"Basically, we were in a race to develop new anti-fraud techniques and they were in a race to develop new ways to steal money. The by-product of it was all our competitors got wiped out because as the Russian mobsters got better and better, they got better and better at destroying all of our competitors." - Max Levchin on the history of Paypal.<p>Those who don't learn from history are doomed to repeat it.
> <i>We have reviewed our security processes and continue to work with our customers to make sure they take advantage of all of our security features.</i><p>What an absolute joke. They have an unauthenticated hacker direct access, and somehow it's the clients fault.
Before people start commenting on how bitcoin needs this or that or predict the doom of bitcoin, read the article: this has nothing to do with bitcoin's security. The attack was perpetrated in the most inane social engineering way, and actually, the bitcoin exchange was smart enough to not put all of its bitcoins in the same basket, so 100,000 CAD worth of bitcoin is not a death blow to this exchange.
Ouch, there is a reason banks usually have leases that don't give the landlord any access to their buildings. If you're hosting a system that has more than a few thousand dollars of nominally liquid assets around you really really have to start with a secure computing environment. That means locked <i>buildingings</i> where only you have the key, and security audits (cameras, key cards, biometrics, as much as you can get) and ideally additional insurance provided so you can charge failures on the part of the colo against their insurance up to the amount of assets you keep at risk.<p>What is the current ratio of exchangees that lost customer money to ones that haven't? It feels like it is close to 100%. That can be very damaging to the long term success of btc.
In my opinion the two main problems with Bitcon are the complexity and the libertarian philosophy around it.<p>Currently the first problem is being exploited. People struggle with how to keep a bunch of long numbers safe and wrestle with vague abstractions - hot wallet, cold wallet. People should know better, but they don't, why? Because it's complicated.<p>People will probably keep losing money for a while because of that, until everyone gets a handle on things. But then there's a much bigger unsolved question though: How will the libertarian thing work out?<p>In Bitcoin threads the phrase "IF A MAJORITY OF THE MINERS [decides to screw up everyone]" appears occasionally, usually tempered by "...but being all rational, they won't!"<p>I predict that there will be at least one serious attempt at that during the next 12 months. If the first boom has subsided a bit, and fewer new people seem start with bitcoin, it would be time for a collusion of people who are able and willing to try out that angle.<p>And please take "predict" not as gloating, but rather as a warning. Are you sure you understand bitcoin well? If not, why not get out now?
This doesn't absolve Rogers of responsibility for this, but the incident occurred right as the data center was being acquired. Depending on how far along the transition was (per [1] it doesn't seem like it would have been very far) it could be that this was an issue with Granite Networks' security protocols and not Rogers'.<p>[1] <a href="http://www.thewhir.com/web-hosting-news/canadian-telecom-rogers-acquires-granite-networks-pivot-data-centers" rel="nofollow">http://www.thewhir.com/web-hosting-news/canadian-telecom-rog...</a>
Everything seems like obviously Rogers' fault up until this:<p>"“It’s completely ridiculous,” said Grant. “All they did was go on the chat session and say, ‘Hi, I’m James Grant and I have a server with you’ and the data centre said, ‘Yes you do, what can we do for you?"<p>If Rogers is like many ISPs, where you can chat with a representative but only after you've logged into their online portal, this seems to suggest that the attacker had already passed through authentication into Grant's account on Rogers, which is why they did not do additional verification. I agree that additional verification, in a form not required in the initial login, should be done at the beginning of the chat, before taking any user-requested action. But the article doesn't specify how the hacker in question obtained access to Grant's Rogers account to begin with. Until we know that we can't fully ascertain the extent of Rogers' liability here.
Keeping 194 BTC in a hot wallet on your server is essentially the same as trusting $100,000 in cash to the minimum wage security guard at your bank. You'd certainly hope that the bank has procedures that he's going to follow correctly, but $100,000 is a lot to risk so perhaps a little extra security would be a good idea.<p>Mind you, you'd also rightly expect the bank to cover the loss if the guard just hands it over to a stranger.
Ouch, lesson learned: Put that hot-wallet in an encrypted filesystem so that SingleUser mode hacks don't work.<p>You would have to manually mount the partition after every boot though.
A while ago I wrote that perhaps the greatest contribution the Bitcoin experiment will make to humankind is to teach you and me and our neighbors more about the realities of economics. And later I added that the Bitcoin experiment will also contribute to greater understanding of attack surfaces and online crime. Many of the ideas about how to mine Bitcoins, store Bitcoins, and trade with Bitcoins as a medium of exchange illustrate both the strengths and weaknesses of any other medium of exchange in a world full of human beings. Seeing the discussion of Bitcoins here on Hacker News reminds me of early online discussions in the 1990s of online payment systems such as PayPal, and the arguments beforehand that PayPal wouldn't have to invest a lot of time and effort (as it eventually did) building defenses against theft and fraud. If a weakness in a system is attached to a lot of money, the way to bet is to bet that someone will go looking for that weakness, even if you haven't thought of it.
“Rogers Data Centres provides the highest level of security in the Canadian data centre industry. Its security protocol is operationally certified and in accordance with industry best practices. We have reviewed our security processes and continue to work with our customers to make sure they take advantage of all of our security features.”<p>Sounds like the normal BS that Rogers pulls.
It looks like it's time to use full disc encryption even in datacenters now. (there are scripts available to startup ssh and allow remote password input before mounting root)<p>The problem is that it does require manual intervention on reboot and may not be very useful for 100s of machines.