What an absolute cluster eff. On the bright side, it's a testament to how far along bitcoin has come since last year that the price hasn't fallen off a cliff.
|
|
|
can someone summarize Bitcoinica's situation?
That's more analogous to the bitoinica situation than sinking ships. They were driving too fast on their new motorcycle and they weren't wearing safety gear...and they were pulling a trailer with their bike, and the trailer had a bunch of other people's fine china in it. Edit: ...and the fine china was willingly handed over to the careless motorcycle driver, and the people who handed it over knew they were handing their china over to a guy pulling a trailer with a motorcycle...
|
|
|
I'm pretty sure that Mr. etotheipi is well meaning, but he is also very young and inexperienced. His advice about "attack surface" is generally right, but it just betrays his lack of experience.
1) Those who remember the old product called Laplink and its special "serial and parallel on both ends" cable will probably also remember the trivial procedure used to transfer Laplink from one machine to the other through that cable. Once you had Laplink on both machines you had access to all files on both machines.
2) Ten years old laptop computers frequently have IrDA (or other infrared) port. There wasn't many commercial products using those ports, but it was heavenly invention for hackers. Clever person could gain access to the other person's computer while siting right in front of him around the conference table during negotiations.
3) The biggest attack surface on 10 years old computers in not from hackers, but from your good old friend Murphy. If you plan on following his advice to store your valuable bitcoins on an old PC please buy at least 2 or 3 identical copies to have spare parts in case of inevitable component failure. Also make sure that either you know how to swap those parts or have a trusted person who could help you with that task.
This is pretty much close to a security theater performance art.
The constructive advice I could give is:
1) use modern computers, just learn how to boot them off the external drive or how to swap internal drives. 2) when storing on the hard drives learn about SmartMonTools (or other S.M.A.R.T. toolset), how to use them and how to interpret the results. 3) DVD-RAM is the only consumer-grade removable media technology with any track record of long-term reliability. 4) USB flash drives are to be trusted only if you also have access to the test and configuration application that is specific to the particular controller used in your flash device.
Thank you for reading.
I think you're forgetting that Armory can be use, and should be used IMO, to create offline paper backups. Laminate a few of those suckers and store them in fireproof safes. If the the old computer you used, which may have had an active wallet on it, dies; then just grab another computer and one of your paper backups and your back in business.
|
|
|
Though the article does mention bitcoin, I wonder if bitcoin is really among the virtual currencies these banking folks have in mind in their planning. I haven't seen any evidence to suggest it is, and I still think bitcoin is too small for them to really care about. The "bitcoin" mention looks more like the author tossing out what he thinks is an example.
|
|
|
I agree that a specialized piece of hardware would be nice, but there's a lot of flexibility in using a general purpose system that was about to be thrown out anyway. Flexibility is nice but it also means more potential ways for a remote attacker to find an exploit. The lack of flexibility in a specialized device is a feature because it greatly reduces the attack surface. It might not be worth it for $1000 but a wallet with $100,000+ is a highly desirable target for someone to go after. I agree with your sentiment. But a computer that has never touched the internet has no attack surface. The only attack vector is the autorun-USB vulnerabilities when using a USB key for moving tx data back and forth. It's a small surface, but it is theoretically exploitable. That's why I brought up the USB-serial connection, which reduces that attack surface to zero (barring compromised software updates), because there is no way to induce remote-code execution through the serial cable. EDIT: last sentence is true given a couple basic precautions taken on the offline system. And the entirety of the above is true given that the software was designed "correctly."I designed Armory specifically for the easiest cold storage capability possible. And most people either have an old spare laptop sitting around waiting to be junked, or can get one from a neighbor/friend/coworker for free. The program walks you through the process, and unlike other solutions, you get a watching-only wallet on your online computer so you can still generate addresses and monitor your balance and transactions, without the risk of someone getting the private keys. I love Armory, and I think it is the easiest possible solution for much of the current bitcoin crowd, but I think the time is approaching that we'll need to begin developing for our parents and less-tech-savvy friends. I know lots of people, even among my cohort, who don't have spare computers sitting around, and even if they did they wouldn't be able to setup an offline Armory wallet. Edit: BTW, you've got PM.
|
|
|
can someone summarize Bitcoinica's situation?
The guys taking a break from sorting your claims out this weekend, Patrick rigged up some nifty outdoor wiring for them Nahh that must be their backup storage. Bitcoin mining? so nobody's got their money back? As far as I know, no. At this point it's doubtful anyone will. There's a good chance this will go down as the largest bitcoin heist ever. oh, that is ugly. i wouldn't want to be Zhoutong or BitcoinConsultancy. Well, it's a bit of a toss up. I guess it depends on whether and to what extent legal action is organized against them. If not, then they just "made" a lot of money.
|
|
|
can someone summarize Bitcoinica's situation?
The guys taking a break from sorting your claims out this weekend, Patrick rigged up some nifty outdoor wiring for them Nahh that must be their backup storage. Bitcoin mining? so nobody's got their money back? As far as I know, no. At this point it's doubtful anyone will. There's a good chance this will go down as the largest bitcoin heist ever.
|
|
|
Again with the walls... They come, they go, unless you know in advance where they will show or drop it's not tradeable.
Market makers adjust the depth of their limit orders to the rate of market orders (usually). Thin depth on one side indicates high demand and low supply. As short-term signals they are as good as anything else, probably one of the best. Who can deny that the recent action is due to the massive bid wall? Nobody knows anything in advance (except insiders). What's more tradable than walls? Quantitative probability... I suppose you're right. And if you calculate that for the rest of us mere mortals, you can use it to give us... walls. I have, and it hurt my profits. I'm glad you're back.
|
|
|
can someone summarize Bitcoinica's situation?
|
|
|
You are patting your self for predicting a dump that didnt move the price... Good job?
A journey of a thousand miles begins with a single step. Or something like that.
|
|
|
That was quicker than expected bid wall now three times the size of the asks. When things look like this on the depth chart I get suspicious of an impending dump. Someone Just did. <pats self on back>
|
|
|
in videogames? It mentions bitcoin later, I guess there will be a difference between crypto cash and game cash like in farmville. Like Gold is bitcoins and paper money would be equal to farmville cash. I need to diversify into FarmVille cash.
|
|
|
That was quicker than expected bid wall now three times the size of the asks. When things look like this on the depth chart I get suspicious of an impending dump.
|
|
|
Doesn't look like this is going well...
|
|
|
If your dealing with less then 10k btc, standard client with encryption on a computer deemed "safe" is probably all right..
The number of peeps who have lost btc to keylogger trojans that stole the encryption key is very small...
I primarily want offline storage in the case of hard drive failure. Just copy the wallet.dat to a thumbdrive and store it offsite. Or create a paper wallet, laminate it, and store it offsite in a safe. or create a paper wallet, memoriz the key and destroy the paper Store your savings in your head! Or SHA256 a passphrase to create a private key and don't forget the passphrase.This is the digital equivalent of just leaving money on the floor, BTW. Nobody wants to pick it up? Pffff, fine, I'll pick my money up.
|
|
|
If your dealing with less then 10k btc, standard client with encryption on a computer deemed "safe" is probably all right..
The number of peeps who have lost btc to keylogger trojans that stole the encryption key is very small...
I primarily want offline storage in the case of hard drive failure. Just copy the wallet.dat to a thumbdrive and store it offsite. Or create a paper wallet, laminate it, and store it offsite in a safe. or create a paper wallet, memoriz the key and destroy the paper Store your savings in your head! Or SHA256 a passphrase to create a private key and don't forget the passphrase.This is the digital equivalent of just leaving money on the floor, BTW. Nobody wants to pick it up?
|
|
|
If your dealing with less then 10k btc, standard client with encryption on a computer deemed "safe" is probably all right..
The number of peeps who have lost btc to keylogger trojans that stole the encryption key is very small...
I primarily want offline storage in the case of hard drive failure. Just copy the wallet.dat to a thumbdrive and store it offsite. Or create a paper wallet, laminate it, and store it offsite in a safe. or create a paper wallet, memoriz the key and destroy the paper Store your savings in your head! Or SHA256 a passphrase to create a private key and don't forget the passphrase.
|
|
|
If your dealing with less then 10k btc, standard client with encryption on a computer deemed "safe" is probably all right..
The number of peeps who have lost btc to keylogger trojans that stole the encryption key is very small...
I primarily want offline storage in the case of hard drive failure. Just copy the wallet.dat to a thumbdrive and store it offsite. Or create a paper wallet, laminate it, and store it offsite in a safe.
|
|
|
|