
Bitcoinica lost customer database, has no up to date record of trading balances - Estragon
https://bitcointalk.org/index.php?topic=81045.msg921245#msg921245
======
apsec112
From HN thread announcing Bitcoinica's launch, some months ago
(<http://news.ycombinator.com/item?id=2973301>):

"I'm going to pitch a different take than a few others: Yes, great initiative,
please keep trying things and building things, but end this project now. There
are no probable outcomes where you do not end up having to explain where
thousands of dollars of other people's money went to some angry people.
There's also very nontrivial odds of being on the wrong end of armed Federal
agents, based on some of the other comments you've made here. This is a
horrible, horrible first-project sort of project."

"Doing your best probably isn't enough. To have any hope you'll have to hire
expensive security people and buy lots of insurance.

All you need in order to be exploited is to be using software with 0day
exploits. Many known exploits are not public. In a very real sense, you are
only protected to the extent that you are a small target.

As the potential payoff of a hacker approaches $1 million, the likelihood of
being hacked approaches 90%. Software really is THAT insecure and bitcoin
thefts are not prosecuted making it basically risk-free to steal bitcoins."

"-- spectacular failure is your destiny if you don't work very hard to prevent
it

\-- spectacular failure may be your destiny even if you do work very hard to
prevent it"

~~~
joe_the_user
The problem is that the only kind of person who would start such a project
would be a person who would be immune to these warnings...

------
jimrandomh
genjix wrote in
[https://bitcointalk.org/index.php?topic=81045.msg920554#msg9...](https://bitcointalk.org/index.php?topic=81045.msg920554#msg920554)

    
    
      > To the person above, here's what happened: 
      > - Bitcoinica has an internet mailing list called info@bitcoinica.com  
      > - It was the email for the website and all sensitive accounts.  
      > - You could request a password for that email. In a production system, that
      > should never be possible.  
      > - Several people had access to this mailing list (non-admins and business
      > people included).  
      > - Patrick got added.  
      > - His personal email was compromised. Normally this shouldn't be a big deal; I
      > use my personal email at internet cafes and public computers.  
      > - Attacker was able to request a new password and login to rackspace.  
      >   
      > The assumption here was that info@bitcoinica.com did not have access to 
      > critical infrastructure.
      >
      > Lastly, it was my fault Patrick's email server got compromised. I had a VPS
      > for programming and development which many people had access to - randoms from
      > #c++ IRC, people from this forum, beginners I was teaching .etc It's a
      > public VPS for development. The SSH key on there was added to Patrick's server
      > because we were developing the bitcoinconsultancy.com website on there (that's
      > why it's now down). My SSH key was stolen and he ssh'ed into the box.
      > Then had access to his emails.
    

So there you have it: it was one of those damn "Forgot Password" buttons,
combined with mishandling email. The security of a server can't be better than
the security of the least-secure computer with administrative access, and it
looks like in this case, that was spread a little further than it should've
been. This attack might've been prevented by introducing a delay: send an
email saying that a password reset was requested, with a cancelable reset
after several hours. But as far as I know, no one does that.

~~~
mbreese
It looks to me like the root cause was reusing an SSH key on a secure system
and a public system. If the SSH key was compromised, that would lead me to
believe that the private key was on the public/insecure system. That is a big
security no-no as well.

------
z92
When its founder declared this on HN 8 months back:

"I'm the creator of Bitcoinica. I'm not so established here. To be honest, I'm
only 17."

<http://news.ycombinator.com/item?id=2973313>

I was waiting since then to see how bad can things possibly go.

Unlike other sites where people hack for fun, bitcoin offers hackers the
opportunity to get some real money.

------
gosub
This comment thread is full of people saying that incidents like this are
mining the viability of a bitcoin currency. What many don't see is that
bitcoin is an algorithmic solution to a problem a lot of people have
(decentralized, untraceable money transactions). The implication of being
algorithmic is that you don't have to trust people anymore, just the math.
Even if this currency fails, the solution remains and will continue to be
implemented.

For example, geometry was literally invented to measure land. I'm sure that
when the Pythagorean theorem was discovered, some of the first "geometers" did
screw up and made a wrong land measurment. Maybe some of the reaction at the
time were: "Well this geometry thing is too dangerous, if one small calculus
error could make me lose half my land. It will never catch on."

~~~
jsprinkles
I'm not following. You're saying that Bitcoin's discovery is equivalent to the
discovery of a new field of mathematics?

------
pbhjpbhj
So basically they used a server that could be deleted online by getting a
single password (which was acquired via an SSH key for the bitcoin server
being left lying around).

They didn't make offsite backups (sounds like they used to but stopped).

When the server was compromised they didn't realise that it could be deleted
by the cracker.

One thing I don't understand, as these appear to have been real servers on
Rackspace (you wouldn't exactly use a shared VPS, surely not?!?) couldn't they
be recovered after the online "delete server" button was pressed? The top
comment on the linked thread says that Rackspace had the server locked down
with the only available option for the cracker to delete (which sounds very
strange).

~~~
muyuu
It was a cheapo cloud VPS server, I shit you not. After getting their ass
stolen for that very reason at Linode.

This site had a massive running profit and still went for the very cheapest
option. Rackspace even offers financial services grade servers. I bet these
aren't cheap though.

------
citricsquid
This seems to be the... 4th problem bitcoinica has had? 5th? Maybe event the
6th, why do people still use this site? Surely it has been shown on multiple
occasions they can't be trusted with security.

~~~
Cushman
Their database was deleted and their site has been replaced with a form
_asking_ former users how much money they remember having.

I doubt very much that anyone is still using the site.

------
micahgoulart
Imagine putting your money in a bank where every day, hundreds of burglars
attempt to anonymously get in and steal money that cannot be traced back to
you for you to recover it.

Sounds like a great place to put money in.

------
mdonahoe
I hope people stop making services like this. Bitcoin is distributed for a
reason

~~~
dublinclontarf
It is rather hard to distribute a market, centralisation be it's key strength.

~~~
Symmetry
Not really. I mean, there's nothing centralized about dollar bills. As long as
people publicly list their prices in bitcoins, everything will work out fine.

People will always need bitcoin exchanges to convert between bitcoin and other
currencies, but those don't need to be storing other people bitcoins.

------
RKearney
This isn't so much a problem with Bitcoin as much as it's a problem with
under-qualified people trying to set up "banks" online.

------
navyrain
I'd like to think that this was some sort of nefarious action from an old-
guard finance company who was threatened by Bitcoin enough to resort to the
enlistment of some hackers.

In reality, this was plain amateur security practice, and if this sort of
sloppiness continues, the bitcoin brand will be trampled so badly it will
never get off the ground.

~~~
Estragon
It's already well and truly off the ground.

------
uptown
What problem does bitcoin solve? I've tried to understand the need for it, but
just don't get it.

~~~
javert
Here are some features that make it appealing.

(1) Fixed total supply, so it can't be manipulated by central banks.

(2) Fast online transactions (e.g. Paypal, without the problems of Paypal);
ease of developing all kind of Web services around this.

(3) Anonymous transactions are possible, which can be beneficial in many ways
(for example, not getting taxed...)

~~~
Steko
(1) is only a selling point to people well outside the mainstream. Most people
would consider this a huge negative.

(2) meanwhile I can buy things with one click using dollars.

(3) tax evasion, drug dealing and money laundering are not things that society
generally wants to facilitate

~~~
javert
Well, I just listed some of the features that many people who like Bitcoin
like about it. That other people may not care about those features is kind of
irrelevant.

~~~
terangdom
Until they shut it down.

------
godDLL
Wait, is this going to happen to all of them trading sites, _in turn_?! Is it
something to say about the kind of people that are attracted to fast and
furious trading, or is it just random negligence hiveminding?

------
DiabloD3
I'm still offering a deal to people bit by the Bitcoinica failure to rebuild
their investment portfolios:
[https://bitcointalk.org/index.php?topic=77469.msg901042#msg9...](https://bitcointalk.org/index.php?topic=77469.msg901042#msg901042)

Basically, I'll trade bonds in GLBSE listed mining companies for shares in
DMC: ~2/3rds of a BTC worth of bonds for 1 BTC worth of DMC.

Bitcoinica royally screwed a large number of investors, and I want people to
know and understand that not all of us are people out to steal their money.
Some of us really are completely honest businessmen.

------
meatpopsicle
This is what a market debasement looks like, ladies and gentlemen. If you can
pay someone to keep Bitcoin performing poorly, you can mitigate the loss from
your own failing currencies.

Perhaps I'm the only one that feels this way (I almost hope I am), but this
news is making me want to put all of my money in bitcoin. it's a good time to
get in on the action.

~~~
SkyMarshal
If your implication is correct, and someone is paying black hats to debase
bitcoin, and nobody has any idea who is behind it so that those efforts will
likely continue, then how does it follow that now is a good time to get in on
the action and put all your money into BTC?

------
noarchy
This is nothing compared to the amounts of money involved in the botched
Facebook IPO. If this incident proves that Bitcoin is in trouble, then by all
mean extend this reasoning to NASDAQ, and other institutions with major
incidents.

------
bigphishy
Phew, good thing I haven't been investing in bitcoins..

~~~
sgornick
Comically, many of Bitcoinica's customers were those who sent funds to the
service to be able to go short (bet against) bitcoins.

But those "investing in bitcoins" wouldn't have lost from this unless they
also happen to have been speculating at Bitcoinica with them. Bitcoinica is a
service where a financial product called a contract for difference (CFD) is
traded.

------
jsprinkles
With all the disclosures and absolute failures of security and operations that
we've seen coming out of the Bitcoin field, can we start to quell the attitude
that the Bitcoin market as it stands today is a real currency market? The only
people that seem to work on Bitcoin secondary trading mechanisms are people
that just know how to write a Rails app, and most seem to lack security sense
or reliability awareness. Personally, as a seasoned developer, even I know
that I probably shouldn't write a _currency trading platform_ alone. I'm aware
of the ramifications and what can go wrong, and I'm smart enough to rule
myself out.

I will _never_ call Bitcoin a real currency until you see a platform that
actually knows what it's doing. Really, I'm sorry, that's just how it is, and
the Bitcoin fans that are about to show up and try to tell me otherwise are
just as misled (and are inevitably going to be victims of being so myopic). If
you want to call Bitcoin real money, it needs to be treated like _real money_.
In software terms, that means it is a big deal.

There is a reason currency is regulated heavily. You are witnessing it.

Edit: Clarified that I'm not attacking Bitcoin itself.

~~~
fl3tch
It's a real currency market, it's just at the Bonnie and Clyde stage of its
evolution. Consider how lax bank security was in the 1930s that a single
couple could rob banks for years with a fraction of the sophistication of
modern day bank robbers.

You couldn't get away with it today, not for that long, but it was possible
with "real" money, "real" banks, all government backed, at one time. And that
had centralization and identity built into it. The bitcoin community isn't big
enough to have serious security professionals yet, but that doesn't disqualify
it as a currency market.

~~~
jsprinkles
Which is why my comment has said, from the beginning, "as it stands today".
Those interested in Bitcoin should seriously learn from those very mistakes
that you're discussing, rather than re-learning them all over again.

~~~
jokerswild
What does is matter? Everyday people get mugged and killed over cash... do you
believe cash is not a "real currency" because of this?

~~~
codesuela
The difference here is that no one carries around the amount necessary to tip
the balance of the economy, which is very much the case with Bitcoin sites
such as Bitconica

~~~
muyuu
Actually just 18.5K were stolen and it didn't affect bitcoin's valuation. We
are enjoying very good stability at this moment there are very few people
leverage-trading.

------
jasveer
"It's my fault to not set up a offline backup schedule."

For fuck's sake.

~~~
LaSombra
Looks like a bunch of accountants and wannabe bankers bought some developing
books and start to "invest" in BitCoin. They are missing the basics.

~~~
beedogs
They're not necessarily accountants and business school dropouts. Never
underestimate the incompetence of the average IT worker.

------
maeon3
Protecting physical gold is just as hard a problem. Placing the gold inside a
steel and concrete Box where only one person can open it still isn't secure.
The problem is that without laws to punish people who steal, they will
eventually break all of your security layers.

Perhaps we can design a new currency that goes back to basics. Money is just a
contract between two humans, goods or services now are traded for claims on
future human labor. Instead of using numbers or possession of objects, use
something that can't be stolen. A system that streamlines the ancient
bartering system. Trade you 100 gallons of milk for a new transmission. But
instead of holding money, you perform the transaction real time. Instead of
being paid in money, you get paid in receipts for goods/services performed
which can be traded.

~~~
SkyMarshal
Adam Smith actually wrote about just such a system, which later came to be
called Real Bills.

<http://www.safehaven.com/article/17603/real-bills-revisited>

TLDR: When a merchant buys, say, a dress, from a producer, the merchant pays
the producer with a note that gives the note's recipient the right to x% of
the eventual sale price of the dress.

The producer can then use notes like that as a form of collateral for their
own notes, which they can use like cash to pay upstream suppliers with it
(fabric, thread, dye, sewing machines, etc).

Items tend to sell, or clear, within 91 days, so that is the term of the note.
Eg, the note is 'self-clearing' within 91 days.

Eventually the dress will sell, and the cash/gold proceeds will remit up the
chain, from merchant -> producer -> upstream suppliers, until all the notes
and their derivatives are redeemed.

It's basically an alternative to bank credit that's backed by sales of real
goods.

------
paulhauggis
I don't even run anything close to something as important as Bitcoinica and I
have daily database backups. What were they thinking??

~~~
eli
Are your daily backups set up in a way that they are impossible to delete if
your server is 0wned (either offline or using some kind of write-only scheme)?
If so, I think you're ahead of most people...

------
berberous
Yikes.

