>Um, for $220M in locked-up Bitcoin, you don't make 10 password guesses but take it to professionals to buy 20 IronKeys and spend six months finding a side-channel or uncapping. I'll make it happen for 10%. Call me.
>We're not talking about some NSA-built crypto processor installed on an SSBN, but an old $50 piece of consumer kit. There is no way it's hardened against the last ten years of USENIX papers that have never been used in practice.
>I was co-founder and CEO of IronKey. We had numerous conversations with the NSA during the development of the products. If the person is using the first generation of IronKey before we sold the company to Imation, it will be very challenging.
>A good first step is to try to image the NAND flash. Then it will not be destroyed. You can certainly try to brute force the AES encrypted contents. It's CBC mode AES by the way. Keys generated by FIPS compliant RNG. See you in 1,000 years.
CEO of crypto company claiming their product is secure isn't super meaningful. It might be true, but they would probably say that regardless.
That said, side channels may not be that relavant if you're starting from a place of having to guess the key. Usually that's more about leaking secrets, not bypassing the encryption from a cold start state.
How annoying that Alex Stamos deleted both tweets when it became apparent to others he was talking nonsense.
> >We're not talking about some NSA-built crypto processor installed on an SSBN, but an old $50 piece of consumer kit. There is no way it's hardened against the last ten years of USENIX papers that have never been used in practice
I don't have much hope for his twitter byline:
> Trustworthy tech at the Stanford Internet Observatory
Obviously not trustworthy if he's deleting tweets which show him in a negative light - i.e. talking authoritatively out of his arse on subjects which more informed people call him out on. And then deleting any evidence of it.
>Obviously not trustworthy if he's deleting tweets which show him in a negative light
Or, you know, maybe gobs of people crawled out of the woodwork harassing him and/or begging him to get into their wallets that they can't access. Both of which are extremely plausible and valid reasons for deleting the tweet.
Even the individual with the wallet going "sure, let's talk offline" is a valid reason to remove tweets.
Maybe re-read my comment.
He deleted multiple tweets including the one I quoted:
> We're not talking about some NSA-built crypto processor installed on an SSBN, but an old $50 piece of consumer kit. There is no way it's hardened against the last ten years of USENIX papers that have never been used in practice
The wallet is stored in a Kingston IronKey [0] secure USB flash drive. The hardware encrypted USB allows you to enter 10 times a password before its rendered useless. It has hardware tampering and you can't make an image of it so that you can try more times. If you put the password wrong 10 times you lose all the data but you can erase/reformat the drive and still use it. Original tweet of Stefan: https://twitter.com/justmoon/status/1349069290587058177
Downvoters: Ok so how should he correctly remember that huge password that unlocks his $240m (7,500 BTC) wallet with in 2 attempts? Pen and paper? All from memory?
Password manager use while applying an indirect name for the entry isn't a bad idea, especially if it's your main PM since you can obfuscate it among the other entries.
It sucks that people are learning the hard way of their incredibly secure but unrecoverable methods. It's also a shame that there are probably countless instances of this and so a considerable amount of bitcoin is just totally lost and out of circulation, permanently.
> It sucks that people are learning the hard way of their incredibly secure but unrecoverable methods. It's also a shame that there are probably countless instances of this and so a considerable amount of bitcoin is just totally lost and out of circulation, permanently.
Unless you own a bunch of btc, then it's deflation.
No. You should not use a password manager for a hardware security device. The point of those (among other things) is to protect you from your computer being compromised. It defeats the point if you stuff the password into your computer. Security is about the weakest link.
Password managers are good advice for 99% of use cases. Protecting an asset worth hundreds of millions is a bit of a special case and you shouldn't follow the same advice as if you were trying to protect your hacker news login credentials.
Never put all your eggs into one basket. I only own a negligible amount of coins but have them distributed among 4 storage methods, one of them a printout in a book
Articles like these have it backwards if you ask me. If he had access to the device then he probably would have sold (most of) his bitcoins a long time ago.
Could this kind of problem be solved well using smart contracts? (Not for Bitcoin, obviously, but on some more sophisticated blockchain system).
Like, have a thing where if your wallet is inactive for a period of greater than one year then all the money inside gets transfered to your spouse/mother/financial-trust so that you can recover it?
Yes, ironic in the sense that, by retiring those bitcoins from circulation, usable bitcoins are more scarce, which drives prices up, making the loss even more valuable in the future.
On the contrary, I think it's good marketing for IronKey if their bruteforce/tamper resistance has held up in the face of someone with that much motivation to bypass it.
This is the entire point of having a hardware wallet. If this situation changes your mind about them, then you were clearly just buying them blindly without knowing what it is.
bought one actually - not quite due to this news, but because it reminded me I needed to get around to it.
It solves a fun niche for me - a relatively secure but technologically simple way for my parents to keep in the safe in case of my early demise. My spouse and in-laws have the PIN codes in their safes.
Seems about as good as I can get to store any keys/passwords/sensitive digital info you have without needing a SRE to be involved with unwinding your estate.
What's to stop someone from buying an old IronKey, telling this same story, and then auctioning it off for millions? (valued for both the small chance of decryption and for the media attention)
https://web.archive.org/web/20210112200826/https://twitter.c...
https://web.archive.org/web/20210112142941/https://twitter.c...
>Um, for $220M in locked-up Bitcoin, you don't make 10 password guesses but take it to professionals to buy 20 IronKeys and spend six months finding a side-channel or uncapping. I'll make it happen for 10%. Call me.
>We're not talking about some NSA-built crypto processor installed on an SSBN, but an old $50 piece of consumer kit. There is no way it's hardened against the last ten years of USENIX papers that have never been used in practice.
Co-founder and former IronKey CEO also chimed in
https://twitter.com/davejevans/status/1349075762322702336
https://twitter.com/davejevans/status/1349083685165834240
>I was co-founder and CEO of IronKey. We had numerous conversations with the NSA during the development of the products. If the person is using the first generation of IronKey before we sold the company to Imation, it will be very challenging.
>A good first step is to try to image the NAND flash. Then it will not be destroyed. You can certainly try to brute force the AES encrypted contents. It's CBC mode AES by the way. Keys generated by FIPS compliant RNG. See you in 1,000 years.