The cold storage has been wiped out due to a leak in the hotwallet

Sort of implies that "cold wallet" meant "bot-controlled wallet that could automatically refill 'hot-wallet'." In other words, a second-layer hot-wallet. Never assume malice for that which is equally explainable with stupidity. On 25/02/14 03:35, Lodewijk andré de la porte wrote:

MTGOX just started serving this: The requested page was not found on this server

The cold storage has been wiped out due to a leak in the hotwallet

what?

Sorry but you do check your total balance every so often.

I mean you do.

"Injections in coin are most useful (enough to run the exchange) but some cash is also needed to not run a fractional reserve"

This is actually really decent news. Running a fractional reserve would be very tolerable. It's interesting they mention turning off trade for a month, that's quite a lot. And it might just have started right now.

744,408 were stolen but they have a liability of 624,408 BTC

Those numbers seem in the right order (if everything is kinda effed).

"Coins for equity, coin donations, and cash injections to buy coins at the cheapMtGox price are some options among many."

I think I could do with some equity. But I wonder if it'd be a good deal, given their distinct lack of Bitcoin (according to this document).

"To avoid a bank run from customers, the daily amount of bitcoin and cashwithdrawals will be limited."

Seems nobody got burned. Just for a while.

Anyway. The question of how this happened is not really answered. "Poor Bitcoin accounting" is an understatement. Your hot wallet leaking is also not a very realistic thing, unless it was just a steady steal.

How can someone steal all the money and not be detected (by anyone)?

Can we somehow just revert the theft transactions? I'd at least like to know what happened to the coins. Who has them? Who goes to jail for it?

This is a pretty strange way for all this to turn out if you ask me. I wonder who didn't get burned.

2014-02-25 3:49 GMT+01:00 Rich Jones :

...

Alleged leaked doc from inside Mt. Gox:

http://www.scribd.com/doc/209050732/MtGox-Situation-Crisis-Strategy-Draft

...

Nasty lookin', especially that assets and liabilities page! Although I

don't understand how the theft could affect their cold storage.

...

Soooooo.. who got burned?

R

-- Please help support my crowdfunding campaign, IndieBB: Currently at 27.4% of funding goal, with 17 days left: http://igg.me/at/yourfirstgmo/x/4252296 T: @onetruecathal, @IndieBBDNA P: +3538763663185 W: http://indiebiotech.com

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/25/2014 12:09 PM, Juan Garofalo wrote:

I wonder if I'm getting this right : every single bitcoin transaction since the bronze age is public, yet 700,000 coins vanished and no one noticed?

Yep. Seems legit. :P - -- The Doctor [412/724/301/703] [ZS] PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ There is no pumpkin here. That would be foolish. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlMNECUACgkQO9j/K4B7F8EPiQCbBTZ9dofYf022bQYESpbJr0kJ 0oUAnjyHWnocfoUNbPplAOzVZ96z82MU =6uML -----END PGP SIGNATURE-----

2014-02-25 19:22 GMT+01:00 The Doctor :

Why would somebody trust a centralized entity that interfaces with a decentralized system that deals with something people perceive as valuable? "Hey! I'd rather work with a central point of failure!"

I don't get it.

I'd rather trust people that'd hang if they fail to secure a system than my PC which is guaranteed to be replaced if it fails within 2 years, insured against fire, etc. (And is guaranteed to fail) I did place coin elsewhere, luckily. But my trust in Mtgox was quite large. Mostly because of their combination of high fees and high volume. When I joined it was "If gox goes bust, everyone goes bust". Now it's not totally clear. I hope others step in and buy mtgox. It'd net them the old customerbase. It'd make everyone feel much safer on other exchanges, even though they might not be. It's a lot of coin though. Can't believe they never checked their safe. Their current website announcement is a straight offense too. Wouldn't suprise me if some of them go to jail for Criminal Neglegence.

What I didn't understand until a few minutes ago is that MtGox wasn't putting their transactions on the blockchain. Thus, the built-in validation model that comes with bitcoin was being "worked around".

Fucking hell, was that public knowledge all along? Why the hell did anyone trust those cowboys with a cent!? On 25/02/14 21:02, fyl wrote:

On 02/25/2014 02:22 PM, Lodewijk andré de la porte wrote:

...

2014-02-25 19:22 GMT+01:00 The Doctor :

...

...

Why would somebody trust a centralized entity that interfaces with a decentralized system that deals with something people perceive as valuable? "Hey! I'd rather work with a central point of failure!"

I don't get it.

...

I'd rather trust people that'd hang if they fail to secure a system than my PC which is guaranteed to be replaced if it fails within 2 years, insured against fire, etc. (And is guaranteed to fail)

...

I did place coin elsewhere, luckily. But my trust in Mtgox was quite large. Mostly because of their combination of high fees and high volume. When I joined it was "If gox goes bust, everyone goes bust". Now it's not totally clear.

...

I hope others step in and buy mtgox. It'd net them the old customerbase. It'd make everyone feel much safer on other exchanges, even though they might not be. It's a lot of coin though. Can't believe they never checked their safe.

...

Their current website announcement is a straight offense too. Wouldn't suprise me if some of them go to jail for Criminal Neglegence.

What I didn't understand until a few minutes ago is that MtGox wasn't putting their transactions on the blockchain. Thus, the built-in validation model that comes with bitcoin was being "worked around".

-- Please help support my crowdfunding campaign, IndieBB: Currently at 28.4% of funding goal, with 16 days left: http://igg.me/at/yourfirstgmo/x/4252296 T: @onetruecathal, @IndieBBDNA P: +3538763663185 W: http://indiebiotech.com

2014-02-25 22:02 GMT+01:00 fyl :

What I didn't understand until a few minutes ago is that MtGox wasn't putting their transactions on the blockchain. Thus, the built-in validation model that comes with bitcoin was being "worked around".

Could you be a bit more specific about transaction? A Bitcoin transaction /has/ to go into the blockchain. An MtGox internal transaction normally wouldn't. A trade definitely wouldn't, as it bridges fiat and crypto.

--On Tuesday, February 25, 2014 2:40 PM -0700 Kelly John Rose wrote:

On Tue, Feb 25, 2014 at 1:22 PM, Lodewijk andré de la porte wrote:

...

Their current website announcement is a straight offense too.

I find it somewhat ironic that they are shutting things down to avoid a run on the bank. They can't go to fractional reserves without essentially upsetting the ideology

What?

of many of their users and they cannot let their users take money out because they didn't implement the most basic accounting procedures for these things.

Sadly, this is the precise reason banks are generally heavily regulated.

The problem with the exchange is that they stole the coins, full stop. That's got nothing to do with regulation. It's plain thievery. ...Unless by regulation you mean the fundamental belief that theft is wrong...a belief that so called regulators or any other government supporting retards don't share anyway.

Without that regulation, corners get cut and millions of dollars get stolen with no recompense.

-- Kelly John Rose Toronto, ON Phone: +1 647 638-4104 Twitter: @kjrose Skype: kjrose.pr Gtalk: iam@kjro.se MSN: msn@kjro.se

Document contents are confidential between original recipients and sender.

--On Tuesday, February 25, 2014 3:44 PM -0700 Kelly John Rose wrote:

They were given the coins by people who trusted them and their code to not be easily manipulated. Their code was crap and didn't do the tracking properly. They didn't steal the coins, they screwed up the code by not ensuring that it was to the level of quality needed for such a high amount of finance moving through it. This is not theft, it's incompetence.

Well, that's their story, which I don't find too plausible. Regardless, even if karpeles and friends didn't steal the coins themselves, other people did, thanks to mtgox's incompetence. The problem here is not a 'bank run' in the ordinary sense, it's just theft.

This is closer to your bank leaving it's vault open or, in the case of Target, accidentally having all of the credit card numbers stolen.

If the bank left the vault's door open, then there's something fundamentally wrong with the bank, or there's some other funny business going on. Banks don't need 'regulators' telling them to keep their vaults closed...

The problem here is that it is cheaper in the short term to create crappy code security-wise and push it live than it is to create code that is actually properly implemented for a banking environment to handle both the large amounts of money and the quite serious number of attacks that will take place once the amount of money available is established.

In a competitive environment, the folks who take short cuts will save money in the short term, and thus will be more likely to pick up users than a more expensive equivalent that actually did the security correctly.

And in the long term they will be out of business. Although that's not the whole picture. In this case, a different problem is that people are using a *centralized* exchange as a bank to keep their supposedly *decentralized* e-money. And that seems to be a trend. Seems to me that a lot of computer illiterate people store their btc in online centralized wallets that have access to the private keys?

Regulations in this circumstance only have the effect of ensuring a certain level of quality and security for the end consumer by levelling the playing field to a certain standard.

How could I have missed that? Government regulation is something created by honest politicians taking into account the best interests of their subjects =)

-- Kelly John Rose Toronto, ON Phone: +1 647 638-4104 Twitter: @kjrose Skype: kjrose.pr Gtalk: iam@kjro.se MSN: msn@kjro.se

Document contents are confidential between original recipients and sender.

...

...

code security-wise and push it live than it is to create code that is actually properly implemented for a banking environment to handle both the large amounts of money and the quite serious number of attacks that will take place once the amount of money available is established.

In a competitive environment, the folks who take short cuts will save money in the short term, and thus will be more likely to pick up users than a more expensive equivalent that actually did the security correctly.

And in the long term they will be out of business.

Or not. If it were up to most regulators, definitely not.

Mtgox was never in a highly competitive environment. If it were it wouldn't have been on top so steadily with so little improvements in service rendered.

The service rendered was trade volume. It seemed to do that quite well.

...

Although that's not the whole picture. In this case, a different problem is that people are using a *centralized* exchange as a bank to keep their supposedly *decentralized* e-money.

This is offtopic to be honest. Whoever needed a money that was totally centralized, and why does he/she think Bitcoin is it? It's much much much more decentralized than any other currency. The fact that it's not useless now is what sets it apart from things like the LibertyDollar, so I'd say it's working just fine. Can't stand this sort of underinformed bullshitting.

I'd argue that centralized systems provide, on averge, a larger anonymity set and privacy in the majority of cases than decentralized ones. In particular exchanges that everyone believes are 'incompetent' are a wonderful place to get a lot of cheap plausible deniability by making everyone else that uses it pay for it when the house of cards falls down. -- ---------------------------------------------------------------------------- Troy Benjegerdes 'da hozer' hozer@hozed.org 7 elements earth::water::air::fire::mind::spirit::soul grid.coop Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash

Lodewijk andré de la porte writes:

Their current website announcement is a straight offense too. Wouldn't suprise me if some of them go to jail for Criminal Neglegence.

What would they be prosecuted for, not storing the tulip bulbs under dry enough conditions? It's not as if they violated any banking regulations. Peter.

On Wed, Feb 26, 2014 at 02:57:04AM -0500, grarpamp wrote:

On Tue, Feb 25, 2014 at 1:22 PM, The Doctor wrote:

...

Why would somebody trust a centralized entity that interfaces with a decentralized system that deals with something people perceive as valuable? "Hey! I'd rather work with a central point of failure!"

Probably because they don't currently have a choice. ie: afaik, there's no good decentral/p2p fiat-BTC exchange. Localbitcoins might be close in a way... distributed transaction locations in person... but it has a long way to go as far as volume and price sanity in any given area. And there seems to be some rollup of your transaction stats to the site, possibly including your price and volume, which a great many would not care to share. Until the commute to your local btc trader is tolerable, and under your desired level of regulation (or not), the big exchanges will remain the only real way to move nontrivial amounts in/out. That's not a problem for most players, they just want a place to play that looks stable long enough to push their transaction of interest through, or make enough money trading to offset the risk of trading there.

I've said it elsewhere.. The legally accepted way to launder money is hide it in high-frequency trades. Why would you want to trade on a centralized and reporting-to-the-regulators exchange? Well, its the perfect (and only) place to gain a sufficiently large anonymity set, and then when the exchange goes bust and large amounts are 'stolen' the entire corrupt Bitcoin 1% cartel now has plausible deniability that they were ever involved in Silk Road, or that fiat money bankers engineered the crash and subsequent 'ressurection' and additional 10x price jump you'll see in 6 to 9 months. See, it WAS those evil anonymous and distributed hackers that did it, really, not us central disaster capitalism planners. At least us farmers who remember the energy crisis, the farm crisis, the following mortgage crisis, and now the Bitcoin crisis sorta see a pattern here. My long-term bets are on more disaster capitalism when the great lakes freeze and the artic melts, and that the real money is in political theatre. ---------------------------------------------------------------------------- Troy Benjegerdes 'da hozer' hozer@hozed.org 7 elements earth::water::air::fire::mind::spirit::soul grid.coop Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash