2014-02-26 0:34 GMT+01:00 Juan Garofalo <[1]juan.g71@gmail.com>:

   > This is closer to your bank leaving it's vault open or, in the case
   of Target,
   > accidentally having all of the credit card numbers stolen.

             If the bank left the vault's door open, then there's
     something
     fundamentally wrong with the bank, or there's some other funny
     business
     going on.


   if the leaked document is correct:
   The fundamental problem here was that the guys in charge, especially
   the CEO, somehow managed to extract money from the vault (cold storage)
   and put it in the counter without actually ever checking the vault for
   years.
   Never checking if the money in the vault fits the money you owe people
   is a very extreme way to put your head in the sand. This is obviously
   negligent, to a point that it would fall in the category of criminal
   negligence anywhere sane.
   The reason I had faith in mtgox is knowing they use cold storage, so if
   somehow the vault was draining they'd always have a wide margin to
   figure out what the hell was up. Somehow they kept all their
   coins semi-live. Meaning they could all get stolen.
   It's ridiculous and I couldn't imagine such a wealthy and industry
   leading company to not once have thought "maybe we should fix this".
   It is, at best, an example that doing a bad job is better than doing no
   job at all, and that in the end the bad job will fuck everyone over.
   Makes me feel I should go ahead and start my own exchange, 'cause I'd
   just do so much better a job than is being done right now.
   Except the army. Organization wise the army always deeply impressed me.
   Perhaps it's because it's the one big-organization that humanity has
   had thousands upon thousands of years of time for perfecting it, and
   those that didn't died?

             Banks don't need 'regulators' telling them to keep their
     vaults closed...

   Never underestimate human stupidity.

   > The problem here is that it is cheaper in the short term to create
   crappy
   > code security-wise and push it live than it is to create code that is
   > actually properly implemented for a banking environment to handle
   both the
   > large amounts of money and the quite serious number of attacks that
   will
   > take place once the amount of money available is established.
   >
   > In a competitive environment, the folks who take short cuts will save
   > money in the short term, and thus will be more likely to pick up
   users
   > than a more expensive equivalent that actually did the security
   correctly.

             And in the long term they will be out of business.

   Or not. If it were up to most regulators, definitely not.
   Mtgox was never in a highly competitive environment. If it were it
   wouldn't have been on top so steadily with so little improvements in
   service rendered.

             Although that's not the whole picture. In this case, a
     different  problem
     is that people are using a *centralized* exchange as a bank to keep
     their
     supposedly *decentralized* e-money.

   This is offtopic to be honest. Whoever needed a money that was totally
   centralized, and why does he/she think Bitcoin is it? It's much much
   much more decentralized than any other currency. The fact that it's not
   useless now is what sets it apart from things like the LibertyDollar,
   so I'd say it's working just fine. Can't stand this sort of
   underinformed bullshitting.

References

   1. mailto:juan.g71@gmail.com