So is there actually no one on these forums that can and is willing to explain in great detail how to go about one of these attacks?
Even if his intentions were not sincere, security through obscurity is a terrible terrible practice. Despicable.
Even if his intentions were not sincere, security through obscurity is a terrible terrible practice. Despicable.
without having access to the source for mybitcoin it's impossible to know what mistakes they made. They've admitted only that they were not waiting for the required number of confirmations before crediting account balance. There are also rumours that they were not even waiting for the transactions to appear in a block at all and merely marking them confirmed when they saw a new block, but I can't honestly believe anyone would code anything that bad.
If you don't like 'security through obscurity' - I recommend you start using one of the open sources exchanges based on intersango e.g. https://intersango.us/ rather than mtgox...
Will
My point was simply that it seemed no one wanted to give the guy a straight answer. And I have an account on intersango.us actually.
My understanding of the Mt.Gox hack is that it was indeed a fake bitcoin hack also, but done in a different way. Although to be entirely honest, I'm not sure how exactly; Mt.Gox didn't really give us a straight answer (they changed their story a few times if I remember correctly).