Your centralized services on vericoin.info are woefully insecure.
The debian 6 server running the site has not been hardened, you can login as root over ssh. There are many many more problems but I don't want to divulge too much as it could hurt a lot of people. The developer can send me a message if they want to talk about this in private.
Yea... ok. VeriBit/VeriSend are hosted on a Windows server.
They are not hosted on a windows server, that is not what I said. They are clearly hosted on debian running a legacy version of apache. I would be even more worried if they were actually on a windows server.
Edit: I'm not trying to spread FUD here, this is a very serious concern with how much money is being pumped into this economy. I'm worried about the alt-currency community more than the price of any individual coin. You can see that from my post history.
This is part of the reason I don't understand quite understand the hype around veribit. People are saying it makes things so much easier, but does it really? And at what cost? The cost of security? As far as I understand, all veribit does is exchange VRC for BTC, like any other altcoin can already do on any exchange. Except, with veribit, we are trusting VRC's dev team to handle security on their centralized servers. I am not saying VRC dev's are untrustworthy at all, but I do question whether they are qualified to keep these services secure. As for me, I would far more trust services like Mintpal to securely hold and exchange my altcoins for BTC to then use and make purchases.
The VeriBit servers don't "hold" your coins for more than 5 minutes. After they receive them and get 4 confirms, they send you your BTC. So the user will never lose. If we have a security flaw (which we are getting audited right now), our pot of BTC could be lost. But I don't think that's a concern since the developer running the server works for the cloud computing division of one of the top software companies in the world... and knows his security.