Slashdot Mirror
Hacked BitCoin Exchange Sued By Customers
judgecorp writes "Bitcoinica, an exchange for the BitCoin virtual currency, is being sued by former customers, after it was hacked. Thieves stole around $180,000 worth of BitCoins in two attacks. The site is now closed, and customers are suing to get their money back."
+/- $180,000.
Other estimates calculate the loss at "ham sandwich and a glass of milk".
Wearing pants should always be optional.
I could answer this one two ways, but I'm going to go with blaming the victim on this one. There have been a rash of thefts surrounding BitCoin wallets in some of the stupidest ways (any number of BitCoin sites, for God knows what reason, have been using MySQL for their backend, and more than a few have been using PHP) -> show of hands on /., if you were designing / developing a website that dealt primarily with money, would you use MySQL? And why not?
Your wallet.dat file is your wallet. BitCoins = cash. Think about online areas the same way you think about offline areas -> there this dude who wants to hold my wallet for me, I don't really know him, but everyone else seems to trust him, even though he's only been standing on this street corner for about 5 minutes, and has all the wallets in a 20 gallon transparent plastic bag...should I trust him as well? Fuck no. Put your wallet on your cellphone or usb keychain or anything that you can see, and PHP encrypt it. Don't know what PGP is? Good news, it's the equivalent of Fort Knox, has been around for a long time, and is the key to not hating yourself if / when you store over $1,000 worth of BitCoins in your wallet and have it stolen because you couldn't be troubled to lock the f*cking door. Takes like 30 minutes, possibly less, to find a helpful tech (something above the level 1 hell-desk types, find a domain / network admin, bring tea as a peace offering), have him / her generate the key and set you up.
Bonus question -> since I know a few of you are interested in getting into the financial district -> what is the natural consequence of using floating point data types for fiscal transactions?
I am John Hurt.
You know what the biggest current problem with bitcoins is? Scarcity. The current model has them scaling back logarithmically as the number of transactions increases. What this means is that every generation it becomes that much harder to mine bitcoins and thus that much more lucrative to steal them instead. Combine this with the new FPGA mining rigs and the lowered electricity cost to generate them as a result and what you have is a digital representation of modern financial society.
The lower-class, with ineffecient rigs unable to produce more bitcoins than it's costing them.
The middle-class, with rigs just good enough to break even.
The upper-class, with rigs that provide a net benefit in bitcoin mining compared to cost, thanks to efficiency and scale.
The black market-class, hacking the latter three, disadvantaging the lower two, and having the uppers pass the buck back down.
In that light, it makes an excellent sociology and economy experiment given how well it reflects the various groups involved in modern global society.
And good luck suing for untaxed, untraceable, and unregulated currency.
Generally speaking, even internet income or internet capital gains is supposed to be taxable for US citizens, so don't expect the Californian/US justice system to come running to help you if you give them any inkling that you purposefully invested in bitcoins to avoid giving them a piece of the action.
If I had been one of the victims, I would have sued the site directly in Singapore court. A small tax haven and tax shelter like Singapore is much more likely to want to encourage this type of industry and therefore encourage straight dealings in those types of transactions. Furthermore, it will be much easier to demand discovery and collect damages from a Singapore company in Singapore than trying to do the same remotely from a Superior Court in San Francisco.
Ever heard of the term "bucket shop"? That's exactly how Bitconica functioned. Sure you could sell, or sell on margin, your Bitcoins for imaginary US dollars, but you couldn't never withdraw or deposit anything but Bitcoins. What went on was people would use the margin given to them by Bitconica to speculate on the price of Bitcoin, then they'd conveniently lose their whole positions whenever the market went against them, which is quite easy to do if you happen to have everyones Bitcoins to manipulate the market with. This happened so often that a new term was invented for it: zhou tonged, named in honor of the 17 year old kid running the site. (seriously, 17!) Hell, even in the Bitcoin community lots of people were calling them out on this right from the start, for instance here is a post by one of the main devs, obviously concerned about all the other scams that of course have cropped up using bitcoin. Speaking of, wait'll you see the press when the pyramid scheme known as "Bitcoin Savings and Trust" fails, as it of course will given it pays out %3400 a year.
Personally I'd suggest you use your Bitcoins for something reputable, like buying pot, getting cash out of Argentina or donating to wikileaks. All this investment non-sense, as opposed to just using the currency for moving value around digitally, is getting out of hand.
I think you're really missing the point of Bitcoin mining. It's like gold mining, in an economy using Gold as a currency; you'd never expect the majority of economic effort being involved in digging the stuff out of the ground. Rather a small segment of society does that, and the rest of society does whatever they do in the economy, buying gold from other people as needed.
Bitcoin mining was *never* meant to be the way that the majority of people would get their Bitcoins. Rather it's a way of securing the network, namely in that Bitcoin essentially consists of an accounting system, where value is exchanged by writing public key crypto signed messages saying things like "Alice gives 10 bitcoins to Bob". Mining is required because there needs to be some canonical way of ordering those transactions in time. That's done by saying that whatever at least 51% of the computing power in the network thinks is true, is. So long as no one party ever controls that 51%, you can determine if coins have been spent to another party before you decide to accept them.
Look at the pool hashrate diagram. Each of those pie slices is a group of dozens to hundreds of users, each with at least a few hundred dollars worth of mining hardware, securing the network. Do I care if they are making more in Bitcoins than their rigs are costing them? Heck no. I just want a secure network so when I receive some Bitcoins I can know that they haven't been spent before. FPGAs and the upcoming ASICs are good for that, because they perform so much faster than off-the-shelf CPU's that any attacker would have a hard time getting enough computing power to attack the network.
Besides, if I did want to become a miner, all I'd have to do is spend about $600 on a Butterfly Labs fpga platform and I'd gradually have Bitcoins trickle in. But it's a lot faster to just buy them from someone else, just like it's a lot faster to buy gold from someone than mine it.