It's interesting to note from page 30 of the criminal complaint, StackOverflow was able to record "Ulbricht [changing] his registration email [...] to 'frosty@frosty.com'".
Why do sites like StackOverflow keep audit logs of your account information?
Actually, it's almost certainly as the other person stated - for administrative moderation purposes. There is no other purpose to maintaining historical backups of this sort of data. Especially not when that costs money.
When I built a site that existed for a very long time, was very popular, and involved monetary transactions, I had to track nearly everything. IP addresses, address changes, email changes. Everything I could think of. This was then utilized when I suspected someone of fraudulent behavior. I could pull up an administrative screen that compared data in an archive copy (where I dumped the older information for just this purpose and to specifically keep it inaccessible to the outside world for user security purposes). With that, I could see whether several users were actually the SAME user. I even tracked things like user-agent string and detected screen resolution.
A lot of pieces of data can come together to provide more than circumstantial evidence that someone is shilling, trying to feedback-bomb another user, and so on. Enough correlated points of data can confirm suspicions like this. You'd be surprised how many people use an email address for one account, change that address, then create a second account with the email address they used to have on the first account and then use the second address to drive up the value of their stuff by shill-bidding against another user on their own item.
Don't forget user support. It's not all that uncommon for someone to forget their account, lose a password, or an email address. Circumstantial evidence can support ownership of the account, and let us fix things for them.
There are also errors on our end like account merge bugs, moderation mistakes, dropped/flagged/whatever recovery emails, and so on. Keeping additional historical data can help us recover in those cases.
If you're smart about what you track it's not that much data; we record most changes to user records into a history table (likewise, and for the same reasons on post records). Keeping traffic logs around and queryable forever would be really, really expensive though. We keep some around, but only really recent stuff is easy to query (about 2 days) since that tends to be what's needed when reproducing bugs. I don't even think we have all traffic history, and old stuff would require digging a tape out (if we even move those to tape like we do with DB backups, I honestly don't know; it's never come up).
Moderation is a good reason to keep lots of data around, you're right, but it's not the only one.
Most FX brokers do not "exchange money", that is in the sense that you can withdraw the quote currency. Because of this, they don't have to deal with money laundering.
FX brokers and MtGox also have different business models. Brokers usually make money off their spreads, slightly adjusting their quotes in their favor. Traders on MtGox trade directly with other users, not against the company. This attracts different crowds.
Fiat is also not as volatile as Bitcoin. A .35% fee on Forex would completely devastate profits. Meanwhile, Bitcoin rises and falls 10% on a good weekend.
Bitcoin exchanges would be comparable to stock exchanges like NYSE or NASDAQ, except volume is lower in the tens of magnitudes.
FX brokers like LMAX, while still targeting retail investors, make money (almost) exclusively on commissions, rather than adjusting the spreads.
Many liquidity provision strategies are also infeasible given the unreliability of the APIs available and the high fees, and in general many intraday strategies that work in other markets and would work with lower commission for bitcoins are devastated by such high fees.
As for stocks, if your volumes are decent, trading costs are negligible. With bitcoin exchanges, that does not seem to be the case...
He was talking about Vagrant (the tool CoreOS uses to distribute VM images)...
Also, I think you can just make a directory in the `~/vagrant.d/boxes/coreos` folder called "vmware" and copy over the vagrant file, box.ovf and the metadata.json. Then you just edit the metadata to have a vmware provider and the box.ovf to reference "../virtualbox/<<theimage>>"
I however do not have a vagrant vmware license and cannot test this theory.
Before CoinLab shifted gears and got sued by MtGox, what this guy got fired for was exactly CoinLab's startup: monetizing games through Bitcoin mining.
Needless to say, with Bitcoin ASICs on their way back then, this wasn't exactly a sustainable business model.
You can create an account anonymously and pay in Bitcoin, and not leave a paper trail. That's exactly what I did.
Their policies state that they do not log, but I personally find this questionable. Much torrent traffic goes through their network, and I couldn't imagine how they respond to complaints sent by media companies to their US servers. They claim that they use "proprietary technology" to deal with abuse, but that seems only to be with blocking outgoing DoS attacks.
It may also be useful to note that they've been supportive of the Bitcoin community. They host BitcoinTalk, and were also one of the first VPNs to accept Bitcoin.
The answer is not black and white, although there are certain indicators that make an email very likely to be malicious.
In this case, record the ultimate destination of the link in an isolated browser session (to prevent a possible CSRF attack), then make your judgement from there.
Why do sites like StackOverflow keep audit logs of your account information?