Author

Topic: Harware Wallet GK8 offering $250000 to hack it (Read 221 times)

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
February 02, 2020, 09:35:14 AM
#11
People can make their own version with laptop for sure.

And most likely probably far less secure than this hardware wallet, unless they're familiar with GNU/Linux and use laptop with hardware security (e.g. physical lock)
legendary
Activity: 2212
Merit: 7064
And most likely probably far less secure than this hardware wallet, unless they're familiar with GNU/Linux and use laptop with hardware security (e.g. physical lock)

And most likely nobody who uses only windows OS will NEVER try any hardware wallet building adventure in the first place
legendary
Activity: 2702
Merit: 4002
This amount is for marketing purposes and they will not make a payment if someone hacks that wallet or at least they will give more excuses like blocking physical access[1] and others.

I see a negative signal because whoever displays such an amount aims to make the customer feel that the device they are using is safe on the pretext that he is offering a huge amount that tempts any hacker to hack it and no one has succeeded ( like unhackable wallet offer[2].)


[1]
You CAN’T HACK what you CAN’T REACH
[2] 'Unhackable' BitFi crypto wallet has been hacked
legendary
Activity: 2212
Merit: 7064
This is how James Bond hardware wallet would look like, and I think that most people don't need this super-expensive solution.
People can make their own version with laptop for sure.
legendary
Activity: 2912
Merit: 6403
Blackjack.fun
I'm wondering if this is a one-way device that is broadcasting only what is that "exchange portfolio" in the picture with the amounts in $.
In theory, this thing shouldn't be able to get any information about the price unless through manual input, right?

When looking at it, it might be safe for hacking but that armored suitcase is like a honeypot for the 5$ wrench attackersGrin

Also, "military-grade physical protection"...."and Practical".

Whenever I hear the term military-grade protection my head and my back start to ache simultaneously.
To fit even a small laptop in a case that is both water-resistant and would no be opened like a tuna can by a cheap crowbar you will have at least 7-8 pounds of metal in that thing not counting anything else and this only for a 10inch one at best. Hardly "practical"







legendary
Activity: 2268
Merit: 18748
I don't want to compare how much better is HW from OP, than Bitfi which was in a category of "hacking for kids", but I know how easy is say that hacking was not successful and the bounty would not be paid.
Oh, don't get me wrong here, this looks way more professional than Bitfi, which was a glorified brainwallet and a truly terrible piece of hardware, which also initially lied about, and then completely cancelled, their bounty program so they wouldn't have to pay out. It looks like a well designed piece of hardware, but my main concern at this stage is that details on their website are so vague that we can't tell if they have actually created anything better than airgapping any old laptop.

I'm almost certain that no one is going to be able to hack this GK8 wallet, since from what we can tell it is essentially an airgapped device and it doesn't look like bounty participants are going to be given physical access to said device. It's the same as me saying to you "Hack my airgapped cold storage". All you can do is generate random private keys and wait for a match, and you'd be waiting until the heat death of the universe if you did that.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
It reminds me with another hardware wallet (unfortunately i forgot the name) who made similar claim and offer huge amount of bounty. Few managed to hack it, but the company deny the bounty with ridiculous reason and talk like scammer.

Tierney was one of the hackers behind the first Bitfi attack. The McAfee-backed company offered a $250,000 bounty for anyone who could carry out what its makers consider a “successful attack.” But Bitfi declined to pay out, arguing that the hack was outside the scope of the bounty, and instead resorted to posting threats on Twitter.

Is it a coincidence that it is the same amount of money or is it a popular amount that hackers get when they hack something? I don't want to compare how much better is HW from OP, than Bitfi which was in a category of "hacking for kids", but I know how easy is say that hacking was not successful and the bounty would not be paid. I noticed that they use words such as "up to", "may receive" or "a satisfactory explanation" which indicate that things are not quite as simple as they seem.
legendary
Activity: 2212
Merit: 7064
I also challenge everyone to hack my permanently airgapped wallet I only communicate with using QR codes, and I'll give you as long as you like to do it.

Are you also offering 250k bounty + 125k worth of Bitcoin if someone hacks your setup, like GK8 is doing?  Grin

Anyway I do expect to see come reactions from crypto community and hackers soon, like it happens with every new wallet, so I will follow this story.
legendary
Activity: 2268
Merit: 18748
I've spent a bit of time going through their website, and as far as I can tell, their wallet is simply an airgapped laptop inside a locked briefcase.

There's lot of flashy graphics and nice videos talking about how they are revolutionary and their innovations and all the rest of it, but it's very light on actual details. You can see their wallet on this page: https://www.gk8.io/product/. As you can see, it is essentially an airgapped laptop which signs the transactions, which are then transferred to their hot wallet to be broadcast.

The website states 5 patents, but I can only find one (https://patentscope.wipo.int/search/en/detail.jsf?docId=WO2019159172&docAn=IL2019050181), which again, doesn't contain anything particularly interesting or groundbreaking.

I don't know if I'm missing something here, but this doesn't seem like anything special. Unless there is something extra they haven't released the details of yet, then I (and many others) are already using this exact set up, minus the armor plating for the laptop. Of course their bounty program will be completely safe - I also challenge everyone to hack my permanently airgapped wallet I only communicate with using QR codes, and I'll give you as long as you like to do it.
legendary
Activity: 2212
Merit: 7064
I found interesting news information regarding new Hardware Wallet manufacturer offering big bounty reward  if you hack their wallet.
They claim it is ‘Totally Unhackable’ Cold Wallet and 'Hack-Proof Digital Vault' with no internet connection.

source:
https://www.theblockcrypto.com/linked/54071/crypto-gk8-offering-up-to-250k-in-bitcoin-if-someone-hacks-its-cold-wallet
https://www.gk8.io/bountyprogram/
Jump to: