This is actually super-clever, let me try to explain. Electrum is unique in that it's not a "real" bitcoin wallet. To save time and computer resources, it doesn't download the entire blockchain but rather connects to an Electrum Server which will do the blockchain stuff on your behalf.
The Electrum Servers (anyone can run one) can check your balance and send bitcoin on your behalf. Thanks to the magic of cryptography, this is all perfectly safe. If you send bitcoin through them, they couldn't redirect it to themselves. The worst they could do is refuse to send it.
Turns out Electrum Servers are allowed to return custom error messages to the client, though. So this guy set up a bunch of these servers and had them always return a message saying "Please update your electrum here: http://github.com/my-hostile-electrum/steal-yo-coins.git". What's worse, because Electrum is using the QT QMessageBox, these errors are displayed with full HTML rendering, making them look even more convincing.
So, crap. Bitcoin is, as they say, a bug bounty on the entire world.
Absolutely unacceptable design not to account for something like that when programming software. There should be an explicit notice of where the message is coming from. I see people blaming users for trusting a new GitHub repository, but the fault rests solely on the contributors to the project responsible for this.
You're right, and Electrum actually has a history of severe security bugs. I think there was one a while back where any website you visit could use JS to connect to Electrum's RPC interface and do things on your behalf.
It seems unfair to claim that anything is "unacceptable" in free software. If you're not paying for it then be thankful for whatever you get. No one is forced to use it.
Can you please not take HN threads on flamewar tangents, and please not post in the flamewar style? Some of your comments have crossed into incivility, or at least testiness. That has a degrading effect on discussion.
If you're going to be so negligent that you don't care to design your free product in such a way that it doesn't let people's money get stolen so easily, it's better not to release at all.
Complicated security vulnerabilities, I get. It's tough. But just the basic thought to inform someone that a message is not from the Electrum "team" would be nice.
It's unreasonable to expect everyone to read every bit source code of all open (or closed) source software they use.
If I were to use Linux for free, and in this imaginary world all of the sudden I had my banking credentials stolen from a similar lack of care, I think I'd be justifiably upset.
Should the people who lost money be thankful they got to use Electrum in the first place?
There's no negligence in giving software away for free. No one is stopping users from doing their own security audits, or hiring experts to do it for them. Beggars can't be choosers, and if users are upset at anyone it should be the thief.
Cryptocurrencies are speculative trading vehicles, not money. No one actually lost anything of real value. A fool and his coins are soon parted.
If Visual Studio Code, which is open source software I use daily and have not audited, tells me to update and I lose something of value to me from it, I'm going to be furious.
You can debate about the "real value" of Bitcoin or lack thereof, but I'm sure it had "real value" to the people who lost it. If people will pay $5 for Bitcoin, its worth at the time is $5, if $3,000, "real value" is $3,000. But that's besides the point.
Again, I've never really used Bitcoin and don't find it particularly promising, it's not my hill to die on. I do care about an issue like this, though.
If having quality software is important to you then you might want to actually pay a vendor that you can hold accountable rather than depending on the kindness of strangers. Free software is great! I use it all the time. But I'm under no illusions about imaginary negligence or accountability.
I don’t get it. Why should anyone be thankful that they lost bitcoins, simply because the software was free? I really dislike this trend of absolving free software of literally any quality standards whatsoever. Don’t act entitled, sure, but you’re doing no one any favors by refusing to even express desire for better quality.
All coffee has poison in it. Acrylamide is a known carcinogen. Caffeine is also poisonous: if you drink about 100 cups of coffee it will literally kill you.
You'll have to be more specific about the type and quantity of poison.
Personal attacks are not ok here, regardless of how wrong or annoying some other comment is. Please review https://news.ycombinator.com/newsguidelines.html and post civilly and substantively, or not at all.
So does that extend to publishing text without software? No one is forced to believe my free phishing message right? Or my free advice about drinking arsenic to cure cancer?
It is a growing trend to annotate the readme of an open source repo with a kind of statement of confidence. "This is code I'm not vouching for but want to share because it may be useful to others" and "this is my open source project that I consider to be production ready and will tie my reputation to" are very different things.
This was very obviously the second, so ethical duties involving lying to people for your own benefit and concepts of due diligence clearly come in to play.
And even if this makes no sense in your ethical system, at least be aware that people think that way and will remember your name in these kinds of circumstances even if they have no legal recourse.
In a worldwide software ecosystem there is no universal standard for ethics or diligence. Unhappiness in human interactions can usually be traced back to a mismatch of expectations. When I use software I expect nothing more than the formal legal agreement explicitly spells out. That way I'm often pleasantly surprised when software does anything useful at all!
For production software I've found it's wise to have a paid vendor to hold accountable (single throat to choke). Paid support is available for most major FOSS packages.
Ok, you convince everyone in the world of that system of ethics and problem solved!
Until then, set expectations explicitly so that people who make different assumptions from you don't get mad at you. It takes 5 minutes to be explicit in your readme.
Somehow everyone else in the world deals with similar issues without the special pleading so common in software. Software isn't that different, despite your wish to be unbound from normal expectations to not cause harm through misleading communication because you are behind a screen.
A redditor reported that the source posted contained the malware. Ie: compiling from source would not have saved you (unless you did the diff yourself and inspected the changes).
If you walked into your bank and someone in the lobby told you complete your transaction at a (fake) bank next door, would you say the bank was hacked?
You mean if you make up a completely different hypothetical scam not involving software at all? No I think the word “hack” in this context is directly related to software.
Now If I login to my bank app and upon logging in I revealed my login credentials to a third party and my account was subsequently zeroed out...yes I’d call that a hack.
I think a better parallel would be "your bank's website has advertisements and one of them says 'click here to pay off your credit cards' but it's actually just a phishing attempt"
That said, I wouldn't call such a scenario a hack.
Bad design and you still relies on somebody else's computer who can veto your transaction.
People use non-full-node SaaS Wallet because they don't understand the true value of cryptocurrency. If they got veto from the SaaS service they are using. They practically lost their property. A money never used is a lost money.
Also, That's why they manually download the fake update from URL that doesn't belong to the first-party. Because they are dumb enough to use SaaS wallet.
They can't veto your transaction for very long. Remember, there are many Electrum servers and anyone can run one. An Electrum user can just transmit their transaction to other servers.
This bug is absolutely atrocious: who decided that displaying error messages (with rendered HTML!) from untrusted third-party servers was a good idea?
It's a shame since SPV wallets are a great solution for most users, and Electrum has a relatively nice UI, but after this bug and the JSON-RPC one who will keep using this software?
Incredible to read how dismissive people in the thread are about the shortcomings of decentralization, up to the point where it feels like people are just praising gospel without ever having given it a critical thought.
There is still quite a valley between feasibility of crypto currencies in real world settings, and the current state of affairs.
Yes, there is a gap, but that will be closing quickly. What I hate to see is people using this gap as a reason against crypto/ blockchain as if every new technology is ideally perfect and meets every demand. This is the type of mindset that would have prevented us from having computers, laptops, and cell phones because computers the size of record courts don't make sense, computers take too much energy to be portable, and nobody wants to carry around a suitcase all day to make a phone call.
> Yes, there is a gap, but that will be closing quickly.
Bitcoin is more than 10 years old. That is almost as old as 1st generation iPhones. How much longer do we have to wait to fix these deeply fundamental flaws in the stack?
> It's all part of technological maturation.
An alternative interpretation might be that Bitcoin is fundamentally broken and isn't a useable technology.
Bitcoin is 10 years old and may or may not be broken depending on the end use case, but that isn't the only crypto/ blockchain project. For you to center the conversation around those arguments shows you're not very informed on the topic.
A lot of developmental progress in the ecosystem with models/architectures, tools, and infrastructure hasn't happened until recently (past year, give or take).
> For you to center the conversation around those arguments shows you're not very informed on the topic.
I've been following Bitcoin for almost its entire life and am probably vastly more informed than most of the shysters who show up on sites like HN to shill their coin.
> A lot of developmental progress in the ecosystem with models/architectures, tools, and infrastructure hasn't happened until recently (past year, give or take).
I've heard this line forever. Lightning network, for example, has been "just around around the corner" since forever. So far, it is still just as "just around the corner" as it was 5 or 6 years ago and ranks among the top all-time vaporware software projects out there.
The attempt to refocus on "The Blockchain" is only done to distract from the fact that Bitcoin, poster child of "The Blockchain" has no lawful use. It doesn't scale, it isn't free, it isn't trustless, it isn't censorship resistant, it isn't a good store of value, it isn't instant and it isn't anonymous. It isn't even deflationary (as if that is a good thing) because it has been forked and cloned thousands of times. Oh yeah, it also requires more energy than small nations to secure. (And don't feed me the line about it being "green energy" or "less than conventional banking"–we both know that is a laugably horseshit argument)
The whole space is a joke. Aside from self-driving cars, Bitcoin will be the biggest overhyped pile of complete nonsense this decade.
> So far, it is still just as "just around the corner" as it was 5 or 6 years ago and ranks among the top all-time vaporware software projects out there.
The paper was released April 2015. Progress is definitely slower than I'd like, but wanted to correct this claim.
[ Disclaimer: lightning developer and specification guide ]
Lightning was talked about before the release of the whitepaper, along with a number of other side-chains, off-chains, etc. None of have really been the magic bullet they claimed to be.
Again, I'm not talking about Bitcoin. There are many other projects in the ecosystem. It's like using shortcomings with Windows to represent Linux,mac, and any other OS that's out there.
I didn't downvote but the tone here is pretty patronizing:
>For you to center the conversation around those arguments shows you're not very informed on the topic.
The "it's too complicated for you to understand" tact is a tired, overly-used canned response from cryptocurrency evangelists, who seek (intentionally or not) to derail discussions about very real issues.
Bitcoin is yesterday but look at Ethereum. You can now trade dollar backed tokens issued by fully regulated banks for the cost of an Ethereum transaction. This lets you use smart contracts backed by US dollars, or write contracts to trade US dollars for other currencies. The writing is on the wall, more regulated tokens are on the way. Public stocks to municipal bonds. Why wouldn't people want to cut out the middle man?
If these tokens are truly regulated by the state and the ledger is editable by the courts, then there's nothing decentralized about it and it provides no advantages over the current system. All of this talk about decentralization and cutting out the middleman is a mirage.
Decentralized isn’t a binary. The courts can’t edit the blockchain but a federation of private keys can. It still allows an alternative to transferring money without Visa or PayPal.
There are clear guidelines about civility. This is not reddit. If you're being downvoted it's not because people disagree with you. It is though very likely that many people disagree with you.
The ecosystem is gathering a lot of contributors and researchers. A lot of the issues revolving around tools, infrastructure, scaling, security, user experience have various solutions in development, which are expected to come to fruition in (roughly) the next 2 years.
> A lot of the issues revolving around tools, infrastructure, scaling, security, user experience have various solutions in development, which are expected to come to fruition in (roughly) the next 2 years.
This line has been the standard party line in Bitcoin land since time began. Everything about bitcoin is "just around the corner".
All of your talk is a thin veil around the hidden message: "don't sell your Bitcoin or it will crater the value of my stash!" and of course layered under that message is "buy my Bitcoin!!!!".
Again, its been like 10+ years now of 'cryptocurrencies' and its failed to provide a use case apart from 'speculating' and getting yourself uninvited from family Christmas.
They're not and that's my point. Id following these publicized roadmaps then these items would be either completed already or completed next year. Realistically they'll be completed in roughly the next 2 years.
Cryptocurrency is feasible and is being used in "real world settings" right now. So many things are ruined by people preferring safety over freedom so I don't thinn this sort of thing bothers a freedom loving person.
Where is it actually being used in "real world settings"? Other than opening a Coinbase account and doing some speculative trading, I don't see any of these "real world settings".
Do you have any examples of companies that offer VPS or domain services that accept bitcoin and also don't require some other type of personally identifying information?
Well yes, but if they accept bitcoin as payment without requiring a credit card on file then its at least possible in theory to setup hosting and a domain without anyone's real name attached. I doubt many businesses offer such a service.
It is unlikely anyone lost 200 BTC, we can't say for sure because Bitcoin wallets are pseudonymous. But what happened is that someone received a lot of BTC from a lot of different wallets.
I would hope that someone who owns 200 BTC would put a little thought into how to secure it and would not be affected by this hack.
And this is why BTC will never be mainstream. All it takes is a single misstep to lose all of your money forever. Why would average citizens take that deal over the security guarantees provided by the incumbent financial institutions?
The problem with your hypothetical is it will never happen because the system in place works much better than Bitcoin. Our current system doesn't have the flaw that you have to distribute your wealth in hundreds of wallets or you get perma-fucked and booted into the street.
What's your point? The nature of cryptocurrencies make them easily lost or stolen compared to money in the bank. Banks are regulated and insured so customers never risk losing their money due to ineptitude. They get nothing in exchange for the hassle and risk of cryptocurrency.
Raw Bitcoin is the equivalent of cash, not bank money. Bitcoin can be (and often is) regulated and insured.
It's possible to implement chargebacks on a smart-contract platform, or even at layer 0 as EOS and XRP do. What's so bad about the possibility of marrying the benefits of cash with the convenience of electronic money ?
> Cash in the bank already is "electronic money". Cryptocurrency doesn't add any benefits [...]
Why bother replying to comments in threads about cryptocurrency if they don't have any benefit ? Clearly now that cryptocurrency long speculators have pretty much all died, cryptocurrency should just disappear by itself if it doesn't have any use over fiat. Or do you not believe in your own opinion ?
> Why bother replying to comments in threads about cryptocurrency if they don't have any benefit
Am I not allowed to post if I think cryptocurrencies are useless?
> Clearly now that cryptocurrency long speculators have pretty much all died, cryptocurrency should just disappear by itself if it doesn't have any use over fiat. Or do you not believe in your own opinion
Why don't you just articulate some of the benefits instead of invoking bloviated sarcasm? The argument that "bitcoin exists so it must be useful" is pretty obviously fallacious logic.
You are the one making the sweeping claim ("CryptoCurrency doesn't add any benefit"), so unless your name is Donald Trump, the burden of formulating precise criticism actually falls on you.
It seems like you don’t want to hear dissenting opinions because you have a vested interest in crypto and it’s unpleasant to consider that you may be wrong. His opinion is just as valid as yours, and HN exists for such discussion. So, in the interest of hearing both sides, what benefits do you claim crypto provides that aren’t already provided by fiat currency?
I'm not making a sweeping claim, I'm asserting something more akin to a null hypothesis. The extraordinary claim is the one that suggests cryptocurrency has lots of benefits when all the available evidence points to the reality that it is mostly a toy.
Posting a page full of quora answers as your response is not a practical way to have a discussion. If you have a point to make I encourage you to lay it out here so that I can address it, I am not going to spend time constructing a response to a page of quora answers you took 30 seconds looking up on google.
Most of those are either bugs, not features, or just have nothing to do with cryptocurrency and can be (and have been) implemented on top of our existing banking infrastructure (or it's reasonably non-trivial to create new infrastructure for it).
Given how hard technology is at the moment, and how many issues people have with it, I highly doubt we're going to get to widespread literacy around bitcoin best practices.
I think the tide is turning on this one. The overall feeling definitely seems to be shifting away from positivity about cryptocurrencies. It's a slow change (naturally) but noticeable.
There was only 1 dotcom bubble. Which crypto bubble are you referring to? Because there seems to be one every 2 years and every time you hear the same talk about the bubble is over, it's all worthless, etc and yet it recovers, surpasses, and diminished previous highs.
If I understand this correctly, this is quite a flaw in the design of the client. The message is shown in the client, but is simply the response of an essentially random server in the network. That response is displayed with full formatting in the client as if it were an error message by the client itself.
I never used any of this, but it really doesn't look to me like it is unreasonable to assume that error messages like this are created by the client, not an untrusted server. Untrusted servers should not be able to inject content like this.
Looking at the commit, I am wondering if there is still a vulnerability in sending error messages. What if the malicious server DOS'd the client by sending an extremely long error message crashing the client when it tries to render it. This also doesn't stop a simple plaintext message that has a phishing message like "Your machine has been hacked and your keys have been compromised, please transfer x BTC to y address within 5 minutes to prevent your private keys from being immediately drained".
Yea, only allowing servers to send a naked error code matched against a list of preloaded human-readable strings on the clients seems to be the only option that's actually social-engineering proof.
If custom error messages are really needed, you could allow them as a special option while making it obvious through the client UI that this is sent from an untrusted source (field hidden by default, warning displayed when full error message is expanded).
The safest option now is just to consider Electrum as insecure by default. Same with Ethereum's Parity desktop and Metamask. They're convenient for day to day use but don't trust them with big amounts.
> Technically speaking, even though the term 'hacked' is broad, what happened was an attacker utilized the server response/messaging capability to phish users (it was more convincing because rich text was allowed to display in the electrum client). The message provided a link to "upgrade electrum", but was actually installing a malicious clone.
> The attacker amplified their reach by spinning up more malicious servers which could loosely be considered a sybil attack.
> People using the correct wallet software and not clicking any links are unaffected. Electrum was no more "hacked" than gmail is hacked every time one of their users is sent a phishing email
It all depends what you calculate to be the biggest risks that you're protecting against. If it's collapse of world civilization, or at least your own country's institutions, then storing your own coins makes sense, and yeah a hardware wallet is a better way to store it than on your computer.
On the other hand, if you're more worried about getting hacked or simply losing your private keys, having your house broken into and the wallet stolen, etc. you're probably better off putting it in Coinbase with a strong password and 2FA enabled. The same way you protect other things you care about like your bank account and 401k.
It's odd to me that this is so highly frowned upon in the cryptocurrency communities though. People with very little knowledge about computers or infosec are constantly pressured into storing their own coins, which is fundamentally pretty user-unfriendly just due to the irreversible nature of it where you can't make a single mistake.
Cryptocurrencies are the worst possible store of value against the collapse of civilization. Did you forget that you need a functioning internet and electrical grid to use cryptocurrencies? This type of thinking does not reflect a realistic perspective of how the world works.
They're a hedge against a particular kind of collapse of society - one in which the currency collapses (hyperinflation) or the nation-state backing the currency collapses (revolution/coup/regime change/tyranny, followed by asset seizures). If everybody is shooting each other and there's no food in the stores, you're fucked regardless of how many Bitcoin you own. If there's a nuclear attack and the electrical grid is knocked out, your Bitcoin isn't going to be accessible. But if the hard assets & businesses are mostly functional but just don't know how much they're going to get paid tomorrow because the value of a dollar is 1/4 what it was today, Bitcoin is pretty handy. And if the government decrees that the bank accounts of certain persons who are politically opposed to it are now property of the government, Bitcoin is pretty handy.
While I think a number of Bitcoin maximalists have the former couple scenarios in mind, and agree that their beliefs are illogical, the latter two scenarios are actually much, much more common in recent history. Think of Zimbabwe or Venezuela in the present day, Greece in the financial crisis, Russia after the fall of the Soviet Union in the 1990s, East Germany after the fall of the Berlin Wall, Latin America seemingly every decade since the 1950s, or China during the Cultural Revolution. Bitcoin could've saved lives and fortunes for many of the people affected by these. Indeed, it's held up fairly well for people in Venezuela and Zimbabwe, the two countries to face major currency crises since Bitcoin's invention.
> They're a hedge against a particular kind of collapse of society
I'm sorry, but do you not see how absurd that sounds? It's a hedge against a particular kind of societal collapse? This is just totally impractical. The reality is that bitcoin traffic in Zimbabwe and Venezuela is extremely miniscule; that's because you can't actually buy much of anything with cryptocurrencies, especially useful goods like food, water, medicine and guns, and trying to convert cryptocurrency into real money is fraught with obstacles and risks (i.e. if you try to do an in-person conversion). Cryptocurrency is not a realistic hedge against any kind of societal disruption.
I guess this is a response to mtgox and other exchanges that turned out to be insolvent. Moreover, it prevents the situation where an ill regulated institution denies you access to your credit. See also the stories about PayPal accounts being frozen.
> you're probably better off putting it in Coinbase with a strong password and 2FA enabled. The same way you protect other things you care about like your bank account and 401k.
This is not a good idea. There is a big difference between your bank account/401k and crypto. If Coinbase gets hacked, you aren't really getting your crypto back. If your 401k account gets hacked, there is at least some recourse.
Well it's incredibly difficult to quantify the risks associated with BTC storage, so it's very difficult to take appropriate action. The pro of storing your own coins is not particularly better security, but more control of your security. You can do physical backups, encrypted copies, securely store them and make decisions about the physical risk of your coins over time. With Coinbase you're putting your trust in their security and you really have no control. It may well be safer in reality, but the attack vectors are all things you can't have any influence over.
> This is another reminder of why people should be using hardware wallets.
Which ones? There have been reports of many getting compromised.
I thought the best way to secure your Bitcoin was to print it out on archival grade paper, encase it in twenty layers of plastic, dig a hole in your backyard and bury it.
Of course, if that got compromised, then it is still your fault because obviously you didn't dig the hole deep enough, or didn't cover it with grass, or you should have gone out into a remote forest and buried it there (I sure hope you left your cell phone off while walking to the location or you might have been tracked!)
Always remember: Bitcoin can never fail, it can only be failed.
This reminds me of the countless malicious TeamSpeak servers who send out fake "TeamSpeak needs an update: [evil-url]" messages with the server message or poke feature. (The second one displays an arbitrary text in a simple message box, e.g. sent by a bot when joining the server).
It's bananas that people are downmodding you on this point. A financial system or security / commodity that literally has no recourse in the face of crime or even simple clerical error, is an unusable financial system. Can you imagine if everyone who had a credit card stolen was just liable for anything bought?
And a financial system that allows some group somewhere to decide if i'm allowed to buy (or sell!) some things, can lock my funds at any time for many reasons, and can track and sell information about what and where I bought things to any number of various 3rd parties is also similarly "unusable" for some.
It's a tradeoff like anything else. For some people, the risk is worth the benefit. For others it's not. Still more find the risk worth the benefits for a subset of their money, and not for the rest.
All of these "financial systems" can happily coexist, and none of them are completely broken, they just prioritize different things and make different tradeoffs.
Also, bitcoin doesn't require being a lawless land where everyone can do anything all the time. It's like cash, but electronic.
If a thief breaks into your house and steals $10,000 in cash, will the police give you $10,000? If they find the guy and he still has it, sure! But what if he burned it? or spent it? now you are fucked.
It's the same with bitcoin. if they catch the person who did this, the courts can force him to return the money with threat of lots of jail time and more. If he doesn't have it, then the users that had it stolen are fucked.
Yes, and we would all pay for this persons mistakes through increased insurance premiums. What if I don't want to have to pay for someone elses mistakes? What if there was a world in which one had to take responsibility for their money? No do overs. This is cryptocurrency.
Okay, but you realize that most people want insurance, right? In this case, it wasn't even the guy's fault that Electrum displayed the hacker's message as something official. Do you really want a society where some other person's stupid mistakes can destroy your life?
I’m pretty sure GP isn’t trying to say that everyone should use Bitcoin. The thing that gets annoying is that there is a crowd that campaigns this, and then other people (particularly in this comment section) fight back saying nobody should use Bitcoin.
The obvious fact which I feel is somehow being overlooked here is that different people have different needs and there is no one-size-fits-all solution to banking today.
And those people will be perfectly happy until it affects them.
As a society, we tend to protect people from themselves because the other option is to let them die on the streets when they lose it all. Making people have insurance and using banks and payment systems that have built-in protection, is far cheaper than providing welfare for those that would otherwise be scammed out of every penny, irreversibly.
You can be a self-serving ubermensch the same day you opt out of all social help.
Is it? It sounds like an unnecessary application of force. It also seems disingenuous to phrase it as a choice but then admit there is no choice at all.
The point is that in this area people are terrible at making financial choices, and only ever think in the short term. This is why we have (for instance) laws about withdrawing funds from pension accounts etc. Because otherwise people raid their own retirement funds and end up reliant on the state.
There absolutely is a choice - you can politically campaign for the right to opt out, or you can go and live in a country that doesn't have the protections you don't want. Most of them are pretty damn awful because they don't look after their citizens at all.
What you don't get to do is live in a society with such protections and social measures and then not play by its rules.
> The point is that in this area people are terrible at making financial choices, and only ever think in the short term.
It is hard for me to fully internalize this point when I have a counterexample readily available, albeit one that will do nothing to convince you. I consider myself capable of making sound financial decisions for myself and would never raid my own pension account, unless faced with immediate existential danger (in which case "raiding" it would be a rational decision).
I disagree that the solution to that is to centralize funds in order to let a centralized body inefficiently misallocate (or sometimes outright steal) them and would appreciate the freedom to do this myself. I think the state has too much power and this is detrimental in the long run, as it is detrimental when any single entity has too much power.
> There absolutely is a choice - you can politically campaign for the right to opt out, or you can go and live in a country that doesn't have the protections you don't want.
> What you don't get to do is live in a society with such protections and social measures and then not play by its rules.
I can certainly campaign politically, but that also includes respectfully disagreeing with your conclusion above. This does not make your position right and mine automatically wrong (nor vice versa).
The rest of the quoted part of your post sounds like another non-choice (in that the it is highly impractical), followed by a moral judgement.
> It is hard for me to fully internalize this point when I have a counterexample readily available, albeit one that will do nothing to convince you. I consider myself capable of making sound financial decisions
Many people do, many of these very same people are not actually competent when it comes down to it, just overconfident, or just have a run of bad luck.
> I disagree that the solution to that is to centralize funds...
Who said anything about centralising or the state? You can invest in pension funds all over the place, with many financial bodies, but you'll find access to these funds restricted in various ways.
> The rest of the quoted part of your post sounds like another non-choice (in that the it is highly impractical)
It's perfectly practical, you can move to all sorts of other nations, take your pick. It's a massive coincidence that the ones that are worth living in have restrictions and protections like these, no?
The beauty of The DAO was that it wasn't even a hack or an attack. It was merely somebody cleverly exploiting a loophole in the contract everybody agreed to. After all in crypto-utopia "Code Is Law" and there is no interpretation of a contract outside of the code. The irony is the only actual theft that occurred was the ethereum devs rolling back the contract to save their own asses.
The DAO single handedly proved that the blockchain is fully mutable and is certainly not trustless or censorship resistant. Hanging your hat on any blockchain requires you to trust the developers and miners to do you well. And if they don't... good luck getting your voice heard.
Oh but you WILL pay for someone else's mistakes if you pay bitcoin to a merchant to buy something, the merchant gets hacked due to their own mistake, and then they cannot fulfill the deal. What are you going to do then?
tell people not to use a merchant that has no operating capital, can't deliver, and has poor OPSEC
multisig escrow is a solution that works and a lot of people use for years, requires the service provider have their own resources and capital to fulfill the delivery of goods.
not a solution for everyone, but a solution for many.
> Not when it's the bank or government who takes your money.
With Ethereum it was the core developers / top of the pyramid who stole wealth from the the DAO "hacker" who cleverly found a loophole in the "Code Is Law" contract everybody agreed to and used it to their advantage. The Ethereum devs, coupled with mob rule, clawed back all the transactions and literally stole the funds back.
I'd rather have due process provided by a government than mob rule.
I've even sent you an email to which you never replied.
No i am not trolling. What's stupid about it? Did you even read that some users posted a list of people who were kidnapped because of bitcoins. Or are you saying those who have been kidnapped were also stupid?
What's being discussed in this thread is not a common knowledge. That's why people jeopardized their own life because of bitcoins. So it's not stupid.
I've karma of 238 accured in 25 days (this is after you shadow banned me even without telling me what exactly i did wrong), surely some people who read my posts find it valuable.
If you want to avoid being hacked, the best first step is probably to avoid posting to a technical forum the fact you have 2000 bitcoins, using a non-burner account that includes your gmail and other personal info.
In all seriousness, if you really have that many bitcoin (I suspect you may have meant $2k worth of bitcoin), seriously consider your opsec. Make sure you have 2FA on your gmail and other important accounts, with no phone number linked (i.e. software 2FA only; people are porting phone numbers and then resetting 2FA).
I feel like I'm being trolled. If not, seriously stop giving people your details - you are creating an over $7 million honeypot / bug bounty! Delete all of this. Use a burner/fake account on a different forum, and ask for advice without mentioning the number of bitcoins you have.
Other advice:
1. If you have 2000 bitcoins, consider splitting them up via different storage methods. There is risk in doing this (wider attack surface; locking yourself out), but if someone hacks you, better they only take half your bitcoins before you can secure yourself.
2. If the Trezor fails, just use your memorized private key / raw paper backup.
3. Sell half, even if bullish. It could always go to zero.
If you're as loose with your personal information in public as you are about the fact you have millions of USD in bitcoin, then you're probably not difficult to physically locate. At that point it's just a matter of a wrench or hammer I'd suppose.
So you mean there are people who will assult me for a few million?
Everyday i see guys in supercars around me, i never seen them being assaulted when they are clearly without security and they clearly have all that money.
But to steal millions from those people you need a lot more resources and a risky plan. Whereas to steal BTC from someone like you, you need a wrench to the head for some convincing, like in the linked comic.
I mean to steal millions from someones bank account you need them at the bank and even then you get a trail from bank transfer to another account etc. plus the bank could reverse transaction when police gets involved. While if they can access your wallet they can transfer anonymously to another wallet that no one knows who it belongs to.
So the person you are responding to has a point, I think.
Because their funds are easier to track. And easier to prove that they belong to them. Someone just needs to get your keys off you and there's that. You've got nothing on them.
Their money is mostly stored in regulated and insured banks and investments. Even if you get their bank password, you can't just move all their money at once to an untraceable account in an irreversible transaction leaving them with absolutely no recourse.
> So you mean there are people who will assult me for a few million?
People rob banks for a couple thousand dollars, or convenience stores for a couple hundred.
Supercars are very different - if you steal one, it's a) pretty easy for cops to spot and b) pretty hard to exchange for cash. Cryptocurrency, on the other hand, can be irretrievably exfiltrated in minutes.
The weak point is not your gmail account security. It's that now that you've announced that you have X million dollars in a form that's easy to transfer to an anonymous account, they could show up at your house or kidnap your children. The thing stopping that from being more common with USD is that international transfers will be stopped, law enforcement can track accounts, things like that. Bitcoin has none of those protections.
I don't believe that you have 2,000 Bitcoin. Nobody that interested in Bitcoin would even think of using blockchain.info to hold a fraction of that much. I don't even like, use, or think Bitcoin is useful, and even I'd know better than to do that.
I can't believe someone holding more than $50k in blockchain.info, and even that is ridiculously unadvisable. Web wallets are not secure. I very much doubt anyone interested enough in Bitcoin to acquire 2,000 of them early enough on would do such a thing.
You have just made a $7M bet that you won't fuck up your opsec. You made this bet against the world. You are also betting that you have physical security that can handle the power of a Desert Eagle.
Your link only proves my point. That is basically a list of every single bitcoin attack that has ever happened in the entire world. If that is all people have to worry about, then I think people are pretty safe.
It is just a silly meme to be that paranoid about this stuff.
Thanks for all that personal info, while your at it why don't you just tell us that private key too?
Seriously, you're here asking about security but you're giving us all your details. Your gmail is even known. Security through Obscurity is a real thing, and you've just painted a huge multi-million dollar target on your back.
Don't post about owning large amounts of cryptocurrency.
Spear Phishing / Whaling is a real threat, and you are simply not clever or diligent enough to anticipate all attacks. Once multi-millions are involved, it becomes practical to execute very elaborate attacks on high-potential targets. This can include meat-space 'monkey wrench' coercion or spy-novel style guile.
Call me paranoid but if I owned a bunch of btc I wouldn't go around announcing it on public forums, there are have been targeted attacks against people who own a lot.
Convert to cash and store across FDIC-insured bank accounts. You'll need several. Has the added bonus of not being exposed to declines in the value of bitcoin.
I lost 1 btc due to an early Trezor UI bug ("bug in 3rd party cryptographic javacript library used by mytrezor.com on OS X"). Fixed years ago and they did reimburse me, their team is great. I fully support the product, but yes it's evidence that nothing is perfect.
Bitcoins are stored in the blockchain, in every node. What wallets store are the private keys that let people access (spend) those coins.
That said, the Electrum wallet seems convenient and easy to use but totally insecure because one has to trust the Electrum network and this attack demonstrates that it can't be trusted. However there is the Electrum Personal Server, which is an Electrum server connected with only one bitcoin full node, hopefully one run by the same person that owns the wallet.
In the US, banks are not their own banks - if they screw up big time they rely on the US government to insure/print dollars to make up for their mistakes.
The Electrum Servers (anyone can run one) can check your balance and send bitcoin on your behalf. Thanks to the magic of cryptography, this is all perfectly safe. If you send bitcoin through them, they couldn't redirect it to themselves. The worst they could do is refuse to send it.
Turns out Electrum Servers are allowed to return custom error messages to the client, though. So this guy set up a bunch of these servers and had them always return a message saying "Please update your electrum here: http://github.com/my-hostile-electrum/steal-yo-coins.git". What's worse, because Electrum is using the QT QMessageBox, these errors are displayed with full HTML rendering, making them look even more convincing.
So, crap. Bitcoin is, as they say, a bug bounty on the entire world.