Concerned About Bitcoin Security? Try This...

Tyler Durden's picture

Authored by Simon Black via SovereignMan.com,

It happened again. Last week, hackers stole 4,700 Bitcoins (over $80 million at today’s price) from mining marketplace NiceHash.

(The company pairs up people with spare computing power with others who are willing to pay to use that capacity to mine Bitcoin– and then announced they would reimburse users who lost money from the hack.)

On top of that, last month hackers stole $31 million of another cryptocurrency called Tether.

But those are only two recent attacks.

Remember Mt. Gox?

The Bitcoin exchange was founded 2010. By 2013, it was handling around 80% of all Bitcoin transactions.

Then the company halted all trading after “technical issues” caused 850,000 Bitcoins to go missing.

Those missing coins are worth over $15 billion at today’s price.

All of the crypto theft making people question the security of Bitcoin and other digital currencies.

But it’s important to remember, in these cases, “Bitcoin” didn’t get hacked… it was the exchanges or marketplaces that got hacked.

This happens almost every day; people unwittingly get their phones and emails hacked and end up losing their cryptocurrency in the process.

It reminds me of the early days of the Internet, back when WiFi was still a new thing and banks were just starting to provide online account access.

Back then, hacks were commonplace. Users didn’t know enough about wireless network security, and banks didn’t have SSL enabled… so hackers could easily ‘sniff’ data packets and steal bank login details.

Fast forward 10-15 years and all of that’s changed.

Most people at this point (hopefully) know how to secure their WiFi networks with WPA2 security or better, and banks employ much better security and encryption standards.

But with cryptocurrencies it’s still very Wild West out there, vastly increasing the chances of hacks, cracks, and theft.

You’d be amazed, for example, how many people use a ridiculously unsecure password like “123456” for a website login that stores their Bitcoin secret key.

And even if hackers don’t steal your crypto, there’s still a chance you’ll lose it.

A friend of mine bought some Bitcoin in 2010 and stored it on a laptop. Then he threw the laptop away… along with all the Bitcoin. And there’s no way to get it back.

Like just about anything, all it takes is a little bit of education to prevent a major disaster from occurring.

One approach I encourage you to learn about for storing crypto is called “cold storage.”

Before I define cold storage, a bit of background if you’re unfamiliar with how the public key/private key system works.

A public key is a code available to anyone who trades cryptocurrency with you. A private key is a secret, alphanumeric number never to share with anyone.

Imagine a cryptocurrency public key is your home address. That address is in just about every public database imaginable, from the county clerk’s property registry to the local phone book.

And if you want someone to send you mail, you give them your address. Easy.

But the simple fact that someone has your home address doesn’t give them access to the inside of your house, and the contents within it.

No, for that, they’ll need your house key. And that’s essentially what your crypto private key is: something that allows only you to access the property.

So: public key = home mailing address, private key = house key.

Clearly it makes sense to safeguard your house key. You wouldn’t make copies and distribute them in public to everyone who walks by.

Similarly it makes sense to safeguard your private key (sometimes called secret key).

When you store your cryptocurrency with an exchange, or even in a web or mobile wallet, it means that some other service or application has control of your private key.

If they get hacked, you’ll lose everything. If they go rogue, you’ll lose everything.

I’m always amazed that so many people store crypto in this way.

Part of the benefit of holding crypto is that you can essentially be your own banker, i.e. there is no middle man between you and your savings.

Bottom line, you don’t need some website storing your key online for you. With a bit of education, it’s possible to create your own wallet and store the private key -offline-.

This is what’s known as cold storage.

Bear in mind that a private key is nothing more than a string of digits, something like

5Kb8kLf9zgWQnogidRq76MzPL6TsZZY36hWXMssSzNydYXYB9KF

If you really wanted you could simply write this down on a piece of paper, or even memorize it if you’re so inclined (though those methods are prone to errors).

But one safer option is to go to a site like bitaddress.org, which is a client-side application to create a public/private key pair.

This is important, because once you load the page you can actually disconnect your computer from the Internet entirely, ensuring that no one is spying or sniffing on your activity.

(There are other steps you can take to be even more secure, like setting up a stand-alone virtual machine solely for creating a wallet– but we’ll save those for another time.)

The page will go through a process to generate a key, and when prompted, you can choose the “paper wallet” option.

At that point you can simply print your paper wallet, put it in your home safe (or wherever you store your other valuables), and never give it to anyone.

Once you’ve secured your paper wallet in your safe, the bulk of your crypto wealth is offline and safe from computer glitches or hacks.

And the next time some poor soul loses his hard drive… or another major Bitcoin exchange gets hacked… you can rest assured that your crypto wealth is safe.

*  *  *

If you are interested in speculating in Cryptocurrencies, I encourage you to download our free Crypto Currency Report - A Different Perspective on Crypto. More and more people want to dive into crypto currencies and everyone’s focus is on Bitcoin’s price. But, the price is not what matters... I see so many people make the same wrong assumptions and mistakes that could be fatal to their capital. That’s why my team and I have written this special report where I share a different perspective on cryptocurrencies .

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
chickadee's picture
Poloz says Canada’s economy in ‘sweet spot’; warns of cryptocurrency’s allure

https://www.theglobeandmail.com/report-on-business/economy/poloz-says-ca...

knukles's picture

That's right.  It was my unallocated nonexistent fake Wolfram leaded gold bars that got looted, not my brokerage account

auricle's picture

This article could have been reduced to one sentence. 'Always store your digital wallet offline'. 

Pinto Currency's picture

Unless someone has a port sniffer catching all of your digits when you send / receive them and then hack that data.

Son of Captain Nemo's picture

Or perhaps an "out of band" managed Buttcoin network will be the next of "CEO" Satoshi' (who we still don't know) Nokamuro's winning "band aids"!...

But seriously...

Both your's and PCs comment(s) raise the question(s) with sarcasm that anything of value MOST IMPORTANTLY money has to be regulated by some group that has integrity that is a KNOWN QUANTITY be they a government, "independent governing workgroup"/organization or corporation that is liable when things go wrong with what they are PEDDLING, if it is to pass the smell test of a medium of exchange!...

P.S.

When "Segwit2x" is fully licensed with a warranty agreement in case of breakdown "Buttcoin" will remain "Buttcoin" and twice as smelly!!!

Rex Andrus's picture

You did double get indemnity on your eh gold bars from Allianz Global Risks US, Employers Insurance of Wausau, Industrial Risk Insurers, Royal Indemnity, Swiss RE, Travelers. and Zurich American Insurance, right? Right? We fix documents... 

Raffie's picture

If anyone doing online xfers of anyh kind of money shjould use a VPN client and wireless VPN is more important to adding an extra layer of protection. 

giorgioorwell's picture

The fact that the last step of this article is still to print it out on a piece of paper and store in your home safe, is exactly why cryptocurrencies have a huge security issue if they are trying to act as a currency.

herkomilchen's picture

The safest choice is memorize it.

giorgioorwell's picture

Yeah, I'd like to see you memorize a 64 character long private key

Appreciated Chelsea Clinton's picture

Thank you, Mr. Darwin (or whatever old motherfucker your picture depicts).

NoDebt's picture

It's not really that big a deal.  You have an online "wallet" and an offline "wallet".  You keep what you need to transact your business in your online wallet, the rest stays offline.  

Like in real life, you could easily be mugged while out in public and lose the contents of the wallet you keep in your back pocket.  That money is gone.  But you don't carry around every dollar you've ever saved in your back pocket.

 

giorgioorwell's picture

Of course you're not going to walk around with your paper bitcoin key, that's not the point.... This offline wallet it exactly the same as the risk of storing mass amounts of cash in your home, and possibly even riskier unless you are printing on some kind water and fire resistant paper.

That is at least a smalll part of why banks exist and are insured because it's incredibly risky to store large amounts of paper cash in your home.  Theft, fire, flooding, and virtually no "home safe" is theft proof.  

At least if you are going the gold bug route you can bury it somewhere and it's not burnable, dissolvable.

 

 

 

 

 

 

Kilroyishere's picture

At least I can pull my .45 Glock and ventilate the perp on the sidewalk that tries to rob me.

With hackers, it will happen when you least expect it and there is nothing you can do.  99% of the time they remain anonymous.

When was the last time you heard of a major hacker being jailed?

iconoclast63's picture

It's no different than storing cash at home. Anyone who thinks the bank is the safest place to store your money is not a student of history. Think of those who held more than the insured amounts in the rash of failures after 2008. I know one case in particular where an elderly widow was encouraged to buy a single CD for $600k from IndyMac, only to have the bank fail and be auctioned off to JP Morgan a few weeks later. She took a loss of $500k. The fact is that holding cash in your hand is safer than putting it into a bank or other kind of corporate system. 

giorgioorwell's picture

That's hilarious if you are storing hundreds of thousands of cash dollars in your home..

Kilroyishere's picture

Not really.  In a 600 lb safe bolted with all-thread in concrete is very likely the best place for it.

Although, if interest rates were at a profitable level then I would keep it all in a bank.  It's worth it then.

Erek's picture

Excuse me!

"A friend of mine bought some Bitcoin in 2010 and stored it on a laptop. Then he threw the laptop away… along with all the Bitcoin. And there’s no way to get it back."

It's hard to believe this story. There's been a couple of these storys floating around now.

It's hard to believe, if the story is true, that there was no back-ups made? Who just throws out a computer without first removing programs and important information?

I want to know who this guy is. I want to sell him some prime acerage ten miles east of Miami.

detached.amusement's picture

probably someone that uses 1-2-3-4-5 as the combination to their luggage...or worse, air supply, lol...fkn druids

Stuck on Zero's picture

That person who lost the laptop was the one who ran computer security for OPM, Deloitte, Equifax, Anthem, Adobe, AOL, Yahoo, etc.

https://en.wikipedia.org/wiki/List_of_data_breaches

Your data is not secure. Ever. Bank on it.

Erek's picture

Is this maybe the same clown who supposedly (I don't believe it) trashed his computer/harddrive and now wants to dig up a whole landfill?

adr's picture

You have to understand that in 2010 Bitcoin was worthless and nobody thought Bitcoin would be worth $1000 each, let alone $15k. It was a trash bit you got for testing the hash power of your computer. It would be like getting a crypto coin for running a speed test for your broadband. 

What is hysterical is the use case and utility of Bitcoin is actually worse than in 2010 and it shouldn't be worth a penny. Bitcoin is terrible for its intended purpose, yet fantastic for its speculative greater fool chasing value.

Mine Is Bigger's picture

Well, it could be just like those boating accidents we used to have a lot of back when people were haveily buying into presious metals.

Utopia Planitia's picture

Oh, I can tell you a multitude of stories like that.  Including companies upgrading their employees laptops and making no effort to do backups before the clueless IT guy came by and took the laptop without advance warning, leaving the new replacement.  The startled employee went through Hell trying to track down the purloined laptop but was told THEY were the problem, not the IT procedure.  I happened to be traveling overseas and hence was spared the excitement for myself.  But I did witness it happening to several people in another department when I got back.  Do you think anybody in Mgt or IT listened for one second about what stupidity they were doing?  No. It was all YOUR fault.  This was a LARGE company, and they had NO CORPORATE BACKUP capability at all.  Everything was naked.  Go figure.  (they are still in business but I left because of the ongoing corporate stupidity)  I also know things like this happening to private individuals.  Remember that not everybody is IT aware.  People have this idea that the information is stored someplace and they don't have to worry about it.  It is like magic to them.  You have to be really interested in understanding the technology and take time to educate yourself in how to use it properly to prevent that from happening.  Many are not interested enough to even think about it.

Iconoclast421's picture

It's not that hard to believe when the coins were only worth a couple dollars at the time. I lost the coin I mined in 2011. Big whoop. It's not like I lost 20 grand. I would have sold it long long ago either way.

crazybob369's picture

It was the plot of a Big Bang Theory episode recently.

Appreciated Chelsea Clinton's picture

That's the scariest part about crypto in my opinion. If you cold store, what if the device/software becomes outdated? Or what if the device goes missing? If you leave it on an exchange, what if it gets hacked? Yet, I am being told to print in on a piece of fiat-like paper......    I have a hard time trusting what the safest mechanism truly is.

Madison's_Ghost's picture

Not sure why you would let your firmware get out of date, but if you are cold storing on a hardware wallet, it doesnt matter is the wallet gets destroyed or stolen.  You buy a new wallet, activate it using your security key and it pulls you info about what you had in it back off the block-chain.  You coins aren't actually stored on your device, they are written all over the distributed ledge, and can be reconstituted at any time for the person holding the keys.

You could also print your keys to a paper-wallet and store them in a safe deposit box.

11b40's picture

You aren't very self-reliant, are you?  Scary habving to be responsible for your own security, isn't it?

Erek's picture

I'd hate to see this guy in an SHTF situation.

Appreciated Chelsea Clinton's picture

I didn't realize a lack of self-reliance results from a lack of confidence in using any avaliable method to "safely" store crypto. Thank you for that information. Go build a sand castle underwater.

Earl of Chiswick's picture

" the scariest part about crypto in my opinion. If you cold store"

you mean like when malware erases your hard drive?

cheech_wizard's picture

I suggest stone tablets.

Or face the evil of bit rot...

 

Madison's_Ghost's picture

"All of the crypto theft making people question the security of Bitcoin and other digital currencies."

You do realize this is like questioning the security of the US Dollar simply because somebody broke into your house and stole some cash, right?

Nature_Boy_Wooooo's picture

I'm no hacker but I can take an Arduino microcontroller with a stepper motor and very easily build and program a robot to spin the dial of a safe and try every number combination until it cracks your safe. Or just outright steal your safe.

I can't hack an encrypted Bitcoin wallet. Only the most intelligent hackers in the world could even consider the idea.

 

bluerivercard's picture
JSE Coin
Two reasons why JSE Coin is revolutionary and hopefully worth two minutes of your attention

1. Innovative online advertising model and competitor to Google adsense in a c$200 billion (2016) Global market.

Visitors to websites signed-up to JSECoin will start mining the coin in their web browser (as a low CPU and user approved process), earning the website owner revenue.
This means
-No more distracting and annoying adverts on the web page
-Faster website loading times
The JSE Coin product is a fast growing competitor to Google's Adsense in it's own right and a potential acquisition target for them in the future.
 
2. Anybody can mine JSE Coin using their web browser!

In the early days of Bitcoin, users were able to have fun mining the coin, earning money and securing the network using their home PCs or laptops.

Nowadays, Bitcoin mining is controlled by huge server farms using vast amounts of electricity. 
JSE Coin returns the fun and mining capability back into the hands of individual users.

To mine the coin, go to the website, set-up a free account and click on the 'Start Mining' button.
Refered link
https://jsecoin.com/?utm_source=referral&utm_campaign=aff270&utm_content=









cheech_wizard's picture

All virtual shit is only worth what the greater fool will pay you for it.

Don't be that greater fool. 

Nature_Boy_Wooooo's picture

That applies to everything.

That's a free market.

 

nope-1004's picture

His footer reads:

If you are interested in speculating in Cryptocurrencies, I encourage you to download our free Crypto Currency Report

We are stuck somewhere between dumb and dumber, as CB's issue endless fiat while greedy idiots try to capitalize on phantom wealth by speculation.  But they tell me it's not bigcoin going up, it's fiat going down.  lmao. 


Hkan's picture

Gold oldfashion safety online internet safe backup postcrash retirement enjoying good old expensive whiskey.

Whiskey an underestimated life booster asset. Dont ever forget...to have a great life.

gilhgvc's picture

it really doesn't matter HOW you lose your money....only that you lost it. so tell me again how it wasn't bitcoin it was the PLACES YOU STORE IT

11b40's picture

How could an online security service be safer than a personal hardware wallet?

 

Simon sez, Be sure to get your special report.

Theos's picture

ZH explains private key authentication... 

write it down and put it somewhere....

 

lol

 

Albertarocks's picture

Write it down and put it somewhere safe.  Somewhere where you won't forget where it is.  Better yet, give it to your cousin Vinnie who's in the slammer doing 5 years for aggravated buggery.  There's no safer place to hide your keys than in a jail.  And when you need that key, just go to the jail and visit Vinnie.

"What the fuck do you mean he escaped last week?"

adr's picture

So you need a private key to your huge stash, and another key to an online exchange you transfer to so you can actually spend or cash out your Bitcoin.

Here's the problem. To actually cash out you will need to keep the key with the exchange while you wait for your dollars to transfer.

Say you want to cash out a few million. There is nothing stopping Coinbase from stealing your Bitcoin while they hold the key. You can't do anything with a piece of paper in your sock drawer.

Buy and hold might make sense. But that kills any real use for day to day Bitcoin transactions.

Nature_Boy_Wooooo's picture

As often as I see you posting on Bitcoin articles it is amazing the lack of understanding that you have.

If you put half of the effort trying to understand Bitcoin that you put into hating it.....you may actually find that you don't hate it so much.

 

besnook's picture

hard copy kept in several places is, ironically, the most secure but it is still the currency that dies when you die unless someone else knows about it.

ElTerco's picture

"But it’s important to remember, in these cases, “Bitcoin” didn’t get hacked… it was the exchanges or marketplaces that got hacked."

And since Bitcoin is anonymous and decentralized, there is no legal recourse for compensation for the loss. Any compensation is at the discretion of the exchange that gets hacked.

Quinvarius's picture

If your Bitcoin wallet got hacked, and the contents removed, bitcoin got hacked.  What exactly is a bitcoin hack supposed to look like?