As I understand it, you can try to disable 2FA and withdraw your deposit through an email confirmation

going by TA and numbers im sure it invalidates the hell out of everything but after all... this is bitcoin so who knows

20 days and/or more than 50% of cup only may harm bullish c&h figure.

Long term downtrend has been broken - that is my main point. Even if c&h will fail, I think we may see only prolonged sideways action what I call silence phase.

Only move below 210 may seriously harm bullish outlook. Weekly picture is pretty bullish so far. Or at least it is not bearish.

End of first historical bullish trend 2010-2013.

The Great Bitfinex Game!

1) Bitfinex will pay a bounty of 1 BTC for anybody that comes out with an idea that actually makes sense in order to improve our liquidity on Bitstamp
2) Anybody that will post an idea that is flawed, doesn't make sense, will never work for the reasons I will be honored to explain or just say things like " why don't you transfer to Bitstamp more money if 2 millions a day is not enough" will have to pay 1 BTC cent to the address:
1J14J1ZR11CsFKXyhneXpfVBp34ovQuh7C

All the coins collected by this game will be donated to www.seansoutpost.com , a homeless outreach in Florida accepting bitcoins.



Giancarlo
Bitfinex Team
 

What's the best way to organize a boycott / raise awareness?

Well it's officially a scam now:


The OP shows both OTP and Yubikey enabled.

End of story for me.

You can always do a MITM, man-in-the-middle attack:
The trojan intercept the OTP, yubikey-code, sms-code, whatever, when it is used by the user. Then it either uses it to directly steal the funds, or, a bit more clever, to deactivate the yubikey. Then it redoes the action the user intended to do with the code, since then there is no yubikey needed any more.
Even addidional layers of security may not help once your computer is infiltrated. How about stealing that additional mail right out of the mailclient? How about faking the whole MtGox site and stealing/relaying/editing at will? That additional layer might even put the user in a false sense of security.

Only one thing really helps: Transactional dependend one-time-codes. I have that on my onlinebanking, for example. I create my wire transfer, this creates a unique "challenge", which is read (via flicker-code, think animated QR) by my tangenerator. This one displays the address and amount to transfer for verification, and creates a response-code. The device can't be hacked (reasonably), as it is very low-level and has no connection whatsoever except a flicker-sensor. If the data is manipulated on my computer at any point, either the display on the device will show it, or the generated response code will not match and will not work.
This is, until now, the only system I am aware of which is failsafe (as long as you watch the display).

This is slightly OT I guess.
Long story short:
MtGox, Yubikey, Google Authenticator, they all are pretty much useless once a dedicated software owns your computer.

Ente

When I pumped BTCs into my account, my intention was to day trade. And I was day trading fairly well up to this point. I never had the need to withdraw any funds from my Mt. Gox account.


If this was really malware on my PC, the logs would not show the Chinese ip address of 60.166.242.186 accessing my account. After all, wouldn't it be more legitimate to simply use my own ip address to access my account?

The notion that I just 'sat' on my Yubikey sent to me by Mt. Gox is just silly. I had no other use for this piece of junk. I wish I had the wisdom to save some of the images I posted so I could use it to catch Mt. Gox on an inconsistently later but I think this is the end of the line for me on bitcoins. Now that I can't trust the largest BTC exchange, I think I'm done here. Although this might sound harsh to some, I won't be trying any other alternative cryptocurrencies since I see bitcoin as the gold standard. If I can't invest in bitcoins, I definitely can't invest in other alternatives.

Thanks for anyone that helped and believed in my case. I will be pursuing this case a bit further with my local police department but that will be it.

Okay, so you deny the allegations. This is going to get messy; Mark could certainly post the logs but it is still effectively his word against yours. He is saying you did not have 2FA enabled at the time of the 'heist'.

You should both now post logs. You can use the API to get info about the account (idk how much): https://data.mtgox.com/api/1/generic/private/info

This would work best if you both posted them at the same time. Perhaps you can upload them somewhere, keep the link private and share it once mark posts logs on his end.

I'm out $4,000 but what else can I say to prove my case against the CEO himself? $4,000 might not seem like a lot to the wealthier folks but it is a lot to me. Why would I just sit on my Mt. Gox Yubikey that they sent me and never use it until now?  I have also sent Mt. Gox my real personal info to get the verified account so they should know me very well. The only argument I can make if this CEO keeps falsely claiming that I didn't use my Yubikey is this:

"When you think about it, the IP address that stole my coins was from China and I am based in the US. Any half decent business would find this to be a red flag and delay the withdrawal. Maybe Mt. Gox is deliberately letting these glaring red flags slide? "

I'm posting to follow this thread, I see three options:
- OP activated his 2fa after the "hack" and used a Chinese proxy/henchman to "steal" his own funds and double up on mtgox
- OP activated his 2fa after the "hack" and plays possum insisting that they were enabled before the theft
- A real hacker disabled 2fa and enabled it back somehow, allowing the theft and only mtgox can tell

I seem to recall reading here or on some bitcoin website that MtGox has bought out some small bitcoin businesses and people were complaining that they did this instead of fixing core issues, but now I can't find the link. Does anyone else remember reading the same thing?