Ever since BitCoin appeared, I've been waiting for two security experts to venture detailed opinions on it: Dan Kaminsky and Ben Laurie. Dan has now weighed in, with a long, thoughtful piece on the merits and demerits of BitCoin as a currency and as a phenomenon.
Bitcoin’s fundamental principle of fraud management is one of denial. If we drop our wallet on the street, the U.S. government is not going to compensate us for our lost cash. Bitcoin attempts to make the same deal, to the point where it calls its stores of keys, “wallets.” If we drop our wallet on the street — heck, if someone picks it out of our pockets — the money’s gone.
There have been bitcoin thefts. A few years ago, I tried to break Bitcoin, and failed quite gloriously. The system and framework itself is preternaturally sound. But it too is built on the foundation of buggy technologies we call the internet, and so Bitcoin must experience failures from the code around it. Hackers don’t care whose code they broke on their way to bitcoin, any more than pickpockets care that they’re exploiting the manufacturer of one’s jeans or leather wallet. So they break the server below the money, or the web interface above it. They still win.
At least, that’s the theory. Reality is more complicated. Of all the millions of dollars of purloined bitcoin that’s floating around out there, not one Satoshi of it has been spent. That’s because while most other stolen property becomes relatively indistinguishable from its legitimate brethren, everybody knows the identity of this particular stolen wealth, and can track it until the end of time.
Bitcoin Is Not as Secure, Unregulated, or Lucrative as You Might Think
Yesterday, Dell was advising customers not to try to uninstall the bogus root certificate it had snuck onto their Windows machine, which would allow attackers to undetectably impersonate their work intranets, bank sites, or Google mail. Today, they apologized and offered an uninstaller — even as we’ve learned that at least one SCADA controller was […]
Last February, Lenovo shocked its security-conscious customers by pre-installing its own, self-signed root certificates on the machines it sold. These certificates, provided by a spyware advertising company called Superfish, made it possible for attackers create “secure” connections to undetectable fake versions of banking sites, corporate intranets, webmail providers, etc.
These knitted gloves are here to save the day (and your hands) with an ultra-comfy, double-layer that will allow you to stay warm and use your phone. Now you can take photos on the fly, text, Tinder, and more without letting freezing temperatures get in your way. Plus they work with all touchscreens, so no […]
Store more on your Mac with this microSD memory card adapter.
Carrying this EDC card is like slinging around a handheld toolbox wherever you go. Its minimal design is small enough to fit in your wallet’s billfold, and it’s TSA-compliant so you’ll never leave it behind. It’s got hex wrenches, metric and imperial rulers, flathead and Phillip’s screwdrivers, and a bottle opener so that you’re ready […]