MtGox Income on Fees US$ 91,098 to US$ 218,635 for 3 months?

wmXchange

member

Activity: 113

Merit: 10

E-currency exchanger for Bitcoin, LR, WMZ, WU/MG

Quote from: antirack on April 02, 2012, 08:03:40 PM

Don't have the big and expensive firewalls (such as Watchguard etc) DDoS protection nowadays? I know this is a bit off topic, but I am just trying to understand why you would need to use a "service" that costs north of $2000/month.

If a firewall doesn't do the trick, what do those services different to make it work? Is it real human beings monitoring and making needed changes (ie. rerouting traffic, blocking, etc)?

Nowadays most datacenters have hardware and software firewalls and filters to keep away small attacks and bad traffic but its not enough against botnet owners with a little bit of experience. A good firewall keeps you safe from most amateur flooders and script kiddies with a few roots on their hands.
But what no piece of equipment was not able to accomplish by itself alone is to stop the big DDoSers that usually start an attack on a target with large botnets (~100k IPs). Like you said, to fight a real DDoS attack, beside a good IT infrastructure (firewalls, bandwidth, DNS servers, load balancers, tier 1-2 network) you need real DDoS mitigation specialists (not just the average server admins) to adjust the hardware and software settings based on the actual attack characteristics. Either this, or you simply just null route all traffic and wait for the attack to pass.

Coinbuck @ BTCLot

hero member

Activity: 540

Merit: 500

The future begins today

Quote from: antirack on April 02, 2012, 08:03:40 PM

Don't have the big and expensive firewalls (such as Watchguard etc) DDoS protection nowadays? I know this is a bit off topic, but I am just trying to understand why you would need to use a "service" that costs north of $2000/month.

If a firewall doesn't do the trick, what do those services different to make it work? Is it real human beings monitoring and making needed changes (ie. rerouting traffic, blocking, etc)?

Both

antirack

hero member

Activity: 489

Merit: 500

Immersionist

Don't have the big and expensive firewalls (such as Watchguard etc) DDoS protection nowadays? I know this is a bit off topic, but I am just trying to understand why you would need to use a "service" that costs north of $2000/month.

If a firewall doesn't do the trick, what do those services different to make it work? Is it real human beings monitoring and making needed changes (ie. rerouting traffic, blocking, etc)?

wmXchange

member

Activity: 113

Merit: 10

E-currency exchanger for Bitcoin, LR, WMZ, WU/MG

$5000/month for keeping their servers up and running is not that much if you consider the high cost of real DDoS protection a business like Mt.Gox needs.
Been behind Prolexic is not cheap, considering their plans start from $2000/month. In general e-money issuers, payment processors, exchangers and all sorts of cash businesses tend to attract a lot of DDoS attacks.

guruvan

hero member

Activity: 532

Merit: 500

Quote from: antirack on March 26, 2012, 08:44:28 AM

They have posted in one of the threads (the one where they posted the above PDF) that they are going to have an external audit. They are not a public company, but they are handling customers money so I guess it is in their interest.

I hadn't seen this. I do agree but I wouldn'n necessarily expect them to post a complete audit of their finances, just the customer monies.

Quote

If they'd have a license they'd probably be required to display that somewhere. Even if you don't have a banking license, you still need to comply with AML regulations of your bank and your country.

Banking, and other money service business are not licensed or regulated the same. I seriously doubt that Mt.Gox or any other exchange is a licensed Bank. Several businesses have folded over the requirement for being licensed as some type of MSB. They take customer deposits. In most countries this is regulated.

MatthewLM

legendary

Activity: 1190

Merit: 1004

MtGox deposits non-bitcoin currencies in a bank, they aren't a regulated bank themself, or am I wrong?

antirack

hero member

Activity: 489

Merit: 500

Immersionist

They have posted in one of the threads (the one where they posted the above PDF) that they are going to have an external audit. They are not a public company, but they are handling customers money so I guess it is in their interest.

In my previous company (eCommerce) we asked customers to send us a copy of their government ID. I have also been asked a couple of times to scan/fax/photograph my ID card to verify my order when I ordered internationally. That doesn't mean MtGox has a banking license. They just want to protect themselves from fraud. The only reason why you would send them a copy of your ID or utility bill is to raise your withdrawal limits. Very common in Asia to use government IDs and utility bills for account verification (I am in Asia).

If they'd have a license they'd probably be required to display that somewhere. Even if you don't have a banking license, you still need to comply with AML regulations of your bank and your country.

Getting a banking license is not as easy as filling in the right paper work. You have to back the customers deposits with something of real value in case the sh*t hits the fan.

guruvan

hero member

Activity: 532

Merit: 500

I'm sure they need licenses. They'd not ask people for their ID for AML verification otherwise.

The servers look to be too few? Only three? But, $5K/mo for dedicated colo hardware isn't out of the question. IIRC the servers are in the US and they're in Japan. (I don't know it's dedicated or anything, just comparing) Looking through the document, it appears those might be Nov'10 through Nov'11 numbers. I'm sure they're running more hardware than just that.

Finally, Why would Mt.Gox let someone audit them? AFAIK they're not a public company and have no need to disclose anything. The Bitcoin banks i know of publish information about their deposits, etc, but many are publicly held, and the others do this to gain trust. Mt.Gox obviously has no serious issue gaining bitcoiners' trust.

MatthewLM

legendary

Activity: 1190

Merit: 1004

The data I got from bitcoincharts.com shows that recently the largest amount of trades in one second was 28. I guess it would have to get a lot, lot busier to make significant use of the servers. Of-course there are other HTTP requests and bitcoin operations to process.

antirack

hero member

Activity: 489

Merit: 500

Immersionist

And I guess the last thing you want is orders not executed or people not able to login because the servers are overworked. If you get this wrong, then you are basically telling your customers to be careful sending you money. Also, they do have a (trading) API, don't they?

I am really looking forward to an independent audit of MtGox.

notme

legendary

Activity: 1904

Merit: 1002

Quote from: MatthewLM on March 25, 2012, 07:23:43 PM

But do they need 96GB of RAM and 32 processor cores with hyper-threading? How busy does MtGox actually get?

Busy enough that their SocketIO lags. But, based on the errors we've seen in the past, this could easily be poor coding/environment setup rather than inadequate hardware.

MatthewLM

legendary

Activity: 1190

Merit: 1004

But do they need 96GB of RAM and 32 processor cores with hyper-threading? How busy does MtGox actually get?

antirack

hero member

Activity: 489

Merit: 500

Immersionist

I could imagine that a "private network" and not being in a shared cabinet in a data center, for security reasons, might add some costs. It seems they have two locations. Two main servers and dedicated backup servers in Japan, one dedicated backup server in Europe. If you add firewalls and other crap, and maybe high leasing costs, that number actually doesn't look very high anymore. Could they get it for much cheaper? Sure, but if you are running an exchange and you have already been attacked once, you can't just buy cheap to save money.

From the document:

Main Server
- 64-Core (4 x 8 Core CPU + Hyper-threading)
- 96 GB of RAM
- 600 GB SAS Raid 1
- Networking : 2Gbps (two separate gigabit uplinks bonded)

Main Server Backup
- 64-Core (4 x 8 Core CPU + Hyper-threading)
- 96 GB of RAM
- 600 GB SAS Raid 1
- Networking : 2Gbps (two separate gigabit uplinks bonded)

Data Backup
- Dedicated Backup Servers located in Europe (1x) and Japan (1x)
- From 10 to 12TB worth of Back-up Space per server mounted in Raid 1 or Raid 5
- 4096Bit encryption (PGP)

Monthly Cost ~ $5,000.00 USD

bulanula

hero member

Activity: 518

Merit: 500

Quote from: MatthewLM on March 25, 2012, 03:18:01 PM

I'm quite shocked at the immense server costs they have. I don't know what they are doing with those servers. Does it make sense to anyone?

Indeed. Seems they greatly invest in servers and other critical infrastructure like that.

This explains why they are always lagging when a market movement happens Roll Eyes

MatthewLM

legendary

Activity: 1190

Merit: 1004

I'm quite shocked at the immense server costs they have. I don't know what they are doing with those servers. Does it make sense to anyone?

antirack

hero member

Activity: 489

Merit: 500

Immersionist

Thanks for posting this.

This document says that their hosting infrastructure costs them US$ 5000/month. It also says that their operational cost is US$ 60k/month (5 mio JPY). I call BS on the operational cost, even at a high price area like Japan.

Where does it say anything about operating at loss in the report? Or do you just assume that because the high operational cost stated in that document?

With this kind of volume they claim to have in USD deposits (ie. 2.7 mio over 30 days), I am wondering if they don't need some sort of banking license with guarantees to back their customers deposits.

Kluge

donator

Activity: 1218

Merit: 1015

Quote from: drakahn on March 24, 2012, 02:11:57 AM

https://mtgox.com/press_release_20120201.html for an earlier period of time

Right. They look to have sizable revenues, but at least as of a few months ago and according to their Transparency Report, run at a pretty significant loss. Those are old numbers, though. Hopefully, they'll release another report at the end of this year.

drakahn

hero member

Activity: 504

Merit: 500

https://mtgox.com/press_release_20120201.html for an earlier period of time

antirack

hero member

Activity: 489

Merit: 500

Immersionist

I am fairly new to Bitcoin and I am just trying to figure out if I am overlooking something.

MtGox seems to be the biggest BTC exchange.

According to Bitcoin Charts, the trading volume during the past 3 months on MtGoxUSD was 7786162.18 BTC.

http://bitcoincharts.com/charts/mtgoxUSD#rg90zigDailyzm1g10zm2g25zi1gVolzv

MtGox takes between 0.25% and 0.60% trading fee. I assume that's from both parties involved (buyer and the seller). Makes between 0.50% and 1.2%.

https://mtgox.com/fee-schedule

Given the volume above, that means MtGox earned somewhere between BTC 19465 (US$ 91098) and BTC 46716 (US$ 218635) in the past 3 months. By today's MtGoxUSD rate ($4.68/BTC) anyway, I am aware there are fluctuations.

Did I understand that correct?

Topic: MtGox Income on Fees US$ 91,098 to US$ 218,635 for 3 months? (Read 2844 times)