Author

Topic: null (Read 2762 times)

sr. member
Activity: 246
Merit: 250
Team Heritage Motorsports
October 02, 2012, 04:14:10 PM
#17
A good piece of advice for anyone who uses mtgox is to setup multiple OTP/Yubi keys. Mtgox now offers this, use it.

I personally have a yubi key as a backup and google authenticator setup for my mtgox account.

excellent advice, thank you
legendary
Activity: 2282
Merit: 1050
Monero Core Team
October 02, 2012, 10:03:38 AM
#16
A good piece of advice for anyone who uses mtgox is to setup multiple OTP/Yubi keys. Mtgox now offers this, use it.

I personally have a yubi key as a backup and google authenticator setup for my mtgox account.

This may be a solution. Have you tired asking MtGox for a yubi key to be added to the account thereby effectively avoiding the whole Apple/Google mess?
member
Activity: 112
Merit: 10
October 02, 2012, 08:55:37 AM
#15
What you tried contacting them through irc on freenode? You may get better customer service that way.
sr. member
Activity: 252
Merit: 250
Lead Core BitKitty Developer
October 02, 2012, 07:08:32 AM
#14
Maybe The Bitcoin Foundation can make it part of their organisation certification process to include rules/guidelines of granting/denying/verifying access to accounts and online wallets. Then you could use that to "force" MtGox to give you access to what is rightfully yours.

I see what you did there.

Wink
jr. member
Activity: 56
Merit: 1
October 02, 2012, 06:20:48 AM
#13
Maybe The Bitcoin Foundation can make it part of their organisation certification process to include rules/guidelines of granting/denying/verifying access to accounts and online wallets. Then you could use that to "force" MtGox to give you access to what is rightfully yours.

I see what you did there.
legendary
Activity: 1193
Merit: 1003
9.9.2012: I predict that single digits... <- FAIL
October 02, 2012, 05:10:23 AM
#12
So if we were to apply the Apple security policy to bitcoin one backs up all the files in .bitcoin EXCEPT for wallet.dat!
wallet.dat is a file protected/encrypted by a password. It's not a stored password in the device.
sr. member
Activity: 252
Merit: 250
Lead Core BitKitty Developer
October 02, 2012, 04:25:37 AM
#11
Maybe The Bitcoin Foundation can make it part of their organisation certification process to include rules/guidelines of granting/denying/verifying access to accounts and online wallets. Then you could use that to "force" MtGox to give you access to what is rightfully yours.
legendary
Activity: 2506
Merit: 1010
October 02, 2012, 04:21:26 AM
#10
have my OTP unlinked by MtGox if I supply verification

Was the account already a verified? (Level 1)?
legendary
Activity: 882
Merit: 1001
October 01, 2012, 11:12:38 PM
#9
As much as I'd love to join in on the apple debate, I think I'm going to use this post to say that we should actually help theboss with his MTGox problem. theboss is out $5,000 because MTGox won't take the time to look at his ID. He probably isn't too interested in our opinions of apple right now. Smiley
member
Activity: 112
Merit: 10
October 01, 2012, 10:58:05 PM
#8
Regarding google authenticator, I think it is the same regardless of platform (apple or android) as I have an issue when rooting my android phone and will doing a full back up, but when I restored the app was there but none of the data..

So it may be more of a google authenticator security thing rather than an apple issue.
legendary
Activity: 2282
Merit: 1050
Monero Core Team
October 01, 2012, 05:54:15 PM
#7
So it basically only restores the app and not data associated with the app. What kind of backup is that? I do not use Apple products and have a very low regard for Apple but backing up the app (who cares i can reinstall that) and not the data (that would actually be useful) sounds like a major fail on the part of Apple.



Apple normally does an EXCELLENT job of restoring your data.

Case in point: open the calculator on a Mac, type in a number, shut down the Mac, and then migrate your user profile to the new Mac.  The same number will be showing on the calculator when you boot it up.

Generally, whenever you do an Apple restore, all the passwords, certificates, any authentication tokens will be missing.  Apple DELIBERATELY avoids putting passwords in backups, as well as anything saved with the same storage class as passwords.  Google Authenticator records very likely fall into this class - the actual storage classification would be under the control of the Google app.  This is a GOOD security practice.

So if we were to apply the Apple security policy to bitcoin one backs up all the files in .bitcoin EXCEPT for wallet.dat!

No. A good security practice is to
1) Tell the user what on earth is going on and TRUST the user.
2) Provide the user with the option to ENCRYPT and back up sensitive data such as passwords and authentication tokens, with a password known only to the user and with software and encryption algorithms that are Free Software / Open Source so that they can be independently verified.
3) Not go out of your way to frustrate a user by requiring propriety software running on a propriety OS (iTunes) on either Microsoft Windows or Mac OS X in order back up files from your mobile device onto a computer. On Android I can easily back up files and ENCRYPT on a computer running the OS of my choice by simply connecting my device over a USB port with no need for special propriety software.

The minute one creates a closed ecosystem where Apple knows best and the user is not to be trusted, as is the case with IOS, then it becomes perfectly appropriate to blame Apple when something goes wrong.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
October 01, 2012, 02:41:25 PM
#6
So it basically only restores the app and not data associated with the app. What kind of backup is that? I do not use Apple products and have a very low regard for Apple but backing up the app (who cares i can reinstall that) and not the data (that would actually be useful) sounds like a major fail on the part of Apple.



Apple normally does an EXCELLENT job of restoring your data.

Case in point: open the calculator on a Mac, type in a number, shut down the Mac, and then migrate your user profile to the new Mac.  The same number will be showing on the calculator when you boot it up.

Generally, whenever you do an Apple restore, all the passwords, certificates, any authentication tokens will be missing.  Apple DELIBERATELY avoids putting passwords in backups, as well as anything saved with the same storage class as passwords.  Google Authenticator records very likely fall into this class - the actual storage classification would be under the control of the Google app.  This is a GOOD security practice.
legendary
Activity: 2282
Merit: 1050
Monero Core Team
October 01, 2012, 02:18:01 PM
#5
I do no know about MtGox but there are some questions I would ask a lawyer about Apple here if I wished to pursue legal action. I suspect your are not the first person who was locked out of funds or suffered damages because of Apple deleting competitive apps.

1) Were you warned at the Apple store that you would loose your data with the phone change?
2) Did they transfer your data but failed to transfer the data regarding the Google app? Keep in mind that Google is a competitor of Apple here so that may be used against Apple. Was there negligence on the part of Apple here?
3) The Apple EULA may not offer Apple full protection here if there are consumer protection laws that conflict with it.


...

I restored from my iCloud backup but that only brought over the Google Auth app not that actual keys that were previously in the app.

...


So it basically only restores the app and not data associated with the app. What kind of backup is that? I do not use Apple products and have a very low regard for Apple but backing up the app (who cares i can reinstall that) and not the data (that would actually be useful) sounds like a major fail on the part of Apple.

vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
October 01, 2012, 02:07:30 PM
#4
Here is a piece of good advice I've heard as well: print your Google Authenticator QR code so you can always reload it later.  This goes for anywhere, not just Gox.
vip
Activity: 1358
Merit: 1000
AKA: gigavps
October 01, 2012, 02:04:47 PM
#3
A good piece of advice for anyone who uses mtgox is to setup multiple OTP/Yubi keys. Mtgox now offers this, use it.

I personally have a yubi key as a backup and google authenticator setup for my mtgox account.
legendary
Activity: 2282
Merit: 1050
Monero Core Team
October 01, 2012, 01:53:23 PM
#2
I do no know about MtGox but there are some questions I would ask a lawyer about Apple here if I wished to pursue legal action. I suspect your are not the first person who was locked out of funds or suffered damages because of Apple deleting competitive apps.

1) Were you warned at the Apple store that you would loose your data with the phone change?
2) Did they transfer your data but failed to transfer the data regarding the Google app? Keep in mind that Google is a competitor of Apple here so that may be used against Apple. Was there negligence on the part of Apple here?
3) The Apple EULA may not offer Apple full protection here if there are consumer protection laws that conflict with it.
member
Activity: 94
Merit: 100
October 01, 2012, 11:27:49 AM
#1
null
Jump to: