Topic: The Bank of Bitcoin- The World's Most Secure Bitcoin Service- Unhackable! - page 6. (Read 6900 times)

i think the name was a bad choice.
we're using bitcoin to get away from the banks aren't we?

If you are not storing keys on your server or such, how are you going to automate payments then ? Wont even API need the keys ?

Also, tbh I really dont like the name, let alone being professional, it just sounds hectic

Shubhank008- The idea here is that Mt. Gox stores your Private Key on their server. We do not. The reason why it's a problem when Gox, or Bitfloor, or BTC-e get hacked is because they store your Private Keys, which is needed to access and spend your Bitcoins. Many have lost their BTCs as a result of this, and it's considered one of the biggest problems with Bitcoin as a currency. We offer you a seamless and secure way to store you're Private Keys in a Paper Vault, much like a Paper Wallet but more convenient. It is the safest way to store your Bitcoins, and indeed is unhackable. It is not a false claim that we offer the most secure way to store your Bitcoins, and we are the only online Bitcoin service to do so. You can learn more about Paper Wallets here: https://en.bitcoin.it/wiki/Paper_wallet


Regarding the look of the site, unfortunately I've learned that programmers aren't web designers so that will get better. I always thought Gox was pretty lame looking too 

I wonder how you can do false claims and advertising as "World's most secure" service

Even MtGOX which is the biggest BTC process is hacked a few times and there is no such way to actually determine who the world's "most" secure provider is

PS: Maybe you should prepare a more good looking and professional site first ? Looks lame

You're absolutely right about that kazriko. The reason why it's done here is because most people are used to instantaneous transactions with their credit and debit cards, and if the masses are going to adopt BTC, they're not going to want to wait days- or weeks (I've heard it could take months without paying a network fee?) for a transaction to sort. A .0005 fee right now sorts everything very quickly. It's a small price for convenience, but if the price of BTC rises we'd adjust the Bank fees to stay as just as low. This is not a "get rich quick" operation. It's much more beneficial to Bitcoin than one may realise at first glance, for the simple fact that it makes Bitcoins accessible and secure for everyone and their Mother. We hope time will shine some light on that.

The Bank of Bitcoin also provides the advantage of being able to pay someone from any internet-connected device, and if the recipient is also a Bank member they will receive the payment instantaneously and for free. The recipient can then quickly send that payment to their Paper Vault, where it can't be hacked or touched by anyone. Thanks for taking the time to understand!

The network fees are optional though. The larger fee you pay, the faster your transaction gets into a block and the less likely it'll get orphaned, but it's certainly not a requirement.

saudibull- We are using the word "Bank" in our name because a bank traditionally provides financial services.  Of course, this is not a traditional bank: instead of money, it holds Bitcoins, and instead of someone else holding them, YOU get to hold them yourself, in a way far more secure than in any traditional bank.  It seems that you and others simply have a negative knee-jerk reaction to the word bank...but it doesn't matter at all what it is called, but what it DOES.  It allows anyone to have sole control over the Private Keys for their unhackable Paper Vault, to never need to download or run any special Bitcoin software, and to be able to spend their Bitcoins from any Internet-enabled device in the world.

For this security and convenience, yes, we charge a very small fee of either .0005 or .0001 BTC depending on the action - and many transactions are free!  Even the Bitcoin peer-to-peer network charges a .0005 BTC fee.

Just like Mt. Gox charges fees for its Bitcoin service...but Mt. Gox never give YOU control of your Private Keys.
Just like Bitfloor (when it was running) charged fees for its service...and never gave you control of your Private Keys.
Just like BTC-e charges for its service...and never gave you control of your Private Keys.
(And the list goes on and on....)

But, unlike them, if we are ever hacked the Bitcoins in your Paper Vault are NOT lost!  Paper Vaults are simply unhackable.

So, if you don't want to use our service, you are free not to.  Those who do, however, will enjoy the convenience and absolute security.  

LOL, kidding with this right, this is one of the main selling points and greatest ideas behind BTC, the reason its so popular... Because there are no banks, no middlemen, no fees. Take your imaginary bank and get the f&$$ out of here...

BTCoder- If you read the preceeding posts closer (I know there are a lot of them lol) or simply visit our site, you will see that it is specifically our Paper Vaults which are unhackable.  No one can hack a piece of paper with addresses and Private Keys tucked away in your sock drawer    

lol your bank is not "unhackable" nothing is. You make yourself sound ignorant saying this.

Lmao! I laughed.

Thanks for that. I probably wouldn't be able to spot anything like that myself in the Javascript code as I'm not anything like a cryptography professional. That's a pretty specialized field.

The offline transaction zip seems like it would be good for the hyper security conscious.

I don't think that I would have any uses for the site, but it is interesting. It's basically a hybrid between the pure paper model and things like coinbase.

kazriko - You may realize that you can easily view "Page Source" from most browsers.  This makes it possible for anyone with the html and javascript savvy to simply examine the source code and verify that the Private Keys are never transmitted over the Internet.  Oe could also check the similarities between the page source of our Paper Vault pages and the open-source code available at bitaddress.org and in https://www.strongcoin.com/downloads/offlineTransaction.zip .  We have integrated these open-source tools into our own service in a way that makes them much more convenient use.  You can examine both our code and their code for yourself, if you like.

And yes, I would agree that if the user's computer is hacked or compromised (perhaps in a way which would allow a hacker to see everything the user does or types on his computer) then this would obviously introduce a security flaw.  I would like to point out that such a compromised computer would also be vulnerable in the event of dealing with traditional financial transactions as well.  We cannot guarantee the security of every computer in the world, but I would like to point out the the very security-concerned (maybe paranoid is too strong a word) could use a live-cd operating system for dealing with The Bank of Bitcoin, but that would apply to using any other online Bitcoin service as well.

As for the fee: we do not charge for creating a Paper Vault.  The 0.0001 BTC fee you referred to is for the creation of an additional Auxiliary Bitcoin Address for your Active Storage, not for a Paper Vault.  That fee (and all of our fees) is deducted from your Active Storage, never from Paper Vaults.  (It is inherently impossible to deduct fees from Paper Vaults, in fact.)

And what happens when they torch your vault?!

There is no such thing as un hackable! Why are banks still dealing with millions of fraud cases each month?

Bank of Bitcoin is to Unhackable as Titanic was to Unsinkable ....

edd - You bring up valid points, which I am happy to clarify.  I will address the comment about marketing first.

We are much more concerned about being completely honest about exactly what The Bank of Bitcoin does and how it works, including its security protocols, than in creating some sort of "slick" marketing campaign.  When we say that our "website, our server, your PC indeed can all be hacked," that is just the reality of modern computers.  Of course, while we have done everything in our knowledge and power to foil any hacking attempts to the absolute best of our ability, it is certainy within the realm of possibility.

Because ANY website can ultimately be hacked (off the top of my head I am aware the the site for the White House has been hacked in the past) we developed our Paper Vaults which CANNOT be hacked. This is why we recommend only keeping relatively small amounts of Bitcoins in your Active Storage, with the lion's share in your Paper Vaults.  As I mentioned earlier, in daily life you only keep a relatively small amount of cash in your wallet for "walking around money" and keep most of your savings in a bank, the same goes here...except that Paper Vaults are far more secure than even a government-regulated bank, because even the government could not confiscate bitcoins in a Paper Vault.

As for your last question about our claim of being "the most (and perhaps only) completely secure Bitoin service in the world," I will agree that  bitaddress.org is also completely secure...but somewhat less convenient.  In fact, we have modified the open-source code from bitaddress.org to perform certain Paper Vault functions.  So let me modify my original statement just a bit and say that we are tie for "most secure"...but then we win in terms of convenience!

If they're online, code could be built in to send that key. You'd want someone to be able to verify that this isn't happening. The going offline method would be one way to do it, but there's always the possibility that the page they downloaded had some sort of back door. It would be nice to have some additional assurance, or some independent verification of that javascript program. Also, that still leaves you with the possibility that their system is hacked, and thus that private key would be available to those who hacked it. The same risk that you have with any other bitcoin wallet on their computer. (Though, slightly less as they would have to be hacked before they make the key, and they wouldn't be able to get it afterward unless it was stored in their caches somewhere.)


That's true, you could do it that way, but you're opening yourself up to having the rest of the balance stolen if you don't use the entire balance. That's because every time they use that paper wallet, if the device they use it with is compromised then the private key will have been stolen. The only way to be sure that isn't the case is to dump the remaining funds into a new one that has never touched an online computer. Though, this is getting into the slightly more paranoid aspects of paper wallet security.

Only close-to-unhackable way is to use a OS image that has never been online to generate the wallet, then only use the private key for each wallet once. Then you're only worrying about weaknesses in the wallet generation software and OS that is used, and the security of those pieces of paper. That would take a much more sophisticated hack. (Similar to the one I was discussing above with verifying the javascript program independently)

Though, it does make me wonder. You're getting your 0.0001 fee per wallet generated, how do you enforce that? Do you just charge that per public key added to your system?

I just lost $700 to eNumbered- don't want to try another small shady character

Claiming your service to be unhackable and then admitting
and
makes it seem to me that this might not be the best marketing approach.




Also, how is your method of generating public and private keys better than bitaddress.org and others? If you're going to claim that you'll have to be more specific in explaining how it's better than other, very similar services using client-side javascript.