Help me to understand Security breach with cryptocurrency

[laraveldeveloper]

Hi guys,

I am developer. i am trying to understand crypto currencies these days how it works. As we know bitcoin is a one of good example of blockchain into market with proof of work. I am confused with the term of Security breach and how to remove while working with blockchain.

[aleksej996]

Security breaches happen in every computer system, this has nothing specifically to do with Bitcoin or blockchain.

Bitcoin is secure and decentralized, it never suffered a significant attack.

News you have been hearing about refer to single central entities like centralized exchanges and online wallets.
They have nothing to do with Bitcoin except that they use it as everyone else, but when they get hacked hackers take their bitcoins.
Not much more to it really.

Just like robbery of some bank doesn't have anything to do with the currency that was stolen, security breaches have nothing to do with Bitcoin.

[bob123]

As a developer you need to build your whole system with security in mind.
There is no magic formula to create a secured system with a few lines of code.

The most obvious would be to be secured against all already-known attacks against web applications.
But since you can't rely on an attacker to only use already known vulnerabilities, you have to implement different 'security-levels' in your application.

A system which detects anomalies itself and blocks any fraudelent attempts to gain access to parts of your application where it is not allowed,
is something you definetely want to have.
Binance, for example, has such a system. Some 3rd party 'trading tool' captured API keys and tried to make money with pumping a specific coin on binance,
giving the attacker a lot of money.

Fortunately the system detected this attempt and instantly stopped all actions. This lead to normal users balance being restored and to a heavy (financial) loss for the attacker.

[Xynerise]

The bitcoin blockchain is pretty much secure
You shouldn't worry about that part.
The weak link in the  chain for users is in the private keys-- generating them properly, and storing them securely.

[Heisenberg_Hunter]

Btc and other cryptocurrencies were developed with keeping security in mind and it is one of the most secure where hackers can't hack them or perform a DDOS attack on the network. To prevent this, the 1MB block size was created by satoshi. One would never even think of breaking the SHA-256 algorithm as it is pretty much secure anyway. By even considering anonymity in mind, one could be anonymous by mixing their coins with a mixer service and usage of TOR can hide your IP and real locations.

A security breach can occur when the exchange gets hacked or the private key of the user gets exposed. So one should never have a huge amount in the exchanges which would be lost if the exchanges gets hacked. As exchanges don't give out your private keys to yourself, you will be losing your coins if the exchanges gets hacked and private keys are exposed. Hardware wallets are the most secure way to store your coins and the coins would be lost only if your wallet gets stolen.

[seoincorporation]

Hi guys,

I am developer. i am trying to understand crypto currencies these days how it works. As we know bitcoin is a one of good example of blockchain into market with proof of work. I am confused with the term of Security breach and how to remove while working with blockchain.

Maybe you'll find useful this article from the Bitcoin wiki https://en.bitcoin.it/wiki/Storing_bitcoins
Anyway, regarding the security, there are two faces: the system itself, which occurs to be secure, and the use by the people, which happens to be usually insecure. The blockchain network, per se, is almost impossible to get hacked. It should be needed a lot of money, so you can own the most part of the miners (try to imagine how much it would cost!!), in order to be able to make legit fraudulent transactions. So, the blockchain network, of course, is secure. The problem comes with the surrounding ecosystems, which lacks multifactor-authentication.

Regarding your question, I recommend for you to read this article https://stormpath.com/blog/4-challenges-multi-factor-authentication, this is about multifactor authentication and its different uses, and even discuss how difficult it is to be developed in java...

[bob123]

One would never even think of breaking the SHA-256 algorithm as it is pretty much secure anyway.

One does not really 'break' an hashing algorithm. It is more about finding collisions.
While it is true that no collision has been found yet, this does NOT mean this will also be the case in the future.

By even considering anonymity in mind, one could be anonymous by mixing their coins with a mixer service and usage of TOR can hide your IP and real locations.

While it is true that TOR does increase your privacy by routing through several nodes, it is wrong to assume that TOR alone does increase your privacy in such an amount
that you can't be traced anymore. You still can be traced (by powerful authorities) either via compromised exit nodes or meta data.

Hardware wallets are the most secure way to store your coins and the coins would be lost only if your wallet gets stolen.

I'd say hardware and paper wallets both have their pros and cons. Both are definetly a secure way to store coins.
But most hardware wallets do have a PIN which is required to unlock the device.
So, even if a hardware wallet gets stolen this does not mean your coins can be accessed (assuming the paper-backup of a seed does not get stolen).