I've just been robbed :-( - page 4. | Bitcointalksearch.org

Jutarul

donator

Activity: 994

Merit: 1000

Quote from: kokojie on September 29, 2012, 10:44:23 AM

Quote from: JoelKatz on September 29, 2012, 08:16:23 AM

Quote from: SuperHakka on September 29, 2012, 06:47:37 AM

Just to add that with bitcoin, responsibility lies in the hands of the users whereby with the normal currency, responsibility lies partly with the banks and partly with the users. In the case of money theft from a bank account, there is a good chance that the user would be fully reimbursed, even if the users were negligent. The people are dumbed down in this day and age to shy away from personal responsibility and always be finding someone else to blame, e.e. governments, banks, etc.

The problem is that there's no good way to keep your coins secure. It's not so much a matter of blame -- it's just that there's no good way to keep your coins secure. Every reasonable suggestion I've heard is so complicated it's just not practical. And there's no good way to balance being sure you don't lose access to your own coins with being sure nobody else gains access to them. This is one of the two biggets problems facing Bitcoin today.

Try this thought experiment: Reason out an explanation of how to securely hold thousands of dollars worth of Bitcoins such that a typical American adult with somewhat above average computer skills could understand the process and the reasoning behind each step.

blockchain.info wallet

The key is not being sure "nobody" gains access to them, the critical part is you know exactly who can potentially access them.

if you have your wallet on a computer somehow connected to the internet, it's pretty safe to assume it's accessible by anybody with the proper skill set to hack into computers. The only way to mitigate the risk is to make it unattractive for thiefs, i.e. the time they have to invest to hack into your system should NOT PAY OFF (i.e. keep the incentive low). That's why I don't understand that people store >$1000 in a hot wallet.

Some services don't have a choice and they have to have hot wallets connected to the internet. However, they usually employ multi-sig and other protective mechanisms.

It always makes me sad if honest users get robbed by petty thiefs. I think one of the mission statements of the bitcoin foundation was to facilitate user education. I think that's absolutely necessary.

kokojie

legendary

Activity: 1806

Merit: 1003

Quote from: JoelKatz on September 29, 2012, 08:16:23 AM

Quote from: SuperHakka on September 29, 2012, 06:47:37 AM

Just to add that with bitcoin, responsibility lies in the hands of the users whereby with the normal currency, responsibility lies partly with the banks and partly with the users. In the case of money theft from a bank account, there is a good chance that the user would be fully reimbursed, even if the users were negligent. The people are dumbed down in this day and age to shy away from personal responsibility and always be finding someone else to blame, e.e. governments, banks, etc.

The problem is that there's no good way to keep your coins secure. It's not so much a matter of blame -- it's just that there's no good way to keep your coins secure. Every reasonable suggestion I've heard is so complicated it's just not practical. And there's no good way to balance being sure you don't lose access to your own coins with being sure nobody else gains access to them. This is one of the two biggets problems facing Bitcoin today.

Try this thought experiment: Reason out an explanation of how to securely hold thousands of dollars worth of Bitcoins such that a typical American adult with somewhat above average computer skills could understand the process and the reasoning behind each step.

blockchain.info wallet

The key is not being sure "nobody" gains access to them, the critical part is you know exactly who can potentially access them.

Jutarul

donator

Activity: 994

Merit: 1000

Quote from: QuantumQrack on September 29, 2012, 10:23:38 AM

Bitcoin is an excellent social experiment in the depravity of people.

Bitcoin has to fight at two fronts right now. Governments & Regulations and Scammers & Hackers.
It's a bit depressing to see that it's more the Scammers & Hackers site of things which makes most users suffer.

That tells you something about the predatory attitude of people. We may have abolished cannibalism in the literal meaning, but we still have it in an economical sense.

QuantumQrack

sr. member

Activity: 337

Merit: 250

Bitcoin is an excellent social experiment in the depravity of people.

And to the OP. Sorry about the sick feeling in your stomach. You have to protect your balls..errr, coins man.

kasimir

newbie

Activity: 19

Merit: 0

I would certainly recommend wiping any machines you have, clearing any authorized SSH keys on any systems you have access to, and transferring any remaining coins you have to new wallets.

If somebody had SSH access to your system and knew a bit about bitcoins, I'm sure it wouldn't be a problem for them to find some local privilege escalation attack against your system and deeply embed themselves into your machine.

crazy_rabbit

legendary

Activity: 1204

Merit: 1001

RUM AND CARROTS: A PIRATE LIFE FOR ME

Quote from: ?? on ??

Quote from: Dansker on September 29, 2012, 08:58:06 AM

Quote from: ?? on ??

Sorry for your loss OP.

This makes me want to rethink again how I stole my BTC.

BREAKING NEWS: Goat admits to thievery! Wink

Lol.. I meant store

Freudian slip.

muyuu

donator

Activity: 980

Merit: 1000

Quote from: JoelKatz on September 29, 2012, 08:16:23 AM

Quote from: SuperHakka on September 29, 2012, 06:47:37 AM

Just to add that with bitcoin, responsibility lies in the hands of the users whereby with the normal currency, responsibility lies partly with the banks and partly with the users. In the case of money theft from a bank account, there is a good chance that the user would be fully reimbursed, even if the users were negligent. The people are dumbed down in this day and age to shy away from personal responsibility and always be finding someone else to blame, e.e. governments, banks, etc.

The problem is that there's no good way to keep your coins secure. It's not so much a matter of blame -- it's just that there's no good way to keep your coins secure. Every reasonable suggestion I've heard is so complicated it's just not practical. And there's no good way to balance being sure you don't lose access to your own coins with being sure nobody else gains access to them. This is one of the two biggets problems facing Bitcoin today.

Try this thought experiment: Reason out an explanation of how to securely hold thousands of dollars worth of Bitcoins such that a typical American adult with somewhat above average computer skills could understand the process and the reasoning behind each step.

The best I know is this: http://bitcoinarmory.com/index.php/using-offline-wallets-in-armory and possibly paper wallets (a different level of trust is needed).

Any simple solution will involve trust because the common folk won't be a cryptography expert. So maybe a bunch of paper wallets made offline by trustworthy code (or code reviewed by trustworthy people). Provided no single wallet storage holds too much, it should be fine...

arklan

legendary

Activity: 1778

Merit: 1008

Quote from: Jutarul on September 29, 2012, 08:59:40 AM

Quote from: JoelKatz on September 29, 2012, 08:50:51 AM

Quote from: ?? on ??

How do you keep fiat safe? That is not fool proof either. But I do agree Bitcoin still needs some time to mature. Thanks.

In many countries, banks are insured by government agencies. That's pretty close to fool proof. You can also hide fiat and/or lock it securely. Of course, that's not 100% reliable, but its risks are very easy to understand and not that difficult to reduce. People have many years of experience protecting fiat and have gotten very good at it. It's rare for a person to be a victim of a large theft of fiat.

What's so difficult to understand about a paper wallet?

for the technically/cryptographically clued in, probably not much. but the process of creating one in a truly secure offline manner is a whole different kettle of fish.

Jutarul

donator

Activity: 994

Merit: 1000

Quote from: JoelKatz on September 29, 2012, 08:50:51 AM

Quote from: ?? on ??

How do you keep fiat safe? That is not fool proof either. But I do agree Bitcoin still needs some time to mature. Thanks.

In many countries, banks are insured by government agencies. That's pretty close to fool proof. You can also hide fiat and/or lock it securely. Of course, that's not 100% reliable, but its risks are very easy to understand and not that difficult to reduce. People have many years of experience protecting fiat and have gotten very good at it. It's rare for a person to be a victim of a large theft of fiat.

What's so difficult to understand about a paper wallet?

Dansker

hero member

Activity: 740

Merit: 500

Hello world!

Quote from: ?? on ??

Sorry for your loss OP.

This makes me want to rethink again how I stole my BTC.

BREAKING NEWS: Goat admits to thievery! Wink

JoelKatz

legendary

Activity: 1596

Merit: 1012

Democracy is vulnerable to a 51% attack.

Quote from: ?? on ??

How do you keep fiat safe? That is not fool proof either. But I do agree Bitcoin still needs some time to mature. Thanks.

In many countries, banks are insured by government agencies. That's pretty close to fool proof. You can also hide fiat and/or lock it securely. Of course, that's not 100% reliable, but its risks are very easy to understand and not that difficult to reduce. People have many years of experience protecting fiat and have gotten very good at it. It's rare for a person to be a victim of a large theft of fiat.

Cdecker

hero member

Activity: 489

Merit: 504

Thanks mate, will add this to my gathered data for the police :-)
He has since then disappeared (reconnect?)

chmod755

legendary

Activity: 1400

Merit: 1020

I'll just leave this here:

http://blockchain.info/ip-address/178.140.220.181

http://www.bitbin.it/2gB4kcIa

JoelKatz

legendary

Activity: 1596

Merit: 1012

Democracy is vulnerable to a 51% attack.

Quote from: SuperHakka on September 29, 2012, 06:47:37 AM

Just to add that with bitcoin, responsibility lies in the hands of the users whereby with the normal currency, responsibility lies partly with the banks and partly with the users. In the case of money theft from a bank account, there is a good chance that the user would be fully reimbursed, even if the users were negligent. The people are dumbed down in this day and age to shy away from personal responsibility and always be finding someone else to blame, e.e. governments, banks, etc.

The problem is that there's no good way to keep your coins secure. It's not so much a matter of blame -- it's just that there's no good way to keep your coins secure. Every reasonable suggestion I've heard is so complicated it's just not practical. And there's no good way to balance being sure you don't lose access to your own coins with being sure nobody else gains access to them. This is one of the two biggets problems facing Bitcoin today.

Try this thought experiment: Reason out an explanation of how to securely hold thousands of dollars worth of Bitcoins such that a typical American adult with somewhat above average computer skills could understand the process and the reasoning behind each step.

arklan

legendary

Activity: 1778

Merit: 1008

sincerest sympathies.

this is precisely why every backup of my wallet i've ever done isn't stored in a readily indentifiable way. i hide the compressed and encrypted (password of over 20 characters) in another file type using a mostly forgotten about DOS command.

also it reminds me that i need to set up my brass plate etching equipment again to make "paper" wallets that are more durable.

SuperHakka

full member

Activity: 196

Merit: 100

Just to add that with bitcoin, responsibility lies in the hands of the users whereby with the normal currency, responsibility lies partly with the banks and partly with the users. In the case of money theft from a bank account, there is a good chance that the user would be fully reimbursed, even if the users were negligent. The people are dumbed down in this day and age to shy away from personal responsibilty and always be finding someone else to blame, e.e. governments, banks, etc.

SuperHakka

full member

Activity: 196

Merit: 100

Really sorry for the OP. There's not much one can say to help the situation. These kind of problems have got to be sorted out before BTC hits the mainstream. I get the feeling that on the average, we are here are quite tech savvy compared to the the normal guy. But if a granny had her wallet.dat stolen and the tabloid newspapers get hold of it, that would be a serious blow to the credibility of bitcoin and might be irreversible.

Gyrsur

legendary

Activity: 2856

Merit: 1518

Bitcoin Legal Tender Countries: 2 of 206

Quote from: Jutarul on September 29, 2012, 04:54:44 AM

Quote from: Cdecker on September 28, 2012, 04:10:39 PM

Well, just to prove that even long time members are not secure from being stupid. My wallet has just been cleared out:

At first I thought maybe it's just an old transaction that has only now been submitted, but I can't find any wallet of mine that owns those keys.

I had my wallet encrypted, but this was apparently an old backup of my wallet that I must have stored somewhere.

Any tips on what to do next? I'm still a bit fuzzy about the details. Can we blacklist those funds somehow?

8000 btc in a hotwallet... Was that necessary? Why didn't you consider cold storage?

advise, advise, advise... it's to late to blame him! I'm looking forward to get clear instructions from here:

Quote

Our Goals for 2013

So, what will we be doing in 2013 with the Bitcoin Foundation? We’ve set our eyes on accomplishing the following things:

Begin to pay Gavin’s salary and get him some budget for the core development team
Run a payments-oriented Silicon Valley Bitcoin Conference in the spring (Bitcoin 2013)
Publish a set of best practices for businesses transacting in Bitcoin, covering topics from accounting to physical and digital security
Create an opt-in certification process for Bitcoin businesses

Jutarul

donator

Activity: 994

Merit: 1000

Quote from: Cdecker on September 28, 2012, 04:10:39 PM

Well, just to prove that even long time members are not secure from being stupid. My wallet has just been cleared out:

At first I thought maybe it's just an old transaction that has only now been submitted, but I can't find any wallet of mine that owns those keys.

I had my wallet encrypted, but this was apparently an old backup of my wallet that I must have stored somewhere.

Any tips on what to do next? I'm still a bit fuzzy about the details. Can we blacklist those funds somehow?

8000 btc in a hotwallet... Was that necessary? Why didn't you consider cold storage?

Insu Dra

full member

Activity: 182

Merit: 100

Quote from: caffeinewriter on September 28, 2012, 10:13:55 PM

Quote from: Cdecker on September 28, 2012, 08:58:58 PM

If you still think you might have a rootkit, wipe your system clean. It's really the only surefire way to get rid of a rootkit.

I think after a disaster like this the only secure method is to reinstall all affected computers, make some images of the harddisk so you can still analyze what happend.

+1, don't try to fix a os if you think it might have a root kit.
Root kit cleaners are like anti virus software, they only clean what they know and recognize ....

Topic: I've just been robbed :-( - page 4. (Read 19185 times)