The Bank of Bitcoin- The World's Most Secure Bitcoin Service- Unhackable!

[Kruncha]

[...]

I believe the idea is to make Bitcoin more accessible to the every day user - In the same way windows made PC's accessible (It doesn't mean it's the best, just an easy alternative).

K.

How is storing a wallet on a computer not "accessible to the every day user"?

I know a lot of people who don't grasp the concept (most actually ) of wallets/blockchains etc. They do use online banking though, and a comment I hear frequently is "I would love to try Bitcoin, but I'm not IT savvy enough." - I always try to explain they don't need to be, but fail...

I'm not condoning this enterprise, I can't say it's not a scam, I just like the idea of more people getting on board with Bitcoin.

K.

[btcfile]

I'd advise you drop the word unhackable from your communication. You can express the fact you have a strong focus on security without using that word. No need to claim the unclaimable, it will just backfire the day you are compromised.

[OpenYourEyes]

I'd advise you drop the word unhackable from your communication. You can express the fact you have a strong focus on security without using that word. No need to claim the unclaimable, it will just backfire the day you are compromised.

Didn't you hear the Titanic was unsinkable, and look how that turne...Oh, wait.

[wopwop]

That people still fall for this shit is pretty funny

May all fools lose their money to 'The Bank of Bitcoin' owners

[zkoynz]

hmmmmmmmmmm

[OpenYourEyes]

The OP sent me a picture of herself (with the web address/my name) which matches up with the image of the LinkedIn profile for Veronica Kearney posted above, so that may give some reassurance for some, and hey, there's no such thing as women scammers, right? 

[Inedible]

If you really see what's going on, you'll see there is no scam- just a good idea, and one that can inspire confidence in the Bitcoin fear-mongering skeptics, especially the ones that have no idea from a technical standpoint what they're talking about.

Kruncha- This is actually my first account, but my partners have been registered which is how I knew to post here. For the record, I did not do all of this by myself, but they want to stay behind the scenes for now. It's argued that because it was my idea, I have to be "the face".   As you can see, it's a joy as expected.

Scab- I'm not really clear on why lots of previous posts equals legitimacy, perhaps that reflects my noob status. And I'm not a dude!

Welsh- Check out the site, that's exactly what we allow you to do. Unlike other Bitcoin services, you and only you store your Private Keys. Most people don't use Bitcoin, let alone know how to use it. The Bank of Bitcoin provides a seamless, user-friendly way to create Paper Wallets and to accept payment, spend Bitcoins, and to transfer to other members out of your Paper Wallet (what we call Paper Vaults). We don't claim to keep them, we don't (and can't)! The idea is that you keep your Private Keys safe. At the same time, you don't have to run Bitcoin software, and creating the Paper Vaults takes seconds. Furthermore, as a Bank Member, you can spend your Bitcoins from any internet-connected device, given you have your Private Key on you. Convenience, security, and control of your Bitcoins. That's the idea.

I think part of the problem your'e facing is that not enough people understand how the paper wallet works.

The use of the word 'bank' has got people who react before they read to assume you're storing coins.

People are also made more sceptical by the fact that registration details are hidden in the whois info.

Sure, you probably don't want to give out your address but I think the minimum people will want is a physical office address where the philanthropists operate from.

You'll need to endlessly repeat yourself as more users come online tonight.

Take your time. Be patient.

A lot of the success of this venture is dependent on you remaining cool and collected. Your patiences will be tried but that's what you'll have to deal with.

As I mentioned in my previous post. There are 2 things you'll need to do at a minimum to convince 99% of the people here. There'll be 1% that won't believe you until you become part of their family so I wouldn't worry about them.

[Inedible]

This screams "scam" to me, but hey I could be wrong.

Good to be sceptical but even better if you could provide some reasoning for why you think it's a scam.

I'm always sceptical, well paranoid I should say.

A few things:

The whois information for the domain is private.

The site just has that 'scam' look (Can't explain what I mean by that)

The fact that the OP seems to have used an alter ego to promote the site, here, judging from the grammar/wording:
 Paper Vault is always in quotation marks; the hyphenation of certain words, which isn't common, or correct to use; and the fact that account only has one post promoting the site

The 'owner' of the site claims to be this person (woman) on LinkedIn, so if the OP can post a picture of themselves on here holding a note saying "Bank of Bitcoin", I'll shut my mouth: just to make sure they haven't set up a fake profile with a random photo to make it/them seem more legitimate.


As I say, I'm paranoid, so I could be wrong, but I'll be keeping away.

A poor design always looks a bit 'scammy' - it isn't necessarily so. A slick website can be a scam too. In fact a slick website is one of the better ways to scam because you then have people's confidence from the get-go.

You might accept a photo as proof of identification but there will be around 20% of the people here that will claim it's doctored (Photoshopped). The only way to satisfy these people will be a video which specifically answers one or two questions asked on this forum with today's newspaper and a redacted photo ID otherwise the hardcore will claim a photo of the ID has been photoshopped.

Edited: Clarified some details.

[Inedible]

The OP sent me a picture of herself (with the web address/my name) which matches up with the image of the LinkedIn profile for Veronica Kearney posted above, so that may give some reassurance for some, and hey, there's no such thing as women scammers, right?  

Better hide before people start saying you're an accomplice and demanding your ID too

Also:

a) Photo could have been doctored
b) Photo could have been taken ages ago
c) People have held up signs before without knowing what they mean

Edit: Grammar

[edd]

Claiming your service to be unhackable and then admitting

The website, our server, your PC indeed can all be hacked.

and

Although the Active Storage provides ultimate convenience, we advise keeping as little of your Bitcoins there as possible (or to transfer Bitcoins to Active Storage out of your Paper Vault only when you need to) for the simple fact that those Bitcoins are indeed handled by the Bank, and if the Bank server is hacked (despite our best efforts at security) they could be lost.

makes it seem to me that this might not be the best marketing approach.




Also, how is your method of generating public and private keys better than bitaddress.org and others? If you're going to claim that

Our programmers have developed the most (and perhaps only) completely secure Bitcoin service in the world.

you'll have to be more specific in explaining how it's better than other, very similar services using client-side javascript.

[Q789123]

I just lost $700 to eNumbered- don't want to try another small shady character

[kazriko]

Krazriko and Kruncha- Thanks very much for your understanding and input. Whenever we deal with Private Keys, nothing is sent or seen over the internet. Regarding the generation of your Private Keys, this is done on a page using client-side javascript and is never revealed online or transmitted in any way. Your Private Key is in fact not seen online, or by us. For someone to get into the system you referred to (the client-side webpage where you enter your Private Key), they would have to be hacked into your individual computer and watching what you were typing. When you want to create a transaction, you do enter the Private Key on your computer on the client-side webpage, and when you click submit the Private Key is not submitted- ONLY the transaction string and other public information, like your public Bitcoin Address as well as that of the recipient.

The webpage, including the java-script program, is sent over the internet onto the user's computer- and then, on the user's computer the Private Key is generated. However, if you're paranoid, once you clicked on the "Create Paper Vault" page, you could immediately disconnect your ethernet or wifi. You could even save the page, go offline, load the saved page and generate new keys. There really is no need for that, but if it makes you feel better then I guess it works

If they're online, code could be built in to send that key. You'd want someone to be able to verify that this isn't happening. The going offline method would be one way to do it, but there's always the possibility that the page they downloaded had some sort of back door. It would be nice to have some additional assurance, or some independent verification of that javascript program. Also, that still leaves you with the possibility that their system is hacked, and thus that private key would be available to those who hacked it. The same risk that you have with any other bitcoin wallet on their computer. (Though, slightly less as they would have to be hacked before they make the key, and they wouldn't be able to get it afterward unless it was stored in their caches somewhere.)

Furthermore, you don't have to send the whole contents of your Paper Wallet to your Active Wallet when you want to access your Bitcoins. You can choose exactly how much you want to send to the Active Wallet. I hope I addressed that concern, I had to contact one of our programmers to double-check that my reasoning was correct.  

That's true, you could do it that way, but you're opening yourself up to having the rest of the balance stolen if you don't use the entire balance. That's because every time they use that paper wallet, if the device they use it with is compromised then the private key will have been stolen. The only way to be sure that isn't the case is to dump the remaining funds into a new one that has never touched an online computer. Though, this is getting into the slightly more paranoid aspects of paper wallet security.

Only close-to-unhackable way is to use a OS image that has never been online to generate the wallet, then only use the private key for each wallet once. Then you're only worrying about weaknesses in the wallet generation software and OS that is used, and the security of those pieces of paper. That would take a much more sophisticated hack. (Similar to the one I was discussing above with verifying the javascript program independently)

Though, it does make me wonder. You're getting your 0.0001 fee per wallet generated, how do you enforce that? Do you just charge that per public key added to your system?

[TheBankofBitcoin.com]

edd - You bring up valid points, which I am happy to clarify.  I will address the comment about marketing first.

We are much more concerned about being completely honest about exactly what The Bank of Bitcoin does and how it works, including its security protocols, than in creating some sort of "slick" marketing campaign.  When we say that our "website, our server, your PC indeed can all be hacked," that is just the reality of modern computers.  Of course, while we have done everything in our knowledge and power to foil any hacking attempts to the absolute best of our ability, it is certainy within the realm of possibility.

Because ANY website can ultimately be hacked (off the top of my head I am aware the the site for the White House has been hacked in the past) we developed our Paper Vaults which CANNOT be hacked. This is why we recommend only keeping relatively small amounts of Bitcoins in your Active Storage, with the lion's share in your Paper Vaults.  As I mentioned earlier, in daily life you only keep a relatively small amount of cash in your wallet for "walking around money" and keep most of your savings in a bank, the same goes here...except that Paper Vaults are far more secure than even a government-regulated bank, because even the government could not confiscate bitcoins in a Paper Vault.

As for your last question about our claim of being "the most (and perhaps only) completely secure Bitoin service in the world," I will agree that  bitaddress.org is also completely secure...but somewhat less convenient.  In fact, we have modified the open-source code from bitaddress.org to perform certain Paper Vault functions.  So let me modify my original statement just a bit and say that we are tie for "most secure"...but then we win in terms of convenience!

[jimoc]

Bank of Bitcoin is to Unhackable as Titanic was to Unsinkable ....

[buddrulez]

There is no such thing as un hackable! Why are banks still dealing with millions of fraud cases each month?

[buddrulez]

And what happens when they torch your vault?!

[TheBankofBitcoin.com]

kazriko - You may realize that you can easily view "Page Source" from most browsers.  This makes it possible for anyone with the html and javascript savvy to simply examine the source code and verify that the Private Keys are never transmitted over the Internet.  Oe could also check the similarities between the page source of our Paper Vault pages and the open-source code available at bitaddress.org and in https://www.strongcoin.com/downloads/offlineTransaction.zip .  We have integrated these open-source tools into our own service in a way that makes them much more convenient use.  You can examine both our code and their code for yourself, if you like.

And yes, I would agree that if the user's computer is hacked or compromised (perhaps in a way which would allow a hacker to see everything the user does or types on his computer) then this would obviously introduce a security flaw.  I would like to point out that such a compromised computer would also be vulnerable in the event of dealing with traditional financial transactions as well.  We cannot guarantee the security of every computer in the world, but I would like to point out the the very security-concerned (maybe paranoid is too strong a word) could use a live-cd operating system for dealing with The Bank of Bitcoin, but that would apply to using any other online Bitcoin service as well.

As for the fee: we do not charge for creating a Paper Vault.  The 0.0001 BTC fee you referred to is for the creation of an additional Auxiliary Bitcoin Address for your Active Storage, not for a Paper Vault.  That fee (and all of our fees) is deducted from your Active Storage, never from Paper Vaults.  (It is inherently impossible to deduct fees from Paper Vaults, in fact.)

[kazriko]

kazriko - You may realize that you can easily view "Page Source" from most browsers.  This makes it possible for anyone with the html and javascript savvy to simply examine the source code and verify that the Private Keys are never transmitted over the Internet.  Oe could also check the similarities between the page source of our Paper Vault pages and the open-source code available at bitaddress.org and in https://www.strongcoin.com/downloads/offlineTransaction.zip .  We have integrated these open-source tools into our own service in a way that makes them much more convenient use.  You can examine both our code and their code for yourself, if you like.

And yes, I would agree that if the user's computer is hacked or compromised (perhaps in a way which would allow a hacker to see everything the user does or types on his computer) then this would obviously introduce a security flaw.  I would like to point out that such a compromised computer would also be vulnerable in the event of dealing with traditional financial transactions as well.  We cannot guarantee the security of every computer in the world, but I would like to point out the the very security-concerned (maybe paranoid is too strong a word) could use a live-cd operating system for dealing with The Bank of Bitcoin, but that would apply to using any other online Bitcoin service as well.

As for the fee: we do not charge for creating a Paper Vault.  The 0.0001 BTC fee you referred to is for the creation of an additional Auxiliary Bitcoin Address for your Active Storage, not for a Paper Vault.  That fee (and all of our fees) is deducted from your Active Storage, never from Paper Vaults.  (It is inherently impossible to deduct fees from Paper Vaults, in fact.)

Thanks for that. I probably wouldn't be able to spot anything like that myself in the Javascript code as I'm not anything like a cryptography professional. That's a pretty specialized field.

The offline transaction zip seems like it would be good for the hyper security conscious.

I don't think that I would have any uses for the site, but it is interesting. It's basically a hybrid between the pure paper model and things like coinbase.

[scab]

unhackable

That's basically an invite for everyone to go and try it.

http://www.volacci.com/files/imce-uploads/dont-push-button_0.jpg



Actually, the side looks nice and this may be a services that is needed not for us (still the vast majority) here, but for "Mainstream" users that are overchallenged with properly securing their coins them self.

That the community is by now very skeptic of such services is actually a very healthy thing.

As always, don't give any BTC to such services that you can't afford to loose.

If you are still around in ~1 Year and did not close, get hacked or run with the Deposits you have, then you will have the necessary legitimacy.

Lmao! I laughed.

[BTCoder]

lol your bank is not "unhackable" nothing is. You make yourself sound ignorant saying this.