Linode Exploit Caused Theft of Thousands of Bitcoins 450
Sabbetus writes "Popular web hosting service Linode had a serious exploit earlier today. Apparently the super admin password for their server management panel was leaked and allowed a malicious attacker to target multiple Bitcoin-related servers. The biggest loss happened to a major Bitcoin mining pool that lost over 3000 BTC, which is currently worth almost 15 000 USD. Now the question is, will Linode compensate for lost bitcoins?"
Update: The 3000 BTC theft was not even close to being the biggest, Bitcoin trading site Bitcoinica lost over 40,000 BTC.
Linode Terms of Service (Score:5, Informative)
http://www.linode.com/tos.cfm [linode.com]
Section 9, paragraph 1:
overblown news story, here's the real truth (Score:5, Informative)
What really doesn't add up is the 3000 BTC estimate. Even Deepbit, the largest pool, doesn't have 6000 members, which would be the number required to, at any given point in time, have an average of 3000 BTC on-hand. So it likely was the site owner's profit pool that got robbed the most heavily.
Re:overblown news story, here's the real truth (Score:5, Informative)
Re:$15000 USD???? (Score:4, Informative)
Here is a place that accepts bitcoins for videogames:
http://gamerkeys.net/ [gamerkeys.net]
Here is an ebay-like auction site:
http://bitmit.net/en/shop/c/13-pc-and-video-games/2-pc-games [bitmit.net]
There are no chargebacks with bitcoins, so you need to do research on the rep of various sellers and merchants. You save money on fees you would otherwise pay to cover chargebacks, etc.
Re:Free Insurance (Score:5, Informative)
> let's make ISP's fully responsible for all incidental and consquential damages.
Strawman: Hi, you didn't say this, but I'm going to say that you want to have ISPs responsible for content and then I'm going to attack it.
False dichotomy: "obviously" some regulation leads to regulation of everything down to the most minor minutia, implying that you can either have no regulation at all or intrusive regulation, excluding the middle.
Reductio ad absurdum: "I'm going to take what you said and invent a mythical case (ISPs responsible for content) that would never exist in reality and somehow this is proof of something"
All three of these are related. Can you guess how?
In case you can't, I'll put it in simple terms: You are putting words in the parent's mouth that were never said. In even simpler terms, it's a lie.
>Calling you out on bullshit isn't allowed
Oh yes it is.
Good Day.
--
BMO
Section 9: Limitation of Liability (Score:5, Informative)
Like any vendor, Linode has included language in their contract which limits their liability. This is standard language, and it operates according to the following principal, which originated in landlord/tenant law: Linode has no control over the value or sensitivity of the property that you store on its site, so you must get insurance against the loss of this property yourself. No landlord/host wants to act as an insurance company, and they are in no position to do so. I can put anything I want in a rented space; it could be a $5,000,000.00 supercomputer, or a $30,000,000.00 Van Gogh. If there is a leak in my landlord's roof and a drop of water destroys the supercomputer, I must look to my own insurance policy, because I am the one why owns this property. If I want to store $15,000 in cash, I am not going to rent a storage unit and leave it lying all over the floor (the equivalent of what these Linode users did). I am going to put it in a BANK, which is a business specifically designed to store one type of thing, and which provides insurance against its loss.
Here's a link to the TOS: http://www.linode.com/tos.cfm [linode.com]
THIS POST DOES NOT CONSTITUTE LEGAL ADVICE OR CREATE AN ATTORNEY-CLIENT RELATIONSHIP. ANY LEGAL ADVICE MUST BE TAILORED TO YOUR INDIVIDUAL NEEDS BY AN ATTORNEY LICENSED IN YOUR JURISDICTION.