraudulent manner if he shares the customer information with me?  Is it a grey area?

Yes. Everything was perfectly fine until Roger accessed the blockchain.info database. However, it's still a grey area as Roger didn't publish or share the details from blockchain.info with a third party though.

Ah.  Yeah I figured that was a reality halfway though writing that so I included it as a theory.  Makes sense.  But even cross-referencing that info with the wallet info as verification seems non-ToS'y to me.

^. Roger got his phone number, name and address from the order details at bitcoinstore.

ab8989 says it best.. but I do agree that due to the nature of bitcoin, it is relatively easy to prove a user received extra funds.  however, it was a day later that the extra 4.5119 BTC was sent to him.  see the blockchain:  http://blockchain.info/address/1H4UR5M72Ybpo4zrqWe8JKKYSeN1gxqBcU

if walmart calls me up on a phone number I didn't give to them with the intention of them ever calling me and says that at the time of the sale I did receive the correct change, but the next day someone else gave me money randomly and it "should be" in my wallet and it pertained to the previous transaction...  yeah, I would probably hang up too.


Did nethead give Roger his phone number or something?  Or did Roger get it from his blockchain.info account via the sketchy admin console?  He could have put his phone number on the invoice for the video card, totally a reality as well. 

I think if regulations changed and the way things are done at blockchain.info are now different (user info encryption) then that is one benefit of this fiasco. 


My thoughts EXACTLY.

From the dictionary:

That is true.  If you are running the Javascript verifier, it will alert you to this happening though:
 - https://blockchain.info/wallet/verifier

But few people run that -- a password-stealing change like you describe would probably go undetected if it were attempted (against a single targeted individual).

This is a good thought exercise here though.

What if this were a hosted Bitcoin EWallet, lets say, and something like this happened?  The hosted EWallet provider could simply adjust your balance to recover the 5 bitcoins that were accidentally sent to you.  They would have the technical ability to confiscate funds.  Now I don't know if this has ever happened but technically it is possible.

And if this were a bank where something like this happened (e.g., someone else's deposit went into your account) I guarantee you they'ld reverse the transaction immediately instead of just politely and firmly asking for a voluntary return of the funds.  A bank might even send its ex-military security officer to ensure the safe return of the funds after they've screwed up:
 - http://www.ft.com/intl/cms/s/2/93a47a62-daf0-11e1-8074-00144feab49a.html

That this incident occurred in the first palce reminds me of Stanislav's admonition:

- http://www.loper-os.org/?p=939

Well, you sure showed me! I can't compete with you on the Japanese style emoticon front. I had to look up what that one means. Damn, outsmarted again.

9_9

Man that Wall of Shame thing is harsh. If someone is stealing food from a shop I feel sorry for them and I hope they get back on their feet. Thankfully something like that would be illegal here. So, of course, is shoplifting, so there's really no need for public shaming.

As many others have said, keeping the change isn't scamming. It's dishonesty. It's morally wrong. It's taking advantage of another person's honest mistake, but it's not a SCAM. A scam is a deliberate attempt to gain money from someone by deception. That is not what happened here.

All this "This guy is a THIEF and a SCAMMER and he should be vilified and Roger Ver is a poor innocent victim and should be deified" stuff is totally off the mark and at complete odds with how things actually went down.

Roger Ver made a mistake. Sometimes you need to pay for your mistakes. Sadly you can't always count on people being honest enough to help you correct your mistakes when the mistake benefits them directly. That's life. Ver has all the tools he needs to ensure it never happens again. He doesn't have to worry about being scammed or robbed again, because no one scammed or robbed him. All he has to do is make sure he (or his employee) doesn't give people the wrong amount of Bitcoins when he makes a transaction.

Roger Ver should have just asked this guy for the money back. If the guy didn't feel like being honest, too bad. Write off the loss, move on. Take it as a $50 reminder to be more careful in future. That's what any sane human being would do.

That I agree with. If the coins had in fact been sent to nethead's anonymous address, they could have gotten stuck in the mixer for a day or so, without nethead even being aware of them. So, I guess patience is also important.

My comment didn't make sense anyway, I got the process reversed. If the secret is unknown to admins it should work.

The secret salt used in the hash should prevent brute force of all addresses.