Topic: MyBitcoin Back Up! (with a press release) (Read 12293 times)
I got my 49% too
I thought the guy was a BTC millionaire...if he is, shouldn't he have more than enough to pay back everyone in full and still be left with some money for himself?
Millionaires already thought of that, and countered it by having the government make them officially not liable for the scams they start, provided the scams are not proven to be deliberate scams and provided they get away with the scam and maybe a few other provisions.
What it amounts to is, any deliberate scam with both malice aforethought and enough up front capital to afford it will have some cool logo or notation or afficxation or prefix or suffix along the lines of "LLC" (Limited Liability Corporation), "LTD" (LimiTeD liability corporation), etc (some German acronym, etc etc, maybe various tiny states established purely for the purpose of running an offshore scams industry might even allow these warning labels to be left off, or use a warning label many people in the world have not yet learned to see as a red flag aka warning label, but basically they are all red flags warning you of a government-approved scam in progress or the intent to escape liability for anything that might go wrong can go wrong or is intended to go wrong, subject some provisikons maybe if you are lucky.
-MarkM- (Kids are responsible to parents; politicians are officially irresponsible, specifically not liable for consequences of laws they pass...)
I thought the guy was a BTC millionaire...if he is, shouldn't he have more than enough to pay back everyone in full and still be left with some money for himself?
One can now claim 49% of the funds, it seems: https://mybitcoin.com
I claimed and received 49% of my 0.3 BTC
I claimed and received 49% of my 0.3 BTC
There is actually a simple way to still keep the 50btc - you just need to pay it to the mybitcoin depodit address that your other funds are being sent too.. then, assuming mybitcoin accepts it, you get to keep the 50BTC also.
As I understand it, MyBitcoin didn't accept deposits that came directly from generation transactions - the 50 BTC would never get credited to your account no matter what happened. Most Bitcoin wallet sites have the same limitation. Maybe once he saw the posts about a bounty on his head, he got a little antsy. These geeks are some great detectives.
this wasn't clear... the bounty will be on the hacker of my bitcoin .. maybe thats Tom Williams him self, and maybe not .. so far we have a poeple have committed a total of 25 btc
how ever we these poeple are holding on to the coins themselves, seeing how no one seems to trust anyone these days
Due to the amount of Bitcoins we are talking Millions of dollars here are we not??? I did not have any coins there, but I am willing to pledge Money, Time, Resources and I think everyone who has lost a significant amount would contribute in some way to at least try and recoup the loss! Where is it upto?
Does anyone have Tom Williams' email address or something? i am pretty sure their server has a lead
I can't believe that this wasn't foreseen. Bitcoin transactions can be reversed, it happens. It's absolutely irresponsible to not reconcile the block chain against your accounting backend every so many blocks.
This was forseen:
MyBitcoin is still accepting payments with only 1 confirmation. This is insane for a bank. Any miner capable of mining two blocks in a row can steal money from MyBitcoin pretty easily. I'm surprised no one has attempted it yet.
There's another attack made possible by accepting payments with less than 6 confirmations that would allow you to see exactly which coins MyBitcoin has, and possibly do other damage.
There's another attack made possible by accepting payments with less than 6 confirmations that would allow you to see exactly which coins MyBitcoin has, and possibly do other damage.
This is not a fault with bitcoin, and bitcoin transactions still can't be 'reversed'. Anyone accepting bitcoins should be waiting for more than 1 confirmation. Sensationalist posts saying 'Bitcoin transactions can be reversed' don't help.
Will
I'd hardly call my tone or point sensationalist. Transactions can be reversed, although maybe you'd prefer the term "discarded" or "ignored" rather than reversed.
I agree, this is not a flaw in bitcoin itself, but rather related entirely to implementation on the part of MyBitcoin.
If you're creating an orphaned block then you wouldn't get the 50btc... so your whole reward would be the stolen coins.
[/quote]
For this scam to work, your block must get orphaned.
It's a possibility still that your block would get picked up by the next miner/pool who solves a block, in which case, your attack didn't work, but you got the 50 btc.
[/quote]
There is actually a simple way to still keep the 50btc - you just need to pay it to the mybitcoin depodit address that your other funds are being sent too.. then, assuming mybitcoin accepts it, you get to keep the 50BTC also.
[/quote]
For this scam to work, your block must get orphaned.
It's a possibility still that your block would get picked up by the next miner/pool who solves a block, in which case, your attack didn't work, but you got the 50 btc.
[/quote]
There is actually a simple way to still keep the 50btc - you just need to pay it to the mybitcoin depodit address that your other funds are being sent too.. then, assuming mybitcoin accepts it, you get to keep the 50BTC also.
I can't believe that this wasn't foreseen. Bitcoin transactions can be reversed, it happens. It's absolutely irresponsible to not reconcile the block chain against your accounting backend every so many blocks.
This was forseen:
MyBitcoin is still accepting payments with only 1 confirmation. This is insane for a bank. Any miner capable of mining two blocks in a row can steal money from MyBitcoin pretty easily. I'm surprised no one has attempted it yet.
There's another attack made possible by accepting payments with less than 6 confirmations that would allow you to see exactly which coins MyBitcoin has, and possibly do other damage.
There's another attack made possible by accepting payments with less than 6 confirmations that would allow you to see exactly which coins MyBitcoin has, and possibly do other damage.
This is not a fault with bitcoin, and bitcoin transactions still can't be 'reversed'. Anyone accepting bitcoins should be waiting for more than 1 confirmation. Sensationalist posts saying 'Bitcoin transactions can be reversed' don't help.
Will
Step 2 is a problem, not impossible, but would require a substantial mining investment. If i took all of my $X000 investment in mining gear I would be able to do that about once a month and it would not be guaranteed each time I solved a block.
But, if you're mining anyway and can steal a couple hundred extra bitcoins half the time you solve a block; this is a pretty good scam.
If you're creating an orphaned block then you wouldn't get the 50btc... so your whole reward would be the stolen coins.
It's a possibility still that your block would get picked up by the next miner/pool who solves a block, in which case, your attack didn't work, but you got the 50 btc.
Worst case scenario, MyBitcoin picks up the other block before you announce yours. In which case, you only lost time and electric.
I'd say a pretty good investment for a scammer with a few thousand btc they'd like to double.
I can't believe that this wasn't foreseen. Bitcoin transactions can be reversed, it happens. It's absolutely irresponsible to not reconcile the block chain against your accounting backend every so many blocks.
Also, simply delaying larger deposits for more confirms would mitigate this.
Step 2 is a problem, not impossible, but would require a substantial mining investment. If i took all of my $X000 investment in mining gear I would be able to do that about once a month and it would not be guaranteed each time I solved a block.
But, if you're mining anyway and can steal a couple hundred extra bitcoins half the time you solve a block; this is a pretty good scam.
If you're creating an orphaned block then you wouldn't get the 50btc... so your whole reward would be the stolen coins.
My MBC account address shows all the coins still in it, no transfers out. Hopefully this means that 100% of them will be available to me and there will not be some BS about losing part of mine to compensate someone else.
Step 2 is a problem, not impossible, but would require a substantial mining investment. If i took all of my $X000 investment in mining gear I would be able to do that about once a month and it would not be guaranteed each time I solved a block.
But, if you're mining anyway and can steal a couple hundred extra bitcoins half the time you solve a block; this is a pretty good scam.
Understood. I was commenting on how hard it is to generate a single block though six months ago it was not so hard.
Ahh, yeah, it would require some time. But even if your attempts fail, you are still rewarded with 50 btc for your efforts.
I don't expect that the person responsible bought into mining just for this scam. I'm sure it was an established miner, or more likely, this is all a made up story.
Understood. I was commenting on how hard it is to generate a single block though six months ago it was not so hard.
I'm surprised that, even with 1 block confirmations, stealing bitcoins in the way that Tom describes would be feasible without a considerable amount of compromised computing power. If my understanding is correct, for an attack to succeed an attacker would have to compute 2 blocks containing their false transactions before the rest of the network computes one. This computation could be done offline so the attacker could wait until they have been lucky and computed these blocks before publishing them, but it would still require a non-insubstantial amount of compute or waiting a long time before being able to make the attack.
I'm not saying that pools are involved in this, but if even a small pool was involved, then this attack would be a lot more believable.
Will
I'm not saying that pools are involved in this, but if even a small pool was involved, then this attack would be a lot more believable.
Will
I'm pretty sure it would work something like this.
1.) Peer directly to the bitcoind running on MyBitcoin.
2.) Solve the next block with your dubious transactions.
3.) Wait for someone else to solve the block you solved.
4.) After the same block was found, but before MyBitcoin's bitcoind hears it, announce your dubious block to MyBitcoin.
5.) That is 1 confirm, funds will now show up. Transfer the funds out, the next block on the network will orphan your dubious one.
Step 2 is a problem, not impossible, but would require a substantial mining investment. If i took all of my $X000 investment in mining gear I would be able to do that about once a month and it would not be guaranteed each time I solved a block.
No, I'm not saying you have to generate two successive blocks.
Just generate a given block first.
By dubious transactions, I mean legitimate coins sent to MyBitcoin that will get reversed once your block gets orphaned, but only after the funds are confirmed on MyBitcoin.
I'm surprised that, even with 1 block confirmations, stealing bitcoins in the way that Tom describes would be feasible without a considerable amount of compromised computing power. If my understanding is correct, for an attack to succeed an attacker would have to compute 2 blocks containing their false transactions before the rest of the network computes one. This computation could be done offline so the attacker could wait until they have been lucky and computed these blocks before publishing them, but it would still require a non-insubstantial amount of compute or waiting a long time before being able to make the attack.
I'm not saying that pools are involved in this, but if even a small pool was involved, then this attack would be a lot more believable.
Will
I'm not saying that pools are involved in this, but if even a small pool was involved, then this attack would be a lot more believable.
Will
I'm pretty sure it would work something like this.
1.) Peer directly to the bitcoind running on MyBitcoin.
2.) Solve the next block with your dubious transactions.
3.) Wait for someone else to solve the block you solved.
4.) After the same block was found, but before MyBitcoin's bitcoind hears it, announce your dubious block to MyBitcoin.
5.) That is 1 confirm, funds will now show up. Transfer the funds out, the next block on the network will orphan your dubious one.
Step 2 is a problem, not impossible, but would require a substantial mining investment. If i took all of my $X000 investment in mining gear I would be able to do that about once a month and it would not be guaranteed each time I solved a block.
I'm surprised that, even with 1 block confirmations, stealing bitcoins in the way that Tom describes would be feasible without a considerable amount of compromised computing power. If my understanding is correct, for an attack to succeed an attacker would have to compute 2 blocks containing their false transactions before the rest of the network computes one. This computation could be done offline so the attacker could wait until they have been lucky and computed these blocks before publishing them, but it would still require a non-insubstantial amount of compute or waiting a long time before being able to make the attack.
I'm not saying that pools are involved in this, but if even a small pool was involved, then this attack would be a lot more believable.
Will
I'm not saying that pools are involved in this, but if even a small pool was involved, then this attack would be a lot more believable.
Will
I'm pretty sure it would work something like this.
1.) Peer directly to the bitcoind running on MyBitcoin.
2.) Solve the next block with your dubious transactions.
3.) Wait for someone else to solve the block you solved.
4.) After the same block was found, but before MyBitcoin's bitcoind hears it, announce your dubious block to MyBitcoin.
5.) That is 1 confirm, funds will now show up. Transfer the funds out, the next block on the network will orphan your dubious one.
I'm surprised that, even with 1 block confirmations, stealing bitcoins in the way that Tom describes would be feasible without a considerable amount of compromised computing power. If my understanding is correct, for an attack to succeed an attacker would have to compute 2 blocks containing their false transactions before the rest of the network computes one. This computation could be done offline so the attacker could wait until they have been lucky and computed these blocks before publishing them, but it would still require a non-insubstantial amount of compute or waiting a long time before being able to make the attack.
I'm not saying that pools are involved in this, but if even a small pool was involved, then this attack would be a lot more believable.
Will
I'm not saying that pools are involved in this, but if even a small pool was involved, then this attack would be a lot more believable.
Will
I seem to remember some people complaining months ago that 1 or 2 bitcoin's was missing from there mybitcoin wallets.
So i wonder if the hacker has had access to the site for month's?
So i wonder if the hacker has had access to the site for month's?
Jump to: