Slashdot Mirror
Hacked BitCoin Exchange Sued By Customers
judgecorp writes "Bitcoinica, an exchange for the BitCoin virtual currency, is being sued by former customers, after it was hacked. Thieves stole around $180,000 worth of BitCoins in two attacks. The site is now closed, and customers are suing to get their money back."
I could answer this one two ways, but I'm going to go with blaming the victim on this one. There have been a rash of thefts surrounding BitCoin wallets in some of the stupidest ways (any number of BitCoin sites, for God knows what reason, have been using MySQL for their backend, and more than a few have been using PHP) -> show of hands on /., if you were designing / developing a website that dealt primarily with money, would you use MySQL? And why not?
Your wallet.dat file is your wallet. BitCoins = cash. Think about online areas the same way you think about offline areas -> there this dude who wants to hold my wallet for me, I don't really know him, but everyone else seems to trust him, even though he's only been standing on this street corner for about 5 minutes, and has all the wallets in a 20 gallon transparent plastic bag...should I trust him as well? Fuck no. Put your wallet on your cellphone or usb keychain or anything that you can see, and PHP encrypt it. Don't know what PGP is? Good news, it's the equivalent of Fort Knox, has been around for a long time, and is the key to not hating yourself if / when you store over $1,000 worth of BitCoins in your wallet and have it stolen because you couldn't be troubled to lock the f*cking door. Takes like 30 minutes, possibly less, to find a helpful tech (something above the level 1 hell-desk types, find a domain / network admin, bring tea as a peace offering), have him / her generate the key and set you up.
Bonus question -> since I know a few of you are interested in getting into the financial district -> what is the natural consequence of using floating point data types for fiscal transactions?
I am John Hurt.
I think you're really missing the point of Bitcoin mining. It's like gold mining, in an economy using Gold as a currency; you'd never expect the majority of economic effort being involved in digging the stuff out of the ground. Rather a small segment of society does that, and the rest of society does whatever they do in the economy, buying gold from other people as needed.
Bitcoin mining was *never* meant to be the way that the majority of people would get their Bitcoins. Rather it's a way of securing the network, namely in that Bitcoin essentially consists of an accounting system, where value is exchanged by writing public key crypto signed messages saying things like "Alice gives 10 bitcoins to Bob". Mining is required because there needs to be some canonical way of ordering those transactions in time. That's done by saying that whatever at least 51% of the computing power in the network thinks is true, is. So long as no one party ever controls that 51%, you can determine if coins have been spent to another party before you decide to accept them.
Look at the pool hashrate diagram. Each of those pie slices is a group of dozens to hundreds of users, each with at least a few hundred dollars worth of mining hardware, securing the network. Do I care if they are making more in Bitcoins than their rigs are costing them? Heck no. I just want a secure network so when I receive some Bitcoins I can know that they haven't been spent before. FPGAs and the upcoming ASICs are good for that, because they perform so much faster than off-the-shelf CPU's that any attacker would have a hard time getting enough computing power to attack the network.
Besides, if I did want to become a miner, all I'd have to do is spend about $600 on a Butterfly Labs fpga platform and I'd gradually have Bitcoins trickle in. But it's a lot faster to just buy them from someone else, just like it's a lot faster to buy gold from someone than mine it.