
Days Since a Cryptocurrency Exchange Has Lost More Than $100M - melzarei
http://dayssinceacryptocurrencyexchangehaslostmorethan100million.com
======
jnbiche
If you're going to fetch important quantitative data using a client-side Ajax
query, then you really shouldn't default that value to "0". That results in a
delay of several seconds or more when the page displays "0" even if the actual
value is say, "12". It would be much better to default to either the empty
string, or "-", or "fetching..." or something like that.

In my case, there was a "0" on the page as the main value for at least 5-10
seconds (probably due to HN load) before the correct value was displayed
("12").

~~~
ric2b
Even better, why isn't the number rendered server-side?

------
h1d
Can't argue if many of them are inside jobs for early retirement.

"Hacked" is such a convenient word to cover the story of any losses.

That crappy vulnerability could just have been placed to make people convinced
how it was "hacked".

~~~
mathgeek
One of the core life lessons of crypto is that when you combine anonymity (or
at least the illusion of it) with someone else owning the private keys to your
wallet, there's nothing stopping that "someone else" from taking your coins
without any way to prove who took them.

When you want to be personally responsible for your money, you have to accept
that you're personally responsible for its security as well. Banks and
financial regulators literally exist to push that responsibility onto someone
else in the traditional systems, with the well-known tradeoffs.

~~~
Uptrenda
That's exactly it. We take it for granted that in simpler human-run ledgers
accountability is easier to do. Accounting has all these checks and balances
designed to place blame on a single individual. Corporations obscure some of
that blame but it still works in theory. A complex distributed system means
that it can be almost impossible to determine what went wrong and that has
some hugely dystopian outcomes.

------
pbhjpbhj
Testing with client-side JavaScript if the withdrawal amount is less than the
account balance? Classic!

That had to be a known hole to the designer, presumably whoever wrote that
code just bought tickets to a non-extradition country.

~~~
cspags
While you may be right, I think this could just be a classic example of
Hanlon's razor.

~~~
logicallee
For example, as reported in this thread (I didn't test), without javascript
the page reads "0 days". Then that 0 is updated automatically.

Obviously it SHOULD read "loading..." and then that loading... text should be
replaced.

Why do I point this out?

Because this oversight coincidentally serves the purposes of the page (its
humor), it's a particularly strong impact when that reads 0 days.

It's not supposed to actually read that way, but, there you have it. A good
example of the principle in practice.

~~~
Semaphor
You need to allow everything from twitter and related domains even frames for
it to show anything but 0. I was wondering what I missed this time.

------
st3fan
"client side balance check" \- these people should not be allowed to write
software.

------
haakon
Viewing this site without JavaScript enabled shows it's been 0 days. Turns out
it's supposed to be 12.

~~~
ponyous
Doesn't work for me at all even with everything enabled on latest Firefox.
(Adblock disabled), twttr is undefined.

~~~
dao-
It works if I disable tracking protection in Firefox...

~~~
williamscales
Why do they need to track me to show me how many days it has been?

~~~
dingo_bat
I think it loads Twitter posts and the tracking protection blocks that. I
don't think the site itself is trying to track.

~~~
harryh
This is correct. It's my site and I'm not trying to track you. I don't care.

If anyone has a better idea of how to make things work so that people with
tracking protection don't run into problems feel free to submit a pull
request.

------
jwilk
The site doesn't work for me, but apparently these are the tweets it refers
to:

[https://twitter.com/bascule/status/962740918053888000](https://twitter.com/bascule/status/962740918053888000)

[https://twitter.com/ofnumbers/status/962149781400305664](https://twitter.com/ofnumbers/status/962149781400305664)

[https://twitter.com/patio11/status/957514764011298816](https://twitter.com/patio11/status/957514764011298816)

[https://twitter.com/patio11/status/938519280240357376](https://twitter.com/patio11/status/938519280240357376)

[https://twitter.com/patio11/status/760627527450624002](https://twitter.com/patio11/status/760627527450624002)

[https://twitter.com/patio11/status/731733049847599104](https://twitter.com/patio11/status/731733049847599104)

------
sna1l
I think we will see a rise of decentralized exchanges like 0x and Airswap.
Curious to see if they will be able to scale though.

~~~
mikro2nd
I certainly hope we DO see DEXs take off in the near future, but right now,
every single one suffers from a severe lack of liquidity, which distorts
prices and can make trades difficult verging on impossible if there's nobody
with a suitable counter-trade offer.

Liquidity is the number one reason traders love the Forex markets, and the
reason so many Forex traders will trade only in the major currency pairs.
Hell, I've even known a couple of traders who will only trade GBPUSD or EURUSD
for that precise reason: If the market is sufficiently liquid, there is
pretty-much ALWAYS someone who wants to trade at your price.

On the flipside, where liquidity is too thin there's no market, no matter how
many bells and whistles the "exchange" has, and no matter how attractive the
notion of pure p2p exchange might be.

~~~
cies
> If the market is sufficiently liquid, there is pretty-much ALWAYS someone
> who wants to trade at your price.

Really? Liquid means trading volume right? Not that others are trading as the
price that I find reasonable?

Lets say I find paying $10 for a BTC reasonable, no matter how liquid, I
cannot get that deal.

~~~
AluminiumPoint
Except that is not reasonable. Myself and many like me would buy way way way
above $10.

This is the faulty argument in the 'its going to 0' position, there are too
many folks like me that will keep buying as long as we can afford it.

------
h4l0
All this bubble speculations, inadequacy of current platforms, taking risks to
not miss the trend...

I had been all in favor of blockchain and cryptocurrencies for a decentralized
approach to local applications, closed markets. To be fair, I never believed
blockchain could reach global scalability and there are still concerns on that
part.

We all saw the future value and possibilities before everybody started
branding their deficient products with blockchain. I hope the bad taste
surrounding this technology will wither in a short amount of time.

------
grondilu
Currency exchanges existed long before cryptocurrencies. As far as I know they
are heavily regulated, more or less reliable and trustworthy. Hasn't the Forex
added cryptocurrencies to its listing by now? Is the cryptomarket still the
far west these days and if so, why?

~~~
mikro2nd
Many of the Forex exchanges HAVE added crypto-assets to their offerings. It
tends to be limited to BTC and maybe a FEW more, though -- some people might
view that as a problem.

~~~
jerguismi
Can you list any specific examples? I'm aware of products that track the BTC
price and futures, but not really any existing players which would allow you
to buy actual btc so that you can hold it in your own wallet.

~~~
mikro2nd
This is a good point -- many are simply letting you trade CFDs against crypto-
currency volatility, which is fine if all you're interested in is speculating
in crypto prices.

IIRC Swissquote does do actual BTC, ETH and a few others, though, and istr
seeing one or two others, but I'm not a collector and hoarder of Forex
exchanges. Pretty sure I've seen a bank or two dipping their toes into the
water, too. After all, if there's money to be made out of it, they'll hardly
be likely to stay away.

------
tim333
It looks like it could do with some more data rather than just

Days Since A Cryptocurrency Exchange Has Lost More Than $100 Million: </div>
<div style="text-align:center;font-size:100px"> <span id='counter'>0</span>

~~~
shakna
Did you block the script?

The counter updates to 12 after the script runs, for myself. It is using a
Twitter API at the back, so far as I can tell.

~~~
simias
It stood stuck at 0 for a while for me as well, before eventually updating.
It's pretty crazy to see the amount of resources needed to load what is
effectively a static page. I guess I shouldn't be too hard on a joke website
but it's a bit symptomatic of the current state of the web these days.

~~~
harryh
¯\\_(ツ)_/¯

There is a TODO in there to calculate the timestamp based on the tweet id
rather than digging through the tweet iframe after it loads. If someone wants
to submit a pull request for that it should speed things up tremendously.
Bitwise manipulations in JS are annoying though so I haven't bothered.

------
paulpauper
I don't think the Nano hack counts because when they were stolen it was worth
a lot less and the exchange tried to hide the loss for awhile. The exchange
was hacked in Nov. I think, when Nano was worth pennies. Rai Blocks was unique
in that is went up so much, so that's why the figure is so big.

------
paulpauper
_BitGrail lost $170 million worth of Nano XRB tokens because... the checks for
whether you had a sufficient balance to withdraw were only implemented as
client-side JavaScript_

That was just one bug and was not the cause of all the losses. Other users
reported issues with withdrawals and deposits , especially pertaining to
litecoin and etherem over-credits. I think there was a bug that caused people
to get too much.

------
slimshady94
It's been a rough month for sure, but I don't think such a high frequency of
hacks can continue.

~~~
kosei
Well, at a certain point, if this rate continues, people will pull their money
out, fulfilling your prophecy.

------
yeukhon
I was wondering why HN on my iPhone suddenly stretched. Damn, this domain name
is testing the limit.

~~~
dingo_bat
Why would that cause "stretching"? Here's how mine looks:
[https://s9.postimg.org/lcxpndbpr/Screenshot_20180224-203730....](https://s9.postimg.org/lcxpndbpr/Screenshot_20180224-203730.png)

------
maxaf
It peeves me a lot to see virtual currencies described as being "worth"
something in a USD or some other real currency equivalent. By the same token,
why isn't open source code described as being worth a certain amount of money?
I think we can all agree that useful code that powers much of today's
enterprise - entirely gratis, too! - is actually worth a lot more than some
imaginary string of bits that gets traded back and forth for arbitrary sums of
money.

~~~
mcherm
> It peeves me a lot to see virtual currencies described as being "worth"
> something in a USD or some other real currency equivalent. By the same
> token, why isn't open source code described as being worth a certain amount
> of money?

If we called it "code currency" and touted the ability to use open source to
buy and sell things then I think people WOULD compare it to preexisting
currencies. Instead, open source code is touted as a replacement for
proprietary code, and we often hear people making comparisons such as "Gimp vs
Photoshop" or "Linux vs MacOS".

The dollar-value for cryptocurrencies is because they are CURRENCIES.

~~~
maxaf
A thing can't be called a currency until and unless normal people like myself
can use the thing to obtain things such as:

* shelter * food * ammunition * education for the children

As it stands, the craze of virtual currencies is merely a distraction from
important issues, not to mention a waste of electricity and mindshare.

------
patrickaljord
I don't understand people who constantly make fun of new technologies that
we're only recently about to figure out how to make right. Like people
obsessed with making fun of IoT (I don't own any IoT besides a smartphone) or
cryptocurrencies (I own a bit). Isn't it normal for new techs to be failing at
the beginning? Do we really need to ridicule these nascent techs just because
they're not perfect for now?

It's like people making fun of first airplanes 150 years ago
([https://www.youtube.com/watch?v=Sp7MHZY2ADI](https://www.youtube.com/watch?v=Sp7MHZY2ADI)).
First attempts to fly were full of huge failure, many leading to deaths. Many
people ridiculed the very idea we would one day do mass travel by plane.

I thought of anyone, we should know better than making fun of new tech having
some failures, this is how tech works. Because one day, one of these techs may
take off like these planes eventually did and you will be the one looking like
a fool then.

~~~
acdha
It’s more making fun of the hype where people who don’t understand either the
technology or economics make huge predictions based on what would be
personally advantageous for themselves.

Air travel had immediate, obvious advantages. There were many technical
challenges but getting somewhere fast no matter the terrain was an obvious
win. In contrast, the first decade of crypto currency hype has basically been
“you should use your money to make me rich and in return you’ll get to do what
you could already do except it’ll cost more and won’t have fraud protection”.
A hype cycle like that always gets mockery and the way to deal with it is to
drop it, be honest about what went wrong, and do something which useful.

IoT is a good example of both outcomes: bad products get mocked but millions
of useful devices are selling because they do something ordinary people want.

~~~
patrickaljord
> Air travel had immediate, obvious advantages.

And yet, the amount of FUD and ridicule people got for trying to fly was
enormous. In hindsight, the advantages of a successful technology are always
obvious.

> In contrast, the first decade of crypto currency hype has basically been
> “you should use your money to make me rich and in return you’ll get to do
> what you could already do except it’ll cost more and won’t have fraud
> protection”.

That is not how it was introduced to the world, crypto currency was introduced
as a trustless decentralized cash currency no tyrant could ever manipulate to
the detriment of the people, the ability to send cash near instantly to anyone
across the world without a central authority. If bitcoin becomes successful
(not saying it will) at fighting currency manipulation and banking the poor,
people like you will say "Crypto currency had immediate, obvious advantages.
There were many technical challenges but sending money fast across the world
with no intermediary and making currency manipulation by tyrants impossible
was an obvious win.".

~~~
JumpCrisscross
> _And yet, the amount of FUD and ridicule people got for trying to fly was
> enormous_

Sources? Almost immediately after the invention of flight, WWI started putting
them to use [1]. (There was ridicule about the possibility of heavier-than-air
flight prior to its invention. But that’s not comparable to the matter at
hand.)

[1]
[https://en.m.wikipedia.org/wiki/Aviation_in_World_War_I](https://en.m.wikipedia.org/wiki/Aviation_in_World_War_I)

~~~
jwilk
Non-mobile link:

[https://en.wikipedia.org/wiki/Aviation_in_World_War_I](https://en.wikipedia.org/wiki/Aviation_in_World_War_I)

