
Alleged Coinomi exploit shows how easy it is to have Bitcoin stolen - timcc50
https://decryptmedia.com/5414/alleged-coinomi-exploit-concern
======
rory096
To _Google Chrome 's_ spellchecker. It's a bad vulnerability, but it's
unlikely that it's really the attack vector here.

~~~
Veen
Right. The "thief" would have to be extremely lucky to have been intercepting
the right data, recognized what the key was, and used it. As mentioned in the
story, I suspect this chap found the vulnerability and is hoping to parlay it
into a payout.

~~~
cjbprime
No, more than that: assuming the connection to the spell checker uses TLS, the
thief would have to _be Google_.

I'd be surprised if it doesn't use TLS?

~~~
hackinthebochs
There was another instance of a massive coin theft a year or so ago and the
weak link again was the recovery seed being sent to a Google server. The guy
described his operational security and it seemed like he did everything right.
The only slip up he could point to was that he had mistakenly pasted his seed
into his Chrome address bar (which then performs an automatic lookup). It was
shortly after that when his funds were drained.

I'm certainly not saying it was someone at Google, but it would be a mistake
to not consider them an adversary in the battle to secure your funds.

~~~
781
A ton of people use GMail for their crypto accounts.

Claiming that someone at Google stole the funds is quite an extraordinary
claim. You should have more proof than just the seed being sent to their
spellchecker.

~~~
hackinthebochs
I'm not sure what the volume of gmail accounts is supposed to demonstrate. But
gmail is known to be high value, and so it stands to reason that internal
safeguards around access to gmail accounts would be much greater than data
from a spellcheck API or search autocomplete.

It certainly is an extraordinary claim, but there does come a point where the
totality of evidence points to the likelihood of it. I'm not saying we're at
that point, but in my mind we've reached the point of reasonably possible.

~~~
eridius
Spellcheck API or autocomplete is also expected to end up with a _ton_ of
sensitive information sent to it. I would expect them to either not keep logs
of the actual query strings to begin with, or heavily restrict access to them.

------
ccnafr
It's not an exploit. It's a vulnerability baked in the wallet app source code.
There's a difference.

The article seems to have been written by someone who has a poor grasp on
security terms.

I'd recommend reading the researcher's write-up and avoid getting the wrong
idea of what's happening there: [https://www.avoid-
coinomi.com/](https://www.avoid-coinomi.com/)

~~~
Dirlewanger
Yup, not saying that if Coinomi was open source this wouldn't have
happened...but, chances are someone would have caught this if it was.

~~~
AgentME
All I can think is who the hell even uses a closed source cryptocurrency
wallet? I'm not completely an open source purist in all places, but if there's
ever a place to be one, it's in cryptocurrency. You'd think people that wanted
to hold money that they didn't trust to banks wouldn't then trust that money
to a random unreviewed app.

It frustrates me that unfamiliar people are going to see this article (or ones
about random fly-by-night exchanges running away with deposits) and just come
away thinking this type of problem is an unavoidable part of cryptocurrency,
which it's not. Maybe it is for people who don't do their research, but I'm
not telling them to use cryptocurrency. I hate that whenever there's talk
about cryptocurrency, these amateur cases dominate the conversation. It'd be
like if every time the act of camping was brought up, people were aghast and
talked about how unsafe camping is and how it's a horrible thing because of
how some family died camping recently (after they went camping in the middle
of the desert without supplies).

------
wcoenen
If I were a security consultant, I would be a bit more hesitant about telling
the world that I casually entered a seed phrase worth $60K into an online
device, never mind which software it was. The report mentions that the seed
phrase originally came from his exodus wallet (desktop software), which is
also a wallet that is not suitable for storing such large amounts.

For those amounts, use a hardware wallet, or software that supports generating
the transactions offline so that the device with the key never has to go
online.

~~~
updateYourMind
Can someone who finds your hardware wallet use it to sign tx? I'm guessing
there is a PIN.

~~~
hanniabu
Yes, there is a pin and usually a limit to attempts. Ledger has a 3 attempt
limit and then it'll reset the device. You can retrieve your funds by entering
a 23 word mnemonic phrase that was generated when first setting up the ledger
(and keys).

~~~
Zenbit_UX
24 word

------
paraxisi
The video in the article essentially shows nothing; the claim is "Google stole
my coins."

Possible? Sure. Likely? No.

The corroboration with the two users from Reddit is useless because they
didn't use a seed phrase.

edit/ To clarify: Yes, this is a stupid practice. You should be doing this
locally or ideally not at all. But thinking Google is stealing your coins is a
pretty big stretch.

------
40acres
Decentralized currency is simply not viable for the mainstream, an economy
needs institutions that can be relied upon and a certain level of centralized
control to take the wheel when things go sour. There are still gains to be
made via speculation but the dreams of folks like Nick Szabo will not be
realized with crypto in its current state.

~~~
hanniabu
Everyone on here seems to be very bitter and salty about this stuff and I'm
not sure why they're not seeing the bigger picture. This is probably the same
group that would have laughed at predictions that there would be personal
computers.

As the technology improves, all this stuff will be abstracted from the user.
There are ongoing experiments to solve this issue such as a way to store your
keys in a decentralized manner in case it is lost. This can be combined with
the ability to automatically move funds to different accounts periodically and
also to keep funds spread across different accounts. The UX will come and the
are many efforts working on this. It just takes time.

~~~
dreamcompiler
> As the technology improves, all this stuff will be abstracted from the user.

I'm not optimistic. We still have an Internet on which it's basically
impossible for a non-expert user to reliably send or read encrypted email.

~~~
hanniabu
I believe this is done on purpose because it's not in the company's interests
to have your data encrypted. There's no incentive for them to make it easier.
It's certainly possible though.

------
anjc
Between people losing their keyphrase, to software wallets being hacked, to
hardware wallets being compromised...at what point is it more safe to just
keep your coins on a reputable, insured, exchange? I think the odds of
Coinbase doing a Mt. Gox are a lot more slim than the odds of a random person
screwing up their own storage solution.

~~~
AgentME
>to hardware wallets being compromised

The only hardware wallet compromises I've heard of still required someone to
have physical access to the device. If you can keep the device in your
possession, it's still much safer than any of the alternatives.

------
dontbenebby
Why would you spell check a password? Passphrases are in vogue, but a field
whose very mature is to be high entropy probably doesn't conform to
traditional spelling/grammar...

------
api
Why does a _spell checker_ need to live in the cloud?

To harvest user text for marketing analytics of course. Never mind.

~~~
SketchySeaBeast
You NEED live updates for spellcheck, or you'll end up with a bunch of red
squigglies every time you try and write "bingeable" or "rando".

~~~
api
So you click "learn." Done. This has been a solved problem since the 1980s.

Dictionary updates are also tiny and local storage is gigantic compared to the
size of even a massive multi-language dictionary. This is just total nonsense.

~~~
SketchySeaBeast
Yeah, sorry, that didn't come through in my text, it IS a ridiculous scenario.

~~~
api
Ahh! Yeah, your sarcasm went _whoosh_. :)

------
yingw787
I still don't get cryptocurrencies. Yes, a blockchain works when zero trust is
needed/desired for transactions, but that's still an implementation-level
concern, and implementations aren't perfect. Without legal means of redress,
somebody is always going to get burned. If there are legal means of redress,
then by definition you trust somebody, right?

I think a blockchain fits well when you need to verify a legal authority, like
a felonies database (can you trust the cop that filed the report?), but
otherwise it kind of just goes around the legal system; by doing so, you're
just re-inventing the wheel.

~~~
andrewla
Why would you say that there's no legal means of redress? If someone steals my
cryptocurrency, then I can still have law enforcement track them down and
attempt to recover the funds.

This is not dissimilar to how cash works -- if someone takes my cash, by
fraud, by theft, or in legitimate exchange for goods or services, that's it.
They can now spend it however they want. Cash itself is a trustless system in
the same sense. Where there is trust it's largely a matter of preventing
forgery; which is not dissimilar to the idea of preventing double-spends.

But until Bitcoin there was no real way to do cash-like transactions
electronically.

In other words, the utility of Bitcoin is well-established; humans have been
using cash for a very long time. The implementation is novel. I don't speak
here to the general "blockchain" concept, which has become so nebulous that I
don't feel it's worth making general statements about.

~~~
wil421
If someone steals money from my Bank account my bank will retun the money next
business day. No police reports required and little intervention on my part.
I’ve had it happen twice when my card was skimmed in Europe. Both times they
called me to report suspicious activity.

Your comparing cash to something electronic. No matter how you spin it Bitcoin
is not physical. It’s more akin to cash in a bank account. Cash is in my hand,
Bitcoin is virtual.

>The $0 Liability Guarantee covers fraudulent transactions made by others
using your Bank of America consumer credit cards and consumer and small
business debit and ATM cards. To be covered, report transactions made by
others promptly, and don't share personal or account information with anyone.
Access to funds next business day in most cases, pending resolution of claim.
Consult client and account agreements for full details.[1]

[1][https://www.bankofamerica.com/privacy/faq/data-compromise-
fa...](https://www.bankofamerica.com/privacy/faq/data-compromise-faq.go)

~~~
mikeash
Bitcoin is an attempt to make digital stuff that behaves as much as possible
like physical cash. In terms of the way it works, a bank account is very much
not the correct analogy. Cash is.

Losing $60,000 in Bitcoin is like losing $60,000 in cash. It’s not exactly a
surprise that it can happen, and it’s expected that there will be no real
recourse.

I think the trouble is that people still aren’t really thinking of it
properly. If this story happened with cash, the first question everybody would
be asking would probably be, “Why did you have $60,000 in cash sitting around?
What did you think was going to happen?”

Like cash, most people shouldn’t be holding large amounts of Bitcoin
themselves. If they want large Bitcoin holdings for whatever reason, they
should be held with a trustworthy entity that can properly secure them, like a
bank. If they do insist on holding large amounts of Bitcoin directly, they
need to understand that it’s like keeping a vault full of cash, and they need
to work hard to keep it secure.

~~~
fixermark
Correction: BTC is an attempt to make digital stuff that behaves as much as
possible like physical _gold_.

Cash is a fiat currency and reproducible infinitely by the controlling
government. The point of gold (as a money medium) is that it self-regulates
the amount in circulation by being a tangible material in finite supply with
cost associated in seeking more. This model has significant benefits and
drawbacks (and, it's probably worth noting, its drawbacks are what led to the
fiat model most countries use today).

~~~
mikeash
I don’t think “cash” necessarily implies fiat. Bitcoin’s model of creating new
currency is different from both fiat and gold, although it’s certainly a lot
closer to gold.

------
arisAlexis
so if an unknown mail provider in Zimbabwe gets hacked email is insecure.
Logical

------
YeahSureWhyNot
the crypto tech was marketed as the most secure financial instrument but so
far it has been repeatedly proving itself to be quite the opposite:)

------
MusaTheRedGuard
This entire thread: "Why don't you just use the post office why do you need
email?"

------
chdaniel
You know what's the most painful thing? If (I'd say when) years go by and
Bitcoin value is a significant multiple of what it is today... Much like those
who lost their wallets in 2011-2012-2013, most probably it will be haunting

~~~
isostatic
Wasn't there a Big Bang Theory episode where this happened?

~~~
glaurung_
Not sure about big bang, but there's a scene in the most recent season on
Silicon Valley about this scenario.

