

You can now perform all basic actions in Bitcoin through SMS - FredEE
http://blog.coinbase.com/post/58354652059/you-can-now-perform-all-basic-actions-in-bitcoin

======
rdl
Wow, this is simultaneously really cool from a usability perspective, but
terrifying from a security perspective. A non changing PIN sent over cleartext
(encrypted by "speech"). I guess there is plenty of room for security on the
backend.

It is more than fine for casual uses, but a serious user who publishes his
phone number (payment address) would be subject to a really cheap attack by
anyone who can look at his phone, or a somewhat cheap attack with the ability
to reroute the phone, or a slightly cheap attack with local BTS spoofing.

~~~
vbuterin
I assume they're checking the incoming phone number as well. So the thief
needs to get your SIM card or hack the phone system. Can anyone chime in as to
how difficult the latter (and how prevalent the former) is?

~~~
rdl
Spoofing the SMS on the request is easy (only policy at operators prevents
it).

You do need to intercept the incoming call, but you can trivially do that ith
call forwarding, or more impressively do it with network or local handset
exploits.

~~~
coblee
We've tried to make it as secure as possible. The idea is that the pin is only
sent over the call. So the hacker would need to listen in to your call in
order to steal your pin. So they basically need to hack your SMS and your
voice calls. How else can we make this more secure?

As for publishing your phone number so that you can receive bitcoins, you can
publish your secondary phone numbers. We only allow you to use SMS to access
your account from your primary phone number, but you can receive funds on any
other phone number attached to your account. So even if a hacker knows your
pin and is able to fake a call to us from your published phone number, they
won't have access to your bitcoins.

~~~
rdl
Yeah, it is probably about as secure as is reasonably needed. You should also
have daily and maybe total limits, do statistical anti fraud (useful in
general, but more so on low trust channels)

You might be more willing to allow large repeat transactions vs large
transactions to a new payee.

I haven't tried it yet, but you definitely want the voice call to include both
as much transaction info as possible and a "press 0 to talk to security" etc.

Unclear which telephony provider you use, but if you are more partnered with
carriers, you can see more data, which may help reduce fraud. If you turn out
to have a bunch of users in Nigeria, I'd set up peering directly with the
Nigerian mobile carriers. This is probably years down the line.

I'd personally be willing to risk 10-20 BTC to this level of security, but not
500. Of course, my Bitcoin holdings are 2-3 BTC right now.

The big risk is the link between Coinbase and your outsourced telephony
provider. Worst case, if someone is defrauded out of 5 BTC, he can eat it, or
you can eat it -- it's not material to you. However, if I can somehow
compromise the entire thing and take 10% out of every enabled-for-sms account,
that might be material to Coinbase. I'd make sure the entire path is secure,
and do as much verification in-house as possible, and probably put aggregate
limits on the whole thing.

To be clear, I like the idea here, and think it is a great thing to deploy, it
just makes me scared because it is a huge step down from the rest of
coinbase's security. Since it is opt-in maybe it doesn't matter as much.

~~~
nwh
> I'd personally be willing to risk 10-20 BTC to this level of security, but
> not 500. Of course, my Bitcoin holdings are 2-3 BTC right now.

Two grand for the inconvenience of SMS-based currency?

~~~
rdl
$2k times the odds of actually being exploited (and not compensated by
Coinbase) is somewhere between $0 and $50.

------
panhandlr
Pay With Bits has been doing this since late April...

[http://www.youtube.com/watch?v=Iyhkiz8BSCM](http://www.youtube.com/watch?v=Iyhkiz8BSCM)

[http://techcrunch.com/2013/04/28/pay-with-bits-wants-to-
be-t...](http://techcrunch.com/2013/04/28/pay-with-bits-wants-to-be-the-
square-for-bitcoin/)

[http://paywithbits.com/](http://paywithbits.com/)

~~~
jhales
Checked out site, but they don't seem to be "up" \- just requesting signups
for a beta.

------
taylorwc
I don't know what the impact of this will be in first-world countries, but it
strikes me that this will really open bitcoin up in developing countries that
have poor data availability. Just look at what M-PESA has been able to do via
SMS.

------
MichaelGG
Serious question: How many of you actually use SMS applications, besides
texting people?

For example, Wells Fargo keeps telling me I can bank over SMS. But why would I
do that versus using their mobile site?

Or is this just for "downmarket" folks?

~~~
barmstrong
There are people who use it in the first world, but yes the killer app is in
the developing world. Smart phone penetration in India for example is about
3%. Even in the U.S. it is about 45% I think from when I last checked.

------
Xanza
>
> [https://www.youtube.com/watch?v=4F4qzPbcFiA](https://www.youtube.com/watch?v=4F4qzPbcFiA)

Although it's a pretty cool idea, I was under the impression that the entire
basis of a crypto currency was to keep anonymity...

~~~
oleganza
Everyone defines for himself what's the point of Bitcoin is.

For some it's anonymity. For others it's cheap way to pay for stuff. Or only
possible way (if CC are not working in your country). Or an wealth storage
vehicle and protection against inflation. Or vote against USD and wars. Or a
tax evasion tool.

------
droopybuns
SMS can be shown to be denyable. In security taxonomy- SMS does not have the
property of non-repudation.

SMS as a protocol for financial transactions is a broken design.

------
gailees
Holy shit. This just changed the game. Venmo best be scared bc bitcoin is
perfect for early p2p adoption. Much lower barrier than between consumers and
businesses.

~~~
nooron
Yeah. Bitcoin's a great way to bump cash between people. That said, there's so
much $ being poured into different mobile payment methods that I'd be hesitant
to call it the clear front runner.

Also, you still haven't called me about the hackathon, David.

~~~
patcon
Nobody wants to hack with you, Jordan :P

Also, thread-bottom party at HN. Whoop.

~~~
nooron
This is very silly. I'm serious about pitching in on MHacks though. I have
entirely too much time on my hands post BitBox.

------
thezach
First to send spoof sms messages wins. SMS for money transactions? UNSAFE

------
mercenarydevs
I'm hoping they open source the SMS handler library used for this.

