“This could be the end of Bitcoin”: leak shows huge theft at Mt. Gox, price falls below $500

Dianne said:
Speaking of which, does anyone have the "true" url for downloading the btc wallet? I have never known the authentic address, and have been storing mine on btc-e. Not that I have much, but the little I have should be out of an exchange.
Click to expand...

I recommend going to blockchain.info. Their security is simply the best.
 
brandon said:
Looks like the price stabilized a bit in the lower $500s. I was going to make my first major bitcoin purchase if the price came down another 25%. Oh well, I'll keep waiting for an opportunity.
Click to expand...

I think you may get it. I don't think it's ready to move into post-consolidation yet.
 
Dianne said:
Speaking of which, does anyone have the "true" url for downloading the btc wallet? I have never known the authentic address, and have been storing mine on btc-e. Not that I have much, but the little I have should be out of an exchange.
Click to expand...

https://bitcoin.org/en/download

Make sure to encrypt your wallet with a strong password. After you do this create a second wallet address to test your password before sending any BTC to it.

After doing all of that then back up the wallet.dat file to a different location.
 
Can someone who understands the technical details of BC explain this to me? My understanding is that over the last 2 years Mt. Gox has been exploited via a "malleability" flaw that has been known about since 2011. Bitcoin transaction packages were intercepted and rewritten, and because of the flaw Gox was unable to tell that the packages had been tampered with.

My question is this. Since the entire block chain of transactions is public for BC, why couldn't people just plug their anonymous user id hashes into the block chain and find out their balances? This would be similar to catching someone tampering with a check you wrote by checking your account balance every day. Why weren't people doing that? Maybe not everybody, but at least a few would have caught it.

It would seem that Gox and others would be OK with the flaw because of this simple check. Even right now other exchanges are going ahead just fine with the flaw.

Am I missing something? Have I got this wrong?


Thanks.
 
furface said:
Can someone who understands the technical details of BC explain this to me? My understanding is that over the last 2 years Mt. Gox has been exploited via a "malleability" flaw that has been known about since 2011. Bitcoin transaction packages were intercepted and rewritten, and because of the flaw Gox was unable to tell that the packages had been tampered with.

My question is this. Since the entire block chain of transactions is public for BC, why couldn't people just plug their anonymous user id hashes into the block chain and find out their balances? This would be similar to catching someone tampering with a check you wrote by checking your account balance every day. Why weren't people doing that? Maybe not everybody, but at least a few would have caught it.

It would seem that Gox and others would be OK with the flaw because of this simple check. Even right now other exchanges are going ahead just fine with the flaw.

Am I missing something? Have I got this wrong?


Thanks.
Click to expand...

You may have missed the part where other exchanges have updated their serves specifically because they were being affected by this flaw. Gox handled it notoriously badly, and by the time anyone noticed, they were in too deep shit to crawl out.
 
PaulConventionWV said:
You may have missed the part where other exchanges have updated their serves specifically because they were being affected by this flaw. Gox handled it notoriously badly, and by the time anyone noticed, they were in too deep shit to crawl out.
Click to expand...

OK, but why weren't Gox's customers verifying their accounts on the public block chain? Wouldn't they have done that and complained to Gox about it? Was Gox that incompetent that they didn't do anything about it? Surely after 2 years someone would have sued them or made a public stink about it.

Or even more likely wouldn't people try to withdraw from Gox and find their Bitcoins missing?

Was it a relatively low level attack until a few weeks ago when got much bigger? It still doesn't make sense to me that this could have happened for this long and on this scale.

Thanks.
 
furface said:
OK, but why weren't Gox's customers verifying their accounts on the public block chain? Wouldn't they have done that and complained to Gox about it? Was Gox that incompetent that they didn't do anything about it? Surely after 2 years someone would have sued them or made a public stink about it.

Or even more likely wouldn't people try to withdraw from Gox and find their Bitcoins missing?

Was it a relatively low level attack until a few weeks ago when got much bigger? It still doesn't make sense to me that this could have happened for this long and on this scale.

Thanks.
Click to expand...

That I can't help you with. I can tell you they were notoriously bad at handling complaints, and they didn't seem to know what to do when a problem arose. I couldn't tell you why people didn't notice, but sometimes that's the way new technologies are. One of the risks early investors take is dealing with institutions that haven't been vetted yet. I'm sure someone else will be able to tell you exactly why it go so bad so fast.
 
furface said:
OK, but why weren't Gox's customers verifying their accounts on the public block chain? Wouldn't they have done that and complained to Gox about it? Was Gox that incompetent that they didn't do anything about it? Surely after 2 years someone would have sued them or made a public stink about it.

Or even more likely wouldn't people try to withdraw from Gox and find their Bitcoins missing?

Was it a relatively low level attack until a few weeks ago when got much bigger? It still doesn't make sense to me that this could have happened for this long and on this scale.

Thanks.
Click to expand...

No, Gox customers could not check their balances with info on the public block chain. MtGox does not have an individual address for each customer. You can use a traditional bank as a fairly good analogy. If 10 different people bring their cash to deposit into a bank, the bank will put all of the cash into the same vault. They do not have private vaults for each customer. In their internal bank records they keep a tabulation on how much money each customer put in the vault. If a single customer went and inspected the vault they would have no way of knowing if the reserves were adequate to cover every customer's deposits. MtGox and the other exchanges work kind of the same way.
 
brandon said:
No, Gox customers could not check their balances with info on the public block chain. MtGox does not have an individual address for each customer. You can use a traditional bank as a fairly good analogy. If 10 different people bring their cash to deposit into a bank, the bank will put all of the cash into the same vault. They do not have private vaults for each customer. In their internal bank records they keep a tabulation on how much money each customer put in the vault. If a single customer went and inspected the vault they would have no way of knowing if the reserves were adequate to cover every customer's deposits. MtGox and the other exchanges work kind of the same way.
Click to expand...

Thank Brandon. Just so I'm getting it right, the trades listed here

http://blockchain.info/

are transactions taking place outside the exchange or else the exchanges trading themselves? So if I understand what you're saying, Gox and other exchanges would aggregate my trade with others and do one big trade on the block chain, or not, depending on their internal reserves?

Sounds like a lot of trust to put into an essentially unregulated entity. Is there a lot of trading being done outside the exchanges?

Thanks so much.
 
furface, I think your assumptions are basically right.

Here's a reddit thread where people are trying to track down how much money mtGox might still have, based on info in the public block chain. THey are concluding they must still have 200k - 400k BTC. So basically you can track down how much money someone has but it is very difficult to follow the trail and be completely right about it. It's like trying to find a needle in a haystack and then looking for DNA on the needle to determine who put it there. http://www.reddit.com/tb/1z37zw
 
Last edited:
You must log in or register to reply here.

Similar threads

I
David Stockman, "The Myth of the MAGA Economy"
Replies
2
Views
1K
PAF
PAF
Swordsmyth
Dreams of the Dark Bill of Rights
Replies
0
Views
2K
Swordsmyth
Swordsmyth
Occam's Banana
The Rise of the Woke Cultural Revolution
Replies
1
Views
2K
Occam's Banana
Occam's Banana
Zippyjuan
$1 Billion Bitcoins Lost in Mt. Gox Hack to Be Returned to Victims
Replies
0
Views
1K
Zippyjuan
Zippyjuan
donnay
Data Leak Shows Regulators Had Major Concerns About Pfizer’s mRNA Vaccine
Replies
12
Views
1K
alivecream
A
Back
Top