Hacker News new | ask | show | jobs
by antr 4818 days ago
Agree. When a transaction is not authorised by the account holder, this transaction is legally invalid. Any bank would give the money back in this kind of situation.

I can't imagine my parents (or 99% of the adult population) being liable for this theft when "proper security precautions" means knowing when to detect and avoid a "0 day java exploit with a cross site injection attack".
2 comments
Cthulhu_ 4818 days ago
If they felt they were in the wrong, and if they provided the appropriate security measures. Does Mt. Gox even have two-factor authentication or transaction signing or anything like that?
link
lucian1900 4818 days ago
Not really. Most banks I've asked would not refund if the victim did not take proper security measures, and the OP in this case most certainly did not.
link
danielweber 4818 days ago
Banks are required to make users whole, even if the user's password is compromised. At least for individual accounts. (For businesses the situation is different.)

http://research.microsoft.com/apps/pubs/default.aspx?id=1618...

link
lucian1900 4818 days ago
It depends very much on local laws in your country, from what I've seen.
link