>The Ottawa police are investigating an Oct. 1, 2013, incident at Canadian Bitcoins, when someone opened an online chat session with a technical support worker at Granite Networks, now owned by Rogers Communications, and claimed to be Canadian Bitcoins owner James Grant.
> He claimed to have a problem with a server and asked the attendant to reboot it into recovery mode, allowing him to bypass security on the server.
The two quotes you picked out don't do it justice.
> After being asked, the technical support worker gained access to Grant’s locked server pen, plugged in a laptop and then manually gave the fraudster access to Canadian Bitcoins servers, where he cleaned out a wallet containing 149.94 bitcoins, valued at around $100,000.
It is (or at least sounds so from the details given), but this dovetails right into the current discussions about identity and verification and how to do each well in an age where much of your personal identification is spread around the internet and easily obtainable.
Would we really think it was less mind-bogglingly stupid if there was an email verification beforehand but the hacker had compromised the email account? Probably, but maybe not by much. It's a hurdle, but not always an unsurpassable one, and sometimes not hard at all (how hard is it to convince the tech that the reason you're calling is because you route all mail to the server in question and it has crashed, so email verification doesn't work so you need to fall back on other provided info?).
Good procedures and policies can help, but that also means the attacker knows exactly what's needed to defeat them.
Whoever trusts an exchange as depositor is doing so at their own risk: your bitcoins are not really yours (technically) unless you have them in your wallet, preferably a cold wallet.
All these breaches do not show any weakness of blockchain security.
Maybe if your digital currency depends on printing out private keys and storing them in bank vaults in order to be secure, its security model is kinda shitty? Why should secure digital currency be 100x more cumbersome to use than a credit card?
The "security model" for the current method of payment in the United States involves getting breached left and right, getting 97 years of credit report monitoring, constant reissuance of cards, and refunding fraudulent charges sometimes as late as 30 days after the fact.
BTC happens to be worse currently, but not by that much.
EDIT: Also, this is the same model as PGP/GPG and priv/pub key protection. Presumably you don't think this security model is shitty for the myriad of uses it sees.
Paper wallets are just one possibility for true paranoids expecting to keep the coins for an indefinite time. A more common usage is hardware wallets, which the key is supposed to never leaves the device, combining some cool logical and physical security to ensure that.
Depends on which country's banks. So far I've lost more money to banks in my country than to my mattress, and so has almost everyone in Uruguay and Argentina:
Yep, because for the largest group of people it is substantially more convenient... even on the point of security, because they couldn't keep it safe either. Of course both are vulnerabilities.
Somewhere I had 7 BTC on a flash drive. Haven't seen it in years... maybe I'll find it one day.
The funny ( ok it is not that funny ) thing is they use cryptos in the same way they use banks. What is the point of using cryptos if you put all your Bitcoin/Ethereum/Monero/Litecoin/etc... in a web wallet?
Even if you don't use them as a "web wallet", you can still get bit when you go to exchange and find out the exchange is not trustworthy too late and your coins are gone. Many defunct exchanges continued to allow deposits while blocking or limiting withdrawals.
The popularity of exchanges points to a fundamental mismatch between the values of bitcoin and those of the general population. Most people don’t really want trustless consensus, to be in charge of their own security, and pseudo anonymous payments.
This post is actually really great for educating people about WHY they should use decentralized networks like blockchains instead of trusting a single point of failure.
But the title is not helping at all because it gives the impression that some sort of "blockchain" has been shut down (which would be way more interesting if something like that actually happened, since that would be equivalent to the bittorrent network being "shut down", which hasn't happened due to its decentralized nature)
I'm sure the point was not to insinuate that cryptocurrency will fail because of these incidents, maybe there's a better title for the website?
On the contrary, it's a great resource to teach people that blockchain won't save you from fraud, and that blockchain applications that store and transact value are just as prone to that fraud as any other medium.
http://ottawacitizen.com/business/ottawa-bitcoin-exchange-de...
>The Ottawa police are investigating an Oct. 1, 2013, incident at Canadian Bitcoins, when someone opened an online chat session with a technical support worker at Granite Networks, now owned by Rogers Communications, and claimed to be Canadian Bitcoins owner James Grant.
> He claimed to have a problem with a server and asked the attendant to reboot it into recovery mode, allowing him to bypass security on the server.