Yet again, we see that just because you can be your bank , doesn't mean you should. These 'safe', ' audited' programs, protocols, wallets keep failing. The introduction of irrevocable bounties creates a huge incentive to find bugs. The so-called self-funded bug bounty. Never trust a 3rd party to do your crypto.
Well, being audited means only that it is audited. Nobody forces the company/developers to act upon the findings of the audit... but still, technically it is true that they were audited even if the outcome of the audit was "haha, I wouldn't trust my used hanky on this"
> When this happens with big bank, you could try going to the court.
Great. So not only I lost my money but now I'm getting an assignment as well. Which will last many years and at best will result in recovering a fraction of what I lost and the most likely outcome us not getting anything back and possibly paying more.
I had the California State Board of Equalization empty one of my bank accounts without warning because they thought I owned them back taxes. I had moved out of the country and wasn't filing California taxes, which was a mistake. You still have to file a 0 tax.
Dude, there are whole countries where the Goverment just stopped everyone from getting their money out of the Bank. Greek for example, just a few years ago. It's not something very rare nor do you have to be in a third world country.
It's a great place but when you need to cash out you need fresh linux system with fresh wallet software connected to the internet only when you make the transaction. Not an app for your phone. Everybody will have malicious keylogger on their phone eventually if they install apps and sometimes even if they don't.
Not necessarily, for instance 3rd party keyboards like Grammarly are keyloggers by their very nature. They grab your input, process it, and give output in terms of grammar corrections. And a rogue app update can absolutely do the same.
> And how do you make sure that that doesn’t come with a keylogger
The same way you verify anything is what you want and stays that way, MD5/SHA256 hashes and airgaps.
It's possible to disable third party keyboards for sensitive data entry at least on iOS. Not sure if the same is possible on Android – worst case, a wallet could just provide their own keyboard/passphrase entry method.
> The same way you verify anything is what you want and stays that way, MD5/SHA256 hashes and airgaps.
How do you determine a given hash to be trustworthy? And how do you know you can trust your `sha256sum` implementation?
You're always trusting someone. Any security analysis pretending otherwise is worthless.
From my understanding, as what’s essentially a layperson in crypto, is hardware over any form of software. Same as with fiat in say PayPal, you don’t own it unless you can physically hold it. And physically holding it in this case is via FOSS hardware wallets such as Trezor.
That hardware will ultimately also be running software, and you need to be trusting the vendor/supply chain of both.
This is not at all to say that there is no point in hardened/secure execution environments like smartcards, Yubikeys, hardware wallets etc., but the important point is that the statement "hardware is more secure than software" by itself is dangerously misleading.
And there is no such thing as (fully) "FOSS hardware". Somebody needs to build a physical thing in the end, and you can't verify every single step of that process. Openness/transparency has its advantages and reduces the chance of nefarious things happening in your supply chain, but this is lightyears away from "trustlessness".
If it's not a bank and not state backed/insured, it might as well be crypto. With crypto, at least in cold storage, there is a lot less chance of losing your money and no chance of getting a dreaded 'your account was indefinitely suspended' from the 'AI' at Paypal. And having no recourse whatsoever.
Still, personally, I distribute over all kinds of banks (where I get E100k per bank when they fall, so I make sure I'm under that amount per bank) and assets so the fallout is minimal if something falls. Well, unless it's a 1929 event of course; then it remains to be seen what is left after. But then crypto is wiped out too; people gotta live, so they will mass sell off.
Is it? This looks like rumor-mongering based on a couple tweets.
"Several users on Twitter"
"A number of users have commented on the post reporting losses"
There is one firsthand tweet from someone saying he lost funds this week, one from someone who says he lost funds six months ago, and one from the wallet developer saying "We have received reports of wallets being compromised".
Are we talking a hundred, or are we talking five? As far as the sources go, we have two in six months.
How, exactly, do they come up with an adjective like "several" for this?
I'm as anti-cryptobro as the next guy, but let's put on our critical thinking caps for a minute. Where's the indication that something newsworthy happened here?
If I posted an article about some people got rich off crypto is that also worthwhile because it's "news"? No, if there's no intellectual discussion and it's just cheap 10 second takes then it's not suited for HN.
From the guidelines:
> On-Topic: Anything that good hackers would find interesting. That includes more than hacking and startups. If you had to reduce it to a sentence, the answer might be: anything that gratifies one's intellectual curiosity.
> Off-Topic: If they'd cover it on TV news, it's probably off-topic.
This is a very shallow news story that gives no information on the technical nature of the hack or anything intellectual in the slightest.
As can be seen by the comments on this thread almost everything is low-brow commentary similar to what you'd see on a Facebook news story.
If people want to discuss crypto security and the merits of different approaches that would be an awesome discussion to have. Unfortunately it can't happen here any more because the only crypto related things that get upvoted are news stories about bad things happening and the more that happens the more intellectually curious people are driven away.
I'm curious about what happened too. Non custodial? Then how? Was the application FOSS? If not, I'd guess they were collecting some kind of data they shouldn't have been.
Sounds like you're more advocating for cold storage. You could be right, but even the most secure software wallet is only as secure as the computer it is running on.
It seems, but I might be wrong (others suggested it though) that you need the app to be compromised to do this. A server hack wouldn’t work because you still need your key/seed phrase. The app, with a hack, of course can, next to unlocking your wallets locally, send it to a server (which should never happen) and then the owner of that server can take the funds.
To me this seems the most obvious. Use open source wallets, reproducible builds, hashes and, of course, cold wallets. Also, divide; don’t put your money in one place; I would say that goes for banks too.
The general rule of the thumb in crypto is that everything will get exploited. Its a matter of “when”, not “if”.
I wouldn’t even trust Metamask in the long run. If the wallet doesn’t get exploited, something that interacts with the wallet will.
If crypto ever becomes a bigger market, you’ll eventually have state actors trying to exploit protocols and wallets, and they’ll be more sophisticated than the North Korean hackers.
Crypto is just totally ruthless with software exploits. Any software exploit leads to millions of dollars worth of assets being stolen, by whoever found the exploit.
70 comments
[ 2.4 ms ] story [ 125 ms ] threadThis strikes me as funny because software engineers are regularly told not to roll their own crypto.
When this happens to crypto, you got nobody to blame but yourself.
Great. So not only I lost my money but now I'm getting an assignment as well. Which will last many years and at best will result in recovering a fraction of what I lost and the most likely outcome us not getting anything back and possibly paying more.
Which ones?
I still haven't gotten my money back.
Thankfully we can be reasonably sure that some compilers at least predate cryptocurrency.
Are there actually any keyloggers for iOS and Android? Unlike on desktop OSes, there isn’t even an API for that, so you’d need an actual OS exploit.
> fresh linux system with fresh wallet software
And how do you make sure that that doesn’t come with a keylogger (in a world where a significant number of people were to actually do that)?
Not necessarily, for instance 3rd party keyboards like Grammarly are keyloggers by their very nature. They grab your input, process it, and give output in terms of grammar corrections. And a rogue app update can absolutely do the same.
> And how do you make sure that that doesn’t come with a keylogger
The same way you verify anything is what you want and stays that way, MD5/SHA256 hashes and airgaps.
> The same way you verify anything is what you want and stays that way, MD5/SHA256 hashes and airgaps.
How do you determine a given hash to be trustworthy? And how do you know you can trust your `sha256sum` implementation?
You're always trusting someone. Any security analysis pretending otherwise is worthless.
wow, what a practical way to be able to store and use money!
If you want “practical” and unsafe, then store all your crypto in hot wallets like Atomic, that sure ended up well.
This is not at all to say that there is no point in hardened/secure execution environments like smartcards, Yubikeys, hardware wallets etc., but the important point is that the statement "hardware is more secure than software" by itself is dangerously misleading.
And there is no such thing as (fully) "FOSS hardware". Somebody needs to build a physical thing in the end, and you can't verify every single step of that process. Openness/transparency has its advantages and reduces the chance of nefarious things happening in your supply chain, but this is lightyears away from "trustlessness".
https://www.cnn.com/2023/06/02/investing/payment-apps-safety...
Still, personally, I distribute over all kinds of banks (where I get E100k per bank when they fall, so I make sure I'm under that amount per bank) and assets so the fallout is minimal if something falls. Well, unless it's a 1929 event of course; then it remains to be seen what is left after. But then crypto is wiped out too; people gotta live, so they will mass sell off.
Perhaps that it’s news?
“Atomic Wallet has been apparently exploited, with users on Twitter reporting complete losses of their crypto portfolios.”
Is it? This looks like rumor-mongering based on a couple tweets.
"Several users on Twitter"
"A number of users have commented on the post reporting losses"
There is one firsthand tweet from someone saying he lost funds this week, one from someone who says he lost funds six months ago, and one from the wallet developer saying "We have received reports of wallets being compromised".
Are we talking a hundred, or are we talking five? As far as the sources go, we have two in six months.
How, exactly, do they come up with an adjective like "several" for this?
I'm as anti-cryptobro as the next guy, but let's put on our critical thinking caps for a minute. Where's the indication that something newsworthy happened here?
From the guidelines:
> On-Topic: Anything that good hackers would find interesting. That includes more than hacking and startups. If you had to reduce it to a sentence, the answer might be: anything that gratifies one's intellectual curiosity.
> Off-Topic: If they'd cover it on TV news, it's probably off-topic.
This is a very shallow news story that gives no information on the technical nature of the hack or anything intellectual in the slightest.
As can be seen by the comments on this thread almost everything is low-brow commentary similar to what you'd see on a Facebook news story.
If people want to discuss crypto security and the merits of different approaches that would be an awesome discussion to have. Unfortunately it can't happen here any more because the only crypto related things that get upvoted are news stories about bad things happening and the more that happens the more intellectually curious people are driven away.
If not, I don’t see how an app on a phone is worse than on a desktop.
I don't get your response, though. It was an app where the keys were "yours". The "not your keys" is about custodial services, which this is not.
If the keys were stolen using a cryptographic trick, how was it done at scale?
It sounds to me like at some moment the keys were exfiltrated.
So "not your keys, not your coins" stands. If you don't have strict control over the keys you don't have strict control over the coins.
surely they would have some idea
To me this seems the most obvious. Use open source wallets, reproducible builds, hashes and, of course, cold wallets. Also, divide; don’t put your money in one place; I would say that goes for banks too.
I wouldn’t even trust Metamask in the long run. If the wallet doesn’t get exploited, something that interacts with the wallet will.
If crypto ever becomes a bigger market, you’ll eventually have state actors trying to exploit protocols and wallets, and they’ll be more sophisticated than the North Korean hackers.