I was reading more about it on Reddit and Coblee was going back and forth answering questions to doubters. It seems like the only way you can have this account compromised is in making it. If your computer is infected when setting up the multi-sig vault, that could be a big problem.
If your computer is clean during creation and you don't touch the account, nobody can steal your keys, not even the government and/or hacker doing everything they can to force Coinbase into moving them. It is just about as good as cold storage (but varies a little bit, but is much, much easier to create). If you are moving money out frequently then there seems to be some debate on if a serious hacker might be able to compromise the account, but even in that case, they still need to get your 2FA device and the owner of the account would have to miss emails and text messages being sent to them that there will be a withdrawal in 48 hours. A person can click a link from the text message or email to immediately cancel the transaction foiling the attacker.
I am convinced and have decided to put half of my Bitcoin in Coinbase's multi-sig vault.
For extra precaution, a person can boot ubuntu on a live DVD, use that to log-in to Coinbase when creating the vault (Chrome will needed to be added as Firefox isn't supported just yet). I just happen to have one of those DVD's in a box next to my computer right now, and even if a person doesn't have one, they are pretty easy to make.
Topic: Coinbase has a multi-sig vault. You now control the keys. - page 2. (Read 3155 times)
We all need to move toward multi-sig...great way for a lot of people to get their feet wet.
http://www.coindesk.com/coinbases-new-multisig-vault-gives-users-control-keys/
Some people over at reddit are complaining about this saying it isn't safe. As now there is a risk that the keys might be transferred over the internet and be intercepted.
I personally like the idea of knowing that Coinbase only has 1 of 3 keys stored in their database. It makes me feel safer. Just think had this been implemented at Gox. Or at a dozen of other exchanges/services that had hot wallets "hacked" and all the money disappeared.
I also feel a lot more comfortable with a company that designs a product so they can't have control over it. I feel like they are just going to be that much less likely to steal it and there is less risk of them getting hacked. Now a person would have to compromise Coinbase one time to get their key on the Coinbase end, and in between or on my end compromise my key/password and/or be live in the Coinbase system as I am logging in.
Any thoughts?
Some people over at reddit are complaining about this saying it isn't safe. As now there is a risk that the keys might be transferred over the internet and be intercepted.
I personally like the idea of knowing that Coinbase only has 1 of 3 keys stored in their database. It makes me feel safer. Just think had this been implemented at Gox. Or at a dozen of other exchanges/services that had hot wallets "hacked" and all the money disappeared.
I also feel a lot more comfortable with a company that designs a product so they can't have control over it. I feel like they are just going to be that much less likely to steal it and there is less risk of them getting hacked. Now a person would have to compromise Coinbase one time to get their key on the Coinbase end, and in between or on my end compromise my key/password and/or be live in the Coinbase system as I am logging in.
Any thoughts?
Jump to: