Topic: Security at Camp BX - page 2. (Read 3282 times)

As far as I know, this is the exact procedure they use to protect Coca Cola's secret formula ;-)

We understand your concern though about an inside job though.  That is why we follow the best practices deployed in most of corporations: split component ownership, and chain-of-command for each component.  This makes it easy to pinpoint rogue elements.

- Keyur

Do you have New Zealand on your roadmap?

Nmat,
        We were hoping to launch in Europe late September, and also have a multi-currency back-end ready to go!  Unfortunately running into some red-tape in Europe.  We are hoping to get required permissions and redundant bank accounts in place by Q1 2012 to ensure uninterrupted service for our customers.

Thank you,
       Keyur

Keyur, can you tell us about how you store your wallets and such? By that, I mean that in any given day you probably only need 10% liquidity. So a good practice would be to have your active, server-accessible wallets separate from wallets containing the remainder of reserves. That major wallet should be elsewhere, such as on a computer not on your network and this computer is only turned on for 5 minutes a day in order to refill the active wallets. Also, it should be in a cage with several rabid monkeys who can only be tamed by a secret routine, such as reading them a bedtime story and giving out sedative-laden fruits. And this cage should be in a van that moves around a city 24/7. This is like that Burn Notice episode where a package was kept perpetually moving by a series of motorcycle couriers.

The computer in question should be backed up by a flash drive the size of a pill, which you repeatedly eat every few days in order to keep it in your body. The timing is perfect, I've found, to allow the backup to be only occasionally accessible depending on your regularity. If you need it in an emergency, then just eat a lot of prune juice or, in a really major emergency, find a Winogradsky column and drink it.

Then, if your site does get hacked, everyone's risk is minimized. See, I don't think many people take solace in prevention measures at exchanges any more. The more important question involves what hackers or rogue employees could obtain if given access. Please name one of the monkeys after me.

Loaded questions are so fair.

How do you protect yourself from a possible government seizure?
What do you do if a court randomly decides to freeze your funds because of "money laundering laws" overnight?
All your eggs are in one basket (USA), are you prepared for a possible social collapse in the coming years?
How do you handle Dollar devaluation?

Can you please answer the above^ questions?

Greets,
oOo
.

out of the exchanges,   I would put my bet on CampBX being the most secure...

Based in the US with trigger happy lawyers it most likely would mean they had to spend more time on Security than anything else.

There haven't been much news from Camp BX lately... Are SEPA transfers still on the roadmap?

Good timing with this post, I forget about Camp BX sometimes, but maybe because the users are happy, and happy customers are not noisy and don't pollute the forums

Cool.

Once your volume is pumped up, we can talk about Bitinstant Integration. We can offer your customer instant deposits, withdrawals, and inter-exchange transfers between 5 payment methods and 4 other exchanges besides you. You take no risk and everything done on our end.

Good luck.

Correct - that is why we do not support Paxum!  Sorry the original post was not clear: should have said "No Paxum".

Paxum does not have an office in the USA. They are based in South America with an office in Canada. There customer service is based in Mexico and they use a Belize and Canadian bank 

Hi everyone,
      We received multiple requests for information around Camp BX security measures in the wake of Bitcoin7 incident.  So here is a high-level summary of precautions and processes in place at Camp BX: please feel free to ask questions and we will be happy to share additional information.

Physical Security:
- Professional, secure data center in Arizona
- Triple telecom backbone connectivity for redundancy
- Caterpillar diesel generators in case of power brown-out / black-out
- Restricted physical access to servers

Information security:
- Well defined chain of command for wallet and database ownership
- Nightly security scans by McAfee Secure
- Scheduled D-DoS attacks
- White-hat penetration tests
- 72-hour SLA commitment to address new vulnerabilities

Financial security:
- No fractional reserve: We hold 100% of user funds in reserve at all times
- All banking done on-shore in the USA
- We do not do business with companies that don't have a registered office in USA.  (Paxum, Liberty Reserve)

Thank you,
       Keyur