Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
	helo=mx.sourceforge.net)
	by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <gmaxwell@gmail.com>) id 1WCxt3-0008Pi-2k
	for bitcoin-development@lists.sourceforge.net;
	Mon, 10 Feb 2014 20:55:29 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.215.44 as permitted sender)
	client-ip=209.85.215.44; envelope-from=gmaxwell@gmail.com;
	helo=mail-la0-f44.google.com; 
Received: from mail-la0-f44.google.com ([209.85.215.44])
	by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1WCxt2-0005hd-BZ
	for bitcoin-development@lists.sourceforge.net;
	Mon, 10 Feb 2014 20:55:29 +0000
Received: by mail-la0-f44.google.com with SMTP id hr13so5258895lab.31
	for <bitcoin-development@lists.sourceforge.net>;
	Mon, 10 Feb 2014 12:55:21 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.152.88.82 with SMTP id be18mr23365923lab.3.1392065721755;
	Mon, 10 Feb 2014 12:55:21 -0800 (PST)
Received: by 10.112.198.34 with HTTP; Mon, 10 Feb 2014 12:55:21 -0800 (PST)
In-Reply-To: <CAE-z3OUK0_8an3xAt3T1Sb_iFLNy=AWwiKZYnrURg_o=w0dmPg@mail.gmail.com>
References: <CAPg+sBi-phaw3hDgguk-LYrPsKX4M5snTJBv_NsQML1M=XgZEw@mail.gmail.com>
	<52F92CE3.7080105@olivere.de>
	<CAE-z3OUK0_8an3xAt3T1Sb_iFLNy=AWwiKZYnrURg_o=w0dmPg@mail.gmail.com>
Date: Mon, 10 Feb 2014 12:55:21 -0800
Message-ID: <CAAS2fgR9D0Vzp+Yx+azLhrPgZmynOy9-g0Kx94of4rPPYnER0A@mail.gmail.com>
From: Gregory Maxwell <gmaxwell@gmail.com>
To: Tier Nolan <tier.nolan@gmail.com>
Content-Type: text/plain; charset=UTF-8
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(gmaxwell[at]gmail.com)
	-0.0 SPF_PASS               SPF: sender matches SPF record
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1WCxt2-0005hd-BZ
Cc: Bitcoin Development <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Malleability and MtGox's announcement
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Mon, 10 Feb 2014 20:55:29 -0000

On Mon, Feb 10, 2014 at 12:47 PM, Tier Nolan <tier.nolan@gmail.com> wrote:
> If the attacker has a direct connection to MtGox, they can receive the
> transaction directly.
MtGox had a php script that returned base64 data for all their stalled
transactions.

Not just attackers used that, some people trying to unstick their
transactions tried manually fixing them with honest intent and no idea
it would potentially confuse mtgox's software.