Hacked BitCoin Exchange Sued By Customers

judgecorp writes "Bitcoinica, an exchange for the BitCoin virtual currency, is being sued by former customers, after it was hacked. Thieves stole around $180,000 worth of BitCoins in two attacks. The site is now closed, and customers are suing to get their money back."

Re:FDIC insured

[lightknight]

I could answer this one two ways, but I'm going to go with blaming the victim on this one. There have been a rash of thefts surrounding BitCoin wallets in some of the stupidest ways (any number of BitCoin sites, for God knows what reason, have been using MySQL for their backend, and more than a few have been using PHP) -> show of hands on /., if you were designing / developing a website that dealt primarily with money, would you use MySQL? And why not?

Your wallet.dat file is your wallet. BitCoins = cash. Think about online areas the same way you think about offline areas -> there this dude who wants to hold my wallet for me, I don't really know him, but everyone else seems to trust him, even though he's only been standing on this street corner for about 5 minutes, and has all the wallets in a 20 gallon transparent plastic bag...should I trust him as well? Fuck no. Put your wallet on your cellphone or usb keychain or anything that you can see, and PHP encrypt it. Don't know what PGP is? Good news, it's the equivalent of Fort Knox, has been around for a long time, and is the key to not hating yourself if / when you store over $1,000 worth of BitCoins in your wallet and have it stolen because you couldn't be troubled to lock the f*cking door. Takes like 30 minutes, possibly less, to find a helpful tech (something above the level 1 hell-desk types, find a domain / network admin, bring tea as a peace offering), have him / her generate the key and set you up.

Bonus question -> since I know a few of you are interested in getting into the financial district -> what is the natural consequence of using floating point data types for fiscal transactions?

It's the server that's not

[Taco+Cowboy]

The Bitcoin infrastructure might be secured, it's just that the weakest link is in the server

When the server is hacked, and all the info (Bitcoin is made up of encrypted information, please correct me if I am wrong) contained within it is stolen, it's as good as the Bitcoins were stolen and can be used elsewhere

Therefore, the one crucial thing for the Bitcoin infrastructure designers to do is to find ways to shore up the security of the Bitcoin servers, and make it as difficult as possible (it's impossible to make _any_ server 100% guarantee secured, I know) to be hacked
 

Re:It's the server that's not

[retep]

I think you're really missing the point of Bitcoin mining. It's like gold mining, in an economy using Gold as a currency; you'd never expect the majority of economic effort being involved in digging the stuff out of the ground. Rather a small segment of society does that, and the rest of society does whatever they do in the economy, buying gold from other people as needed.

Bitcoin mining was *never* meant to be the way that the majority of people would get their Bitcoins. Rather it's a way of securing the network, namely in that Bitcoin essentially consists of an accounting system, where value is exchanged by writing public key crypto signed messages saying things like "Alice gives 10 bitcoins to Bob". Mining is required because there needs to be some canonical way of ordering those transactions in time. That's done by saying that whatever at least 51% of the computing power in the network thinks is true, is. So long as no one party ever controls that 51%, you can determine if coins have been spent to another party before you decide to accept them.

Look at the pool hashrate diagram. Each of those pie slices is a group of dozens to hundreds of users, each with at least a few hundred dollars worth of mining hardware, securing the network. Do I care if they are making more in Bitcoins than their rigs are costing them? Heck no. I just want a secure network so when I receive some Bitcoins I can know that they haven't been spent before. FPGAs and the upcoming ASICs are good for that, because they perform so much faster than off-the-shelf CPU's that any attacker would have a hard time getting enough computing power to attack the network.

Besides, if I did want to become a miner, all I'd have to do is spend about $600 on a Butterfly Labs fpga platform and I'd gradually have Bitcoins trickle in. But it's a lot faster to just buy them from someone else, just like it's a lot faster to buy gold from someone than mine it.

Re:It's the server that's not

[retep]

No, that Butterfly labs platform will currently mine about 0.37BTC/day, or 11.17BTC/month. Currently the exchange rate is $12/BTC, with fluctuations of about +-$1/BTC in the past few weeks. GPU's use up way more power, although they hardware cost is less. Either way, it's easy to turn a profit after power costs, albeit with the risk that your capital investment and coins generated will be useless if bitcoin busts. Obviously lots of miners immediately sell every coin they generate to recoup that capital investment.

It's irrelevant what Bitcoins are, only how scarce they are, what's the inflation rate, and what people are willing to pay for them. The latter driven because the scarcity and inflation rate is fixed, and you can transfer them from one person to the other easily.

They also are *not* a series of 1s or 0s in the correct pattern; you're confusing Bitcoins with hash cash. Rather it's an accounting system where the number of Bitcoins you have is based on a transaction trail back to the original creation of a Bitcoin. That creation happens out of thin air, but in a manner where the network only allows a (on average) fixed amount every 10minutes, automatically adjusted both to slowly decline that amount over time, and to ensure that as more people compete for that amount, it gets harder to get coins. All this stuff about "mining" is just proving how much computer power you control, so that the users of the system can vote on what is the authentic and true ordering of transactions. If the system didn't vote on transaction ordering, people could spend money twice, by signing statements to the affect of "I, Alice, transfer x coins to Bob" followed by "I, Alice, transfer x coins to Charlie".

It's just a form of fiat with a fixed, and declining, inflation rate that happens to be transferably digitally and can't be counterfeited, where all those properties are controlled by a distributed group of computers with many different owners. It's really not that complex or magical.

Modern banking is actually really similar, except that transactions guaranteed by accountants, and we say the government decides how many coins to create.

Re:Good luck with that!

[Sir_Sri]

Gold stored in a bank is the only money you can count on

not really no. Gold can float in price wildly (http://goldprice.org/charts/history/gold_10_year_o_usd.png ). That's only a 10 year, during which gold has done very well, until the 2008 crash, and then it's been down 15% or so since then.

Gold (and diamonds) are just commodities like any other. Sometimes they do well, sometimes they do badly. In the same 10 years gold has gone from the 300-400 ish (not sure exactly for 2002) to 1600 roughly a factor of 4-5, oil has gone from 22 to 93 dollars a barrel (with a spike in between just like gold) which is a factor of 4 and a bit.

http://inflationdata.com/inflation/inflation_rate/historical_oil_prices_table.asp If you notice, in 1998 oil was just under 12 dollars a barrel. It went up to 27 in 2000, dropped to 20 ish and then has a long climb since.

So ok, we looked at some 10 year trends and proved lots of commodities swing wildly, including fake money (gold). Now lets have some real fun. Lets look at the price of gold since the unification of germany (1871) on an inflation adjusted (rather than just nominal) basis http://www.vanguardblog.com/2010.07.26/gold-rush.html now that's interesting. Notice the batshit crazy spikes in the late 70's and 2010. Uh huh. That doesn't mean it will go down, but if you'd bought gold in 1981 and needed to retire 20 years later you would have lost most of your buying power.

Bitconica was shady bucket shop from the start

Note that on this so-called "exchange" you could never actually convert Bitcoins to any other currency. Sure you could "sell" your coins, but you had to buy new Bitcoins to ever get your money out. Mainly Bitconica was used by people trying to short Bitcoins or dollars. This kind of arrangement is known as a bucket shop and has been illegal for a very long time for very good reasons. Namely the people running the site can always manipulate the exchange rates to clean you out, and therefor pocket all your money.

Of course, the 17 year old kid running the whole thing always said that trades went out to real exchanges, but the volume on other exchanges never was anything near what was required for that to be plausible. Meanwhile the whole time people were "zoutong'd" whenever the alleged exchange rate went against their bets.

The whole thing is shady as fuck, although to the credit of Bitcoin people, a lot were asking questions about the thing right from day one, see here and here. (the latter is one of Bitcoins main developers)

Re:But WHY do we think these items have value?

[downhole]

I'm not a hardcore economics geek or anything, but the argument that I've found the most persuasive is that gold and other fixed-supply currencies are a bad idea because the economy itself is growing and increasing it's value. If your currency supply is fixed and your overall economic value is growing, then you get deflation, which discourages people from spending or investing their money because letting it just sit there will increase its value just as fast as investing it would. Apparanly, you get a nasty boom-bust cycle when large economic activity creates lots of extra wealth, but the money supply is fixed so it all deflates, then nobody wants to spend anymore, and the economy crashes again until total wealth drops back down to where it makes sense to invest again. I'm not completely sure if it's true, but I've heard that the whole European colonial period really came about because the societies at the time were creating lots of extra wealth and they had to find more gold to represent that wealth in order to avoid deflation, and it seems to make a kind of sense.

Essentially, to have a economy that it stable in the long term, you must inflate your currency at a controlled pace to create low but positive inflation. Thus, you must have a Fiat currency, and it basically has to be controlled by the Government.

Also persuasive is that we have hundreds of countries with all sorts of governments and economic policies. If the gold standard was such a great idea, then wouldn't some country somewhere try it and out-compete everyone else, or at least their neighbors/local rivals?

Now whether recent government have done a lousy job of running the economy and the currency, that's a whole different argument...