Summary: Yes, there was a bug, we fixed it, but it was not exploitable in practice for a variety of reasons. Most importantly, the seed phrase wasn’t being transmitted in plain text.
I'd be surprised if it doesn't use TLS?
I'm certainly not saying it was someone at Google, but it would be a mistake to not consider them an adversary in the battle to secure your funds.
Claiming that someone at Google stole the funds is quite an extraordinary claim. You should have more proof than just the seed being sent to their spellchecker.
It certainly is an extraordinary claim, but there does come a point where the totality of evidence points to the likelihood of it. I'm not saying we're at that point, but in my mind we've reached the point of reasonably possible.
I saw someone in the parent comments mention that using your phrase on a machine connected to the internet can be risky... how can you make use of those coins then? Do you download some onto a usb to manually transfer over?
> He argues that Coinomi’s built-in spell checker automatically checked his seed phrase which involved sending it as plain text to a Google-owned website. This meant it could have been intercepted, leading to the loss of funds.
"As plain text" here almost certainly means "fully encrypted with TLS"...
I think the argument though is that the request is being logged and that some employee is reviewing logs and grabbing data.
If that is the case, then it seems there is a known pool of suspects to charge with theft...
I'd wager there was just some malware on the machine.
The regex is so simple I think it a little naive not to assume _someone_ has a script running to sniff out keys. It would be trivial for an ISP employee to watch for such strings in unencrypted traffic streams. Think what cloudflare could find if they went looking.
I strongly suspect grepping against inbound production traffic to Google's spellcheck service is fairly difficult to do unnoticed.
Malware, on the other hand, is quite prevalent. Plenty of folks lose their crypto on a daily basis in that manner.
To disable it, the developer needs to add the "textNoSuggestions" flag to the input type.
The article seems to have been written by someone who has a poor grasp on security terms.
I'd recommend reading the researcher's write-up and avoid getting the wrong idea of what's happening there: https://www.avoid-coinomi.com/
It frustrates me that unfamiliar people are going to see this article (or ones about random fly-by-night exchanges running away with deposits) and just come away thinking this type of problem is an unavoidable part of cryptocurrency, which it's not. Maybe it is for people who don't do their research, but I'm not telling them to use cryptocurrency. I hate that whenever there's talk about cryptocurrency, these amateur cases dominate the conversation. It'd be like if every time the act of camping was brought up, people were aghast and talked about how unsafe camping is and how it's a horrible thing because of how some family died camping recently (after they went camping in the middle of the desert without supplies).
It seems rather likely to me that something like this would never be spotted by looking at the source, you'd have to analyze the application at runtime.
For those amounts, use a hardware wallet, or software that supports generating the transactions offline so that the device with the key never has to go online.
If you know someone holds cryptocurrency, doesn't hurt to attack their AWS account in case they are running bitcoind on EC2.
Possible? Sure. Likely? No.
The corroboration with the two users from Reddit is useless because they didn't use a seed phrase.
edit/ To clarify: Yes, this is a stupid practice. You should be doing this locally or ideally not at all. But thinking Google is stealing your coins is a pretty big stretch.
As the technology improves, all this stuff will be abstracted from the user. There are ongoing experiments to solve this issue such as a way to store your keys in a decentralized manner in case it is lost. This can be combined with the ability to automatically move funds to different accounts periodically and also to keep funds spread across different accounts. The UX will come and the are many efforts working on this. It just takes time.
You have to argue that this maturation process will not be plagued by the sorts of issues that our very mature regular banking system is. And that's not a certainty.
That first sentence is a great way to start an argument. And having been there for the rise of the PC, I do not agree with your analogy. Just like with the Internet analogy that usually comes up, the problem with PCs was more getting one. PCs were very expensive, cryptocurrencies are plenty available to anyone who wants them. There were skeptics with PCs, but still people jumped readily at every use case opportunity that presented itself and constantly came up with new ones. The blockchain is trying to find them for years and years now.
As for the abstraction: Well, yeah, you abstract the whole "cryptocurrency" aspect away to make it work, until you may as well just use the proven, regular banking system. And then to allow for such regular processes as litigation or the simple undoing of human mistakes, you abolish the "immutable ledger" concept entirely.
Am I bitter and salty about it? Given that cryptocurrencies are now consuming more energy than all solar panels combined, singlehandedly erasing the progresses we made there: Yes, definitely.
I'm not optimistic. We still have an Internet on which it's basically impossible for a non-expert user to reliably send or read encrypted email.
The only hardware wallet compromises I've heard of still required someone to have physical access to the device. If you can keep the device in your possession, it's still much safer than any of the alternatives.
To harvest user text for marketing analytics of course. Never mind.
Dictionary updates are also tiny and local storage is gigantic compared to the size of even a massive multi-language dictionary. This is just total nonsense.
But yeah, if you have access to the world's repository of [something], it's very interesting to see who wants to find out about that thing. Like people editing Sarah Palin's Wikipedia page days before she was announced in 2008. Or Apple forbidding use of Google in their office, because hey, imagine if there's a spike of Google searches for a specific chip or technology from a particular Cupertino IP, and someone is watching.
Or if you control people's communication media and can see who's messaging who, with what frequency, and what content (Hello Mark!).
In this case my first guess would be the database and deployment. That spell checker supports three hundred and umpty-seven languages, right? And I've heard it's based on the words from Google's web index, which I imagine some people might be happy mirroring on their phone but others not.
Things like mobile apps and cloud-based assistance services are guilty unless proven innocent and I only use them if the value proposition is so high that the cost/risk is acceptable. I also try to limit their permissions as much as I can.
I tried Grammarly for five minutes. It was cool, but I dropped it when I realized that its business model was obvious. It was uploading every single thing I typed into anything to the mothership. Not only is this invasive as hell but it's also a massive security vulnerability. I don't feel like having my company's bank accounts emptied because someone hacks Grammarly or a disgruntled employee dumps the database and sells anything that looks like an account number on the dark web.
I've had conversations with a number of my coworkers who deal with sensitive (PII) data about the plugin. None had realized it was phoning home to do its work, and in every instance so far they've uninstalled it immediately afterward.
I think a blockchain fits well when you need to verify a legal authority, like a felonies database (can you trust the cop that filed the report?), but otherwise it kind of just goes around the legal system; by doing so, you're just re-inventing the wheel.
This is not dissimilar to how cash works -- if someone takes my cash, by fraud, by theft, or in legitimate exchange for goods or services, that's it. They can now spend it however they want. Cash itself is a trustless system in the same sense. Where there is trust it's largely a matter of preventing forgery; which is not dissimilar to the idea of preventing double-spends.
But until Bitcoin there was no real way to do cash-like transactions electronically.
In other words, the utility of Bitcoin is well-established; humans have been using cash for a very long time. The implementation is novel. I don't speak here to the general "blockchain" concept, which has become so nebulous that I don't feel it's worth making general statements about.
>But until Bitcoin there was no real way to do cash-like transactions electronically.
There was Venmo and all the other small cash transfer apps. BTC is decentralized but that's of questionable worth to an end user.
The entire point is Bitcoin is like "cash for the Internet" in that once I hand someone $20 in BTC it's just like handing them $20 in physical cash. I have no third party either telling me I can't make that transaction, or with the ability to reverse the transaction after the fact. This is a feature, not a bug.
Anything to disintermediate financial institutions that like to apply political and corporate policy on who I can conduct business with is a good thing in my opinion. This means my options when the third party frauds me are the traditional options employed by folks dealing with cash transactions since money was invented. I can sue them in court, forget about it, or round up some friends with lead pipes.
I think many folks completely miss the point. Cash is useful. Cashless society is about the worst dystopia I can imagine - with unaccountable third parties and government able to track your every spending move, while simultaneously applying their political or legal policy to every transaction. Bitcoin's first step into introducing cash-like digital currency is the innovation, and it clearly is needed. Certainly not perfect (privacy could be far better, security is a real problem, etc.) - but it's far better than anything that had previously come along.
Comparing venmo to bitcoin is simply not a comparison - they solve entirely different problems. Venmo lets you send money from your bank account to another bank account with all those political and legal restrictions applied to your transaction. Bitcoin effectively lets you send cash to anyone you want, in any amount, and no one can stop that transaction from happening because they didn't like the person you are sending it to or what you were buying.
I do agree most users do not have the same concerns so the use case is far more limited than the hype. I do also still see a lot of value in "digital cash" as a whole, but I never really bought the whole store of value argument and the raft of grifters it attracted.
Yep. Gotta agree with Jayd16 here, if you still need law enforcement, (ie - government), then bitcoin is not useful for operating without trust. The breathless hype about bitcoin was not just the technology level "distributed ledger" thing, but also the idea that you could do things independent of the system. If you still need the system to make it all work, then it definitely fails on the latter hype point.
Bitcoin is independent of the "system" but that doesn't mean you don't still need some system. You're just not locked in to any particular system. Using bitcoin doesn't automatically make you an anarchist.
Is this something that actually happens? Police hardly help with with recovering stolen physical goods; I highly doubt they'd even consider helping if your crypto gets hacked
Then you are effectively trusting a third party to make it right when you have been wronged. Isn't this contradictory to the promise of blockchains: That trusting a third party is not required??
Taking this further, you are saying that the data on a blockchain cannot be trusted because the transactions might be reversed due to outside action. Honest question: How does this fit into the concept of a blockchain?
Your comparing cash to something electronic. No matter how you spin it Bitcoin is not physical. It’s more akin to cash in a bank account. Cash is in my hand, Bitcoin is virtual.
>The $0 Liability Guarantee covers fraudulent transactions made by others using your Bank of America consumer credit cards and consumer and small business debit and ATM cards. To be covered, report transactions made by others promptly, and don't share personal or account information with anyone. Access to funds next business day in most cases, pending resolution of claim. Consult client and account agreements for full details.
Losing $60,000 in Bitcoin is like losing $60,000 in cash. It’s not exactly a surprise that it can happen, and it’s expected that there will be no real recourse.
I think the trouble is that people still aren’t really thinking of it properly. If this story happened with cash, the first question everybody would be asking would probably be, “Why did you have $60,000 in cash sitting around? What did you think was going to happen?”
Like cash, most people shouldn’t be holding large amounts of Bitcoin themselves. If they want large Bitcoin holdings for whatever reason, they should be held with a trustworthy entity that can properly secure them, like a bank. If they do insist on holding large amounts of Bitcoin directly, they need to understand that it’s like keeping a vault full of cash, and they need to work hard to keep it secure.
Cash is a fiat currency and reproducible infinitely by the controlling government. The point of gold (as a money medium) is that it self-regulates the amount in circulation by being a tangible material in finite supply with cost associated in seeking more. This model has significant benefits and drawbacks (and, it's probably worth noting, its drawbacks are what led to the fiat model most countries use today).
Neither do I.
Practical digital cash of the type you describe needs to have two properties in addition to preventing double spending-- a) quick transaction time (close to immediate) and b) extremely small fees. Otherwise having small amounts of the digital cash doesn't make any sense.
Worse, you've got prior art in Ecash that not only had those properties but also unlinkability. So it can be done, Bitcoin doesn't do it, and as a result the market for it is extremely small and out of touch with the hype around it.
No such entity exists.
Transaction wise, cash transactions happen both live and physically, meaning you have some means to make sure the counterparty honors their part of transaction. Electronic cash systems involve third party to coerce the counterparty or refund you. In Bitcoin world, apart from hopes and dreams and magical reputation, there is literally no way to stop the counterparty shoving you their Prodeum. Bitcoin removes the trusted third party of electronic cash, but fails to introduce physical measures of physical cash.
Bitcoin transactions are hardly even transactions, more like throwing money into numbered bin and hoping for the best. To be fair, the system has not gone down the drain once some form of market formed, so the hopes mostly did not backfire. The absence of full transactions in my opinion (I may be wrong, though) means Bitcoin IOUs cannot exist and with that whole financial products market, for better or worse.
Loss wise, cash is either in your posession or not and a lot of times can be recovered when lost. Stolen private keys can remain dormant for indefinite amount of time until they are actually used to move coins to a different address. With cash that one has in their immediate possession it would be immediately obvious if someone tries to take them away. If physical cash bills got sticky, you have taken an extra bill, dropped it on a counter and noticed your mistake, then you can still take back the extra bill. If you have transferred too much/many coins, then it's SFYL. Forgetting a wallet with physical cash somewhere can be SFYL, can still be recoverable if no one took possession of it. Losing access to private keys is permanent SFYL.
I'm assuming you're referring to threat and/or use of violence, but that's not a viable option if the counterparty is prepared. Are you really willing to get into a fist/knife/gun fight if you're trying to sell a Xbox and the other side doesn't want to pay up?
The point is that the threat model of Bitcoin is quite different from that of cash.
This is another example of how people don’t think of it properly. Sending Bitcoin to some stranger online is basically equivalent to mailing them cash (minus the chance of having the letter stolen). Most of us would understand that mailing cash to a stranger is probably a bad idea, but Bitcoin is used differently.
You say that like it's a bad thing. Bitcoin is something that has the advantage of physical cash (trust-less) and the advantage of electronic communications (you can't practically send cash to the other side of the world).
It also, of course, has the disadvantage of physical cash which is, once it's gone, it's gone. There is no way to reverse trust-less transactions now and there was none in the (pre-Bitcoin) past. Nothing has changed there and this is not what crypto solves. What crypto solves is trust-less transactions over the internet.
In your bank example, the bank likely took the financial hit. With bitcoin as an underlying tech, there's some reduction of risk (with a whole bunch of asterisks).
Bitcoin is more akin to cash in hand than cash in a bank account, the title of the white paper is a 'A Peer-to-Peer Electronic Cash System'.
It behaves like cash.
Of course, it is. The government could force everyone to send Bitcoins to a special account which is then distributed to victims (i.e. a tax). That would actually be better than what we have now. By printing more cash, people with cash are punished while actually rich people (who own stock, real estate, factories, jets etc.) are not.
In places where there have been cryptocurrency thefts that have been prosecuted, they have been primarily pursued as cases of theft -- the US statutory definitions of theft usually only use the monetary value (the USD equivalent) as the determiner of the severity.
While such a policy of "do not pursue bitcoin theft" would theoretically be possible either as an explicit policy or an informal, I thing it would be unlikely to survive judicial scrutiny; it would be like insisting that car thefts only be investigated and prosecuted for American-made cars.
You can break the cryptocurrency usage into 4 main groups: Speculators, Lawbreakers, Libertarian types, and Techies. Otherwise, the financial system provides cheaper or more convenient options for payment.
Again, the world is much bigger and more nuanced than you think, non-covertible currencies are a thing and they are due to a country's central bank policy not money laundering laws.
> the financial system provides cheaper or more convenient options for payment.
No it does not, if I had had ways to pay for a server using my country's currency, I would have used it.
What difference does it make which law or "policy" the users are circumventing?
>No it does not, if I had had ways to pay for a server using my country's currency, I would have used it.
And if it were legal to do so there would be a way.
People in small villages have modern cell phones and thanks to the govt military owning the primary telco, fast internet. They might not have access to a bank due to being so remote. They also don't trust their banks, for good reason .
Meanwhile in SF, the homeless all have cell phones. They are also frequent customers of Bitcoin ATMs according to an convenience store clerk that I asked because he watches over one.
2) How exactly is it a good idea to have your wallet on a cellphone?
As for homeless & Bitcoin ATMs. Yes:
3) That's how I'd launder money too. Pay off a homeless person to go to a bitcoin ATM.
4) That's how I'd conduct drug deals too if I were homeless and in the drug trade as buyer or seller.
You can't just say "homeless people use bitcoin ATMs therefore bitcoin is good for homeless people".
(no, I'm not saying homeless = drug related, and you know I'm not)
What I mean is that this is a non-solution to that problem.
It's the same logic where cryptocurrency advocates say that if a country's currency goes down the crapper then the people can use bitcoin, and the country can't break that! But why can't they just use dollars, or euros, instead? Because the local government would make that illegal! Why wouldn't they make bitcoin use illegal? Because... because... shut up!
The killer feature for bitcoin is buying drugs. It's essentially all it is for. That and tax evasion and speculation.
Sometimes, reinventing the wheel is exactly the point when the wheel has been engineered to favor the engineers.
You can't point to one case and say that it doesn't work. My experience is that you as a consumer will win a chargeback. It's so reliable that there mere mention of it to a merchant will make them refund you, because their fees go up if their chargeback rate goes up.
Also cryptocurrencies make this infinitely worse, not better.
If you want to make a case for cryptocurrencies you should actually go with the safety for the merchant, not the consumer. The consumer holds the power with credit cards. But then again today the merchant can always choose to only take debit cards, thus fixing the whole problem.
And it's not like you don't have to trust anyone to use cryptocurrencies. The government will still kick down your door if you break the law because that's what people want from society.
If a cryptocurrency scales and somebody pulls off a Madoff-level theft (>$64B USD), could you guarantee some amount of clawbacks by technology alone? I wouldn't bet on it.
... which has never been done before on Ethereum (or Bitcoin). Are you talking about Ethereum Classic? It's something entirely different and amateur. Using it as a criticism of Ethereum is like complaining banks are untrustworthy because a kid at school called himself a bank and didn't give the money back you lent him.
It doesn't have anything to do with trust and definitely doesn't provide any form of it, but trust is at the core of several human concerns like currency. Thus, blockchains are fundamentally unable to serve those uses regardless of how much hype is thrown at it.
Blockchain provides nothing, and people end up building replicas if real-world trust systems around it (even silk road had a reputation system not built on blockchains)
In this case, instead of a verified, regulated, audited central bank, you've decided to instead trust anonymous, unaudited, unregulated actors who vote in majority.
It's the difference between trusting Facebook to keep your messages private and trusting PGP to keep your messages private.
Humans are soft, irrational and messy in interactions. This isn't compatible with the perfectly technical math-based operations of bitcoin as a currency, and that's after they choose to trust it in the first place.
It's also worth mentioning that Bitcoin and Ethereum have never had a 51% double-spend attack. People do occasionally go through legal hell related to their bank/paypal/whatever accounts, or have problems sending money through their bank to who they want to send it to.
There's a reason why the legal system exists to offer you the case-by-case evaluation when needed. Many people have lost money through bitcoin, through hacks or poorly coded contracts, or to scams, or directly funded criminals and terrorists. Those people would have much preferred a little "legal hell" as you call it rather than no recourse at all.
There is no such thing as a trustless currency.
Gold and silver are the original currencies. They are trustless because they can be verified easily and transferred physically.
The more trust a currency requires, the less valuable it becomes due to decreased fungibility and liquidity.
So if you have the private key in your hand, and the address with your Bitcoin still has Bitcoin, while someone else could have your private key, why wouldn't they just transfer the money out?
Except if we are wrong in those other cases, we can usually use the legal system to help us recover our stolen property.
> So if you have the private key in your hand, and the address with your Bitcoin still has Bitcoin, while someone else could have your private key, why wouldn't they just transfer the money out?
Maybe they are waiting for you to deposit more bitcoin into that address, or maybe they are waiting to collect more private keys before exploiting them all at the same time, or maybe they... why speculate?
The idea that money can disappear without recourse because of one mistake in security or one highly motivated targeted attack is not, in my opinion, a desirable property of a currency.
Well, from a criminal's point of view, I don't see the upside in waiting. The owner of the coins could move them at any time, and then your loot is gone for good. I think it's safe to assume that if someone else has possession of your private keys, your addresses will be drained immediately.
Or the fact that in pull based financial systems like the US, someone who got your debit card number when buying a coffee can charge you again in the future, so you need to be eternally vigilant with your statements.
To me, cryptocurrency is a breath of fresh air in these regards. It's a predictable system to plan around.
Which is why banks analyze your transaction history, and call you when they observe suspicious patterns of use of your credit card.
I'm not so naive to say that one thing is the best, but I'm willing to speak up for trade-offs in these absolutist arguments.
The per-transaction costs of this fraud-prevention are miniscule, the false positives don't affect me (I get a phone call, and I tell them everything's fine), and I have recourse, both procedural, and legal against false negatives.
Just because you sprinkle a bunch of crypto powder on a transaction doesn't mean that all possibility for fraud goes away. The median per-transaction cost in crypto for this sort of thing is zero, while the worst-case cost is 'you lose the entire transaction/all your money'. And that latter one happens far too frequently for me to bank my life on it.
You've been steering this towards your crypto=bad hobby horse. But if your point is that you wouldn't "bank your life" on something, we can agree. I wouldn't "bank my life" on anything, like hoping I catch a recurring payment on my debit statement that I 100% canceled.
That one's not too hard - if in any doubt transfer to a new wallet with a new private key.
Nothing is 100% secure - you can but do a reasonable job. My biggest worry when I have my own keys is losing the keys rather than being hacked.
I think the block chain philosophy as far as crypto currency and use for legitimate business just doesn't go hand in hand like some folks thought it might. People really don't want to do business if there is zero trust, and centralized databases, and strong courts, are fine. Even when there aren't strong courts blockchain doesn't so much fill the gap as provide a risky solution... that involves a lot of illegal and undesirable behavior.
It comes with unique upsides, eg: a central bank can’t inflate them, which for monetary assets, is a massive part of the valuation equation, eg: I can transact in them in a collapsed economy with no functioning money (ie venezuela). It comes with downsides, eg: if i get my bitcoin stolen I have less governmental power to find redress. But there’s a bit of a fallacy in the thinking that fiats are better from that perspective.
I would argue fiats are generally the same but the government has an additional option in that they can print more money to make specific people whole. Example a bank goes under because there was fraud, someone managed to pull out fiat through some means (pulling out cash for example). Because the government owns the press they can print more fiat to make depositors whole. This isn’t a magic bullet though, because you’re in effect imposing a monetary tax on the rest of the fiat saving community by doing so.
Outside of that solution, which isn’t a 0 cost one, the situation is identical to cryptos, you have to go through the courts to get your stolen holdings back. And if you lost them, it's no different than if your bundle of cash had gone up in flames or your stash of gold had gone down with a ship, you'd be out of luck. The massive thing cryptos provide is a digital savings mechanism that can’t be inflated by a central agent. If you’re a digital monetary saver, that’s a hugely compelling alternative which has a massive potential market base.
Going around the legal system is actually a big deal both for straight criminal stuff like extortion and also things that morally not too bad but where the law is a pain like raising money for ventures with less paperwork and fees or sending funds to Venezuela without the approval of its present government.
This premise is not true and is one of the (many) reasons why blockchain is just a buzzword.
Maintaining the ledger still requires trust, even if that trust is less centralized than a single company (and thats often not the case either)
Many holding crypto currencies are using the funds as investment so I assume they were aware of the high risk to loose all the funds for various reasons. Once the crypto investments/ponzi scheme is gone we can work on crypto payments.
This article is about an unproven accusation that Coinomi wallets can be exploited because the seed phrase is spell-checked over a TLS connection.