2014-02-26 0:34 GMT+01:00 Juan Garofalo <juan.g71@gmail.com>:
> This is closer to your bank leaving it's vault open or, in the case of Target,
> accidentally having all of the credit card numbers stolen.

        If the bank left the vault's door open, then there's something
fundamentally wrong with the bank, or there's some other funny business
going on.
 
if the leaked document is correct:
The fundamental problem here was that the guys in charge, especially the CEO, somehow managed to extract money from the vault (cold storage) and put it in the counter without actually ever checking the vault for years.

Never checking if the money in the vault fits the money you owe people is a very extreme way to put your head in the sand. This is obviously negligent, to a point that it would fall in the category of criminal negligence anywhere sane.

The reason I had faith in mtgox is knowing they use cold storage, so if somehow the vault was draining they'd always have a wide margin to figure out what the hell was up. Somehow they kept all their coins semi-live. Meaning they could all get stolen.

It's ridiculous and I couldn't imagine such a wealthy and industry leading company to not once have thought "maybe we should fix this".

It is, at best, an example that doing a bad job is better than doing no job at all, and that in the end the bad job will fuck everyone over. Makes me feel I should go ahead and start my own exchange, 'cause I'd just do so much better a job than is being done right now.

Except the army. Organization wise the army always deeply impressed me. Perhaps it's because it's the one big-organization that humanity has had thousands upon thousands of years of time for perfecting it, and those that didn't died?

        Banks don't need 'regulators' telling them to keep their vaults closed...

Never underestimate human stupidity.
 


> The problem here is that it is cheaper in the short term to create crappy
> code security-wise and push it live than it is to create code that is
> actually properly implemented for a banking environment to handle both the
> large amounts of money and the quite serious number of attacks that will
> take place once the amount of money available is established.
>
> In a competitive environment, the folks who take short cuts will save
> money in the short term, and thus will be more likely to pick up users
> than a more expensive equivalent that actually did the security correctly.

        And in the long term they will be out of business.

Or not. If it were up to most regulators, definitely not.

Mtgox was never in a highly competitive environment. If it were it wouldn't have been on top so steadily with so little improvements in service rendered.
 
        Although that's not the whole picture. In this case, a different  problem
is that people are using a *centralized* exchange as a bank to keep their
supposedly *decentralized* e-money.

This is offtopic to be honest. Whoever needed a money that was totally centralized, and why does he/she think Bitcoin is it? It's much much much more decentralized than any other currency. The fact that it's not useless now is what sets it apart from things like the LibertyDollar, so I'd say it's working just fine. Can't stand this sort of underinformed bullshitting.