elective-stereophonic
elective-stereophonic
The Reorg: Postmortem singapore
Please login or register.

Login with username, password and session length
Advanced search  

News:

Latest Stable Nxt Client: Nxt 1.12.2

Pages: 1 2 [3]  All

Author Topic: The Reorg: Postmortem  (Read 9102 times)

Brangdon

  • Hero Member
  • *****
  • Karma: +229/-25
  • Offline Offline
  • Posts: 1389
  • Quality is addictive.
    • View Profile
Re: The Reorg: Postmortem
« Reply #40 on: August 16, 2014, 12:15:27 pm »

I would assume something like this added to the core of NXT anyone would be able to see if it was active, If it was inactive then it would be simple to just not use the exchange.
Good point.
Logged

Eadeqa

  • Hero Member
  • *****
  • Karma: +83/-68
  • Offline Offline
  • Posts: 1888
    • View Profile
Re: The Reorg: Postmortem
« Reply #41 on: August 16, 2014, 12:19:54 pm »

1556067.444645
The best part is that I have only just done the international transfer recently to get these.


Memories.

Argh. That sucks.
 
Logged
NXT-GZYP-FMRT-FQ9K-3YQGS

Jacinto

  • Hero Member
  • *****
  • Karma: +55/-20
  • Offline Offline
  • Posts: 662
    • View Profile
Re: The Reorg: Postmortem
« Reply #42 on: August 16, 2014, 12:23:01 pm »

1556067.444645
The best part is that I have only just done the international transfer recently to get these.


Memories.

I am 65% sure that you will recover at least 65% of that bunch of NXT.
I feel it!  :)
Logged
BCNext son.

gs02xzz

  • Hero Member
  • *****
  • Karma: +56/-12
  • Offline Offline
  • Posts: 1101
    • View Profile
Re: The Reorg: Postmortem
« Reply #43 on: August 16, 2014, 01:08:21 pm »

Kushti is starting to work on phasing by the way. He recieves NXT monthly but I believe this specific work also deserves a bounty for it's usefulness.
I planned to start phasing last monday, but stuck with adopting to last changes in core. Hope I'll start phasing next monday(Aug 18th). bounty would be great!  :)

Is the phasing = Account Control or a part of AC?
Logged
Nxt Mission is to commercialize the crypto technology and build new commerce and society.

Come-from-Beyond

  • Hero Member
  • *****
  • Karma: +794/-671
  • Offline Offline
  • Posts: 4013
    • View Profile
Re: The Reorg: Postmortem
« Reply #44 on: August 16, 2014, 01:11:03 pm »

Is the phasing = Account Control or a part of AC?

They r separate features.
Logged

Fatih87SK

  • Hero Member
  • *****
  • Karma: +127/-36
  • Offline Offline
  • Posts: 2206
    • View Profile
Re: The Reorg: Postmortem
« Reply #45 on: August 16, 2014, 02:03:44 pm »

Is the phasing = Account Control or a part of AC?

They r separate features.
What will be possible with Phasing?
Logged

Come-from-Beyond

  • Hero Member
  • *****
  • Karma: +794/-671
  • Offline Offline
  • Posts: 4013
    • View Profile
Re: The Reorg: Postmortem
« Reply #46 on: August 16, 2014, 02:55:27 pm »

What will be possible with Phasing?

Control other accounts. With AC u can control ur own account.
Logged

rstanaford

  • Jr. Member
  • **
  • Karma: +8/-1
  • Offline Offline
  • Posts: 37
    • View Profile
Re: The Reorg: Postmortem
« Reply #47 on: August 16, 2014, 04:08:12 pm »

Forgive me, gentlemen, but how would AC have mitigated the theft in the case of Bter?   If I understand correctly, this was not some kind of side-window intrusion where something was faked or spoofed.  The attacker walked through the front door and manipulated the wallet directly.

And how is this indicative of NXT "needing to be fixed"?  There was no feature of the NXT protocol that was exploited in the theft.  It is tantamount to a guy driving a bus through a church picnic because the keys were left in it.  And now the discussion is seeming to center on the notion of making so busses can never leave the road again.

The problem is you can't fix stupid.  And leaving the proverbial "keys to daddy's car" laying about for just anyone to grab is about as stupid as it gets when other peoples' money is involved.

I read through that ridiculously long threadnought yesterday and picked up on the suspicions of some that all may not be what it seems regarding the incident, namely the fact that just the NXT was stolen when there were a number of other accounts to pillage.  That suggests to me that the theft was not simple snatch and grab, but an attack on NXT itself and what it represents.  The actions and reactions (or the lack thereof) on the part of Bter make the situation even more suspect.

NXT has resumed trading on Cryptsy and, what do you know, the price hasn't crashed.  So whatever was meant to happen via the events of yesterday has failed to manifest.

How about this: If we are so intent on controlling future goings on regarding NXT, how about effecting, in whatever manner the community can, the de-listing of NXT from the Bter market, assuming it survives, which I have a strong suspicion it will do quite handily in spite of the contrition.

NXT Acct: NXT-6FC9-DGWA-XHFN-765BS
« Last Edit: August 18, 2014, 01:44:08 am by rstanaford »
Logged

skycontroller

  • Jr. Member
  • **
  • Karma: +39/-9
  • Offline Offline
  • Posts: 49
    • View Profile
Re: The Reorg: Postmortem
« Reply #48 on: August 16, 2014, 04:12:10 pm »

NXT has resumed trading on Cryptsy and, what do you know, the price hasn't crashed.  So whatever was meant to happen via the events of yesterday has failed to manifest.

dude Nxt can't be deposited on Cryptsy... its NXT deposits are broken. please check the other exchanges and see what's happening... it's nasty. one can clearly see where its going :/
Logged

rstanaford

  • Jr. Member
  • **
  • Karma: +8/-1
  • Offline Offline
  • Posts: 37
    • View Profile
Re: The Reorg: Postmortem
« Reply #49 on: August 16, 2014, 04:14:32 pm »

NXT has resumed trading on Cryptsy and, what do you know, the price hasn't crashed.  So whatever was meant to happen via the events of yesterday has failed to manifest.

dude Nxt can't be deposited on Cryptsy... its NXT deposits are broken. please check the other exchanges and see what's happening... it's nasty. one can clearly see where its going :/
It makes sense that deposits would be blocked because we aren't sure where the stolen funds might be able to go, but I just traded BTC for NXT and the price had been stable at around .000064.

NXT Acct: NXT-6FC9-DGWA-XHFN-765BS

Logged

crimi

  • Hero Member
  • *****
  • Karma: +122/-11
  • Offline Offline
  • Posts: 863
    • View Profile
Re: The Reorg: Postmortem
« Reply #50 on: August 16, 2014, 04:19:43 pm »

I did a deposit cryptsy worked.
Logged

Brangdon

  • Hero Member
  • *****
  • Karma: +229/-25
  • Offline Offline
  • Posts: 1389
  • Quality is addictive.
    • View Profile
Re: The Reorg: Postmortem
« Reply #51 on: August 16, 2014, 06:53:23 pm »

Forgive me, gentlemen, but how would AC have mitigated the theft in the  case of Bter?   If I understand correctly, this was not some kind of side-window intrusion where something was faked or spoofed, the attacker walked through the front door and manipulated the wallet directly.
As I understand it, with AC account restrictions are applied even to the account owner, so would defend against a hacker having the password. A restriction like only being able to move 10% of the account's balance per day would have limited losses. A restriction like only being allowed to move funds between 9am and 10am would have made the attack much harder to pull off.

Quote
And how is this indicative of NXT "needing to be fixed"?
The issue isn't specific to Nxt. With all crypto-currencies, you are your own banker. People seem to need help with that.

Quote
The problem is you can't fix stupid.
There are changes that can help.

Quote
NXT has resumed trading on Cryptsy and, what do you know, the price hasn't crashed.  So whatever was meant to happen via the events of yesterday has failed to manifest.
It's early days.

Quote
How about this: If we are so intent on controlling future goings on regarding NXT, how about effecting, in whatever manner the community can, the de-listing of NXT from the Bter market, assuming it survives, which I have a strong suspicion it will do quite handily in spite of the contrition.
What would that achieve? How can we know other exchanges aren't equally foolish? I'd like to think Bter has learnt from the experience. Now they've been bitten once, they are less likely to be bitten again than other exchanges. Let's not forget the times Bter has helped our community in the past.
Logged

rstanaford

  • Jr. Member
  • **
  • Karma: +8/-1
  • Offline Offline
  • Posts: 37
    • View Profile
Re: The Reorg: Postmortem
« Reply #52 on: August 16, 2014, 08:01:34 pm »

Forgive me, gentlemen, but how would AC have mitigated the theft in the  case of Bter?   If I understand correctly, this was not some kind of side-window intrusion where something was faked or spoofed, the attacker walked through the front door and manipulated the wallet directly.
As I understand it, with AC account restrictions are applied even to the account owner, so would defend against a hacker having the password. A restriction like only being able to move 10% of the account's balance per day would have limited losses. A restriction like only being allowed to move funds between 9am and 10am would have made the attack much harder to pull off.

Quote
And how is this indicative of NXT "needing to be fixed"?
The issue isn't specific to Nxt. With all crypto-currencies, you are your own banker. People seem to need help with that.

Quote
The problem is you can't fix stupid.
There are changes that can help.

Quote
NXT has resumed trading on Cryptsy and, what do you know, the price hasn't crashed.  So whatever was meant to happen via the events of yesterday has failed to manifest.
It's early days.

Quote
How about this: If we are so intent on controlling future goings on regarding NXT, how about effecting, in whatever manner the community can, the de-listing of NXT from the Bter market, assuming it survives, which I have a strong suspicion it will do quite handily in spite of the contrition.
What would that achieve? How can we know other exchanges aren't equally foolish? I'd like to think Bter has learnt from the experience. Now they've been bitten once, they are less likely to be bitten again than other exchanges. Let's not forget the times Bter has helped our community in the past.
My point regarding advocating the removal of the NXT markets from Bter center around the specific nature of the attack.  There remains some unanswered and very important questions regarding how Bter has responded, its general silence, how the attack occurred, and, especially, why NXT was they only currency absconded with.  That, in effect, suggests to me that the attack was more "personal" in nature, rather than a random crime of opportunity.  And until Bter can satisfactorily answer those questions, then I cannot believe it is acting within the best interests of the community, regardless of the lip service we've seen posted on Bter's behalf within these forum threads.

I feel for those who have been stung by the theft.  I really do.  But I don't deal in emotion.  I deal with reality and though I lost nothing to yesterday's events, as a member of the NXT community, Bter has a lot of work to do to separate itself from the suspicion of being complicit in the crime and absolving its reputation.

If that seems harsh, then, yeah I guess it is.  But we're not talking about jellybeans.  We're talking the reputation of a currency of untold potential, which I am jealous of and wish to see protected.  In addition, we're talking about real money, for which I play for keeps.

And if Bter is unwilling or able to come clean with some hard facts and good answers to important questions, then I will see it buried as a reputable entity for doing business.  Sure, MGW and secureAE will help in making much of that risk trivial, but until we get those crates off of the ground, we as a community need the help and support of entities interested in more than the apparent cutting of NXT off at the knees because its only sin is that it's too innovative.

NXT Acct: NXT-6FC9-DGWA-XHFN-765BS
« Last Edit: August 18, 2014, 01:47:23 am by rstanaford »
Logged

rstanaford

  • Jr. Member
  • **
  • Karma: +8/-1
  • Offline Offline
  • Posts: 37
    • View Profile
Re: The Reorg: Postmortem
« Reply #53 on: August 16, 2014, 09:08:23 pm »

And regarding the price of NXT, sure "the days are young", but there has been sufficient time to "dump and run", if that was the order of the day.  But just last week, NXT was trading as low as .000052, so until it drops well below .00005, then it's business as usual, as far as I'm concerned, apart from what has been already depressing the price down from .000085 just two weeks ago.

NXT Acct: NXT-6FC9-DGWA-XHFN-765BS

Logged

Brangdon

  • Hero Member
  • *****
  • Karma: +229/-25
  • Offline Offline
  • Posts: 1389
  • Quality is addictive.
    • View Profile
Re: The Reorg: Postmortem
« Reply #54 on: August 23, 2014, 01:08:21 pm »

My point regarding advocating the removal of the NXT markets from Bter center around the specific nature of the attack.  There remains some unanswered and very important questions regarding how Bter has responded, its general silence, how the attack occurred, and, especially, why NXT was they only currency absconded with.
As I understand it, only NXT was stolen because only Nxt uses a brain-wallet. The hacker got access to one password, which Bter had used in several places, including for their Nxt account. Even if they also used it for their Bitcoin wallet, the hacker could not have stolen BTC because he did not get access to the corresponding wallet.dat file.

Brain wallets are uniquely vulnerable. They just are.

And regarding the price of NXT, sure "the days are young", but there has been sufficient time to "dump and run", if that was the order of the day.
Oh, sure. But even back then, it seemed more likely to me the hacker would hold onto the funds for a while. For example, until Nxt gets the technology to launder them. The longer they wait, the more the NXT will be worth. Probably the 8.3m they kept will end up being worth far more than the BTC ransom.
Logged

wesley

  • Hero Member
  • *****
  • Karma: +204/-3
  • Offline Offline
  • Posts: 1159
    • View Profile
Re: The Reorg: Postmortem
« Reply #55 on: August 23, 2014, 01:19:01 pm »

My point regarding advocating the removal of the NXT markets from Bter center around the specific nature of the attack.  There remains some unanswered and very important questions regarding how Bter has responded, its general silence, how the attack occurred, and, especially, why NXT was they only currency absconded with.
As I understand it, only NXT was stolen because only Nxt uses a brain-wallet. The hacker got access to one password, which Bter had used in several places, including for their Nxt account. Even if they also used it for their Bitcoin wallet, the hacker could not have stolen BTC because he did not get access to the corresponding wallet.dat file.

Brain wallets are uniquely vulnerable. They just are.

And regarding the price of NXT, sure "the days are young", but there has been sufficient time to "dump and run", if that was the order of the day.
Oh, sure. But even back then, it seemed more likely to me the hacker would hold onto the funds for a while. For example, until Nxt gets the technology to launder them. The longer they wait, the more the NXT will be worth. Probably the 8.3m they kept will end up being worth far more than the BTC ransom.

Nope, according to hacker messages (see the messages on the blockchain) there was between 300-500 BTC theft too.
Logged

Brangdon

  • Hero Member
  • *****
  • Karma: +229/-25
  • Offline Offline
  • Posts: 1389
  • Quality is addictive.
    • View Profile
Re: The Reorg: Postmortem
« Reply #56 on: August 23, 2014, 01:41:10 pm »

Nope, according to hacker messages (see the messages on the blockchain) there was between 300-500 BTC theft too.
I just re-read the 40 or so pages of messages, and I can't see any mention of BTC being hacked. When BTC are mentioned, its in connection with ransom money. For example, "return the nxt. not worth it. you can keep the 100btc from bter." is talking about 100 BTC that Bter sent early on. If I'm missing something, please provide a link, because I would like to be clear about this.
Logged

Come-from-Beyond

  • Hero Member
  • *****
  • Karma: +794/-671
  • Offline Offline
  • Posts: 4013
    • View Profile
Re: The Reorg: Postmortem
« Reply #57 on: August 23, 2014, 03:20:35 pm »

Nope, according to hacker messages (see the messages on the blockchain) there was between 300-500 BTC theft too.
I just re-read the 40 or so pages of messages, and I can't see any mention of BTC being hacked. When BTC are mentioned, its in connection with ransom money. For example, "return the nxt. not worth it. you can keep the 100btc from bter." is talking about 100 BTC that Bter sent early on. If I'm missing something, please provide a link, because I would like to be clear about this.

It doesn't make much sense to buy stolen bitcoins for bitcoins.
Logged

nexern

  • Sr. Member
  • ****
  • Karma: +83/-11
  • Offline Offline
  • Posts: 496
    • View Profile
Re: The Reorg: Postmortem
« Reply #58 on: August 23, 2014, 03:32:07 pm »

Nope, according to hacker messages (see the messages on the blockchain) there was between 300-500 BTC theft too.
I just re-read the 40 or so pages of messages, and I can't see any mention of BTC being hacked. When BTC are mentioned, its in connection with ransom money. For example, "return the nxt. not worth it. you can keep the 100btc from bter." is talking about 100 BTC that Bter sent early on. If I'm missing something, please provide a link, because I would like to be clear about this.

the hacker stated that he has 'cleaned' the whole exchange with 500 BTC whatever this means.

msg. #47

http://nxtexplorer.com/nxt/nxt.cgi?action=3000&acc=1244396688755618309&switch=900
Logged

Brangdon

  • Hero Member
  • *****
  • Karma: +229/-25
  • Offline Offline
  • Posts: 1389
  • Quality is addictive.
    • View Profile
Re: The Reorg: Postmortem
« Reply #59 on: August 24, 2014, 10:39:00 am »

the hacker stated that he has 'cleaned' the whole exchange with 500 BTC whatever this means.

msg. #47

http://nxtexplorer.com/nxt/nxt.cgi?action=3000&acc=1244396688755618309&switch=900
You mean this: "So, what taking so long? Send me the next batch already. I'm going to leave soon. It's already 2 hours of negotiation, it took me 1 hour to clean your whole exchanger. BTC 500 I'm not going to sit here, and wait 2 more hours for you to decide to send the lousy 10 BTC."?

I take that to be a demand for BTC 500. His punctuation isn't great, but there is a full stop after "clean your whole exchanger". He's not happy with the 10 BTC he's been sent, and he's demanding 500.

It doesn't make much sense to buy stolen bitcoins for bitcoins.
True. I don't think we can infer whether he stole bitcoins from that, though.
Logged
Pages: 1 2 [3]  All
 

elective-stereophonic
elective-stereophonic
assembly
assembly