Topic: Is Cryptsy more evidence that it is impossible to really secure crypto? - page 2. (Read 2003 times)

There are to many other exchanges (more big, more important or less big and less important than Cryptsy) that are not hacked never. Why such importance to this exchange. Much more banks have been object of thieves and never is put in discussion their existence. Why be put in discussion the security of crypto exchanges as a Institution where is changed and traded another kind of currency but yet is money? Why must be different this case by the case of the stolen banks? Have seen various threads today which treat this matter and absolutely all treat this case with fatalism. One for bitcoin, another one for the exchanges another third for all the cryptos and so on. Why this point of view?

We're probably all a little guilty of it.  I always told myself I'd never leave any significant sums on an exchange, but my limit seems to be gradually creeping up.  It started as "I'll never leave more than $20 on there", then it became $50, now I'm above that too, heh.  But yeah, if you've got more than you're willing to lose on an exchange or a webwallet, cut that shit out and withdraw to a secure wallet where you hold the private keys ASAP.

I've been on a bit of a DS9 binge as of late, so finding this quite fitting:   

Or use a hardware wallet (like Trezor) – not only it's safer, but the need for only one paper backup is a really nice thing (the same applies to Electrum). Before Trezor I used to use Electrum on an off-line laptop for signing and had a watch-only wallet on-line (although transfering transactions back and forth via USB was a bit tiring ;c)).

good information, some of this is new to me and advanced.  I will start googling. I have a spare laptop that I could dedicate to this.

this only proves that people are stupid and "ignorant".
it has been said over and over "do not trust exchangers" and "do not keep your money and coins in their pocket".
it is not the first exchanger to allegedly get hacked and it is not going to be the last. this has nothing to do with crypto security!

No, it's more proof that Bitcoin businesses are being operated by inexperienced children and crooks. It has nothing to do with securing Bitcoin. Just because Cryptsy is gone doesn't mean I've lost anything.

I guess what I'm saying is in cases like Mt Gox or Cryptsy - the failure isn't crypto, the failure is human error in not taking advantage of the protection crypto has to offer (full control of your private keys)

Stop keeping thousands/millions (value in $) of your money on random websites online. Have you learned nothing from Inputs.io, Mt. Gox? This has nothing to do with Crypto, but rather the service. Crypto works and can be easily secured.

I have never had any bitcoins stolen from me. I have had USD stolen from me from PayPal.

Crypto works.

With respect to online wallets - the advice has ALWAYS been never keep very much in them.

I currently only use coinbase. It is possible my bitcoins there will be stolen. But I have this rule :

A) Never have more than 20% of my liquid bitcoins in coinbase
B) Never have more than $650 USD in coinbase

I define "liquid" bitcoins as bitcoins that are not in a cold address (paper wallet)

With that philosophy, I will never lose more than $650 and honestly rarely even that much is at risk, right now I have less than $10 USD there.

If you keep the bulk of your bitcoins that you are not planning to spend in properly generated cold addresses, they won't be stolen.

For bitcoins not in a cold address, if you keep the bulk of them in a full node wallet on an inexpensive PC that is dedicated to bitcoin and not used for other things (such as browsing this forum) - they won't be stolen. I personally use the standard bitcoin-qt client for that running in CentOS 7 but the actual distro is not terribly important. Point is Linux with no flash / java and only using the browser for business (pay bills in bitcoin, transfer purchased bitcoin out of coinbase to a generated address) then the risk of malware is extremely low.

Good idea to run unbound on the bitcoin machine but only listening on localhost. That helps protects it from DNS spoofing, but that's an advanced topic.

An Intel NUC is good for this. Cheap, small, low power. Samsung 250GB M.2 SSD gives plenty of room for the blockchain to grow. 8 GB (2x4) is enough. Use 64 bit distro.

Running full node client with bitcoin-qt also helps protect the bitcoin network. More people should. And use bitcoin-qt (you can run Armory to interface with the blockchain if you want)

no exchange should have any hotwallet (on same server as the website front end)
there is no excuses,

there are multiple ways of implementations, while protecting the remote transaction processor (cold wallet)

Few weeks ago I compiled a list of cracked cryptocurrency exchanges. Quite huge numbers...

call it unregulated market, jungle.

there are such things in a regulated market as well but in an unregulated one?

BTC is a HIGH RISK investment. it's like you invest in a ponzy scheme and then you complain that someone took your money.

Well, you should have known Bitcoin is manipulated and there a huge risk to lose the money.

I find it suspicious that their cold storage got hacked along with the hot wallet. Practically, exchanges should at no time keep more than 10-30% of their total amount in the hot wallets and for a better security, keep wallet files and clients separate. It is fairly easy for exchanges to manage security as long as they create their cold storage address and spend it securely. They didn't AFAIK, done any proof of solvency which would've proved their insolvency.

Nothing can be secured from a man's hunger to scam. I don't believe they were hacked and coins were stolen. This is all a big fat alibi to save their ass. Its getting too easy, do an exit scam, call it a theft.

It was a fraudulent scheme from the start, warnings where put out

scam acussations go back for years

IMO yeah, pretty much.  Even a very secure system is ultimately dependent on the employees, so will always be susceptible to an inside job.  One of the selling points of crypto, the non-reversibility, ends up being the flaw for these sorts of situations.  Even the NSA can't secure their systems so I don't see this problem going away.

Now they have declared bankruptcy they are liquidating some coin

waited for a nice price too,

It's only evidence that ppl using crypto have no idea how to use em in secure manner.
Keeping BTC and bunch of scamcoins in same environment is just not something that anyone should ever do. It's like buying most secure doors and installing em, and in same time removing windows and leaving gaping holes to that same room. No...doors are fine, they are secure....

the site was fraudulent from the start,

no it's an evidence, that there is really no competitive exchange owner out there, they treat the cryptoscene, with too much negligence

they need to separate altcoin(scam coin) from bitcoin, when they do cold storage thing, altcoin must be put in a separted environment

i would ever do a virutal machine for every new alt, to feel really secure, this was the case for cryptsy

for bitstamp, they had problem with email/2fa, so again heavy incompetence there