Hacker News new | comments | show | ask | jobs | submit login
$4.1m goes missing as Chinese bitcoin trading platform GBL vanishes (coindesk.com)
175 points by chaz on Nov 12, 2013 | hide | past | web | favorite | 173 comments



Amusingly enough, this isn't even an uncommon occurrence in the Bitcoin world. Either compromises or shady actors seem to take down a large portion of their services, usually taking large sums of money with them.

It does look like a similar case to inputs.io and a few other sites too, people "invest" or store large amounts of money with a person despite the community making every attempt to warn people that it is a terrible, awful, terrible idea to do so.


From a game theoretic perspective where no parties can be held accountable, being a scammer or hacker will always yield higher pay-offs. This is why Bitcoin will tear itself apart.


What's funny is that because the bitchain (the transaction history of EVERY BITCOIN EVER) is public knowledge, one could easily blacklist stolen bitcoins (simply blacklist the wallet that received the stolen goods and all subsequent receiving wallets, and refuse to accept bitcoins from any of them).

The difficulty would be making the blacklist fast but accurate, i.e. there'd need to be high standards of proof that coins were stolen rather than traded fairly. But if blacklisting took too long the thief could already have fenced the coins for real assets before the blacklist took effect.

Ultimately it could end up looking like credit card fraud alerts - suspicious bitcoin transactions could be put on hold (temporarily blacklisted) until confirmed by the wallet owner. But at that point you lose anonymity. I guess you can't have anonymity and accountability...


How would this work though? You have 4m worth of blacklisted bitcoins. What happens if you go to a legitimate store, like NameCheap, and buy a domain using those bitcoins. You're going to add NameCheap to the blacklist now, because these coins went through them?

Well, you could say NameCheap wouldn't accept those coins in the first place, but can you really expect every store and person to be using this list?

What happens if you take those 4m worth of bitcoins, send 3m to your own wallets, and distribute 1m to random wallets of strangers? How do you know which wallets to blacklist? All of them? You're just going to put tens of thousands of people in the dark, and say their bitcoins are now worthless and blacklisted, because they received a random payment?


> distribute 1m to random wallets of strangers

Hmm, I didn't realize you could send money to people without their consent. That would make blacklisting more difficult. But if receiving the bitcoins was indeed unintentional on their behalf, you could just temporarily blacklist them until they returned the stolen bitcoins to the original owner.

In theory this could lead to attacks where small amounts of stolen bitcoins are continually deposited in victims' accounts, but that could be avoided if the exchanges themselves enforced the blacklist and refused to process transactions from blacklisted accounts (except back to the theft victim).

> Well, you could say NameCheap wouldn't accept those coins in the first place, but can you really expect every store and person to be using this list?

It would certainly require a cultural shift in bitcoin use, yes. I just find it funny that the entire transaction history is public record, yet bitcoins can still be stolen!


> I didn't realize you could send money to people without their consent.

I think the point of blacklisting would mean that miners wouldn't include transactions from those addresses in blocks. Once the transaction is in a block then there's not much that can be done, so blacklisting will require cooperation among a majority of miners.


If you already have the BC you have no need for exchanges to send someone money, all you need is their public address.


Ideally NameCheap would refuse the transaction by sending back the coins to the address it came from.


Who blacklists stolen bitcoins?

People aren't going to maintain such lists individually. So you'd want some central operators, like the antispam DNS services. But then they have to decide what counts as "stolen". Ordered something and then claim it doesn't arrive - who do you believe? You're back to the paypal situation, except rather than reversing transactions you're declaring bitcoins "stolen".

Not to mention the difficulties of running a collaborative central operator in a community of radical individualists.


sounds like you want government...


Can I maliciously transfer my stolen bitcoins to rich/famous people and get their accounts frozen? Is there a minimum transfer, of will 1 satoshi per account be enough? What if I feed them into a bitcoin tumbler before the theft is discovered, does whoever was selling on silkroad that day get their account frozen?


For that matter, can I start stealing bitcoins, and transferring them all to known FBI controlled addresses in order to 'pin' those attacks on the FBI?


It's "normal" to use a different address for each transaction (even when you spend from an address, you spend all of it, sending your "change" to a new address). But I don't know whether you could deliberately send to existing addresses.


"one could easily blacklist stolen bitcoins"

Who will create this blacklist?

"I guess you can't have anonymity and accountability..."

Actually, you can:

http://link.springer.com/chapter/10.1007%2F0-387-34799-2_25


One possible group would be a consortium of parties that are interesting to transact with. Say Paypal decided to mess around, they might have a blacklist.

People that received tainted coins could repudiate them with high fee transactions to invalid addresses (so that most of the coins go back into the network as mining fees). I guess 'invalid address' is the wrong language, but you get the idea, an address with no private key.


Bitcoin was supposed to help fix problems like PayPal holding payments. This seems to make bitcoin vulnerable to it.


> one could easily blacklist stolen bitcoins

Who and how would decide whether given bitcoins are stolen?


No no no no no. This sounds like a nice idea on the surface but it would be terrible. It would destroy the fungibility of Bitcoin, making some coins worth less because they could only be spent freely in countries that don't follow the same blacklists, or on the black market. It would be a huge fucking mess.


Interesting (slight?) counterexample is the foreign exchange market 10-20 years ago, just as it was going electronic. Lots of levered investment but lots and lots of fraud as there was almost no regulation. Like this example, you would have brokerages just take customer funds and then just disappear. The move towards foreign exchange trading was, also like bitcoin, driven by the lack of regulation, speculative possibilities, etc. Since then it's become regulated heavily globally and the game-theoretic defection has not held. Probably something similar will happen to bitcoin.


That's an interesting point. However, I think that the difference between forex and bitcoin in this situation is the goal of the end user. Many bitcoin users are using it because of the anonymity that the system provides, whereas users making large forex trades 10-20 years ago were mostly happy to add regulation and accountability to make sure that they received their money.

Forex traders may have been attracted to a market without regulation but their customers were there to make foreign currency trades. I'm sure that not as many bitcoin users would be happy to lose their anonymity to gain that accountability.


>>Many bitcoin users are using it because of the anonymity that the system provides [...]

I'd say that more and more bitcoin users are using it because of the hype, not because of the anonymity.

>>I'm sure that not as many bitcoin users would be happy to lose their anonymity to gain that accountability.

Maybe not yet. But if everybody currently holding and hyping bitcoin achieves their goal of mainstream adoption, then at that point the new majority bitcoin user demographic will probably be very happy to lose anonymity to gain accountability.


True. Perhaps fundamentally bitcoin really just is cash and not a speculative instrument. And just like cash (as in, like, paper money), there's a huge amount of risk whenever a nontrivial amount of your net worth is tied up in it.

What about the other side of regulation? Not from customers demanding safety but from governments demanding reporting? (E.g. anti-money laundering, tax-evasion laws, commodity markets laws)

I don't know nearly enough about the mechanics of bitcoin to say anything remotely meaningful, but it seems like there is no way that bitcoin won't be regulated like any other commodity. At least in the US, the CFTC will absolutely regulate it by criminalizing anyone for not registering their holdings. Or, even outside of commodities, you could get something like FACTA that forces people/banks to report stores of value in offshore centers where US citizens are involved. This is all US-centric, sure, but why wouldn't it be like this generally? Or, rather, do the mechanics of bitcoin mean you could stay anonymous while not becoming a criminal under the regulation that is going to come?


I disagree. Anyone using bitcoin to he anonymous is doing it wrong; all their transactions are public. Bitcoin is a fine replacement for traditional banking, because there is no way to add ridiculous fees and no way to freeze your assets.


You could say that about banks being robbed a while ago, too. Innovation is chaotic and not well understood in the early days.


I disagree. A service can, on average, be sold for more money than what's stored in it.


Only if the buyer is willing to commit fraud. If I've got a trading platform, and I'm holding $1M but I charge no fees, then my business is not generating any revenue or profit so it's worth very little. The $1M in "storage" is worth more if I steal it.

That's why Wells Fargo has a market cap of $225BN but has assets over a trillion, right?


> That's why Wells Fargo has a market cap of $225BN but has assets over a trillion, right?

Banks are in an unusual position. They have cash, but it's not theirs. Depending on the report and reporting rules, it might be reported as either an asset or a liability.


Assets are matched with liabilities. E.g. I may have an asset worth $1M - namely, my house (I don't, but a man can dream :). Now am I rich or not? It depends. If I owe nothing on the house, I'm in a pretty good shape. If I have a liability of $1.5M mortgage, I'm deeply in the red.


Assets are matched with liabilities + stockholder equity, not just liabilities. (Balance Sheet equation is Assets = Liabilities + Stockholder Equity)


Not in the repeated prisoner's dilemma


Repeated prisoner's dilemma requires that the actions of each player to be held accountable.


If the other party is anonymous or there is an overwhelming multitude of new 'others' arriving, then it doesn't work as the repeated prisoner's dilemma, but the ordinary one.


people will adapt, they are just used to a world where this is not so easily possible


The same problem applies to cash. Your argument does not support your conclusion.


Cash implies a much higher degree of accountability, to do transactions involving cash, you need to be physically present. Whereas you can hid behind 7 proxies on the internet. Cash transactions are also much harder to scale (thus lower volume), limiting the potential damage an "attacker" can cause.


Cash on the other hand falls under institutionalized regulations that are backed up by legislations and law enforcement.


I don't understand. Who still makes significant purchases using cash? People buy McDonalds hamburgers with credit cards.


Who still makes significant purchases using cash?

Me. I'd been slowly weaning off credit cards due to the potential for purchase profiling and then two years ago Visa and MC both started in double-talking about selling "anonymized" purchase histories for online ad targeting -- as if you can anonymously target specific individuals.[1] That obvious prevarication was enough to convince me it was now open season on customer privacy so I cut my usage down to the bare minimum necessary to maintain one account for emergency use.

For me, $100 bills are the new credit card. I get a stack from the teller at my credit union about once every 6 months (careful to stay under the $10K mandatory government terrorist hysteria snitching limit[2]) and spend as necessary. It took a little getting used to, but it quickly became quite normal. I'm confident that my CU does not participate in any schemes to correlate serial numbers on bills with purchases. At least not any non-government schemes.

[1] http://online.wsj.com/news/articles/SB1000142405297020400230...

[2] https://en.wikipedia.org/wiki/Bank_Secrecy_Act


If you think staying under $10,000 prevents you from being reported for suspicious behaviour, I have bad news for you.


That is an unhelpful response. If you have more to add than what the wikipedia article spells out regarding reporting requirements for under $10K transactions, I would very much like to hear it.


Banks are required to file Suspicious Activity Reports (SARs) for anything unusual or, erm, suspicious, regardless of the dollar amount.


Exactly this. Algorithms have moved well beyond a simple "> 10000", and banks are interested in enforcing this, since the penalties are very signficiant (vastly outweighing any profit to be made looking the other way), and the modern anti-terrorism/anti-money laundering treaties are fairly non-gamable (in that they set outcomes and high-level behavious which are expected, rather than giving a precise set of criteria and rules that can be gamed).

Unless regulations relax, there will be an ongoing profitable business for people who sell software that does behavioural analysis on compliance-related cash behaviours for the finance sector.


So, exactly what part of that qualifies as, "more to add than what the wikipedia article spells out?"


This is really interesting. Why do you get out lots in one go? Why not small amounts amounts often (1-2 times a week)?


ARghh... my mother in law carries her money around in $100 bills. It's a total PITA. Cashiers have to call managers to make change, or they just say "I can't break that." $20 bills are much more convenient, if a bit bulkier.


Yeah but now you have to deal with change... I'd take more relevant ads.


I don't really give a damn about the ads. It is the database behind the ad targeting that I have a problem with.

Best case it is really no one's business where, when and how I spend my money. Worst case the info could be used to directly harm me, maybe through blackmail, maybe to enable some other crime against me or maybe even to falsely implicate me in a crime that I would then have to spend time and money to defend myself against in court.

As for the change - my credit union has a coin counter, I bring in a bucket of change, they give me dollar bills in return.


The U.S. has an extreme obsession with credit (and debit) cards, but cash is still much more common in many other countries.

Some of this is probably just due to historical accident, but some of it is also due to differences in the tradeoffs between the various payment methods in different countries.

In Japan, for instance, (1) cash is both easier to deal with in many cases (e.g. ATMs will happily give you very large quantities of it, a lesser crime rate makes using it safer, vending machine bill readers are much more accurate, shops are much more willing to deal with large bills, etc), (2) the presence of other mechanisms like very easy/cheap bank transfers replace some of the use-cases of credit cards in the U.S., and (3) credit cards are more restrictive (e.g. by default you have to pay your entire balance every month).

Also I think credit cards started their climb in the U.S. by replacing checks (which were in many ways very inconvenient), and that gave them enough familiarity and infrastructure to continue from there; in Japan, on the other hand, checks were never really used at all, so credit cards never had that "in."


As a New Zealander, I found the US to be obsessed with cash when I visited for tips, payments, transport etc. In NZ I was recently given a $20 note by a colleague who owed me some money, and I spent it. I commented to a cashier how small our 50c coin is - they looked at me funny and told me it had been like that for 5 or so years. I don't use cash. Never do. I don't have a wallet that holds anything more than 2 cards. I try to avoid cash and never have it on me. I can't remember finding this inconvenient in NZ as we don't tip and everything takes cards.


I had a similar experience as an Australian tourist in the USA. Suddenly I needed a bunch of 1s, 5s and 10s just to handle tipping. It was very annoying.


You were likely being taken for a ride (proverbially). Most Americans don't/wont tip unless there is a tip line on the receipt.


So, in actual fact, there's two layers of annoying wastefulness at work.

Basically I used the small notes when my total was close to a round figure. I could leave a $1.39 tip on a $20 meal or I could add a few $1 notes.

Most of the time I used my card (which is another story) so I could do this more easily, but sometimes you're in a hurry and the extra steps involved in US dining are a pain in the posterior. Hence: carrying small bills to allow tipping flexibility.


Huh... only in the US I guess. There are many countries where cash is the main way of exchanging money, or even the only accepted way. Look at Japan: it's a cash loving country.


In Germany paying by credit card isnt very common. Many people pay with debit cards but still a lot of stores/restaurants and even McDonalds etc dont accept any cards at all. Something like Square would never take off here, but i wish it would.


Here in Australia, we still have numerous retailers who don't accept credit cards or have minimum purchase amounts - due to, I presume, the cost of accepting credit and debit cards here.


I don't know whether costs are reduced for PayPass (tap to pay), but it seems anecdotally that any place supporting PayPass has removed credit card minimums.


PayPass is used by high volume merchants where the cost is low and absorbed. The retailers who have minimums on EFTPOS are using expensive PSTN units that cost up to a dollar per transaction.


I haven't carried cash in months due to PayPass (and discovering my debit card actually had it). I still don't like the "always on NFC" nature of it (I want a button on the card to turn it on), but it's quick and seems to go through a lot faster then the old PIN systems.


I've seen "offline approved" as a response from some of these terminals - I wonder if that means it's checked later?


Nearly every single consumer goods purchase in Japan is done with cash. Most people have around $300 on them at all times. Card readers are becoming more common but still prefer cash


When my car was shipped cross country, the trucker demanded a cash payment. That was $800 -- not massive but quite a lot of cash to hand over. I have also heard of people spending thousands of dollars in cash on a mattress or on appliances.


Yeah, only criminals, if you believe David Wolman:

http://www.amazon.com/The-End-Money-Counterfeiters-Dreamers/...


Here is some data on transaction types for a few countries. Page 446 shows the number (millions) of transactions for credit cards. Should give you an idea of how people are using credit cards.

http://www.bis.org/publ/cpss112p2.pdf


Counterfeiting still happens, right?


You have so many options for storing your Bitcoins which don't even involve trusting that your own internet connection is secure, let alone trusting someone else with your Bitcoins.

We need trustworthy exchanges for buying and selling BTC, but once you have BTC I am not sure why anyone would trust someone else to store them long-term.


Because they don't trust themselves and their equipment not to lose their private key.


That's toothing troubles. Smarter people store their coins offline or on a secure laptop only they control.

Some years down the road, maybe we'll see large corporations offering exchange, escrow and hosted wallet services. Currently it's the wild west.


All these incidents give more weight to the conspiracy theory that Bitcoin is a govt. or central-bank project. "See? This is what happens without central authority. Now go back to trusting our currency. While we don't guarantee decades of stable purchasing-power preservation, we're not as volatile and our banks don't just appropriate your deposits outright.." ;)

They wouldn't even have to be behind every exchange and instead could let stuff like this (and off-shoots like LiteCoin etc.) happen quite organically and still prove their point, as clearly visible..


Oh please. Every anti-government ideologue I've ever met seems to think that absent government humanity is made up of angels or Rousseau-style noble primitives. There are plenty of scumbags to go round, always have been.


The anti-government ideologues I talk to recognize this perfectly well; in fact, it's a core part of their philosophy. They argue that any center of power will actually serve as a magnet for sociopaths and eventually become infested by them, thereby empowering scumbags more than it controls them in the long term.


A specious argument if I ever heard one. For starters, what's with conflating sociopaths with scumbags? Sociopathy doesn't make you a criminal.


Sociopathy very often results in criminal activity or otherwise simply the manipulation of other people. It is confused regularly with psychopathy, which positions of power are far more likely to attract. However psychopaths are generally not criminals and can be very useful to have around in many cases. This discussion is one of baseless scare mongering and it's not really worth it to dwell on.


Every anti-government ideologue I've ever met seems to think that absent government humanity is made up of angels or Rousseau-style noble primitives.

The 'noble savage' [edit:absent government humanity is made up of angels meme] is more a favored construct of the left wing. See, for example the art of Gaugain, Picasso and early modernism. Unless your liberterian ideaolagues acquantences were closest cubists or something.


This is like something out of a Markov generator. 'anigbrowl mentions "Rousseau" and here come "noble savages", Gaugain, Picasso, modernism, cubism, and "the left wing". Huh?



And most pro-government ideologes seem to think that absent government humanity is made up of liars, cheats, and scoundrels. There are plenty of good people to go around, and always have been.

In other words, there are a small number of corrupt people in private as well as government roles, and that's just the way it is. Problem is, in government, they get to dictate the rules that the rest of us have to live under.


Yes. And? I wasn't mentioning or implying angels or noble primitives or scumbags or anything.


In what way do the incidents substantiate a conspiracy? This is exactly what I would expect to happen; electronic scams are older than the internet.

Unless I misunderstand, your "evidence" is like saying "the moon landing is bulletproof, impossible to disprove- which is proof they faked it, because if they faked it they would make it as real as possible"


They'll need to choose a government to blame, before just generically blaming "some government" before I start listening.

Last week it was Britain, the week before that it was the US Government. Today, its the Chinese Government???


If a government produced Bitcoin, they probably would have made it work before they announced it. The original Bitcoin was awful. You could spend /anybodies/ coins! The fact that it gained a community is pure luck.


What are you talking about?


No they don't. People who are predisposed to conspiracy theories will view this as some sort of data point. But given their mind is already made up they don't need more weight.


Wow! Well I didn't say I subscribe to that conspiracy theory and didn't mean to peddle it either. Just that these incidents work in its favour.. funny how emotional everyone is getting here immediately! :D


Ah, and here's the post where the poor, afflicted fellow disavows his stated opinions, because he now believes that the rest of us are government agents, and the conspiracy is even larger than he first imagined.


I guess..


Can bitcoin guarantee weeks of "stable purchasing-power preservation"?


And how does that question in any way relate to my little digression?


You brought up the failure to guarantee "decades of stable purchasing-power" as a failure of g.v.rnm.nt and actual money, which is a claim that you think this is a problem solved by bitcoin.


So bitcoin has given us untraceable currency without the state, except that without traceability, you also have no accountability, no justice, no law. This libertarian nightmare will soon come crashing down.


Yeah, exactly. That's why no one uses cash anymore. Just think of it! If you give someone your cash, they might just disappear!

/s

Bitcoin won't die just because people that want to ride the bubble lose some of their investments. It'll slow down, of course, but storing wealth is not bitcoins selling point, and trusted central exchanges are not essential to the model.


I've never had someone on another continent take cash out of my wallet.


Clearly, because you're smart enough not to give someone on another continent your wallet, as per the analogy.


I'd love to say it's because I'm smart, but inaccessible to bad actors on other continents is the default setting for my wallet. Hell, I'm not smart enough to even figure out how to change the setting. :)


It's the default for Bitcoin wallets also, but some users choose to "change that setting".


I've never had a mugger pull a knife on me late at night to take my bitcoins.

I _have_ had someone on another continent charge things to my credit card.


Did you have to pay for the charges to your credit card?


On average, yes.


I've never had someone on another continent take Bitcoin out of my Bitcoin wallet, and it's incredibly trivial to ensure that it stays that way. What's your point?


Other people have apparently had less success employing incredibly trivial security to keep their bitcoins safe.


Maybe because it's a new technology and we are just learning about it? Who told them to jump in anyway? Didn't they know hackers existed? I bet these are the same persons who leave their $3000 cameras or other gear unattended when they visit less lucky countries, and are surprised when they are stolen from them.


You mean that some people choose to not do the incredibly trivial things that are required to keep Bitcoins safe, right?


Perhaps we should meet in Istanbul with a cashed-up wallet and a very long pair of tongs?


How do you exactly expect to convert your current dollars into BTCs without an exchange?

Also, exchanges are natural monopolies. The more people that go to a particular exchange increases the network effect of an exchange. More people == faster trades, faster trades == more fair prices.

Exchanges will centralize because the economics and network effects of exchanges demand centralization.


I bought my Bitcoins at the BXB (Bitcoin Exchange Berlin: http://www.bitcoin-exchange-berlin.com/p/was-ist-die-bxb.htm...) where I met the seller in person for a long enough time so he could not run with my money. You should organize a Bitcoin Exchange in your city.


I am well aware of local exchanges. But you know, there is this thing called "the internet", which ought to allow me to trade BTC with anyone in the world.

With a local exchange, you get the best price for BTC in your city. With an internet-exchange, you automatically get the best price for BTC in the world... INSTANTLY, without having to schedule a meetup.

The more BTC exchanges converge, the better things will be overall. Trades will execute faster, at a lower cost, with maximum convenience with maximum fairness. It is damn near impossible to settle on a price without an exchange.

Its simply a matter of which BTC exchange will be trustworthy enough to hold the title of "defacto exchange of the entire internet".


The exchange market is currently in the process of decentralizing.

Counterintuitive, perhaps, but it's happening.


It sure is, because Mt. Gox messed things up with their customers. Mt. Gox WAS the central exchange for some time, but they have squandered their position.

Anyway, the forces of physics can be resisted: A thrown ball goes against the flow of gravity, and even Airplanes and Birds can fly for extended periods of time. But in the long term... almost everything follows gravity in the long term.

Similarly, centralizing market forces (in particular: the formation of "natural monopolies") are a known and documented phenomenon. But in the long term, the BTC Market gains more benefits from centralizing... than decentralizing.


>This libertarian nightmare will soon come crashing down.

That sentence tells me everything I need to know about your thought process.


I didn't pretend to hide it... :)


Yeah! That's exactly what happened with cash!

Civilization crumbled and humanity disappeared.

In fact you are just dreaming this life. Time to wake up!

<insert dramatic chipmunk music>


Cash certainly used to be stolen in this way (by the deposit-taker).

What changed is that it became less valuable per unit of volume and mass (due to inflation) and that it became more traceable (due to regulation).

In bitcoin's case, it's designed to be immune to both of these. The wild west is here to stay.


Bitcoin is traceable.

I wonder how the Bitcoins mentioned in the article have vanished? Every body that put money in there should have close look at the Bitcoin block chain and find out where his Bitcoins went.

But as always these kind of articles lack useful details.


Looks like I was under a misapprehension. That leaves (1).


Credit card fraud is far far more common, and cash is also completely untraceable. Untraceable doesn't mean "no accountability or justice or law".


Why do you imagine there's no traceability?


Seems to me like bitcoin is the perfect business opportunity for people with the security skills and know-how to do really really well. The bitcoin world needs solid reputable security professionals to operate the exchanges and wallets. I'd love to hear cperciva's or tptacek's take on bitcoin as a startup opportunity since they are prime examples of people who could startup a bitcoin business and instantly attract people since people would trust them to do what is right.


You mean, financial services? Financial Service companies build trust and relationships with people.

This has nothing to do with "security", and everything to do with "How can I be sure that the other guy isn't a jackass??". Paypal became popular as a financial service to Ebay purchases.

The startups that are running themselves as trustworthy businesses will get ahead. But a year, two years, or even three years is not enough to gain a decent relationship. Lets see if "Coinbase" can weather the storm


Which storm is Coinbase going through?


The question that needs to be answered is: can Coinbase (and other reputable BTC services) establish a trusted reputation with their customers when so many other BTC services are either disappearing or outright scamming their customers?

Or will the general public look at Coinbase and think "that newfangled unreliable Bitcoin thingy".


The current case has zero problems with technical security - it's the ages-old problem of someone holding money of consumers and then running off with it.

There's a single solution (that bitcoiners tend to dislike) - regulate all such entities, requiring them to (a) verify their identities, and (b) post bonds/statutory capital in proportion to all held funds, to ensure that depositors are paid back if the company folds or turns out to be a fraud, i.e., the same rules as banks have to follow.


It's important to remember that millions of dollars are lost daily globally to CC fraud.


While true, it's irrelevant to the Bitcoin account holder. The risk of credit card fraud is spread across the global merchant pool, which comes in the form of a risk premium attached to their fees. This provides the "free insurance" for credit card holders that reverses fraudulent charges.

The cost of stolen Bitcoins, on the other hand, will be borne exclusively by the account holders. It's the equivalent of having one's checking account emptied to due a bank robbery or a bankruptcy. Ordinarily the FDIC insures account holders against this (in the USA), but there's no such protection for Bitcoin account holders.

Bank with care.


Yes, but victims of CC fraud have numerous laws and protections on their side that make it much easier to recover from this incident.

On the other hand, if a BC user had their wallet stolen, then they have zero recourse.


Maybe for the consumer, but if someone walks into a store (or online for that matter) and buy with a stolen CC, the bank will issue a chargeback and the store have to hand over the money, regardless of getting the goods back or not. All shops operate with a fee to cover losses like this.

In short, the consumers pay in the end. So at best we have protections in place such that the consumers share the bill.


> Yes, but victims of CC fraud have numerous laws and protections on their side that make it much easier to recover from this incident.

Very true, and likewise, CC users (both buyers and sellers) have numerous laws and protections that can make transactions annoying, difficult, or even impossible, and Bitcoin fixes some of those problems. Obviously, you shouldn't use Bitcoin unless you feel that Bitcoin's attributes are favorable to credit cards' attributes.


Is it not the case that one can back up their BC wallet into a locally encrypted file, in the event that their online wallet is compromised? I'm a user of coinbase, and have a local backup. I was advised to do just this: take a backup of my wallet, just in case something bad happened to the server. That way, I have legal recourse if push comes to shove.


If your online wallet is compromised and the coins are transferred to new keys, ten backups of the keys that USED to own those coins will be insufficient.


Out of trillions of $ worth of transactions. It's the rate, not the absolute value, that matters here.


True but credit cards are inherently vulnerable as you just need their number, whereas your bitcoin wallet is completely safe until you give it to someone else.


Well you know if my CC number gets stolen, generally the worst thing that happens is my bank calls and says 'hey we're sending you a new card, sorry for the inconvenience' which ok is a real pain if you're traveling internationally or something, but but if something happens to your bitcoins, you're never getting those back.


The point is they don't get compromised in the first place because you don't just trust people with your bitcoin wallet like you have to with a credit card.


A system that is almost impossible (if used properly) to compromise still can be compromised. Meanwhile, ability to easily recover from such events reduces their significance and might be more valuable for some users.


The point is it's possible to be completely secure with bitcoins while credit cards are inherently vulnerable. And we are comparing apples and oranges. Bitcoin is a currency, credit cards are a service. You could, in theory, build a credit card company that deals in bitcoins. But why would you do that? There would be no advantage over just trading with bitcoins, and with bitcoins there is no chance of your credit card number getting stolen.

Someone can steal your bitcoins in the same way they can steal your physical cash.


"There would be no advantage over just trading with bitcoins" for me the purchaser there very much is, because in case the person at the far end is a scammer I have, in theory, at least some recourse.


How do you propose paying someone without exposing your Bitcoin wallet to the possibility that it could be stolen? You basically have to load your wallet onto some computer, and if that computer is compromised, you lose all the money in your wallet.

Credit cards are a much better system because they are designed with the assumption that you will be compromised and the system is set up to minimize the damage of a compromise.


Perhaps like http://www.bitcointrezor.com/ - a keychain fob which lets you pay and recieve bitcoin safely, even on infected computers, as the private key never leaves the device.

Bitcoin's in its infancy so people currently using it are doing so 'on the metal', but the system is flexible and user friendly layers will be built with time.

Also, reversible payment networks can be built on top of a non-reversible-payment foundation, but not the other way around.


Your wallet being compromised isn't the equivalent of your credit card being compromised. You don't hand out your wallet to people and trust them with it, you can keep it safe and secure.

Credit cards aren't designed to be compromised, they've just accepted that they can't do anything about it and worked on controlling the damage.


"It's important to remember that millions of dollars are lost daily globally to CC fraud."

...and that Bitcoin is not even a blip on the radar compared to the daily volume of CC transactions.


Being someone who got scammed out of ~5BTC back when they were ~$50 dollars, this happens way too frequently. We only get to hear about the large cases.


I am new to BitCoin. Can someone help me understand how the money was stolen ? I thought coins are stored in user wallets ?


GBL is for bitcoin like what Etrade is for US dollars (well, sort of). Imagine one day Etrade just disappeared... Then all the money people had in their Etrade account would disappear with it. If you had your money in your wallet, and Etrade disappears, nothing happens to your money. Same with a bitcoin wallet.


They are, but if you wish to exchange currency to/from real dollars, then you need to use an exchange like this, who will "trade" you BTC for currency. Unfortunately, if you had currency stored with the exchange, but did not make a transaction for real currency, it has simply disappeared.


You can also trade in person, like people have done for thousands of years with gold.


People transfer bitcoins or fiat to the service, then never withdraw.


This is why I always find skyrocketing conversion rates of Bitcoin so funny: it's certainly not impossible to get money out as a traditional currency, but it's damn sure fraught with peril.


Also known as theft. Pesky regulations...

As more people use bitcoin, they can only react when things like this happen. Take that lesson and carry it with you.


Nothing to do with regulations, all to do with law enforcement. Theft is illegal.


It has everything to do with regulations - "theft is illegal" wasn't stopping bankers from simply running away with customers' deposits, which used to happen - only regulation did that.


The article mentions that GBL vanished "without a trace". It's a disconcerting statement.


for anyone unfortunate enough to have clicked this comments link....

the tl;dr is "the GOOOOVernment mannnn money money govt sucks MUGGERS. bitcoin is stupid. bitcoin is GREAT! credit cards are like bitcoin but the BANKS are the REAAAAL thiefs post-modernism post-modernism capitalism 'Hello!' the government. THE government. wallets were stupid to begin with. Electronic currency is flawed i hate bitcoin/creditcard cash is flawed cash. Rousseau."

My 2 cents, FWIW... the people I see locally spoutin bitcoin aren't true patriots who believe in ultimate freedom, they're more like get-rich-quick-schemers lol


The only bitcoin person I've met IRL consistently made a bunch of bad decisions on a wide variety of topics.


So I guess the moral of the story is "Take risks"? Surely those bad decisions don't nullify becoming a "bitcoin person" (or a rich person).


You don't know very many techies, do you?


What makes you think Bitcoin is overwhelmingly popular among techies? I can only name 3 techie friends who have ever actually used Bitcoin at any point in their lives, and I do not think any of them are still using it.


(which for some reason makes me paranoid that it's always on the verge of erupting into some banking world version of Amway...)


The interesting thing about all these bitcoin headlines is how they don't seem to slow bitcoin's advancement. I guess if the proposition is compelling enough it can survive a lot of hiccups.

Slightly tangental: I wish there was some way of judging how much bitcoin is being used as a medium of exchange as opposed to a value store/speculation vehicle.


Does coinmkt.com or Mtgox.com solve this issue?


No, you have to keep either coins or cash on deposit with an exchange in order to trade. The smart thing to do is not store your coins on the exchange unless you are actively buying to selling them but plenty of people get lazy and just let them sit there.


And if you've got money holed up in Mt. Gox, who's exchange rate is significantly worse than every other exchange, what do you do?

Ask anyone 9 months ago whether or not trusting Mt. Gox was a good idea. They were the largest and most reliable exchange, and now it has become increasingly difficult to get your money out of it. And now the exchange rate on Mt. Gox itself has been effected by their problems...


"And if you've got money holed up in Mt. Gox, who's exchange rate is significantly worse than every other exchange, what do you do?"

I'll tell you what I did, I bought coins and transferred them out of there ASAP. The official line is that their bank will only do 10 outgoing USD wire transfers per day period. Of course limiting outgoing transfers is the same strategy you would want use if you were financially insolvent and wanted to forestall a run on the bank.


Yup, that is the correct strategy, but Mt. Gox's inflated exchange rates punishes you for adopting this strategy. But this is definitely the right way to go.


A friend of mine had money with MF Global, which is a regulated broker. There's some chance it will be coming back within a couple of years. Or not; it's been gone for a while, and so far it seems no one is responsible.

People who banked with Refco, another broker, are even less lucky. The fact Refco's CEO and chairman went to jail isn't helping them.


Shameless plug: Bitalo [1] will solve this problem very soon, because we don't use hosted shared wallets. Instead, we use a feature of Bitcoin protocol named multi signature addresses, in which two private keys are used to spend funds, only one of which will be stored on the server.

[1] http://Bitalo.com


From my understanding Coinmkt.com is the only venture in the space that has the red tape as locked up as possible.


This looks like theft of fiat money, not BTC. I.e. you deposit and then buy BTC. So they took the deposits. Hence why it's not that traceable, iconically it's easier to start looking for BTC's as the transactions are public. Cash, especially internationally, can be fuzzier.


Novice question. If the transaction history of every bitcoin is public why couldn't the owners find their bitcoin?

Do you have to have the bitcoin to get the history? Does the transaction history not say where the bitcoin went?


It tells you the bitcoins have moved to address 1ekcj57h2kde45... (made up example). But you have no idea who owns this random address


All the Bitcoin-doom prophets in this thread should just consider that larger amounts of money disappeared when Refco and when MF Global went down; and that did not spell the end of brokerage, USD or anything else


Probably not complete but interesting list of bitcoin heists:

https://bitcointalk.org/index.php?topic=83794.0


The currency may be P2P, but the trading of it is mostly certainly not.

I wonder if it's possible to create a more P2P trading platform for digital currencies.


Tulips, tulips, tulips.

Some people never learn.


What does that have to do with a theft?

Is gold or the USD a tulip too?


Unfortunate. Hope it doesn't scare off China's BTC community




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: