Hackers Allege Mt. Gox Still Controls "Stolen" Bitcoins

The Verge reports that "Tokyo-based Bitcoin exchange Mt. Gox lost $400 million worth of bitcoins in February. Its management said the amount was stolen after hackers exploited a transaction bug to divert the funds, but some of Mt. Gox's users are not so sure, suggesting instead that the exchange's owners pocketed the cash. Now, facing silence from those owners about the fate of the money and the methods by which 6 percent of all of the Bitcoin in the world could have been stolen, a group of hackers claims it has broken into the bankrupted Bitcoin exchange's network to get answers. ... Forbes reports that the group gained access to the personal blog and Reddit account of Mark Karpeles, Mt. Gox's CEO. The hackers used the platforms to post a message that claimed Karpeles still had access to some of the bitcoins that he'd reported stolen. In support of the claim, they uploaded a series of files that included a spreadsheet of more than a million trades, Karpeles' home addresses, and a screenshot purportedly confirming the hackers' access to the data." (The Forbes article on which the Verge report is based.)

Stills seems like it has to be an inside job

[DarkOx]

I tend to think it has to be an inside job, that is being run by the folks pretty high up. Any kind of really really basic accounting and inventory control should have uncovered more coins going out than the transaction register indicates. This transaction malleability issue supposedly went on for months.

Even a badly run business should have detected a problem like the time frame of weeks, whenever their next month end comes up. It would have been impossible to balance the books, unless someone was simply not doing them or cooking them.

Re:Stills seems like it has to be an inside job

[delt0r]

Well i was on contract to fix bugs in a teleco accounting system where they could only find the missing cash every 3 months when a manual audit was done. Transaction volumes where a little over 1 Billion per year however, and it was only a million or so missing every 3 months.

Re:Stills seems like it has to be an inside job

[rmdingler]

Interesting. Missing 1/1000th of the annual billion+ transactions every quarter can be found by a manual audit , but not detected by programmed oversight?

Wait, it's those damn programmers, huh?

Re:

[Anonymous Coward]

MICHAEL
It's pretty brilliant. What it does is where there's a bank
transaction, and the interests are computed in the thousands a day in
fractions of a cent, which it usually rounds off. What this does is it
takes those remainders and puts it into your account.

PETER
This sounds familiar.

MICHAEL
Yeah. They did this in Superman III.

Re:

[delt0r]

Manual is a little strong. As in its not like this is not all done on computers. Its was dropped accounts mostly. ie the system would just not bill people. Other times it was failed transfers. All up it was like 11 bugs. Well we found 11 bugs and they were happy enough over a year later (another contract).

Re:Stills seems like it has to be an inside job

[delt0r]

Financial system i have worked have never used floats. Its integers. Either just cents, or 10th of a cent. Or 2 integers for dollars and cents. There are rounding rules for this sort of thing.

Re:

[bkmoore]

Financial system i have worked have never used floats. Its integers. Either just cents, or 10th of a cent. Or 2 integers for dollars and cents. There are rounding rules for this sort of thing.

Sounds like something out of Superman 3.

Re:

[delt0r]

I think its in fact illegal in the jurisdiction i was working in.

Re:

[rimcrazy]

".... So your are stealing?"
"No. No. No. Think of it a the little penny jar by the cash register and we just take a fraction of a penny. We just do it a lot"
" So you are taking money that does not belong to you?" "How is that not stealing?"

Re:Stills seems like it has to be an inside job

[Splab]

Why high up? Most articles about Mt. Gox talks about lax security and bag change management.

They had half a billion dollars worth of bitcoins, a "currency" which is extremely hard to track and ridiculously easy to steal if you have the keys to the city. Stealing half a billion dollars (without being a bank) requires a truck and some heavy lifting - a developer stealing the wallets and nuking the database takes only a few seconds and very little lifting.

I find it harder to believe it took so long for someone to steal it...

Re:

[Anonymous Coward]

I think the so-called 'lax security' was simply a ploy to generate plausible deniability for the fat cats at the top. There's no other reasonable explanation.

Re:Stills seems like it has to be an inside job

[DarkOx]

That would be my guess or perhaps just enable the theft in the first place by creating a culture where nobody will ask any questions being aware the documentation and logs won't exist to provide answers.

If someone in authority was making a routine habit of bypassing organizational policies, or thwarting security control some pesky honest person might start to scrutinize their behavior and might even blow a whistle. On the other hand if there are no policies and no security control than nothing anyone does malicious or others is going to seem strange enough to stick ones neck out over.

Re:Stills seems like it has to be an inside job

[Ralph Wiggam]

There's no other reasonable explanation.

So there's absolutely no chance that people who created a web site to trade Magic The Gathering cards, then hastily modified it to trade bitcoins, could possible get in over their heads technically and financially?

Re:

[exomondo]

There's no other reasonable explanation.

So there's absolutely no chance that people who created a web site to trade Magic The Gathering cards, then hastily modified it to trade bitcoins, could possible get in over their heads technically and financially?

Nope, none at all. The pitchfork and torch bearers have their malicious scapegoat and they will sleep better knowing it was a calculated malicious act rather than them putting their trust in an entity that wasn't really capable or worthy of their trust. I'm not saying blame the victims here but the idea that MtGox was a corrupt corporate enterprise that stole their money is a lot more palatable to them than it being a start-up derived from a trading card website that got too big for its boots and made mista

It happened before..

[xtal]

This happened a few years ago and is why I have nothing to do with Bitcoin - I lost quite a few coins, then decided it was too risky to be involved with until the exchange problem was figured out.

I am not sure why this is not more widely known, but there you go. I am not sure there is a solution to this problem.. without the involvement of traditional government.

Re:

[Anonymous Coward]

They had half a billion dollars worth of bitcoins, a "currency" which is extremely hard to track and ridiculously easy to steal if you have the keys to the city. Stealing half a billion dollars (without being a bank) requires a truck and some heavy lifting.

Oh come on. Here is a story [cbsnews.com] about a single person stealing about 7billions worth without Bitcoins, trucks and heavy lifting.

Re:

[Chas]

They had half a billion dollars worth of bitcoins, a "currency" which is extremely hard to track and ridiculously easy to steal if you have the keys to the city. Stealing half a billion dollars (without being a bank) requires a truck and some heavy lifting.

Oh come on. Here is a story [cbsnews.com] about a single person stealing about 7billions worth without Bitcoins, trucks and heavy lifting.

You apparently missed his "without being a bank" qualifier.

Do not pass go. Do not collect your 200 francs.

Re:Stills seems like it has to be an inside job

[JoeMerchant]

I think what people miss is that they didn't have a half billion USD worth of currency when they set things up. When they set things up, BTC was trading for less than 1% of today's values, and (just speculating here) a couple of years back they probably had a small fraction of the BTC that they have today (had a few months ago, at least...). So, the half billion USD peak might have only been a hundred thousand or so when the organization started to "get serious."

When your organization's total assets are less than a year's salary of a good software engineer, odds are, you don't have a good software engineer on staff full time to make sure things like change management are happening properly. Ditto for accounting and audits.

Should they have hired up proper staff when assets started to resemble Scrooge McDuck's vault? Yep, they sure should have. Think about how long it takes to hire good people when you're looking for them. Now think about how long it takes management to start looking for good people, even when they have a clearly demonstrated need, but no immediate crisis.

Not that I trust a damn thing written about fund managers on prospectuses, but this is why people should be looking for years of experience in relevant fields in the team that manages an investment. Then, when the fund goes bust and it turns out that the prospectus was a pack of lies, some lawyers can make a little money suing the bastards until they only have their offshore accounts left to live on.

Re:

[Splab]

BS. Just because you are a startup doesn't mean you can't get competent programmers.

And whatever happened when the company started, doesn't change the fact that they had half a billion worth of bitcoin when they got screwed; with little to no security in place. as I said, it's more impressive that they didn't get run over before.

Re:

[JoeMerchant]

MBAs from Harvard aren't a magic elixir - I've watched plenty of 'em preside over S.N.A.F.U.s just like the rest of us.

But you need to remember your George Carlin: "Think of somebody you know with a 100 I.Q. - now, realize, they are average. That means, half the people in the world are dumber than them..."

Even though they aren't magic, MBAs from Harvard do tend to be above average - most of the startups out there are trying to make a go of it with less talent, less resources, and less common sense than you

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Goaway]

unless someone was simply not doing them

Well the scary part is that this option is actually plausible, given the level of incompetence shown elsewhere.

Re:

[dbIII]

Any kind of really really basic accounting and inventory control

There is the problem. They couldn't handle the scale enough to be able to do that.

Re:Stills seems like it has to be an inside job

[ras]

Consider these Mt. Gox loses [bitcointalk.org]:

• - June 2011: seller's administrator account was hacked by an unknown process. The priveleges were then abused to generate humungous quantities of BTC. None of the BTC, however, was backed by Mt. Gox. The attackers sold the BTC generated, driving Mt. Gox BTC prices down to cents. They then purchased the cheap BTC with their own accounts and withdrew the money. ... Many customers claim they have lost money from this reversion, but Mt. Gox claims it has reimbursed all customers fully for this theft. After the incident, Mt. Gox shut down for several days.
• - June 2011: Users with weak passwords on MyBitcoin who used the same password on Mt. Gox were in for a surprise after the June 2011 Mt. Gox Incident allowed weakly-salted hashes of all Mt. Gox user passwords to be leaked. These passwords were then hacked on MyBitcoin and a significant amount of money lost.
• - October 2011: Mt. Gox accidentally destroyed 2609.36304319 bitcoins.
• - July 2012: A hacker infiltrated the Mt. Gox account used by Bitcoin Syndicate, sold off the USD owned, and withdrew all balances.
• - July 2012: On July 13, 2012, a thief compromised the Bitcoinica Mt. Gox account. The thief made off with around 30% of Bitcoinica's bitcoin assets.

But for any programmer, none of this is a surprise given he hacked up an ssh server in PHP, then deployed it on a production server [ycombinator.com].

Re:

[NotDrWho]

Gee whiz, a scheme where the people at the top bring in lower-tier investors with big promises of wealth, only to pocket all the real money and run off at some point, leaving the lower level investors with nothing. Huh, where have I heard of such a scheme before?

Re:

[PRMan]

Not in bitcoin. Because what you just described is nothing like it.

Re:

[NotDrWho]

Did you hear that, everyone at Mt. Gox who thinks you've lost all our money? You're going to get it all back! PRMan said so!

Re:

[ttucker]

They are not going to get their money back, but bitcoin is not a pyramid scheme.

Re:

[NotDrWho]

Look around. The pyramid has already begun to collapse. A lot of bitcoin fans are just too stubborn to admit it.

Re:

[Anonymous Coward]

The developer of digitalcoin just lost $100k worth of various coins to a keylogger on his machine:

http://www.reddit.com/r/digita... [reddit.com]

Yes, you read that right, using a Windows box for his wallets.

And it gets better. His exchange cryptoave.com is built on Windows+PHP. Before you think that's trollish consider this. What's the cost of a zero-day exploit for either IIS or Server? A few thousand dollars?

Arbitraged against how many coins are on the exchange, wouldn't it make you think twice about using a propri

Re:

[jythie]

That assumes that the coins were actually transferred. If they simply walked off with the private keys for the cold storage wallets, they would not need to actually move the coins anywhere, they can just take the whole damn thing.

Re:

[mattack2]

Any kind of really really basic accounting and inventory control should have uncovered more coins going out than the transaction register indicates.

Presumably everybody here knows this, but "The Cuckoo's Egg" started with a $.75 accounting error.

http://en.wikipedia.org/wiki/T... [wikipedia.org]

There are records

[daninaustin]

The good thing about bitcoin is that you can track where the coins went. The id's of all the Mt. Box accounts will all be known when they end up going to court. If they stole money or coins we will know.

Re:

[Ralph Wiggam]

Where and when are they going to court?

Re: There are records

[masmullin]

Where: Japan
When: when enough evidence is gathered.

Re: There are records

[masmullin]

Which can be de-annonomized when the user is not careful.

Anonymous cryptocurrency, who to trust?

[Rick in China]

Given how easily it would be to get away with the theft of anonymous cryptocurrency, I am surprised there aren't far more 'hacks' where exchanges rob all they can from their customers then close up shop. I know it has happened in China on much smaller scales, and I'm sure it will happen many more times, the question is who can you possibly trust with something that can be so easily disappeared.

Re:Anonymous cryptocurrency, who to trust?

[Anonymous Coward]

who can you possibly trust with something that can be so easily disappeared.

If only there was some kind of existing business that had heavy government oversight that could take care of that issue.

Re:

[StripedCow]

If everybody used bitcoins, we wouldn't need any exchanges or banks.

Re:Anonymous cryptocurrency, who to trust?

[MartinSchou]

No banks? How do you plan on borrowing money to buy things you can't afford outright, like a new car or a house?

Re:

[jythie]

That tends to be one of the holes in the anti-bank chain of thought, how to get loans. Though the more ironic group are the ones that hate banks because they foreclosed on 'their' house, setting aside that someone else paid for it.

Re:

[rioki]

Then don't buy them simple as that.

Re:

[Ralph Wiggam]

Of course. It's so simple. We'll just stop buying houses and cars. That will do great things to the economy.

Re:

[Viol8]

*sigh* Another kid pontificating on stuff he knows nothing about.

Here's a fact for you sonny - almost no one can afford to buy a house outright. So your suggestion would mean we all either pay rent to the government or some rich landowner who owns all the housing stock , or we all live in self built shacks.

Now run along, I think you have some economics homework to do.

Re:

[Laxori666]

Or you could just have banks that operate using bitcoins instead of dollars...

Re:

[drinkypoo]

No banks? How do you plan on borrowing money to buy things you can't afford outright, like a new car or a house?

It's in the public interest to have people homed and transported.

It's not clear that nationalizing the loan system would be a good way to actually achieve that, but clearly letting it be private isn't working either.

Re:Anonymous cryptocurrency, who to trust?

[medv4380]

Who would lend money in a deflationary currency? You're practically guaranteeing default. If I take out a loan for 100 bitcoins to be paid back in 10 years I'd never be able to pay it off because my wages wouldn't go up nearly as fast and the deflationary pressure. Wages go down with deflation not up. A bitcoin bank that issues loans is guaranteed mass defaults, and a bank that has that many defaults is guaranteed to fail. Ether you want the shangrala "Sound" money that has nether inflation, nor deflation, or you want an Inflationary currency that isn't so bad that money become worthless in a few years, but not so low that you have to worry about defaults caused by deflation kicking in. A banking system build on deflation is unstable, and prone to failures. It's what we had when we were on the Gold Standard, and is undesirable for any banking system to work long term. Then again some people enjoy watching people suffer.

Re:

[nitehawk214]

If ifs and buts were candies and nuts we would all have flaming testes.

Re:

[nitehawk214]

If ifs and buts were candies and nuts we would all have flaming testes.

Whoops that is candies not candles. Carry on.

Re:

[geekmux]

you want to trust the government, you have about the same luck. They can take your money just as easily...only it'll be legal.

Legal?

Son, let me tell you about a little thing called taxes.

When you start paying them, I promise you'll know what legal theft is.

Re:

[jythie]

The person might have been talking about asset seizure as part of a criminal investigation, which after the various Silk Road arrests many have focused on as 'government theft' under the idea that money made via commission of a crime is still 'theirs'... or at minimal anything that generates a profit is inherently ethical because it shows demand and if there is demand then it must be ethical.

Re:

[Ralph Wiggam]

you want to trust the government, you have about the same luck. They can take your money just as easily...only it'll be legal.

Please point to one example where the US government confiscated all of the assets from a bank and didn't return anything to the depositors.

Re:

[Rich0]

you want to trust the government, you have about the same luck. They can take your money just as easily...only it'll be legal.

Well, think about it.

Imagine we live out in the middle of nowhere. We all get along, but one guy in the village takes payment to do a job, and then doesn't do the job. He does that to a bunch of us who live in the village. So, we all show up one day and tell him to give us our money back, or else.

That's the government.

Sure, it isn't as responsive as it should be and has grown out of control in many ways. However, ultimately when you want some kind of accountability when somebody screws you, that's what

Re:

[Imrik]

Just because it's heavy oversight doesn't mean it's effective.

Re:Anonymous cryptocurrency, who to trust?

[Z34107]

who can you possibly trust with something that can be so easily disappeared

No one, which is why you don't. There's no reason to keep your bitcoins in an "online wallet," or maintain a balance in an exchange, just like there's no reason to keep your life savings in PayPal.

Re:Anonymous cryptocurrency, who to trust?

[Anonymous Coward]

Right, instead you should keep it in an offline wallet! Just like how it's smart to keep your life's savings in an actual, physical wallet!
Oh wait, no, that's fucking retarded.

This is (one of) the (many) problem(s) with bitcoin: no one can actually come up with a sane answer of how you are supposed to store it safely. Trust it to an exchange and you're basically no better off than trusting real money to a bank -- worse off, in fact, because the lack of regulations means that if the exchange takes your money and runs you're SOL, while if a bank takes your money and runs it will be reimbursed (up to a limit) courtesy of the FDIC. Keep it in an offline wallet and you can be sure that no banker can abscond with it, but now your life's savings are tied to a single, stealable object.

Re:

[Anonymous Coward]

Right, instead you should keep it in an offline wallet! Just like how it's smart to keep your life's savings in an actual, physical wallet!
Oh wait, no, that's fucking retarded.

This is (one of) the (many) problem(s) with bitcoin: no one can actually come up with a sane answer of how you are supposed to store it safely. Trust it to an exchange and you're basically no better off than trusting real money to a bank -- worse off, in fact, because the lack of regulations means that if the exchange takes your money and runs you're SOL, while if a bank takes your money and runs it will be reimbursed (up to a limit) courtesy of the FDIC. Keep it in an offline wallet and you can be sure that no banker can abscond with it, but now your life's savings are tied to a single, stealable object.

Bullshit. Try keeping your life savings as cash in your house and it will both be more obvious and take up more space, though even then a creative person could still make it difficult to find so a thief would have to know it was there in the first place or else they'd miss it.

With bitcoins you can hide them even more easily. TrueCrypt a tiny thumbdrive with an extra hidden partition to put the coins in then put other shit in the main partition that people would believe you would want to hide, even if it's f

Re:Anonymous cryptocurrency, who to trust?

[MachineShedFred]

Tape it to the inside of your TV or some other device.

Yeah, so when they steal your TV, they get your encrypted life savings too!

Re:

[Ralph Wiggam]

Or print out all of the coins and stick the papers at the bottom of a box of old tax documents or some other boring stuff in the back of your closet and don't keep any digital copies, whatever. There are many ways of doing this that are infinitely better and safer than trusting an exchange and are totally viable.

Great idea. Now a fire, flood, hurricane, tornado, or earthquake can destroy your house *and* all of your money. It's so much more efficient.

Re:Anonymous cryptocurrency, who to trust?

[Gunboat_Diplomat]

Nearly 150 Breeds Of Bitcoin-Stealing Malware In The Wild, Researchers Say [forbes.com]
.

From the article:

"To steal the coins of users who encrypt their private keys with passwords, many of the Bitcoin stealing programs also included keyloggers designed to eavesdrop on users’ typing. Even more tricky are malware types that wait for users to copy a Bitcoin address they want to send bitcoins to into their clipboard. When the user tries to paste the address, the malware replaces it with a different string, irreversibly sending the currency to the malware operator’s wallet. That last method never sends data to a remote server, so it can be much harder to detect, SecureWorks’ researchers say. In fact, they tested a range of antivirus scanners on their malware samples and found that roughly 50% went unnoticed."

Re:

[mythosaz]

And when the rootkit watches you logon to your "normal" banking site, they'll get your not-bitcoins too.

So, unless you're advocating keeping all of your money in cash under your mattress and sleeping with a machine gun, I'm not sure what your point is.

If you have a big cache of bitcoin, it only makes sense to keep some of it in a separate wallet, and that wallet be "offline" by the methods managed above.

Re:Use them! don't save them

[Chas]

"Bitcoins are like cash."

I really REALLY wish people would stop saying this.
They're not. The way the Bitcoin system works, they're more like commodities.
Granted, some businesses have allowed you to pay for things with said fractional commodities, but still. At some point, an actual cash value has to be determined before you can actually SPEND them.

Re:

[JesseMcDonald]

At some point, an actual cash value has to be determined before you can actually SPEND them.

So they're like foreign cash, similar to euros in the U.S.A. or USD in Europe. The fact that local prices are tracked in a different currency, with conversion at the point of sale, doesn't make bitcoins any less a form of cash.

Re:

[rioki]

Actually I agree with GP, only I would say more along the line of physical assets, like gold or "virtual" assets like stock. But yea, storing "cash" in any form is a bad idea.

Re:

[rioki]

Or a fake ID card? If there the prize if big enough making fake ID cards is not that hard. In most cases the clerk only look at the ID card and any electronic verification will (if any) be cheeked. (Electronic verification that phones home is the only really secure way that is almost unfoolable.)

Re:Anonymous cryptocurrency, who to trust?

[gox]

the question is who can you possibly trust with something that can be so easily disappeared.

The answer is to never assign trust in a single point. That's the whole reason Bitcoin was designed for, and these thefts really show how backwards we are with regards to the technology we have.

Surprisingly few people actually know this, but Bitcoin addresses are actually little programs that calculate the required criteria to move money out of the "address". It's purposefully Turing incomplete. The simplest defense against malevolent or incompetent parties is to require multiple signatory entities. For instance, one could be the deposit institution itself, another party for dispute resolution (e.g. a lawyer), and finally the customer. You can require only two of three signatures to move the amount so that the customer can extract the money with the help of the arbiter even if the deposit institution disappears.

Other, more sophisticated solutions are also possible, and some of the businesses themselves can even become transparently automated. However, it seems like it won't be that easy to get there, even though the crucial technology is already available.

Re:

[TheCarp]

Close; but you are essentially correct. It isn't the address but, the transaction which contains a small program which defines what inputs are needed to spend the coin.

Basically, you can think of a bitcoin transaction like a check. However, it is a check that allows for more nuanced cashing protocols. The standard default bitcoin transaction is exactly that, it defines the payee in terms of a public key, and requires the signature of the payee (by the private key) to "spend" (to make a new check out of it,

Re:

[pantaril]

Given how easily it would be to get away with the theft of anonymous cryptocurrency, I am surprised there aren't far more 'hacks' where exchanges rob all they can from their customers then close up shop.

The answer is easy - both of our presumptions are wrong. Bitcoin is not annonymous (it's mostly pseudoannonymous, like credit cards) and it is not easy to get away with exchange robbery - it's crime and the users/law enforcment would be after you.

Re:Anonymous cryptocurrency, who to trust?

[jittles]

Given how easily it would be to get away with the theft of anonymous cryptocurrency, I am surprised there aren't far more 'hacks' where exchanges rob all they can from their customers then close up shop. I know it has happened in China on much smaller scales, and I'm sure it will happen many more times, the question is who can you possibly trust with something that can be so easily disappeared.

Thank you for sharing my retirement strategy with all of Slashdot you unselfish bastard. Now my plan will never work.

Beware: Wallet-stealing virus in the dump

[psymastr]

Reddit users have verified [reddit.com] via decompilation that the dump file includes a wallet-stealing executable. The executable attempts to send the wallet to a hard-coded IP address, whose ISP has been notified of this.

An executable? In a dump?

[SmallFurryCreature]

How does that work? What database dump requires an executable? All the ones I know simply create a very large human readable text file.

Who the fuck would execute an executable from a bunch of hackers who claim to have hacked a financial site related to a whole digital currency with said currency residing on the same machine as the one you are running the exe on.

And I thought people that ran kitten.scr.exe were idiots.

Re:An executable? In a dump?

[wonkey_monkey]

And I thought people that ran kitten.scr.exe were idiots.

What a bunch of morons. I checked, Windows says I only have kitten.scr so I'm safe.

Re:

[Zontar_Thing_From_Ve]

Reddit users have verified [reddit.com] via decompilation that the dump file includes a wallet-stealing executable. The executable attempts to send the wallet to a hard-coded IP address, whose ISP has been notified of this.

I'm sure that the relevant authorities in Russia or China will be all over this. Or not.

Re:Beware: Wallet-stealing virus in the dump

[psymastr]

Actually it was Bulgaria, and they responded that they will take care of this.

It's not any less safe than cash

[Anonymous Coward]

I love how people are attacking libertarians over this. Bitcoins are not designed to be a 'safe' currency. It's like cash. There is no reason this should be a problem for those who understand when, where, and how to use it. I wouldn't maintain more in a Bitcoin wallet than I would store in my real wallet. For me that would probably be a few thousand in US currency.

Like cash Bitcoins have a downside. Bitcoins fluctuate in value. US dollars loose value over time. It's also not that easy to steal. Practice goo

Re:

[Talderas]

People are attacking libertarians over it because they don't know the difference between anarchist, minarchist, and libertarian. Bitcoin is the anarchist/minarchist wet dream because it completely eliminates the need for government in money. Libertarians would be, rightfully, more divided on the issue but one thing is certain that the should be generally be constitutionalists. Strictly speaking, libertarians want the USD to be backed by something tangibile (like gold). Many are also in favor of FDIC insuran

Re:

[JesseMcDonald]

People are attacking libertarians over it because they don't know the difference between anarchist, minarchist, and libertarian. ... Libertarians would be, rightfully, more divided on the issue but one thing is certain that [they] should be generally be constitutionalists. Strictly speaking, libertarians want the USD to be backed by something tangibile (like gold).

Apparently you don't know either. Hint: these categories are not mutually exclusive. There are libertarian anarchists, libertarian minarchists, and even some (rather confused) people who are neither anarchist nor minarchist and yet like to think of themselves as libertarian. Some (but not all) constitutionalists would fall into the third category, bordering on minarchist but with significant exceptions.

The defining characteristic of libertarianism, the Non-Aggression Principle, doesn't have anything to say

The article is full of errors

[pantaril]

The reporter probably doesn't understand what's going on at all.

1) the leaked data contains not only the mt.gox DB dump (which seems to be legit) but also the TibanneBackOffice.exe binary which is actualy malware which steals bitcoin wallets. So i wouldn't trust the hackers at all, they are scammers. See http://www.reddit.com/r/Bitcoi... [reddit.com] for more details.
2) The article/the hackers claim that the mt.gox database dump shows that mt.gox should be in control of over 900k bitcoins and that it is an evidence that mt.gox is lying. Well it is evidence that the article/hackers don't understand anything. From the start, mt.gox is saying that because of a transaction malevability bug, their ballances in DB and their balances on their actual accounts were ouf of sync. This is the reason they didn't notice sooner. Their DB was showing everything was ok but in reality, their money was silently siphoned out of their accounts.
3) Karpeles (mt.gox owner) is probably staing silent because his lawayers told him so. Nothing unusual here.

Re:

[PRMan]

Just looking at the blockchain you can see that Karpeles has 200,000 bitcoins in an address that he is known to have had control over in the past.

Re:

[pantaril]

Sorry english is not my primary language and the inability to edit slashdot posts afterwards doesn't help either.

Sitting on a stack of traceable coins

[Alarash]

There's something I don't understand. If they 'stole' the coins, they can't really trade them can they? Anyone I mean. As I understand every single transaction is tracked, so you can't really spend them without people knowing so right? Ok so you can hide your identity and whatnot, but wouldn't people know the instant these BTC are back on the market?

Re:Sitting on a stack of traceable coins

[codebonobo]

Stolen coins can all be tracked but are still usable. There are numerous ways to make it harder to track with coinjoin, mixers, and trading back and forth between different crypto-blockchains that a thief can use to hide their assets however.

Re:

[140Mandak262Jamuna]

Yes, every bit of bitcoin that ever went through MtGox can be traced. Both downstream from MtGox and also upstream about where they came from. But the trouble is, all those trails start and end with the public keys of the users. You need some sort of government level power to track them from Bitcoin universe to real world.

Re:

[bill_mcgonigle]

You need some sort of government level power to track them from Bitcoin universe to real world.

Is tracking them necessary? Why couldn't miners set a cost-prohibitive verify price on transactions to known "stolen" addresses?

Re:

[140Mandak262Jamuna]

My understanding of the "mining" process is this: Mining is nothing but repeatedly verifying a block, using different randomly generated salt, till the checksum matches a predefined criterion, like so many leading zeros or something. The bitcoins awarded to the the "miners" are basically fees paid to them to verify the transaction block. Bitcoin system has to create an incentive for large number of people with lots of computing power to do the drudgery work of verifying the transactions. They call it mining

Re:

[medv4380]

You can't distinguish between the ones that were stolen and the ones that were legit transactions. Even if you could this happened after a very long period of time, and the likely hood that it's been spent, or laundered is already very high. You'd more likely penalize "honest", more likely unwitting, bitcoin users who were used to launder the coins, and not the criminals who actually got the coins. There are lots of logistical problems with even attempting to implement this kinds of a system. To successfull

Re:

[140Mandak262Jamuna]

Bitcoins are not like real money. When the bank says I have 200$ in my account, all previous transactions I had and how I came to own 200$ in my account are totally opaque. The bank can figure out the transactions to some extent when it involves other accounts in the same bank. That is all. If the money is in the form of dollar bills in my physical wallet nobody knows how I came to own that 200$.

In the Bitcoin universe, if I say I have 2.0345 bit coins, I am actually saying, "I mined 0.2 bit coins, then I

Who are you going to believe?

[140Mandak262Jamuna]

Hackers or the peddler of juvenile trading cards? Who you gonna believe?

Another explanation

[DaveV1.0]

The hackers who stole the bitcoins generated fake evidence to show that the owners of MtGOX still control the coins, thus muddying the waters for any investigation.

Really, any "digital evidence" is suspect because it can be digitally generated and/or manipulated.

I hereby would like to just say

[RivenAleem]

I called it.

http://slashdot.org/comments.p... [slashdot.org]

I reserve the right to call "backsies" if the current story proves false.

Occam's Razor

[flyingfsck]

The simplest explanation is that the MtGox executive stole the bitcoin.

Re:

[MRe_nl]

For all it's faults it's still more transparent then the Federal Reserve, the European Central Bank, the Peoples Bank of China or the Russian Goznak. "Because when the entire world is a credit-fueled ponzi scheme, these are the kind of numbers that matter". http://www.zerohedge.com/news/2013-12-11/matter-stunning-perspective-china-money-creation-blows-us-and-japan-out-water [zerohedge.com]

Re:This is why we can't have nice tihngs...

[egarland]

People who claim modern currency is baseless don't understand economics. Modern currency is backed by *everything*. Gold, Real Estate, Cars, Businesses. Everything that is used for collateral against a loan becomes backing for our currency. Crypto-currency is based on scarcity like gold was, and thus makes a terrible general purpose currency because it's vulnerable to manipulations, and rigidity that make it easy for bankers and insiders rob everyone. The modern form of debt backed currency is the most flexible and least vulnerable to manipulation there has ever been. Our advanced modern currency has weathered the pressures of the current economic stresses extremely well, and dramatically lessened the impact of the current problems with our economy. If you want to look at what things where like with a scarcity backed currency, look at the economics of the US pre 1913. It's full of horror stories like the panic of 1893 and 1873, and even some events where bankers conspired to not give out loans to anyone to buy up houses cheap and re-sell them for a profit once they all agreed to give out mortgages again.

Re:This is why we can't have nice tihngs...

[Ralph Wiggam]

Your basic grasp of economics and history has no place here.

Re:

[Cardoor]

absolutely NOT. wow - and how long have you been employed by the fed I wonder - bringing out the 'magic of 1913'? is that you janet? modern currency as a fiat currency is not 'backed' by anything other than what it says on the bills - legal tender.. that the currency is acceptable as a means of payment in the eyes of the court system and hence, the structural society in which we live (with the implicit backing of the powers that be within that system). the fact that hard assets are used as collateral to m

Re:This is why we can't have nice tihngs...

[durrr]

You've misunderstood what currency backing means.

A something-backed currency means that there have to be a _fixed_ amount of physical entity somewhere in the possession of whoever decides to give out the currency. This is not the case with the current fiat. Sure it can be exchanged for all those things you mentioned but it's backed by none of them, some central bankers could agree to create ex nihilo enough money to give a billion USD to every bank account in the world. If you then reason that a dollar is backed by cars then either there would be a huge surplus of cars somewhere to allow this to happen, or someone managed to multiply the current global carpool a millionfold overnight.

Re:

[NotDrWho]

I think a more appropriate observation might be "Ponzi schemes, pyramid schemes, everywhere."

Re:

[ArcadeMan]

Indeed, since bitcoins didn't even exist back then!

Re:

[Cito]

CryptoMuslims using cryptography to deal in cryptocurrency is cryptogay

I'm growing tired of the term crypto

Re:

[Chrisq]

I'm growing tired of the term crypto

You must be crypto-surfeited