"Online wallet services" are an invitation to theft and fraud. Do not use them. I've been saying that since July 2011 (<a href="https://bitcointalk.org/index.php?topic=26260.0" rel="nofollow">https://bitcointalk.org/index.php?topic=26260.0</a>), before MyBitcoin ran off with everyone's money, and it's just as true today as it was then.<p>If you lost money today I feel for you, but seriously, it's your own damn fault. A Bitcoin is only yours if it was last sent to an address that is yours, and an address is only yours if no one else knows what it is - in other words, you have to have generated it anew on a secure, malware-free computer, and avoided ever putting the wallet file on any computer that has malware or that is not yours.<p>Seriously, stop it, you fools.
Someone on bitcointalk.org [1] noticed that approximately 42,000 BTC (currently worth about US$4.3 million) was just transferred out of one of Instawallet's accounts [2]. No idea whether the transaction was Instawallet's doing, or the attacker's.<p>[1] <a href="https://bitcointalk.org/index.php?topic=164143.msg1716794#msg1716794" rel="nofollow">https://bitcointalk.org/index.php?topic=164143.msg1716794#ms...</a><p>[2] <a href="http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy" rel="nofollow">http://blockchain.info/address/1LrPYjto3hsLzWJNstghuwdrQXB96...</a>
Instawallet has always only been meant to keep spare change for quick transactions. For the longest time you could type into google site:instawallet.org/w and get a list of URLs with money in them, it's not secure.<p>Neither is Strongcoin who had all their wallet labels leaked recently, some of which users had decided to type in the hints for their key passwords.<p>If I remember correctly Instawallet is a ruby/rails app run by the same people who do Bitcoin-Central.net. If you look at their other app Instawire you see lot's of ruby gems used, in a financial application, not good.<p>EDIT.. bitcoin-central.net is also down
I'm a big believer in the future of bitcoin and hold a significant amount. However I find holding bitcoin terrifying. There is just so much that can go wrong - from data loss, to personal tragedy, to hackers, to algorithmic weaknesses.<p>Ultimately we probably need insured, trusted third parties to hold keys, such that even if there is a breach, someone financially viable is on the line to reimburse.<p>Individuals holding their own keys may be a nice dream, but its highly impractical for most people if they have a significant portion of their wealth in bitcoin. Certainly there will be very high net worth people and security maniacs who want to hold their own keys, but I believe most people will want a third party to guarantee them.
Bitcoin rules:<p>1.
Keep your own self-generated, backupable and recoverable wallet without dependency on any third party babysitting services that are being consistently broken into (and your money is lost).
Electrum wallet is recommended as it also allows you to export "master public key" using which you may launch your own online store business and accept bitcoins as a payment without risk of losing money if someone hacks your online store.<p>2.
Use third party service only for buying and selling bitcoins. As soon as transaction is complete - transfer bitcoins back to your own wallet.<p>3.
Have a will so your loved one could get a hold of coins. Just in case.
The server appears to no longer be responding. That would appear to indicate a non-April fools joke (coupled with the fact that they shouldn't really be pulling pranks in the first place).<p>edit : back online
There is this from a few days ago: <a href="https://bitcointalk.org/index.php?topic=159673.0" rel="nofollow">https://bitcointalk.org/index.php?topic=159673.0</a><p>The founder said it was fixed but who knows
Though I like seeing sites pulling an April Fool's joke, I do think any money-related sites (so bitcoin sites as well) have to say no to pulling pranks on their users.
...I can't imagine a financial company would ever actually take down their main site and claim to have been compromised just as a joke. For one thing, it's not even funny, so where's the joke? And second, it's obviously really bad for business. I think it's safe to assume this is real.
If it is an April fools joke, it's a terrible one. They should have been more creative. As it is, they're just destroying the trust in their brand. Nothing funny about it.