Saturday, February 15, 2014

Mt Gox update February 15 , 2014 - Mt. Gox has stopped bitcoin deposits and all internal bitcoin transfers for a short site maintenance update, roughly from 6pm to 12am Japan time on 15th February , the exact situation regarding bitcoin withdrawals still unknown , another update will be released Monday ......... New Jersey Case Could Set Restrictive Precedent for Bitcoin Businesses ........ The Mysterious Case of 1 Satoshi Transactions Clogging Up Bitcoin Wallets ....... According to California’s current law, Bitcoin and all other digital currencies can now be considered illegal in the North-American state. However, a bill recently sent to the Senate’s Banking and Finance Institutions Committee might be the answer to change that. ......... CoinThief Malware Stealing Bitcoins from Mac Users

68% of Mt. Gox Users Still Awaiting Their Funds, Survey Reveals

 (@joonian) | Published on February 15, 2014 at 18:14 GMT | AnalysisCompanies,ExchangesMt. GoxNewsReviews
CoinDesk poll of nearly 3,000 readers has found that Mt. Goxcustomers have been waiting months for their withdrawal requests to be fulfilled, despite being ‘verified’ or ‘trusted’ account holders. Poll respondents describe frustration with the exchange’s customer service, calling it slow, opaque and providing “canned responses”.
The poll, launched on 4th Feb, discovered that customer requests were long delayed, whether they were in bitcoin or fiat currency.
One incensed customer was Daniel Smith of Stoke-on-Trent, England. He contacted CoinDesk in December to report his frustration with the exchange’s customer service.
Smith does not have a verified account with the exchange, although he still managed to deposit bitcoin to his account there. Because of this unverified account status, his recent attempts to withdraw his currency have been unsuccessful.
After opening several customer service tickets spanning dozens of messages, Smith’s tickets were eventually merged and closed. At a loss, Smith made a legal statement with Staffordshire police that he said was being passed on to the “fraud division” to deal with the “theft” of his bitcoin.
Smith is also in contact with a lawyer in Japan to explore legal action. In January, he reported that his account had been “blocked” as was his log-in for customer service tickets. “I cannot receive help requests or log into my account […] Essentially they have taken my bitcoin and have told me to fk [sic] off,” he said.

Breakdown of withdrawal stats

Yet, it appears that Smith isn’t alone. Of the 1,434 readers who responded to the question of whether they were able to successfully withdraw funds from the exchange, slightly less than a third (31.59%) reported successful withdrawals, while 68% said they were still waiting for their funds.

Customers with successful withdrawals were also likely to receive their money quickly. Of the successful withdrawals, nearly half said they received their funds in under a week. About 46% reported receiving their funds within three months. Very few successful respondents – about 4% – said they received their funds more than three months after making the initial withdrawal request.
But for the customers who still haven’t seen their funds, waiting times could stretch for months. Among respondents who were still waiting for their funds (30% of unsuccessful respondents), the median waiting time was between one to three months. Some 21% had been waiting for three months or more, while about 48% had been waiting for less than a month.

What were the factors that affected successful withdrawal rates? When we filtered the poll results for respondents who had ‘verified’ or ‘trusted’ accounts with Mt. Gox (ie they had submitted identification documents and been approved by the exchange) around 69% were still waiting for their funds.
This is in line with the overall proportion of respondents with unsuccessful withdrawal requests. So, it appears that verification did little to improve their chances.

Respondents trying to withdraw BTC from the exchange appeared to improve their chances of success.
Successful respondents increased by about 6% for BTC withdrawals. But withdrawals in fiat currency (defined here as US dollars, euros, Chinese yuan and Japanese yen) reduced the chances of a successful withdrawal by about 3%.

Some instant withdrawals

However, some respondents did report smooth withdrawal transactions at Mt. Gox.
Some 11 individuals who responded with descriptions of their transactions at the exchange described the withdrawal process as “instant” or completed within days. All these respondents had made bitcoin withdrawals.
Nevertheless, even among this group of successful respondents, there were hiccups. One individual reported withdrawing 100 BTC in early February that arrived in his wallet outside Mt. Gox “instantly”. However, two days later, a withdrawal request for an identical amount of bitcoin did not appear.
Another respondent reported a similar experience, withdrawing 14 BTC in mid-January which was transferred instantly, but then failing to receive a transfer of 1.405 BTC that was withdrawn in the first week of February.
The amount was refunded to his Mt. Gox account four days after a support ticket was created. The respondent then made a withdrawal request again and the amount was instantly transferred outside the exchange.
“Very glad to have got the BTC back and would like a detailed, transparent explanation of the problems they’ve been having,” he wrote.

Support-ticket frustration

Respondents were most frustrated with the way Mt. Gox had handled their support tickets. Several users voiced their suspicion that the exchange was using generic, automated responses to mollify angry customers. One respondent noted:
“Tried to withdraw BTC and failed, never showed up in my wallet. Opened a support ticket, after a week, they send me a message apologising for the long wait times […] they were completely non-responsive to the issue and my questions. I think it was some sort of robot auto-responder designed to make people give up, go away, and abandon their bitcoins at Mt. Gox. Not acceptable!”
Another respondent who tried to withdraw 4.5 BTC complained that his support ticket didn’t get a response from the Tokyo-based exchange. Additionally, he was unable to contact a customer service representative through the exchange’s live chat feature:
“Zero response from Mt. Gox. There is never an available ‘online agent’. I logged a support ticket when I noticed [my transaction] was not in the block chain.”

The 5% queue-cutting fee

Of the 569 respondents who wrote up descriptions of their Mt. Gox experience, eight mentioned that the exchange had offered to speed up the processing of their withdrawal requests for a fee of 5% of the transaction amount. Mt. Gox’s FAQ for withdrawals and deposits does not mention a 5% fee for quicker withdrawals.
One respondent wrote that his experience with Mt. Gox was “completely maddening”, having taken him three months to withdraw fiat currency. According to the respondent, the exchange offered to move him to the head of its transaction queue if he paid a fee of 5% on top of his withdrawal amount. The respondent was attempting to withdraw $200,000.
“Their support responses were full of false promises that the withdrawal would be processed ‘shortly’ due to vague ‘delays’ and ‘issues’.”
Another respondent, who attempted to withdraw $44,000 and 1,951 BTC on two occasions, was also given the option of paying the 5% fee to speed up the withdrawal process:
“Mt. Gox has become a nightmare. To receive timely support requests from them is like performing major surgery on oneself […] they delayed over five weeks on USD withdrawal requests without explanation, only ‘offering’ me to pay a 5% fee to ‘expedite’ the procedure,” the respondent wrote.

Combatting opacity

The major complaint that customers had about the exchange was its transparency, or lack of it.
Many respondents didn’t know if their withdrawals were being processed, how long it would take or how much it would cost to ultimately receive their funds. Customer service tickets were routinely closed before problems were resolved, and many people had trouble getting hold of ‘live’ agents.
In the wake of the recent DDoS attacks and withdrawal delays, the backlash to Mt. Gox has stepped up a gear, with angry customers moving from online forums to live demos and petitions demanding greater transparency from the exchange.
Although Mt. Gox has been confronted several times, the exchange is yet to publicly address the reason behind the long delays.

Mt Gox still making bank while their customers  bitcoins and fiat is locked up ! 

jt3lHXH.png (908×497)

Dear Mt. Gox Customers,
In order to implement our solution to the “transaction malleability” issue being faced by bitcoin exchanges and businesses, we are going to have a 6-hour downtime on all bitcoin deposits and internal bitcoin transfers in addition to the current pause on bitcoin withdrawals. Trading will otherwise still be open as usual.
Maintenance Schedule (approximate):
6pm ~ 12am JST (February 15th)
The above downtime period is approximate: it may be shortened or lengthened as required. Once the implementation is complete customers will again be able to deposit bitcoin, but we will be doing extensive testing before bitcoin withdrawals are reactivated. We will publish an update on the situation on Monday . have implemented changes to address the malleability issue. Our solution should work in the short term, while a longer-term solution is being discussed with the Bitcoin Core Dev team and the Bitcoin Foundation. We are also discussing this with other exchanges and businesses.
Thank you for your support during the maintenance, and we will update you on the progress shortly.
Best regards,
MtGox Team

    Mt. Gox Announces Downtime for Bitcoin Deposits

     (@southtopia) | Published on February 15, 2014 at 11:15 GMT | CompaniesExchanges,Mt. GoxNews

    Mt. Gox has stopped bitcoin deposits and all internal bitcoin transfers for a short site maintenance update, roughly from 6pm to 12am Japan time on 15th February.
    According to a notice posted on Gox’s News page, the downtime is part of its implementation of a solution to the ‘transaction malleability‘ issue that has seen the exchange halt all external bitcoin withdrawals and face criticism from some sectors of the bitcoin economy.
    The downtime probably won’t affect too many users. With Mt. Gox’s bitcoin price now hovering around the $342 mark (at least $300 below the CoinDesk BPI) and the exact situation regarding bitcoin withdrawals still unknown, it’s not very likely people are trying to move coins into the exchange right now. Internal transfers can probably also wait a short while.
    The announcement continued that the 6-hour timeframe was approximate only, and could be shortened or lengthened if required. It also said the new system would need to have “extensive testing” before bitcoin withdrawals could begin again, and that a further update would be published on Monday (17th February).
    It also mentioned that other exchanges have taken their own steps to address the transaction malleability issue, which CEO Mark Karpeles claims is a serious flaw in the bitcoin protocol. The issue was first noticed in 2011 but was not considered a high priority by bitcoin’s core developers – at least until Mt. Gox’s current problems began.
    “ have implemented changes to address the malleability issue. Our solution should work in the short term, while a longer-term solution is being discussed with the Bitcoin Core Dev team and the Bitcoin Foundation. We are also discussing this with other exchanges and businesses.”
    Other exchanges have posted statements saying they are not affected by transaction malleability, though Bitstamp, one of the world’s most popular exchanges, also briefly halted bitcoin withdrawals after a “massive and concerted” DDoS attack affected it and numerous others. It has since resumed regular operations.

    New Jersey Case Could Set Restrictive Precedent for Bitcoin Businesses

     (@pete_rizzo_) | Published on February 14, 2014 at 21:35 GMT | CrimeMiningNews

    Though we have only hints at what regulation could result from last month’s NYDFS hearing in New York, members of both sides largely agree the dialogue did much to improve relations between New York regulators and the bitcoin community.
    Despite the steps forward, however, recent actions taken by the state’s southern neighbor New Jersey suggest that US law enforcement is going the extra mile to try and prevent any potential bitcoin threats, no matter how dubious.
    In a controversial move, the New Jersey Division of Consumer Affairs issued a subpoena this December against Jeremy Rubin, a 19-year-old bitcoin developer and MIT student, who, along with three other students, has created an innovative computer code called Tidbit.
    Tidbit would allow web surfers to put their computer power toward bitcoin mining, providing a website with the proceeds of this activity in exchange for the ability to view content without advertising.
    New Jersey doesn’t quite see the innovation, and the implications of its potential victory in court could have an impact on the wider bitcoin business community.
    The Electronic Frontier Foundation, which is representing Rubin, told CoinDesk:
    “The precedent that [it] would set is to validate the authority of a state to investigate and regulate conduct taking place online and outside of the state’s borders.
    That means Bitcoin innovators will have to be very careful with what they do and understand that there is going to be scrutiny into their activities.”

    Necessary action?

    The subpoena isn’t just asking introductory questions about Tidbit.
    Rather, law enforcement officials have moved aggressively to prompt Rubin to turn over all of Tidbit’s assets, including its source code, related bitcoin wallets, agreements with third parties, as well as the name and IP addresses associated with its development team, all of whom are undergraduates at MIT. Though, it should be noted it stopped short of accusing Rubin of criminal wrongdoing.
    Looking more closely at recent headlines from the state, the action may not be surprising. Last November, E-Sports Entertainment settled for $1m after it was accused of using malicious software code to illegally mine bitcoin on the computers of state residents.
    At peak power, the company was able to take control of 14,000 computers without users’ knowledge and generate $3,500 in profits over two-week span. It was eventually accused of violating the New Jersey Consumer Fraud Act and the New Jersey Computer Related Offenses Act.
    Indeed, the language of the Tidbit subpoena suggests this interpretation as it asks Rubin to turn over “all documents and correspondence concerning all breaches of security and/or unauthorized access to computer”.
    Comparisons between E-Sports’ botnet program and Tidbit’s mining program certainly exist, but the accusations against Tidbit are particularly puzzling to many for one reason.
    As Rubin has noted in an interview, Tidbit is incomplete, in part so the terms and conditions of its use under the law could be established. Further, he says no one has ever used the program to mine bitcoin.

    Mounting a defense

    Initially developed at the Node Knockout Hackathon, where it won a prize for innovation, Tidbit was lauded for its out-of-the-box thinking to a problem that has long dogged the Internet, a dependance on advertising.

    While I don't understand New Jersey's case against Tidbit, I'm sad that the US wants innovation to happen elsewhere

    The Mysterious Case of 1 Satoshi Transactions 

    Clogging Up Bitcoin Wallets

     | Analysis

    Many Bitcoin users have been reporting mysterious 1 satoshi (0.00000001BTC) transactions being sent to their wallets. The transactions are being sent from vanity Bitcoin addresses beginning with "1Enjoy" and "1Sochi," and theories behind the transactions range from it being a new kind of spam, to an attempt to bloat the blockchain, to an effort to attack Bitcoin addresses to people, to it merely being a test.
    The earliest reference to such transactions I've been able to find date back to October, 2013, but there has been a sharp escalation in the last several days. I've personally received a score or more of them, including these three recent transactions to a wallet on
    Three 1 Satoshi Transactions - Unconfirmed
    There are three addresses sending me these transactions:
    Note that all three transactions are unconfirmed. This means that the blockchain (i.e. Bitcoin miners) are ignoring these transactions. This is because of their size—0.00000001BTC, which is worth US$0.0000066211. That's a little more than 6/10,000 of a penny, or dust, as it's called.
    Currently, the minimum transaction that is likely to get confirmed is 5,430 satoshis, or 0.0000543BTC, more than 5,000 times this useless dust, and that doesn't include the transaction fee. That's why many of the Bitcoin faucets I've been testing have minimum cashouts of 5800 satoshis or more.
    What I've experienced, and what many other Bitcoin users on various forums have reported is that these transactions "fail" after a few days and disappear from your wallet. The question is, however, why were they sent in the first place?
    We don't know the answer to that question, but there are several theories.
    The first theory is that these transactions are intended as spam. This goes back to some of the earliest reports, where the Bitcoin address used to send the satoshi traced back to one gambling site or another. The thought is that the spammers are counting on some recipients being gamblers who will then follow the trail, discover a gambling site, and deposit Bitcoins on that site.
    That's pretty reasonable for addresses that trace back to a known site. It's essentially free advertisingbecause the transactions will never go through and the spammers get their Bitcoins back.
    Thought of in another way, one Bitcoin—worth $662.11 as of this writing—can send out 1 million of these transactions. If 1 percent of them went through (they wouldn't), that would cost the spammers $6 and change, on par with email spam.
    The problem is that this theory only covers transactions that trace back to a known site, service, or something, anything, identifiable. In the case of the three address above, what exactly are they spamming? The Sochi Olympics? Is it Coca Cola with a super stealth campaign to Enjoy [Coke]? I doubt either, to say the least.
    Bloat Attack
    Another theory is that this is an attempt to bloat the blockchain and slow down the network. If so, it's a terrible idea, at least on the scale that it is being done now. The network can handle these transactions, and in fact, it largely ignores them.
    Who Are You?
    A far more intriguing idea is that these transactions are designed to map out who owns what address. Think NSA, CIA, that hacking team run by the Chinese military, or whatever the heck the Russians are doing these days.
    Under this scenario, nerdspooks harvest addresses from the blockchain (remember that any address that has received Bitcoin is known publicly on the blockchain), send out these transactions and then look to see who complains about it on, reddit, or this very site.
    Those who include their address in their comment/post/complaint will then be outed, and MUHAHAHA! A tiny corner of the map gets filled in. It's a fiendish plan that might have been designed by this guy:
    It's nonsense, and I don't buy it.
    Testing, Testing, 1, 2, 3
    The theory that I like the most is that we're seeing some kind of test from either a commercial spamming organization or one of the world's intelligence organizations. I have no idea what exactly is being tested, but in that no other idea makes any sense, I'll settle for this one.
    Should You Worry?
    It's important to note that receiving one of these transactions means little or nothing. There is nothing that he sender can get from you, including information, by sending you a satoshi. As noted above, every Bitcoin wallet address that has ever received (or sent) Bitcoins is already publicly known, and they had to already have harvested even that from the blockchain before they sent you the satoshi.
    That's part of the point of Bitcoin. The anonymity of the cryptocurrency comes from the fact that while the transactions are public, the owners of an address are not.
    The reality is that the transaction will simply go away, and there is no discernible threat in receiving one. I spoke to a pool operator about this, and he was utterly unconcerned about this issue. I recommend the same attitude for normal users, too.
    There was a clever piece of open source software released in December called dust-b-gone. As of this writing, it's Windows only, but what it does is collect all the dust out of a Bitcoin-QT wallet (a client-side wallet), and then bundle them into one transaction that is essentially sent to miners in the form of transaction fees.
    That serves the handy purpose of keeping the spammers/attackers/testers from getting their Bitcoins back, while rewarding the miners who process all of the transactions.
    I don't run a wallet on Windows, or I'd try out dust-b-gone. If these transactions persist, I'm hoping a Mac developer ports the software or develops something similar for Mac users.
    It would also be nice if online wallets like or Coinbase developed a tool that allowed users to do something similar on server-side wallets.

    Bill wants to make cryptocurrencies fully legal 

    in California

    According to California’s current law, Bitcoin and all other digital currencies can now be considered illegal in the North-American state. However, a bill recently sent to the Senate’s Banking and Finance Institutions Committee might be the answer to change that.
    The document titled “AB-129 Lawful money: alternative currency” – which intends to amend the Section 107 of the Corporations Code – was firstly introduced about a month ago by California State Assembly member and chairman on Banking and Finance, Roger Dickenson. According to Bitcoin Magazine, the bill specifies that “current law which bans the issuance or circulation of anything but lawful money of the United States does not prohibit the issuance and use of alternative currency“.
    The most recent action stated on the bill’s amendments indicates that it was sent to the Senate’s committee on February 6th, not long after it was unanimously approved by the local assembly on January 29th with 75 positive votes and zero negative. The remaining five  voted present/not voting.
    The official bill analysis states that the document clarifies “changes to current law to ensure that various forms of alternative currency such as digital currency, points, coupons, or other objects of monetary valuedo not violate the law when those methods are used for the purchase of goods and services or the transmission of payments“.
    Besides, the bill also appears to recognize Bitcoin as a token of freedom since the analysis considers ‘community currencies’ “a form of political protest as some communities that use such currency do so in protest of the United States monetary policies, or large financial institutions”. Still, the bill specifically does not make Bitcoin similar to legal tender because it prohibits a person “from being required to accept alternative currency”.
    This new step towards acceptance follows the strange cease-and-desist order sent in mid-2013 by California’s Department of Financial Institutions to the Bitcoin Foundation. The order accused the organization of conducting money transmission activities in the state without the proper licenses.

    CoinThief Malware Stealing Bitcoins from Mac 


    Posted 13 hours ago 

    A trojan called CoinThief is stealing tens of thousands of dollars worth of BTC from unsuspecting Mac users.
    A trojan called CoinThief is stealing tens of thousands of dollars worth of BTC from unsuspecting Mac users.
    Contrary to popular belief, Macs do in fact get viruses. It’s just that 91% of the world uses Windows while only 7% of the world uses OSX (The remaining percentage uses Linux). As such, virus makers have more incentive to create malware for Windows, because it simply makes sense to target the majority of computer users. This is generally great news for Mac users, since they remain virtually virus free. However, it can make them pretty complacent about security, and when a Mac virus does come along, it causes a lot of havoc.

    The implementation of stealth addresses for Mac that I tweeted about last week turned out to be wallet-stealing malware. Crap.