[HN Gopher] The password guess worth $240m in Bitcoin
___________________________________________________________________
The password guess worth $240m in Bitcoin
Author : LittlePeter
Score : 25 points
Date : 2021-01-13 14:44 UTC (8 hours ago)
(HTM) web link (www.bbc.com)
(TXT) w3m dump (www.bbc.com)
| mac01021 wrote:
| Could this kind of problem be solved well using smart contracts?
| (Not for Bitcoin, obviously, but on some more sophisticated
| blockchain system).
|
| Like, have a thing where if your wallet is inactive for a period
| of greater than one year then all the money inside gets
| transfered to your spouse/mother/financial-trust so that you can
| recover it?
| rfd4sgmk8u wrote:
| This can actually be solved using smart contracts in bitcoin,
| it is built into the underlying bitcoin opcodes -- CSV
| https://github.com/bitcoin/bips/blob/master/bip-0112.mediawi...
|
| This is the underlying mechanism for Unilateral Channel Close
| in the lightning smart contracts (on bitcoin), a timeout spend
| clause.
|
| Note: It wasn't a thing when these coins were first acquired,
| so it doesn't really help in the situation.
| adambcn wrote:
| Who'd want an IronKey digital wallet after reading this!
| [deleted]
| bawolff wrote:
| The same people who wanted one before?
|
| This is the entire point of having a hardware wallet. If this
| situation changes your mind about them, then you were clearly
| just buying them blindly without knowing what it is.
| jsheard wrote:
| On the contrary, I think it's good marketing for IronKey if
| their bruteforce/tamper resistance has held up in the face of
| someone with that much motivation to bypass it.
| Rebelgecko wrote:
| I had to throw my Ironkey away because it doesn't work over
| USB-C to USB-A adapters
| cududa wrote:
| That's also a positive
| phil21 wrote:
| bought one actually - not quite due to this news, but because
| it reminded me I needed to get around to it.
|
| It solves a fun niche for me - a relatively secure but
| technologically simple way for my parents to keep in the safe
| in case of my early demise. My spouse and in-laws have the PIN
| codes in their safes.
|
| Seems about as good as I can get to store any
| keys/passwords/sensitive digital info you have without needing
| a SRE to be involved with unwinding your estate.
| datenhorst wrote:
| Never put all your eggs into one basket. I only own a negligible
| amount of coins but have them distributed among 4 storage
| methods, one of them a printout in a book
| rwmurrayVT wrote:
| As is the case here, what is negligible now may not be in the
| future.
| rvz wrote:
| Should have used a password manager.
|
| Downvoters: Ok so how should he correctly remember that huge
| password that unlocks his $240m (7,500 BTC) wallet with in 2
| attempts? Pen and paper? All from memory?
|
| Next time _use a password manager_. Period.
| bawolff wrote:
| No. You should not use a password manager for a hardware
| security device. The point of those (among other things) is to
| protect you from your computer being compromised. It defeats
| the point if you stuff the password into your computer.
| Security is about the weakest link.
|
| Password managers are good advice for 99% of use cases.
| Protecting an asset worth hundreds of millions is a bit of a
| special case and you shouldn't follow the same advice as if you
| were trying to protect your hacker news login credentials.
| otachack wrote:
| Password manager use while applying an indirect name for the
| entry isn't a bad idea, especially if it's your main PM since
| you can obfuscate it among the other entries.
|
| It sucks that people are learning the hard way of their
| incredibly secure but unrecoverable methods. It's also a shame
| that there are probably countless instances of this and so a
| considerable amount of bitcoin is just totally lost and out of
| circulation, permanently.
| piracy1 wrote:
| > It sucks that people are learning the hard way of their
| incredibly secure but unrecoverable methods. It's also a
| shame that there are probably countless instances of this and
| so a considerable amount of bitcoin is just totally lost and
| out of circulation, permanently.
|
| Unless you own a bunch of btc, then it's deflation.
|
| Though yeah, very sad.
| bdz wrote:
| Deleted his tweet but Alex Stamos offered help for a 10% cut
|
| https://web.archive.org/web/20210112200826/https://twitter.c...
|
| https://web.archive.org/web/20210112142941/https://twitter.c...
|
| >Um, for $220M in locked-up Bitcoin, you don't make 10 password
| guesses but take it to professionals to buy 20 IronKeys and spend
| six months finding a side-channel or uncapping. I'll make it
| happen for 10%. Call me.
|
| >We're not talking about some NSA-built crypto processor
| installed on an SSBN, but an old $50 piece of consumer kit. There
| is no way it's hardened against the last ten years of USENIX
| papers that have never been used in practice.
|
| Co-founder and former IronKey CEO also chimed in
|
| https://twitter.com/davejevans/status/1349075762322702336
|
| https://twitter.com/davejevans/status/1349083685165834240
|
| >I was co-founder and CEO of IronKey. We had numerous
| conversations with the NSA during the development of the
| products. If the person is using the first generation of IronKey
| before we sold the company to Imation, it will be very
| challenging.
|
| >A good first step is to try to image the NAND flash. Then it
| will not be destroyed. You can certainly try to brute force the
| AES encrypted contents. It's CBC mode AES by the way. Keys
| generated by FIPS compliant RNG. See you in 1,000 years.
| randompwd wrote:
| How annoying that Alex Stamos deleted both tweets when it
| became apparent to others he was talking nonsense.
|
| > >We're not talking about some NSA-built crypto processor
| installed on an SSBN, but an old $50 piece of consumer kit.
| There is no way it's hardened against the last ten years of
| USENIX papers that have never been used in practice
|
| I don't have much hope for his twitter byline:
|
| > Trustworthy tech at the Stanford Internet Observatory
|
| Obviously not trustworthy if he's deleting tweets which show
| him in a negative light - i.e. talking authoritatively out of
| his arse on subjects which more informed people call him out
| on. And then deleting any evidence of it.
| huac wrote:
| Area men talk book
| bitwize wrote:
| Yes, and for that kind of money Ehrlich Bachman would take 5%
| to let you crash at his place while you figured out how to
| crack the password.
| pjkundert wrote:
| I know David. If he's saying it, then it's very likely true.
| Smartest guy I know...
| meowster wrote:
| "very challenging" [?] impossible
|
| It would be very challenging for ne to build an app, for many
| people on HN, it would be trivial.
| bawolff wrote:
| CEO of crypto company claiming their product is secure isn't
| super meaningful. It might be true, but they would probably say
| that regardless.
|
| That said, side channels may not be that relavant if you're
| starting from a place of having to guess the key. Usually
| that's more about leaking secrets, not bypassing the encryption
| from a cold start state.
| NKosmatos wrote:
| The wallet is stored in a Kingston IronKey [0] secure USB flash
| drive. The hardware encrypted USB allows you to enter 10 times a
| password before its rendered useless. It has hardware tampering
| and you can't make an image of it so that you can try more times.
| If you put the password wrong 10 times you lose all the data but
| you can erase/reformat the drive and still use it. Original tweet
| of Stefan:
| https://twitter.com/justmoon/status/1349069290587058177
|
| [0] https://www.ironkey.com/en-US/
___________________________________________________________________
(page generated 2021-01-13 23:03 UTC)