Topic: MtGox please protect our info, it's still not removed from some sites (Read 1252 times)

My initial reaction as a techie:
"LOL. You're so funny! The genie cannot be put back into its bottle. Anyone who wants that information will be able to find it. Already the database is sitting on a thousand hard drives and available to download from just as many torrents. If the Internet is a pristine white shag carpet, that database is a bucket of blood. It ain't coming out."

My more well-considered reaction:
"Okay, you have a political point at least. The task may be Sisyphean, but it'd be bad PR to look like you're just sitting on your hands."

My final reaction:
"This information will always be available to whoever wants to look, as far as we know, but that's a theoretical weakness. There are theoretical weaknesses everywhere. Any hash, given enough time, may be broken. But the trick of cryptography has never been making it impossible to get encrypted data; the trick has been making it impractically hard. 'Slow the attacker down until we're in no danger of being caught.' If Mt. Gox can limit the database's availability to the point where it takes an interested party days to find it instead of minutes, they sharply limit the number of people who might be able to use that information for a later attack."

That all being said: yeah, that data is likely all obsolete at this point. Either their accounts have all been compromised or they've changed their passwords like a good netizen.

Edit
On the other hand, if an interested party does find it, and if they're the helpful sort, all that hard work will have been for nothing. Much like the Black Plague, it'll spring forth from its dormancy and spread once more. If the data is at all interesting at that point, that is.

If you are hiding your head in the ground hoping that the problem will go away by itself, it definitely won't.  At least you can contain the damage by acting due diligently - if it concerns you.  Even though you can not absolutely quarantine the leaked information from private hands - you can at least endeavor to make it difficult to access, and even illegal to access, by prohibiting its availability on publicly accessible sites, and stake your claim on the information by notifying relevant sites of the infringement - making it illegal for the relevant site to host it.  If you do nothing - you might be considered negligent - if not grossly negligent - for not limiting damages as far as possible.

What you're asking for is in conflict with the universal law of the internet: "Once It's On the Internet, It's There Forever."

And the information is also already obsolete.

Rapidshare has due dilligently removed this file's download access and views it as an illegal file - probably due to infringement of privacy.  Only MtGox being the original keeper of the privileged information, would be in a position to demand its removal from public sites.  Please act due dilligently to minimise infringement of privacy  damages.

Speaking as someone whose info was in that database, thank you. Like you said, the info is out there and I need to be able to verify what they got for myself. I haven't as yet been able to decrypt my password but I have been trying. Luckily, I do in fact use a different password everywhere, and didn't have much at MtGox.

If they remove it, I'm reposting my copy.

Seriously, it's public info now and can never go back to being private no matter how hard you or anyone else tries.

You want mtgox to police the internet now and remove the contents wherever it got spread? I give up.

Based on incoming spam it's too late already. That file will be available on multiple hacker sites, and mailing lists for years to come.
That's simply my opinion, your effort might help.

Accounts.csv file still not removed entirely from public sites:

http://pastebin.com/search?cx=partner-pub-4339714761096906%3A1qhz41g8k4m&cof=FORID%3A10&ie=UTF-8&q=accounts.csv#1124

MtGox please act.