Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Service Announcements
Re: [Payout Updates] Bitcoinica site is taken offline for security investigation
by
xeerog
on 16/06/2012, 09:51:05 UTC
Hello angry mob,

I've been silently lurking around and watching these discussions for awhile and like many of you I'm waiting for my medium-sized bitcoinica balance to be sent back.  I just want to throw a few ideas out there.

I have to point one thing out.  Bitcoinica got hacked I think twice before this last fatal blow, and despite that I decided to maintain some money in there.  In assessing the risks, the big things that stood out were that it would be hacked again in a much more serious manner (like what happened), or that there would be some sort of government action that would kill bitcoin and/or shut down bitcoinica without being able to get the money out, or that the bitcoinica operator would simply run with the money like so many others have.  Of course I wasn't hoping for those things to happen, but given where bitcoin's at, given I knew bitcoinica was run almost entirely by one guy who got hacked already, they were serious risks to consider.  I was tempted by the interest rates, and the leverage, to put much more money in, but I held back due to those risks.

Now that's no excuse, of course, for the things they've done horribly wrong.  I have my own consumer-facing services out there not related to bitcoin or any financial mechanism, and even though there's nothing remotely as valuable as a bitcoin wallet there, I put in a few days investment to have database backups at multiple sites, multiple companies, etc.  It's one of many disaster recovery techniques bitcoinica failed at horribly.  The cost/benefit of doing that is a no-brainer.  Even with no hacker, rackspace could have burned down or shut down and had the same result as what we've seen.

And obviously PR and customer service are not in the DNA of any of the parties that now seem responsible at bitcoinica at this point.  Over and over customers have asked for detailed email status updates, for example.  There are services that can send such mass emails, and they are very cheap and easy to use, and abide by the anti-spam laws by allowing people to unsubscribe etc.  The amount of cost and work to set such a thing up and push emails out daily is miniscule and would have done wonders to keep some trust in this crew.

But one thing that seems clear as that these guys are at least working hard to sort this out.  I could be putting my bitcoinica-held money to work in all kinds of ways, and I don't know if I'll ever get it back.  But given the daunting task they face, I'm really not sure what they could be doing better, in terms of processing claims.

So I have to ask -- what could they be doing better in terms of sorting out claims? Granted their communications about the process are horrific in their deficiencies, and the database loss was unforgivable...

but going forward, in terms of actually figuring out who gets what, if anything, what could they be doing differently? They are collecting passwords where they can validate em, trying to match up old records, trying to consider identification, and trying to do it for thousands(?) of users when they have a couple of people who can actually be trusted to work on it, also while they are in the middle of an operational transition of some sort that internally has seemed to have caused a big lack of agreement about who is in charge of what.