I'm glad he did this and have proven he is still in possession of the coins.

I'm disappointed it took 5 days of people asking for it for him to follow through.

That is indeed good news but has no bearing on this thread. All that proves is that the attacker in fact did not take off with the wallet. Which was never an even implication of this thread.

Right. They need to think that one through a little better.

No they will just not be as secure as "paying" members.

You do this right now. Your banks' infrastructure uses open and free encryption algorithms (and in most cases, implementations) and must do so in order to comply with regulation. So does your doctor (if you're in the US, at least). At no extra cost to you.

Additionally, mtgox is not and never has been a free service. They take a fairly large percentage on every transaction.

Nice straw man though.

Paying a recurring fee (purchasing tokens would be understandable, though as mentioned rsa can't really be trusted at this point) for two factor authentication and using a proprietary un-vetted password hashing mechanism means this service should not be trusted by anyone.

How about instead of using SMS as the second factor you use something that costs little-to-nothing, like, I don't know, an rsa private key signature? Or even better, why not an ecdsa signature from a bitcoin-related private key? I guess that just makes too much sense.

hahaha god damn you are one argumentative mother fucker!

Look at the bright side.
this is why I don't drink alcohol.

It's certainly not your job to tell them how to run their business.
I can understand you are devoted to them, but there is a limit to telling other people what they can and can't do. it's why we are here, to get away from those fools.

Last time I checked the problem was on their end, not on their users'. Although adding a second factor is undiably a good thing, it's not going to do much for security on their end.

In addition to that, I suspect a large number of bitcoin/mtgox users own a smartphone. There's a HOTP implementation for pretty much all platforms - completely free..

Nice comeback bro.

Fork, they were using floats for some calculations:

28.21:03 < eleorea> a couple days prior to the crash i noticed my BTC balance kept fluctuation up and down .01 of a bitcoin..anyone else notice similar
29.21:03 < MagicalTux> eleorea: rounding bug
30.21:03 < go1dfish> eleorea: some had mentioned that Mt Gox used floating point internally for some calculations31.21:03 < go1dfish> is that true? and has that been fixed?
33.21:03 < eleorea> ahh thx
35.21:04 < MagicalTux> go1dfish: the new system use 100% integers

Oh hey look, he admits the possibility finally. Tonight on #mtgox. (times CST/CDT)