Pages:
Author

Topic: Can Coinbase be hacked? - page 2. (Read 4975 times)

newbie
Activity: 20
Merit: 0
January 20, 2014, 01:54:33 AM
#29
I just use coinbase as a conduit for converting between BTC and USD.  I wouldn't use it as long term storage for significant quantities of currency because that increases the risk of shit happening.
newbie
Activity: 1
Merit: 0
January 20, 2014, 01:34:13 AM
#28
Yes, because the site itself could be hacked, not through an individuals account, but through various attacks through insecure code and services on coinbase itself.
hero member
Activity: 640
Merit: 500
January 20, 2014, 01:17:01 AM
#27
newbie
Activity: 9
Merit: 0
January 20, 2014, 12:52:21 AM
#26
no
full member
Activity: 238
Merit: 100
Kia ora!
January 20, 2014, 12:42:47 AM
#25
Is a password something like this complex enough

Akasha#5123&7623

Your password works out in theory to be a 104.87 bit password ( bits of entropy ), so thats a fairly difficult to crack password ( although I would not have so many numbers in a row like that ).

Theoretically, any password can be bruteforced, but just not in the real world.

example: Your password cracked in 58 years....
( 94^16 / 2 ) / ( 10^22 ) / 60 / 60 / 24 / 365.25 = 58 years at a 10 Sextillion hashes per second bruteforcing it.

Attackers are going to focus on the easy hacks first before ever trying out bruteforcing passwords. APIs, installable wallets, through to the yea old database code injection hacks would be the place most of them would start.
legendary
Activity: 868
Merit: 1000
January 19, 2014, 11:52:26 PM
#24
It seems they have an API vulnerability. Several accounts have been hacked.. So what is the safest way to store Bitcoin.. Paper wallet.. and if there is fire thats gone too ?
sr. member
Activity: 266
Merit: 250
December 13, 2013, 11:51:24 PM
#23
i dont think coinbase is safe at all. no hosted wallet is safe.

keep coins with 3rd parties at your own peril!
member
Activity: 112
Merit: 10
December 13, 2013, 11:47:55 PM
#22
Is a password something like this complex enough

Akasha#5123&7623
legendary
Activity: 2912
Merit: 6403
Blackjack.fun
December 13, 2013, 11:07:51 PM
#21
Hypothetically, any website can be hacked.

The question is how hard is it to do so.

For big, trusted companies like Coinbase, I think it is very unlikely someone will figure out how to hack them.

Big? Trusted?
How did you already come up with these words?
Have they existed for such a long period to label them as secure and trusted?

Also,far bigger and older companies have been hacked to promote Coinbase as impenetrable.
sr. member
Activity: 266
Merit: 250
December 13, 2013, 10:11:29 PM
#20
Not unless someone has both your password and your phone; otherwise, no.

Ok thanks good to know. I am treading into BTC. Just hearing about all sorts of scams and hacking I just want to protect myself.

I would prefer 3 factor ID, password, yubiKEY, and google authenticator.

That is still 2 factor.  Password is something you know.  The yubi key and google auth is something you have.  To get third factor you must include something you are (Bio metrics).
biometric -- that's what i want! Grin
mjc
hero member
Activity: 588
Merit: 500
Available on Kindle
December 13, 2013, 10:10:05 PM
#19
Not unless someone has both your password and your phone; otherwise, no.

Ok thanks good to know. I am treading into BTC. Just hearing about all sorts of scams and hacking I just want to protect myself.

I would prefer 3 factor ID, password, yubiKEY, and google authenticator.

That is still 2 factor.  Password is something you know.  The yubi key and google auth is something you have.  To get third factor you must include something you are (Bio metrics).
mjc
hero member
Activity: 588
Merit: 500
Available on Kindle
December 13, 2013, 10:06:46 PM
#18
Hypothetically, any website can be hacked.

The question is how hard is it to do so.

For big, trusted companies like Coinbase, I think it is very unlikely someone will figure out how to hack them.

I think Sony was bigger and more trusted.
sr. member
Activity: 266
Merit: 250
December 13, 2013, 09:55:24 PM
#17
yes, of course, anything can be hacked. security is just a deterrent...... but your're fine, from the sound of it

if you have coins, withdraw to a wallet you control, though. no reason to leave em in a hosted wallet. that's asking for trouble
full member
Activity: 238
Merit: 100
December 13, 2013, 09:53:19 PM
#16
Hypothetically, any website can be hacked.

The question is how hard is it to do so.

For big, trusted companies like Coinbase, I think it is very unlikely someone will figure out how to hack them.
mjc
hero member
Activity: 588
Merit: 500
Available on Kindle
December 13, 2013, 09:44:55 PM
#15
coinbase has very good intentions to be hackerproof, they mention empleyees are security cleared. If they have implemented what they say, it is quite secure. It is best to be couscious though.

Just because someone security cleared doesn't mean they know how to write secure code.  As a CEH & OSCP I regularly get through apps written by very security conscience developers/project teams.

MFA protects you from yourself and the likelihood that your system will be compromised.  

As for the security of the system, defense in depth and design and development with a focus on security goes a long way.  Were talking typical infrastructure security like Firewalls, IDS/IPS, WFA and the such are just not enough.  

Typically systems are built to meet the business need.  Business defines functionality, then use cases and test cases are written.  They tend to forget about the abuse cases, and that is when I can get in.  

What needs to happen in addition to all the infrastructure security, is that non functional requirements like security are considered from the beginning and developers are trained in defensive software development, designers trained in such things as threat modelling, business owners place as much focus on security testing as they do on functional, performance and UAT testing.  Then you stand a chance.

So, it's as secure as they allow it to be.  They will always claim it is secure, but the truth is in the pudding.  I have no idea if they are or they are not.  I certainly hope they are as I know many people rely on them.
newbie
Activity: 7
Merit: 0
December 13, 2013, 09:37:26 PM
#14
Though sites have been working hard to counter hackers, every sites may be hacked.
It would be better to store your funds in your offline wallet.
mjc
hero member
Activity: 588
Merit: 500
Available on Kindle
December 13, 2013, 09:33:56 PM
#13
Any place can be hacked.  Two factor auth will prevent you from bring hacked with a keystroke logger.  The hacker will need your password "Something you know" and the google auth app on your phone "Something you have" in order to access your account. 
newbie
Activity: 3
Merit: 0
December 13, 2013, 09:32:04 PM
#12
mobile sms can hack, password too.
But it is very expensive to hack sms.
hacking password is very much depends on its complexity.
And of course viruses - they like windows and windows like them.
full member
Activity: 140
Merit: 100
December 13, 2013, 09:29:44 PM
#11
I log in on my laptop which is fairly secure and smart phone android.

SMS verification on smart phone may be problem, especially when you are connected to internet with it and browsing or playing variety of games - it can be compromised
newbie
Activity: 48
Merit: 0
December 13, 2013, 09:18:18 PM
#10
coinbase has very good intentions to be hackerproof, they mention empleyees are security cleared. If they have implemented what they say, it is quite secure. It is best to be couscious though.
Pages:
Jump to: