a thoughtful web.
Good ideas and conversation. No ads, no tracking.   Login or Take a Tour!
comment by veen
veen  ·  3921 days ago  ·  link  ·    ·  parent  ·  post: Security At MtGox Much Worse Than Originally Imagined

    Somebody who was utterly not qualified to go near any kind of security job had built a vault for a billion dollars using a completely unsafe webpage scripting language. And people were using it, trusting him with their money, more or less because he said he was honest in the Terms of Service.

    [...]

    But just to drive the point home, the damning leak was posted from Mark Karpeles’ personal accounts, both on Reddit and in an article on his own personal blog.

I'm not sure if I should laugh or cry. This feels straight out of a comedy sketch. What I do know is that I have no trust anymore.





insomniasexx  ·  3921 days ago  ·  link  ·  

I felt the same way when I first started seeing some comments via IRC logs. At first I was like, wow that's cool. He's talking with his customers via IRC...tight community...etc. Then when I realized how massive Mt. Gox is and here is a guy supposedly running the entire thing - billions and billions of dollars - the insanity that he's openly discussing business, security, "gag" orders, etc is mind boggling.

If you've read What didn't happen at Mt Gox, you can see how some of the author's assumptions there, especially regarding "It's Not Transaction Malleability", may have skewed his reasonings later. If point A is flawed, all the points after it are flawed as well. While I'm still hesitant to blame it on malleability 100%, it makes sense that that there could be a combination of malleability and bad security.

    Security alarms would go off, somebody would notice something totally alarming, and they would basically just ignore it.

If this is true, it could very well lead to insolvency very, very quickly. I think the author of this article and the What Didn't Happen at Mt. Gox article should get together and put their knowledge together. It could lead to an awesomely enlightening post.

veen  ·  3921 days ago  ·  link  ·  

You'd think that sitting on top of billions would professionalize a financial company, but it seems like they are just too incompetent to run something like this. To be honest, I'm not deep enough into the whole bitcoin story to say something useful about this. It is interesting, though, as it seems like nerds are forced to learn important economics lessons.

    I think the author of this article and the What Didn't Happen at Mt. Gox article should get together and put their knowledge together. It could lead to an awesomely enlightening post.

That would be an amazing read