Topic: Old Fashioned Bank Heist: are the Exchanges Protected? (Read 2497 times)

This is brought up frequently (insurance), but it's just not that simple. It's too easy to fake a theft and get the insurance to cover it.

I'm not saying it's impossible, just saying that such an insurer would need a very high level of expertise to prevent himself from being cheated. The insurer would need to require the insured eWallet to implement tons of security measures, and perhaps even use multisignature techniques in order to keep some control of the coins, I don't know.

I still think that multi-signature wallets, in which the eWallet costumer has one half of the keys and the eWallet the other, is probably the best solution. This would probably rule out the "old-fashioned attacks" that OP talks about, and a hack ripping off the entire wallet would also be extremely difficult. The hacker would have to install some clever malware in the server that would infect the eWallet users' machines and silently collect their keys, to spend everything only once he has most of them. And even that could be prevented with a browser addon, as suggested by Stephen Thomas in his presentation yesterday at London.
With such architecture, insurance would also be much easier: the insurer can be sure that his client cannot steal all the money.

Welcome to Bitcoin, contributions of value are highly appreciated.

No, the exchanges keep all their cash in the file cabinet next to the server with the wallet you %$#...
Are you crazy or just stupid?  I bet it is stupid...

Aahahaha! Bitcoin users being wary of risks!? Really? 
I think you'd do really well in all of the Pirate / MNW / Ponzi topics. You'll see how aware the average bitcoin user is of risks...

you know what guys?

if anything, this proves to me that Bitcoin needs _MORE_ anonymity support and features.

This once again hightlights that bitcoin is PART of the real world, and not some sort of alternate universe.

Just like the CEO of a bank is not just sitting on a pile of cash in his own house, so should'nt exchanges.

Besides applying security in various forms, the exchanges also need to be insured against theft and the like.

Good points.

It's not all doom and gloom however.

These problems mean that when an operation gets too big, cold wallets get too large, it presents a target (from the outside and the inside).  Such operations will have trouble getting new customers to leave funds there as customers are wary of this risk.  Thus, these bugs with bitcoin (too much like a suitcase of money) are really another feature: to encourage a healthy ecosystem with many players and nobody getting too large. 

Sadly we are also going to see a lot people getting suckered by spam extortion. 

BTW I will destroy the entire bitcoin network unless there are 100 coins at this address by noon tomorrow:
1dontbeasucker123456789 

That isn't limited to exchanges though.  Why kidnap the family member of an exchange operator?  He/she may not even have access to the full value of wallet(s).  It would essentially be theft/embezzlement by the operator.  As exchanges get large enough hopefully they will adopt policies and procedures that make that impossible.  I mean if an operator can steal client funds to pay a kidnapper they can just as easily steal client funds to start a new life in the Caribbean.  

The method of payment shouldn't change the target of kidnappers.  The target of kidnapping paid in BTC are probably going to be the same as the targets of kidnapping paid in USD.  Any rich person can acquire enough BTC to pay a ransom.  Bank managers tend not to be targeted for ransom specifically because "their" bank holds a lot of cash.  Kidnappers are looking to add complications.   Find someone rich, take their love one, get paid (in USD, Gold or BTC).  

I do agree that Bitcoin (sadly) has certain properties which make it ideal for paying a kidnapping (or shipping piracy).  I expect it is only a matter of time before that headline is on every news site in the world.

Lets not talk smash and grab. What about the newer trend of kidnap a family member or wife, or even the person themselves and force the turnover of the wallet or private keys or a transaction for their release.

This is much more likely, especially as the value climbs.

It's also much "safer" than a typical kidnapping extortion as no one has to make a pickup of the cash or whatever. they simply verify it via the blockchain from anywhere and tell you where they stashed the person or body.

Bitcoin's ability to be sent instantly at a distance is simultaneously what makes it a far better payment mechanism than gold, and what makes it so much harder to secure than gold.

Imagine if it were possible to remotely teleport into a gold vault and quickly teleport the gold to an unknown location halfway across the world. Storing gold would have to be approached quite differently. For instance , it would probably no longer be optimal to build 1 giant super secure vault and put all the gold there.

The same way you protect physical money, precious metals, diamonds, jewelry, etc.

First 90% to 95% should be in a cold wallet.  Depending on business needs 50%+ could be an in a "cold cold" wallet which isn't even located on site.  You don't need multi-sig in the protocol to split a private key.  Their are offfline techniques to split a secret so that is requires m of n sub-keys.   Designate one employee the trustee of each sub-key, and encrypt it with GPG public.   Then you have lots of options for securing the pieces to prevent rapid physical access.  Time lock safes (you know the real ones TL-6x30 rated, glass relocker, durress code, silent alarm,etc), safety deposit boxes in a nearby bank, a branch office located on another continent are all methods to make a "smash and grab" type robbery simply impossible.

The rest of cold funds should probably be off line but in a semi-available method.  Something like a cold wallet laptop in a time lock safe which requires 2 managers keys/codes.  

Protecting the hot wallet from a physical attack may be more difficult but it should be a dedicated physically hardened server.  Yes they make server chassis which are essentially burglary safes.  Making the hot wallet deterministic and in-memory only would allow the hot wallet to be wiped.  The seed should not immediately available during normal operations.   Then it really becomes how paranoid are you.  Rig the server to write over the hot wallet in memory when an attack is detected.  Site alarm system, panic button, duress code on the chassis, failure to receive heartbeat from the network could all be signals to wipe the server.  Hell if you wan to get crazy put a GPS on the server so if the attackers connected it to a battery, faked the heartbeat signal, and attempted to remove the entire server once it got more than x meters from the site it would clear and crash anyways.

In the event that attackers gain control of the site but can't directly steal the private keys the key server should have preset "rules" which limit coinflow.  It could operate in delayed signing mode for large tx, have tx qty and BTC qty limiter.  An example would be a set of rules that limit total tx per hour to 400 or less, total BTC per hour to 5,000 or less, and any single tx larger than 1,000 BTC will be delayed 60 minutes.

It all depends on how much you are willing to spend.  If you had the resources of even the smallest credit union or precious metal wholesaler you could turn an exchange into a fortress (class A building, armored doors, biometrics, armed security, close caption monitoring, panic shutdown system, datacenter vault, vehicle barriers, security lockouts, independent electrical power, etc).

This topic reminds me of this comic:
http://xkcd.com/538/

what if the only one who knows about the private key is dead in the air crash? then all the coins will lost.
So we have to let many people have access to the private key. If one person dead in a disaster, the other ones will be able to release the coins. Again, we have to trust people, right?

this post highlights the single most concerning thing for me about bitcoin, even being its biggest possible supporter: robberies will be irreversible in nearly all circumstances.

They should be protected like banks. With security guards and/or time-lock virtual vaults. They're operating with real money (Bitcoins) and not just digital representation of money (fiat in exchanges).

The attacker doesn't need to get physical access to all servers. As long as someone has legit access to all servers, the attacker may just force this person to give him the money.

Multisig won't fail if the other party necessary for the signature are the customers. I think we can safely rule out the possibility of attacking every single costumer.

It might be hard to get 8 servers in different parts of the world even if each was relatively insecure. Possibly not so hard to trick them into signing unless the system was well designed.

Interesting discussion. Valid points, too.

Considering the lack of encrypted wallets (and when there, passwords stored in plaintext), the hot wallet can easily be stolen by barging into the server room. If it's hosted, it can be stolen by some disgruntled employee of the networking team just as easily. This "physical theft" is dangerous stuff, and will guarantee the loss of at least the hot wallet (multisig will still fail once all the servers are physically stolen).