Thanks for your support. Unfortunately, I cannot reveal my sources.
He's just posting a garbled rewrite of
this post on Reddit. nullc has access to the same facts as me. His post is more into the actual technical details of the exploit. The intention of my post is to bring this topic to higher level because the concept itself is a real problem that exchanges should be aware of.
not really.
its just that mtgox instead of looking at their coins just looks if the tx they have created goes through - and only in that case subtracts some kind of internal balance.
i dont think any other service works this way. just crappy coders there.
but you may be right that this could be used to steal btc from gox. but i dont know if mtgox actually refunded tx which they think did not get through (but did because of the changed txid).