[accused of EXIT SCAM] Altilly Crypto Exchange - list MAID

You always put your money where your mouth is @Dimitar. Respect.

14 Likes

@Dimitar

Please consider doing the same for the developer forum if you aren’t already.

7 Likes

Yes, this is a good suggestion … It seems that there is a reason to register with smart people after all :lol:

4 Likes

Sad to hear about this hack?/theft. Agree that decentralized exchanges are the only reasonable future.

I wonder if it will be possible to have a decentralized exchange on Safe before safe-compute functionality. Current decentralized exchanges are using ethereum (or similar) as the backend I guess, which give computing … but maybe a Safe website could also use ethereum as a backend … or would there be a weak link in there? IDK, but would be nice if there was a way. I want to be off the hacky clearnet entirely someday and the sooner the better.

1 Like

Why use ethereum when there is an abundance of natural saferium? :cowboy_hat_face:

4 Likes

It’d be great to do that when Safe offers compute capability, but that won’t be at beta and we don’t know when it will be.

Ethereum is a computing network by contrast.

What would be cool is if we could just hard fork a version of ethereum into safe code-base and store blockchain on safe and pay computing fee to farmers in safenetwork tokens.

But I’m just dreamin’ now.

1 Like

Unfortunately I also had some MAID on Altilly. Not a very large amount, but still large enough to hurt a bit.

Up until recently I would never touch MAID once deposited on my Ledger. But for some reason I just had to ‘support’ trade on this new exchange…

After reading the updates on altilly.com, here’s my 2 cents on teh current situation. It does tell me that whoever runs/ran it, has the proper intentions, especially when comparing to the other recently hacked exchange Livecoin (no updates from them at all). Within days Altilly has confirmed exactly what and how it happen. And even though it’s very embarrassing, aren’t trying to sugarcoat or hide it. According to altilly the coins/tokens saved are mainly the ones listed in the last 30 days, which should include MAID. It however doesn’t show MAID in the overview of saved coins (neither do most of the coins listed in the last 30 days).

Anyway, it did put a smile on my face when Nigel/JAMS purchased ‘my’ MAID’s for 0.50USDT, so thank you sir :grinning:!

Overall I am not too concerned

11 Likes

Do you all know you have to fill a form before 56 days to claim your funds?

4 Likes

From a personal point, that may feel nice. However, bad intentions and incompetence are not very different in practice. One could even argue incompetence is just not having the right intentions strong enough to research potential dangers and put up the necessary defenses against them.

From another angle, if you aren’t 100% certain (based on past experience in smaller scales) that you can protect other people’s money from being stolen, you should not be in the business of managing it.

3 Likes

Anyone intelligent enough to create and run a working exchange should have no problem stopping hackers. A properly secured Linux system is virtually impossible to hack. This leads me to believe they were either scamming people, or lazy, neither of which inspires confidence in them.

1 Like

But what if you just bought it?

4 Likes

Whats your hourly rate? And do you have professional indemnity insurance?

Thats easy to say and a little more difficult to achieve in practice.

DISCLAIMER: I have lost money on Altilly

3 Likes

“The servers the Altilly Exchange platform utilised were provided by an independent hosting provider.”

Copy-paste amateurs think using third party hosting is secure. Beware noobs! :roll_eyes:

cough should have used Safe Network! cough :smiley:

1 Like

From a system level it isn’t that difficult. I can understand how a web application may be vulnerable and give access to the system, but it should stop there with an unprivileged user, and what they are allowed to access. Allowing someone to not only gain access to the system, but to create a new system user and take over the systems is incompetence.

I used to carry insurance and do consulting, but I’m out of that game, now. My rate was $125/hr. In an eight hour day, I could install an entire web application stack and lock it down.

1 Like

It’s one thing to set up an “unhackable” system. It is entirely another to ensure it remains unhackable.
Reading between the lines at https://altilly.com/ point 2 it would seem there was some social engineering involved as well as forgetfulness around the old non-2FA-protected email account.
We can take all the precautions we want, stay up to date with exploits but if you - or someone else associated with the project - falls for some social engineering attack, you need to hope your pro indemnity insurance covers it.

1 Like

before maybe, but after? The safetokens will exist in its own network. Are you thinking about wrapped safetokens?

The greatest vulnerability in any system—cyber or not—is human. People often overlook this fact.

7 Likes

Yes, wrapped safetokens

Well I wonder if that will do any good…
They certainly give the impression of trying hard to make things better.

3 Likes

Excuse me? These two are completely unrelated issues.

1 Like