 |
November 29, 2013, 08:08:33 PM |
|
Most major web sites (not just wallets) have several links of differing machines, each that can potentially have a vulnerability. When you connect to a web page, what you see on your browser is a web server. If it's a 'plain' web site, it talks on port 80, if it's HTTPS it talks on port 443. Just like your cable TV has one wire and hundreds of channels, networking can take place on one (or several) of 65535 ports (like channels).
The web server can be one machine, or it could be one of many in a rack. Ideally they are identical and have the same OS and updates on them. The web server(s) then typically talk to a backend database(s). This can also be one machine, or one of many in a rack. The web servers and the DB could be running different operating systems as well.
If it's a big place, they may have load balancers as well, to keep the traffic distributed between the various machines. They may have other machines to run mail services, and/or other machines to host FTP services. There can be other machines to hand out IP addresses (DHCP) if there is an office with some/many desktop PCs to be used.
They might not even be real PCs, many data centers and rent-a-server hosting places have 40-foot long cargo containers of servers, and the one you want to use may just be a virtual machine that is one of many. There can be dozens of different companies that are technically running on the same hardware.
This can be a lot of stuff to take care of, and most decent hosting centers handle the background OS and security updates. There is still the possibility of buggy code. The hardware and OS can be top-notch, but a careless developer may not parse inputs correctly, and the DB could be emptied with an SQL injection.
Or, somebody/anybody in the company could be lazy, and use their gmail/iTunes/whatever password as their admin password. A desktop PC that runs Windows can get a virus with a keylogger, even if the whole datacenter is 100% secure. If that password gets out, there's no need to break in, the attacker can just log in.
The point is, any modern large web site can be a lot of complex things to take care of, in addition to human error. It can provide a large amount of convenience to be able to do everything from your phone (for example). One of the great promises of bitcoin is the ability to be your own bank. Paper wallets or other cold storage are the ultimate in security, but they depend on you to keep it safe.
If you leave a paper wallet in your desk drawer, it could be just like leaving your life's saving in a drawer. It's still vulnerable to plain old-fashioned burglary/fire/flood. Unlike fiat life savings, with bitcoin you can make copies!
|
