They don't look out of the ordinary if those blocks were evenly distributed. However, all the blocks were made in a small timeframe. Look at the 17JkL94B2ngJg4QQZuiozDQjnxXB6B7yTc blocks, they were all mined on a single day, same with the 1Gu8zxRi8cyENV8CQe52D7QEsiZ7ruT73u blocks. They were reported within a single day (probably when they were setting it up).That's an odd coincidence.

If they were evenly distributed and not suspicious, the odds of that occuring is somewhere around 1 in 1300 using a binomial CDF. When you consider the total population of miners, odds are some miners would be outliers...

HOWEVER, their mined blocks are not evenly distributed and looks as though they were only mined when starting up.

If those two days are actually the day the addresses were set up and we exclude those mined blocks, the odds are staggeringly low...

For example, let's calculate the odds of mining 0 out of 20 expected blocks:
BinomialCDF( x=ActualMinedBlocks, n=(BitcoinDifficulty*ExpectedMinedBlocks), p=(1/BitcoinDifficulty) )
BinomialCDF( x=0, n=(117565519166*20), p=(1/117565519166) ) = 2.06e-9 (1 in 2 billion)
** Taking the lower P value. Technically n should be multiplied by the difference in difficulty and hashrate (7158278) and p divided by the same, as we actually want to measure hashes not on the bitcoin difficulty, but we ignore this because it's so far out the tail the numbers are similar enough for way too many significant digits, you're still going to get 2.06e-9, I'd rather reduce the chances of typos. We are also assuming difficulty of today, when difficulty was lower before (meaning the p value should be higher; the odds are even more slim).

1 in 2 billion confidence for being representative when mining 0 out of 20 expected is garbage and there's trivial ways to check miner operation, but on pure statistics alone, one can be extremely confident this was not by chance. It's probably even more unlikely if we only calculate the last month for all pools. It's early in the morning for me, so my math might be a bit off (or outright wrong) -- and it's been a while since I took highschool statistics so I'd appreciate if any professional statisticians chimed in as well.

The price difference between without heatsink and with heatsink+fan is 8-9 EUR.

Why not just make a comment in the order to not send a fan if you don't want one?

An extra product type is a massive hassle in fulfillment. To save a couple EUR per board on your money printing machine sounds unreasonable, to say the least.

Be sure to let it be configurable to at least 72+ hours if the user so desires. In financial markets 3 days as a standard clearing time has a particular history and is a standard for many markets, probably because it's 1 full working day plus the 2 weekend days (as people do not pay close attention over the weekend).

It doesn't matter. I'm not talking about theoreticals, the facts you and I know regarding the ownership transfer is slim-to-none and that's one of the fundamental problems. To postulate that he was not paid more than what the company was worth is indicative of illusory self-confidence in knowledge, unless you are privy to non-public facts that have not been disclosed here (if so, I'm sure people that have lost money would love to know).

If I did not make it clear enough, the lack of public knowledge of ownership transfer creates serious potential for negligence claims against Zhoutong (as he has a fiduciary duty to deposit holders). Transfer of a money service to another entity which has different credit risk/security expertise without disclosure, then having the new entity defaulting on debts is an open and shut case of proximate cause, I disagree with the opinion that it's an unlikely avenue of pursuit in the event of actual default.

To reiterate, assuming that Zhoutong has zero involvement with the theft/loss-of-funds, it is in his personal best interests to ensure/advocate that everyone gets paid back in full.

Tort law doesn't work that way. Prior principals can be liable, and there is a mountain of case law in common law jurisdictions where this is the case. If full payout was not returned to deposit holders, then there may be liability due to negligence from a lack of due diligence with the buyer / current owner of Bitcoinica. Further, as you implied, if the seller received compensation significantly higher than the true NPV/MTM of the equity, the difference may likely be subject to legal claims even if Zhoutong acted in good faith if the current owners convinced Zhoutong to sell his company so the current owners can strip/steal all the deposits (as the non-disclosure of the ownership transfer was proximate cause for the loss).

It is in Zhoutong's personal best interests to ensure that Bitcoinica client funds are returned in full if he is not colluding with the present owners, otherwise there will be significant economic incentives for deposit holders to investigate the identity of Zhoutong and all parties involved.

The principle of a clawback is known and given, however there is a de facto legal principle of "Judgement Proof". Namely, if it is impossible to know who the principles involved are (present and former owners of bitcoinica) and/or the location of their funds, it's impossible to secure the proceeds of any judgement. It's become obvious that Zhoutong already understands the risk of a clawback, which is why he seems to have been advocating prompt return of funds to deposit holders for a while (assuming we take his actions at face value and is not colluding with the current "owner").

The reason I emphasized the payment in full and requesting others take a 30% haircut issue is because this may create material liability for the Bitcoin Consultancy people if they were involved in claims processing/payment.

Having friends paid out in full and then requesting that others take a 30% haircut sounds pretty darn illegal in nearly all jurisdictions involved.

Occam's Razor says some shady stuff is going down.

It's fairly obvious that the money should've been returned to bitcoinica deposit clients a long time ago. It doesn't take this long to verify account information. Zhoutong's passive aggressive missives on this board shows that there might be something weird going down behind the scenes.

Currently we have no clear indication of who the owners are, I believe in the interest of transparency, the ownership structure as well as all roles of individuals involved for Bitcoinica should be made clear. This has near-zero security implications, and people holding balances are owed that much after this security breach.

Quite frankly, unless the ownership structure is made clear, there is a non-zero probability that non-principals that are involved may be unwitting accomplices to a scam. Assuming Zhoutong is an independent actor, he should ask himself whether he received payment for selling full equity where assets are strip-mined and stolen after transfer of the equity stake -- I'd be especially curious if he received a payment relative to the NPV seems a little too good to be true (unless of course, he did not realize that client funds were to be stolen upon ownership transfer). Assuming genjix / Bitcoin Consultancy et al are independent actors, they should be asking hard questions about their relative independent agency with regards to payment distribution and the worth of their association with this and the material risk if the owner is scamming them.

Storing your lastpass password as an API key in plaintext is beyond bizarre, no one in their right mind would do such a thing. This isn't SQL injection level incompetence we're talking about here, that happens all the time. Using an incredibly important password that gives access to all your online account and placing it in a plain-text API key is a poor excuse and isn't plausible at all.

Last bit of advice: Bitcoinica should put all their USD deposits in a real bank account, with real bankers. You have enough funds to have a personal relationship with a banker that will give you a courtesy call when large withdrawals are made. Mt Gox should consider locking all accounts even remotely associated with Bitcoinica. If they have more funds in other mtgox accounts, they should be locked due to material risks of bitcoinica ownership not acting in good faith.

Waiting far too long to return money plus now a claimed hacking with partial default implies that they needed time to transfer money elsewhere. This is a very serious accusation, but until we have a clear picture on why it is taking so long, who the owners are, and the bizarre use of a master password as a plaintext API key, Occam's Razor says the odds of the owner acting in good faith is not perfect.

+1.

I'd be much more in favor of using earlier multisig efforts to classify as IsStandard and creating OP_HASH multisig transactions: https://gist.github.com/39158239e36f6af69d6f or https://gist.github.com/dba89537d352d591eb36

Developing such a large change as P2SH should be reached by consensus after sufficient discussion. Many didn't even hear about P2SH proposals until very recently. Something like P2SH may eventually be necessary for large transactions, I do see a lot of potential value in it (and think the developers put in a lot of good work coding & testing, which is highly commendable), but it is an endeavor that must be developed with sufficient deliberation and consensus. In the meantime, we should begin accepting multisig transactions as soon as possible, with a minimum of code change/risk for miners and users until P2SH has been fully explored. I'd be much more comfortable if there were not been any bugs discovered in P2SH code in the past weeks (let alone months), unfortunately there have been substantial non-trivial bugs in the P2SH code that had to be fixed.

I've switched my hashing power to deepbit.

TLDR: Treat bitcoins like cash (don't get hacked).

Is there a way to donate bitcoins to avoid the 5 post restriction?

This is why all pools should switch to some form of PPS.

thread bump

The normal https request has been working fine for me, but it isn't designed for frequent requests, so you might get blocked. If you need mtgox live trade data, you should look into the websockets API.