Hacker News new | past | comments | ask | show | jobs | submit login
The Satoshi Nakamoto SourceForge account has been hacked (sourceforge.net)
293 points by jordhy on Sept 8, 2014 | hide | past | favorite | 178 comments

Satoshi's account on p2pfoundation.ning.com also made the first comment since he said "I am not Dorian Nakamoto." back in March. It says:

"Dear Satoshi. Your dox, passwords and IP addresses are being sold on the darknet. Apparently you didn't configure Tor properly and your IP leaked when you used your email account sometime in 2010. You are not safe. You need to get out of where you are as soon as possible before these people harm you. Thank you for inventing Bitcoin."


Why is every mention of possible disclosure of Satoshi's identity fraught with heavy overtones of "Your Life Is In Grave Danger"? We have many people who are much richer whose identities are not secret and we don't need to freak out constantly and warn them that They Are In Grave Danger. AFAIK he's not been accused of any crime either.

Is it maybe because Bitcoin enthusiasts have a large overlap with monatery cranks who tend to be conspiracy theorists?

While you're 95% right, you could also argue that irreversible hundred million dollar transactions are a feature unique to bitcoin. That could appeal to kidnappers.

So you're saying holding Bitcoin can be hazardous to our health? Whoa, I don't think that's one of the approved talking points.

If you have a few thousand dollars of gold in your house, you shouldn't worry too much.

But if you have a billion dollars of gold in your basement, you should be very, very paranoid.

Even with perfect security, you'd still be a ransom target.

If you were very paranoid would you rely exclusively on security through obscurity?

It might also occur to you to diversify out of the thing that puts you at risk. Maybe there's even some sort of establishment that can hold funds more securely. He should look into that.

"Security through obscurity" being bad only applies to cryptography, and have no bearing whatsoever to the concept of security in real life.

To answer your question, actually, yes, it's almost proven to be the most effective measurement for one's safety: don't want to get hurt? Don't let people find you: get in a forest/ mountain range and hide.

> "Security through obscurity" being bad only applies to cryptography, and have no bearing whatsoever to the concept of security in real life.

Why do you believe this? The concept predates widespread use of encryption and originally applied to things like physical locks. Their "security through obscurity" approach was custom mechanisms which were easily defeated shortly after development by determined thieves. This race between security experts (in their various incarnations) and security breakers (again, in their various incarnations) has been going on since the first person tried to secure some property with something more complex than a crossbar on a door. And this race continues, even in the information age, to occur in both the physical and information realms.

That statement, read alone, sounds a bit more stronger than I intended for it to be. I agree with what you said. Although I should note that we aren't allowed to run around in top secret building to draw out the floor plan ;).

Thinking about it, I guess "security through obscurity" wasn't the correct term to use in the case. What I meant was simply that: there are completely valid reasons to keep your name and/ or location unknown, both for your safety, and otherwise convenience of life.

Now First Blood is an underrated movie but I'm not sure it, or anything else, supports your claims. Hiding in the mountains has been a proven way of lowering life expectancy for millennia.

This thread matches the "increases bob's chances of being a k00k" pattern from the recent thread patterns link: http://joeyh.name/blog/entry/thread_patterns/

Lol missing context:

"Or he's really right and everyone else is wrong."

On HN I've seen that pattern and sometimes it was a well-respected poster, hammering on something pedantic and off-topic, derailing the thread. Point being, sometimes someone can be right, really knowledgeable and a (thread-localised) k00k.

added: then again, there's also something about HN's discussion structure (mainly lack of collapsing comments like Reddit has) that makes these derails get in the way much more than necessary. Reddit even has place for strings of puns without them significantly derailing the discussion.

Hey now, mountain air and the regular exercise of a vigorous outdoor life style increase ones life expectancy!

Oh sorry what were we talking about? I thought this was the weekly "Where you should move to/away from" thread.

> But if you have a billion dollars of gold in your basement, you should be very, very paranoid.

At close to 25 tonnes, and ~1.3m³, I'd like to see the engineering behind such a heist

Someone stole 6 million pounds of maple syrup from Canada's strategic reserves. http://www.businessweek.com/articles/2013-01-02/the-great-ca...

I'm sure moving a couple cubic meters of gold isn't a problem if you're motivated.

The Global Strategic Maple Syrup Reserve, no less.

15 minutes frittered reading up on that one. Seems the guys set up in the same warehouse so they could have trucks coming and going for a year or so and set up a Maple Syrup dealers in a neighbouring state to ship it to.


25 tonnes is not much... Five people can load it on two trucks in a few hours even without using any machinery.

Kill occupants of building, move 1.3 cubic meters of gold in 30 trips with transport van. Now you have a few other problems, such as making sure that you're not going to end up in the same way. Besides surveillance cam footage recording your whereabout during part of your trip and the distance being fairly easily estimated if you do two trips in quick succession leading to a possible ID and or location of the stash.

But getting it out of there is fairly easy if you lack a conscience and have a van. If you had access to a slightly larger truck it would be easier still.

I believe all you need is several mini coopers.

I understand that reference.

Procuring a "slightly larger truck" should be trivial given the value of the heist.

> getting it out of there is fairly easy if you lack a conscience and have a van

new favorite HN quote

>But if you have a billion dollars of gold in your basement, you should be very, very paranoid.

If i had so many bitcoins as Satoshi Nakamoto i would certainly not store them in my basement. I'd split my private key using n:m scheme and store them in secure deposit boxes in banks.

That doesn't matter much if they can grab you and apply crowbar.

Does this same danger also apply to bitcoin exchanges?

Are they heavily guarded?

Just wondering...

Not at all, you can freely walk into most exchange offices. Theoretically an armed robbery of exchanges and payment processors would be the perfect crime. Commit private address to memory or tattoo it on yourself in code, after the robbery forcing them to transfer to your public address and waiting out confirmations turn yourself in to the police and do the 5 yrs. Walk out with millions worth of bitcoins on your arm. (Penalty here is 5yrs, unsure anywhere else). Blockchain.info would prob nickname that address "Hans Grueber"

They'd keep you in indefinitely for contempt of court for not handing over what you'd stolen.

"In Chadwick v. Janecka (3d Cir. 2002), a U.S. court of appeals held that H. Beatty Chadwick could be held indefinitely under federal law, for his failure to produce US$ 2.5 million as state court ordered in a civil trial. Chadwick had been imprisoned for nine years at that time and continued to be held in prison until 2009, when a state court set him free after 14 years, making his imprisonment the longest on a contempt charge to date."


Claim the exchange operator hired you to rob their own business and they have the private key :P

IANAL, but in the US, the 5th amendment still protects combination locks, and as far as I can tell, passwords.

Prosecutors can be as intimidating as they wish, the government is free to use their magical NSA powers to recover the bitcoin. They can't compel someone to incriminate themselves. giving the wallet address to the prosecutor is effectively admitting to a crime, perhaps just conspiracy, but nonetheless that's self incrimination.

Go for memorization over tattooing.

They can compel you to enter the passphrase to decrypt your computer so long as there is sufficient evidence that you are capable of doing so.

What they can't do is say "only the person who committed this crime knows the password" and then force you to enter the password (since doing so would be self incrimination). It's when it's already known that you could enter the password that you can be compelled to.

I'm not familiar with the American legal system. Ignoring bitcoin entirely, if you rob a bank and hide the money do you get to keep the money after your release from jail?

Plausible deniability. You are only the low ranking front. You don't know the passphrase needed to hand over.

Ask Mt. Gox... Typically an exchange will keep most of its BTC in actual bank vaults. Similar to how you'd store a large amount of gold.

They claim they do but there's never been any 3rd party auditing or verification of this that I know of. In the gold business every reliable business has auditing and insurance while so far Bitcoin businesses are run like a regular startup with open offices. Who's cleaning the offices after hours with access to the workstations or servers, who are the hired developers and are they smuggling wallet stealing software inside to transfer to themselves while on a flight to Brazil, who is writing their custom wallet and is it robust, how do we know they didn't copy every address to themselves. Lot's of security questions I've never seen addressed by any of the big exchanges. There was a payment processor startup that posted their office to bitcointalk.org which was floor to ceiling open glass windows with laptops facing the outside. How many binoculars are trained on those laptops across the street to get logins.

Some friends of mine trade large amounts of Bitcoin on a regular basis and there's never been much of a delay withdrawing. I doubt they are going to a bank to physically take out printed keys everyday for every transaction over $10,000 or phoning 5 people to combine keys. I bet the backups are kept in a safe deposit box, the cold wallet is likely an offline system anybody can walk up to with some kind of feeble authentication judging by past Bitcoin exchange incompetence.

Many of the smaller exchanges are using Blockchain.info wallets as their hot wallet too but won't admit it.

>There's never been any 3rd party auditing or verification of this that I know of.

I think that's intended to be a feature and not a bug. With Bitcoin 'third party verification' means other people no longer use a service after you've generously sacrificed your money to demonstrate their incompetence or malice.

If I'd have a billion dollars of worth gold in my Basement I'd be impressed if somebody managed to steal it. Since 1bn USD in gold would weigh 22603KG...

> Why is every mention of possible disclosure of Satoshi's identity fraught with heavy overtones of "Your Life Is In Grave Danger"? We have many people who are much richer whose identities are not secret and we don't need to freak out constantly and warn them that They Are In Grave Danger.

I think they probably know already. At least if the body guards are anything to go by.

> AFAIK he's not been accused of any crime either.

I imagine the IRS really would like to audit him if he's an American citizen, however.

The euphemism known as an IRS audit would interfere in his life if an exchange into or out of USD took place. Anyone can attribute value to anything. That doesn't make it valuable. Taxation here would require provable gains or losses, as with USD. The transactions of people exchanging only in [bitcoins, metal, coffee beans, rocks, fancy/worthless paper], not in USD, do not imply that any taxable "gains" or "losses" occurred. If it implied this, there would equally be a lot of losses claimed.

It might be covered under bartering.


Presumably the Bitcoins were not worth anything when he mined them and he won't owe any capital gains until he sells them.

Quite true.

Keep in mind, the IRS can audit you out of what amounts to mere curiosity. Having your net worth go up by half a billion or whatever is the sort of thing that might raise some flags and cause someone to want to verify that you haven't realized any of those capital gains, gifted any of them to someone else off the record, or some other thing.

On the bright side, Satoshi Nakamoto should be able to afford a good tax attorney. He'd be a bit nutty not to have one already, honestly.


Everybody blames Gox's shitty custom php wallet and general total incompetence of it's CEO not Satoshi who hasn't worked on bitcoin for years

Not a single person in their right mind would blame Satoshi(or even associate him with) the Mt Gox scandal.

I haven't heard of a single MtGox creditor that has expressed anger towards Satoshi.

If you were really, really angry, and planning to do something about it, would you broadcast that?

If I were rational enough to plan that far ahead, I'd probably be rational enough to realize that the guy who invented bitcoin isn't responsible for anything and everything that happens with it, particularly events to which he has no connection other than having been the inventor.

Like if someone steals my expensive Android phone, I'm not going to find Andy Rubin and punch him. Because that ... just wouldn't make any sense.

Surely Edwin Armstrong bears even greater responsibility in light of his invention of the superheterodyne receiver!

I guess Hedy Lamarr is also dead. Might as well punch Rubin.

To clarify, I'm not saying I wouldn't punch Andy Rubin, I'm just saying I wouldn't punch him because someone stole my phone.

What $500mm are you referring to?

Satoshi mined more than 1 million bitcoins...

If Satoshi can't configure Tor correctly how is Joe Blow supposed to figure it out?

or Dread Pirate Roberts

If the Tor leak thing is true, this could add to the evidence for the common speculation that Satoshi is a collective pseudonym.

how so?

I think the implication he is trying to make is this:

If it was a collective of people it is(might be) more likely that one of them is incompetent(and didn't configure TOR properly) where-as if it was a single competent/careful individual there's a smaller chance of a TOR mis-configuration and resulting IP-address leak.

I don't think it lends much credence to the 'multiple entities' theory at all personally, but that's the best I could come up with. Feel free to correct.

thanks - makes sense

Whoa. Now of course the question becomes is the warning genuine, or is it an attempt to cause Satoshi to do something hasty?

Satoshi's behavior is the opposite of hasty.

Exactly why there would have to be an outside message, motivating him to action in a way that would accidentally identify himself?

I don't really buy the theory, but that isn't really a counter argument...

So could someone explain how an IP address would leak when using an email account? I suppose potentially in the SMTP header, but this would assume he was using a email server running on his own personal ip, right?

So is the guess here (assuming this is even true) that he had an email server running at home, leaked the ip, and then was attacked when someone found it?

Many SMTP servers include the IP address of the sender in the headers (usually the Received header). Just look around, you'll be surprised.

Using webmail would defeat that, though, right?

Not if the webmail implementation passes-on your IP, which it should if you believe Spam is a bigger issue than email sender privacy.

Basically, if a webmail service doesn't pass along your IP, there would be no way for recipient networks to ever block a flood of unwanted email because they could never blacklist, say, yahoo.com.

I read something about this lately... maybe from Paul Buchheit?

Depends on the webmail. Some do, some don't. Easy enough to test for yourself beforehand though.

No. The first hop in the SMTP via headers will usually have your DSL router IP.

Only if your DSL router hosts an SMTP relay. You're confusing traceroute with email.

Many (most?) SMTP servers will include the client IP in message headers. IIRC it's even required by ope of the RFCs.

There was a line in that long post on here the other day about Gmail, encryption, and the spam fight that mentioned how what's-his-name explicitly ignored the RFC by scrubbing the IP address out of Gamil headers, so I think you do recall correctly...

Many (most) people connecting to an SMTP server will be doing so from behind nat. Finding out the users "real" ip address is 10.x.x.x isn't so exciting.

Actually you will usually find BOTH the private IP address behind the NAT and the public IP address of the router in the headers. Check out a few mails you've received from a few different sources, see for yourself.

I just picked the two latest I got (and redacted them) as an example.

The first one sent through GMail (SMTP I guess, not webmail) :

  Return-Path: <xyz@gmail.com>
  Received: from [] (123-123-123-123...bbox.fr. [])
          by mx.google.com with ESMTPSA id ...
          for <multiple recipients>
          (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
and another one, through OVH this time :

  Received: from unknown (HELO ? (xyz@abc.fr@
    by ns0.ovh.net with SMTP;
Both "" were the public IP address from their DSL connections. In both cases as you can see, I could know both IP addresses.

Good point. Looks like google doesn't add these headers if you're using their web interface and apparently the majority of people I email with don't leak this either, however once I started looking there's a surprising amount of emails in my inbox that do. I'm now trying to remember if I deliberately disabled this when I set up our new mail server or not...

It says "used your email account", so maybe it's the log gmail (and others?) keeps of logins to the account that is visable for a few days back?

As others have already written, many webmail providers send the user's IP address in the SMTP header. GMX ("satoshin@gmx.com") definitely sends the user's IP address in the header (Source: GMX user myself).

gmail, for instance, includes the client IP address in mail headers.

I learned this myself recently from an article here on HN, https://news.ycombinator.com/item?id=2083798

Haven't checked it myself, just reported there by a former gmail engineer in the context of their anti-spammer efforts.

You're wrong. Most SMTP requires IP in the header, gmail does not. This causes contempt between certain groups, as while it's a boon for personal privacy, it often hinders investigations.

Here's a video with Mike Hearn giving a talk about spam. At the end and middle are mentions about gmail's lack of IP from sent emails, the end specifically from a network admin expressing his grievances about Google's efforts being a hindrance to law enforcement.


It is , however, standard practice for most SMTP providers to do this.

Interesting. The link I posted above must not be the one I read a few days ago on HN (or somewhere else?), cause it was actually posted several years ago on HN. Let me find what I read recently...

Aha, it was on reddit, and is here: https://moderncrypto.org/mail-archive/messaging/2014/000780....

Ah, and you're right, I misremembered what it said about that, indeed it says gmail does not do that. okay!

Obviously it _could_ if it wanted to, and other webmail might. But gmail does not, okay!

This has been standard practice since the dawn of SMTP.

Gmail has NEVER included the IP in headers (you can easily check this yourself). Hotmail/Outlook on the other hand ...

Depends on how you access Gmail. Webmail doesn't include your IP in the headers. SMTP does.

Ah ok. I've only ever used webmail, it makes sense SMTP would include the IP.

This is not completly true. When using Gmail together with Google Apps, Gmail will include the sender's IP in the X-Originating-IP header.


Please excuse my ignorance here, but how does one track a persons location by their IP? Any time I have tried to look up an IP, I get a really vague result. ie "Somewhere in this city". Is it possible to get very specific results?

You might find it interesting: http://compnetworking.about.com/od/traceipaddresses/f/ip_loc...

IP locations are kept in databases that have many limitations. Some examples of the limitations I found here in France:

- at best your ISP links your IP with the DSLAM location or simply the city for the most lazy. Sometimes there are mistakes: one of my friend living in the north of France has his IP "geolocated" in the south of France...

- lots of big corporations only give the address of their headquarters

- IP location from 3G/4G network is completely wrong 90% of the time

It would be difficult to track a person with just their IP address, but used in conjunction with other information it could be useful. E.g. if you worked out the ISP someone was using, and then used some social engineering on the ISP's customer service rep to get a name or address.

Intresting theory from https://bitcointalk.org/index.php?topic=775174.80


nycgoat on September 08, 2014, 11:49:43 PM Is it possible that he deleted the e-mail address @gmx when he left the project and that it has been recycled? Someone else may have been able to sign up, then use the reset password feature on these other sites. It is likely that the @gmx address would have been destroyed at the conclusion of his participation in the project, as all relevant information and e-mails have been public from the beginning.

1) Satoshi finishes with Bitcoin and deletes GMX account 2) He does not delete other accounts (sourceforge, i2p, etc) 3) GMX account is recycled after x period of time 4) Person signs up for @gmx account after it is recycled 5) Passwords for other sites are reset because they still point to the @gmx e-mail address as a recovery 6) Person tries to profit by extortion and fails

This is probably the most likely scenario... and they probably don't have any of Satoshi's information because it is unlikely that any e-mails were still in the box when he re-set up the @gmx address.


The screenshots in the text file supposedly show evidence that the attacker gained access to the actual GMX account, not a recycled one, since a) there are still messages in there and b) it seems that the account owner has been active, judging from the "replied to" icons in the inbox.

The behavior of the p2pfoundation "resurfacing" of Satoshi is different than the sourceforge one, possibly indicating 2 people with some of Satoshi's credentials, so in my mind that lends some credibility to the explanation on the p2pfoundation post (Satoshi's info being sold to various buyers) as being more likely.

That does not contradict shlorn's hypothesis. One hacker gains access to Satoshi's accounts through @gmx recycling. Then he sells those accounts separately.


Peter Todd ‏ @petertoddbtc

"Interesting, got another forwarded email from "satoshi", from 2011 - indicates this was a hijacked account, not expired and re-registered."


Going to grab some popcorn, this might get pretty entertaining...

Interesting link. I'm sure there's a lot more to come if what they have is true. But the comment about the popcorn doesn't seem right. Is it entertaining to watch him get dox'ed? Shall we encourage hackers holding info for ransom?

"Is it entertaining to watch him get dox'ed?"

uh... yes, of course it is?

I'm not saying it is necessarily a good thing, especially for him personally, but it is undeniably interesting.

Why is Jack the Ripper still making headlines? Because the unknown breeds mystery, which is inherently entertaining to people.

Apparently we know who Jack the ripper is now. http://www.nbcnews.com/science/science-news/was-it-aaron-kos...

He is Aaron Kosminski according to DNA probably.

Will be vetted after his book has sold out. :)

More details via Wired: http://www.wired.com/2014/09/satoshi/

1) A pastebin threating to dox Satoshi for 25 BTC: http://pastebin.com/7gbPi8Qr. Address has received less than .02 BTC thus far: https://blockchain.info/address/19pta6x1hXzV9F5hHnhMARYbRjux...

2) The GMX screenshots show 11k+ emails in the inbox, with one from as far back as June 2013

Mirrored screenshots here:



Edit: To respond to https://news.ycombinator.com/item?id=8288579

Looks like "Phone 31x" under the email address, which is consistent with St Louis area code of 314.

It's fascinating to see that the account seems to be active, if we are to trust the "replied" icons to G.M. (Bitcoin developer?) and R.M. (Wired reporter that wrote the article on this leak?).

EDIT: From the Wired article, it seems like the hacker corresponded with the Wired reporter via the email address (to prove authenticity?) and may have done the same with the Bitcoin developer as well, judging from timestamps.

I believe gmaxwell mentioned on #bitcoin-dev that he was emailed.

So we're looking at the gmx.com account being legitimately hacked -- but Satoshi had good enough opsec to not leak anything interesting from the account.

The hacker gained access to the gmx.com mailbox - resets all of the third party accounts and still comes out with nothing of value?!!

1) So he has to fake an invoice to gain media buzz? I don't buy it.

2) What's in the outbox?

> but Satoshi had good enough opsec to not leak anything interesting from the account.

Except is St Louis Missouri street address and telephone number.

Could be some scammer buying something and leaving a fake email.

The "Lancelot" (line item from order) manual?


That guy did a really bad job of blacking out sensitive information. It probably nails the receiver down to only a couple of hundred people.

With a bit of levels adjustment and http://i.imgur.com/y0Ee8cl.png

We're being lied to. This is fake. The street address doesn't match the post code.

My assessment: The hacker created the order himself, with fake ID, fake address and doctored the timestamp.

The hacker probably thought it was real. That website lets you pay cash (locally in China). You can enter any name/address/email/phone number you want, there is zero validation, and you can submit as 'cash', so no payment required at that time. You will get a confirmation e-mail like Satoshi did. So someone was probably just messing around and submitted a fake order in 2013, for whatever reason.

I agree. The email in the screenshot smells like a hoax (assuming your level stuff is legitimate; I haven't played with the source image in GIMP myself).

63101 is the downtown area (right by the Arch) – not really a place most people live, but the kind of place you might get if you Googled "St Louis zip code".

Also amusingly, "198 Bruce Ave" (not Street as in the email) is right in the center of the area Google labels Ferguson, MO.

Or somebody created the order and used that email address as a joke. Most online stores don't make you confirm an email address when you place an order.

Now, after this much time since that order, that person will be the star of the next Newsweek article because they didn't want to use their real address when buying a miner.

> With a bit of levels adjustment

Care to explain?

Bumping the shadows/black levels so that they are brighter. Literally just moving a single slider all the way to the right in photoshop or lightroom. Just google 'levels', or here's a decent intro: http://www.cambridgeincolour.com/tutorials/levels.htm

Assuming it's not doctored, I'm very surprised he would order something from a random company to his real name/address using his Satoshi e-mail...presumably he has other e-mails, and that seems like pretty horrendous op sec. Unless he bought it for a friend?

edit: the item he ordered was a FPGA in mid 2013. He's really bothering with a single $400 miner in 2013...? He doesn't have enough BTC?

> FPGA in mid 2013

That's further evidence that someone placed an order on his email with a fake address for giggles.

The first email in that screenshot has a date of "12/6/22".

Perhaps a date parsing error?

No. Probably the date was set wrong by the sender.

YY/MM/DD (June 22, 2012) ?

That's the chinese date format (GB/T 7408-2005), so the GMX web mail client probably doesn't convert it into a uniform format.

So, a date parsing error?

If the BTC creator is from St. Louis, I would suspect it being a project of the St. Louis Federal Reserve Bank. They've been a proponent of the technology (releasing whitepapers, articles, Q&A's, tweets) even during times of outrage amongst politicians.

screenshot not loading for me


We suspended s_nakamoto's account 2 hours and 17 minutes after the attacker gained access to that account.

After generating a list of changes made, confirming method of attack, and identifying no serious changes to project content, the project was restored to its pre-attack state, and the compromised user account was removed from the project.

Risk to the community is believed to be low, as file content wasn't modified.


Roberto Galoppini, SourceForge.net

See https://sourceforge.net/p/forge/site-support/8512/

It's looking like his email address got recycled, and someone is using that to request password resets on accounts associated with it.

Hackers have changed bitcoin's description to read:

Buttcoin is a peer-to-peer butt. Peer-to-peer means that no central authority issues new butts or tracks butts. These tasks are managed collectively by the network. It’s like a bitcoin, but with butts instead.

Buttcoin.org is also a satirical blog that mocks the extremely vested segments of the Bitcoin community: http://buttcoin.org/

I used to read it at one time, and it was actually often the voice of reason in a sea of anarcho-capitalist pipe dreams, but I don't know about its present state.

It was bought by a straw purchaser on behalf of BFL, a Bitcoin mining hardware manufacturer with an aversion to shipping in a timely fashion, as a reputation management ploy. They edited some pointed posts about BFL and left the rest of the blog up.

Just another day in the Bitcoin economy.

The original buttcoiners seem to have moved on to http://reddit.com/r/buttcoin

The buttcoiners seem to make light of the BFL purchase, since in their mind, the former owner has done something that many Bitcoin investors have not - made a profit off of Bitcoin.

Starting to wish these guys would hire writers. So much more exposure for saying something clever or funny... but no. Butts.

Butts are always funny

theymos: "satoshin@gmx.com is compromised"


If you take the screenshot showing the leaked e-mail from an order 'he' placed at CardReaderFactory, you get an interesting data point:

- You can lookup orders tied to the e-mail address shatoshin@gmx.de - You cannot lookup order tied to gibberish accounts, like odn2n489n4@gmail.com

Proof: http://imgur.com/a/22z72

And what does this say?

That the order was real, but that doesn't necesarily mean Satoshi ordered it, since it could have been someone else giving his address.

That a legitimate order exists and has been placed using satoshi's email address.

The address is invalid.

Seems to have been reverted now.

A bitcoin address appeared on satoshi's profile page:



Satoshi Nakamoto posted a status:

"Tip Jar: 19pta6x1hXzV9F5hHnhMARYbRjuxF6xbbV"

One of the comments on the Wired post[1] shows that the email from CardReaderFactory is a hoax: you can see the person's name using the Levels tool in Photoshop.

Confirmed with Photoshop myself using the imgur image links I got from this HN post.

[1]: http://www.wired.com/2014/09/satoshi/#comment-1580438754

What makes this a hoax? Couldn't that person be Satoshi?

Apparently, that address does not exist.

How can you blackmail a person for digital information you steal? Who knows if you won't blackmail again?

How's that different from non-digital information?

There is at least an original copy.

Yes, but a very slight degradation in making an analog copy of some pictures or records won't degrade their blackmail value.

I won't post a working link to the images but I did view them and the top-most email says it was sent 12/6/22, a date that has not occurred yet. So this is either a bug in GMX that doesn't validate timestamps or he didn't finish his otherwise convincing photoshop job :-)

The email in question looks like a Chinese spam email, which are often sent with dates in the future to show up at the top of date-sorted inboxes.

See also: "spam chinese emails from the future?" http://forums.androidcentral.com/samsung-galaxy-s3/278777-sp...

Strange. I've never noticed such an email in my inbox. I would have thought that a future timestamp would be flagged by their spam heuristics.

I believe Satoshi Nakamoto is zohar002. This is my belief... At least for now!


This makes me wonder whether the "I am not Dorian Nakamoto" message left on p2pfoundation is also a fake. It did seem weird back then that instead of signing a message using his well known public key, he decided to use a p2p forum to announce the fact.

Heh, so far this guy has earned about 10 bucks.


Whoever satoshi is/are, it's a good opportunity to step forward and become the public face of bitcoin without this stupid hide-and-seek.

Couldn't this person who has Satoshi's GMX email then reset the passwords on any of Satoshi's existing accounts?

if he has a lot of bitcoins, wouldn't it be smarter for him to just sell them right now ?

I mean it's much safer to have real money in a bank account than to have bitcoins.

If he sell any of them it will be easy to track him down.

why track him down ?

What was there? It is just the bitcoin SF page now.

Someone apparently defaced the project description replacing "Bitcoin" with "Buttcoin" and so on. Someone else apparently restored the original version.


more relevant link: https://archive.today/odPyB

I just ploughed through the thread on the bitcointalk forum. (disclaimer: a lot of the following summary is based on hearsay and lacks evidence)

Some kid hacked the satoshin@gmx.net mailbox, by guessing the birthdate forgot-password check on gmx.net (yes, it sounds kind of unbelievable to me as well).

He probably used this email to gain access to the SourceForge account, and wrote some juvenile texts about "buttcoin" (everything seems to have been reverted now, see https://news.ycombinator.com/item?id=8293062 ).

He also used the mailbox to gain access to Satoshi's account on p2pfoundation.ning.com, which is the same place where the "Dorian is not Satoshi" message was posted a while back when some news media thought they found SN. Then he used this account to try and pull off a "give me 25BTC or I'll release SN's dox" scam. Nobody in the bitcointalk thread seems to believe the kid actually has SN's dox, because Satoshi was clever enough not to leave personal info in that mailbox.

The kid also used the email to try and threaten the bitcointalk forum admin ("send me some coins before I hitman you" ...). The forum admin seems fine to just let it be, because no real damage has been done, it was just a kid and by now the kid and his family have been doxed, who's probably scared shitless right now realizing what sort of serious business he's been messing with.

Adrian Chen tried to mail satoshin@gmx.net with some questions, and in response got a screenshot of the mailbox, "proving" it was indeed under someone else's control: https://twitter.com/AdrianChen/status/509162847130370048/pho... . There's a second screenshot of some invoice of someone ordering a bitcoin-mining device, with the address info photoshopped out--which was done badly because someone on Reddit quickly revealed part of the name and address. But that order seems partially fake, just some guy that thought it was funny to enter Satoshi's email when ordering the device.

It's assumed the kid no longer has access to the satoshin@gmx.net mailbox. Again I didn't see these claims substantiated either.

All in all, someone smarter could have done a LOT more damage with this hack. But whoever did this really screwed it up. There might be some unintended clues about Satoshi's identity in that mailbox, but it seems like whoever got access isn't clever enough to string all that together (tying it with the research done into his identity so far). So unless the whole mailbox gets dumped somewhere, that's it, case closed?

What are the signs that it has been hacked, the sourceforge page looks correct, has it been recovered?

They changed the description to "buttcoin" (which has now been reverted), made some private information public, and removed the administrators. See: http://www.reddit.com/r/Bitcoin/comments/2fuuzf/the_old_now_...

Could this be a government posing as a hacker in order to discredit the threat to mainstream currencies? I don't think so, but I do think conspiracy theories will be abound!

I'll play. My conspiracy theory is that this is a PR stunt by gmx.com to advertise their email service. Motive and opportunity!

Funny theory, but then again, it wouldn't be great advertising considering the gmx account was compromised. Which maybe makes it funnier.

Bitcoiners tend to discredit only themselves.

No no, it's a conspiracy to create a conspiracy around the conspiracy.

Hanlon's Razor is instructive here.

Hanlon's Razor is enemy propaganda.

I wonder if this could be Satoshi creating an additional layer of complexity in the hunt for his/her identity. By compromising his email address and web properties he can basically direct the masses in any direction he/she wants to. While ensuring that they have false bits of information seeded within them.

Creating a myth and story around the creator is brilliant to ensuring future relevance. I doubt this is a planned event; however, if the Satoshi did plan it... Wow tip my hat to you sir/ma'am

And what if you are Satoshi, and you created this account to create a third dimension of complexity.

What if I created a 2nd account to make my first comment seem absurd?

"It's Satoshi all the way down"

Nah. For example, this isn't Santoshi.

..... or is it....

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact