Hacker News new | past | comments | ask | show | jobs | submit login
The password guess worth $240m in Bitcoin (bbc.com)
33 points by LittlePeter 10 days ago | hide | past | favorite | 32 comments





Deleted his tweet but Alex Stamos offered help for a 10% cut

https://web.archive.org/web/20210112200826/https://twitter.c...

https://web.archive.org/web/20210112142941/https://twitter.c...

>Um, for $220M in locked-up Bitcoin, you don't make 10 password guesses but take it to professionals to buy 20 IronKeys and spend six months finding a side-channel or uncapping. I'll make it happen for 10%. Call me.

>We're not talking about some NSA-built crypto processor installed on an SSBN, but an old $50 piece of consumer kit. There is no way it's hardened against the last ten years of USENIX papers that have never been used in practice.

Co-founder and former IronKey CEO also chimed in

https://twitter.com/davejevans/status/1349075762322702336

https://twitter.com/davejevans/status/1349083685165834240

>I was co-founder and CEO of IronKey. We had numerous conversations with the NSA during the development of the products. If the person is using the first generation of IronKey before we sold the company to Imation, it will be very challenging.

>A good first step is to try to image the NAND flash. Then it will not be destroyed. You can certainly try to brute force the AES encrypted contents. It's CBC mode AES by the way. Keys generated by FIPS compliant RNG. See you in 1,000 years.


CEO of crypto company claiming their product is secure isn't super meaningful. It might be true, but they would probably say that regardless.

That said, side channels may not be that relavant if you're starting from a place of having to guess the key. Usually that's more about leaking secrets, not bypassing the encryption from a cold start state.


How annoying that Alex Stamos deleted both tweets when it became apparent to others he was talking nonsense.

> >We're not talking about some NSA-built crypto processor installed on an SSBN, but an old $50 piece of consumer kit. There is no way it's hardened against the last ten years of USENIX papers that have never been used in practice

I don't have much hope for his twitter byline:

> Trustworthy tech at the Stanford Internet Observatory

Obviously not trustworthy if he's deleting tweets which show him in a negative light - i.e. talking authoritatively out of his arse on subjects which more informed people call him out on. And then deleting any evidence of it.


>Obviously not trustworthy if he's deleting tweets which show him in a negative light

Or, you know, maybe gobs of people crawled out of the woodwork harassing him and/or begging him to get into their wallets that they can't access. Both of which are extremely plausible and valid reasons for deleting the tweet.

Even the individual with the wallet going "sure, let's talk offline" is a valid reason to remove tweets.


Maybe re-read my comment. He deleted multiple tweets including the one I quoted:

> We're not talking about some NSA-built crypto processor installed on an SSBN, but an old $50 piece of consumer kit. There is no way it's hardened against the last ten years of USENIX papers that have never been used in practice


I know David. If he's saying it, then it's very likely true. Smartest guy I know...

"very challenging" ≠ impossible

It would be very challenging for ne to build an app, for many people on HN, it would be trivial.


Yes, and for that kind of money Ehrlich Bachman would take 5% to let you crash at his place while you figured out how to crack the password.

Area men talk book

The wallet is stored in a Kingston IronKey [0] secure USB flash drive. The hardware encrypted USB allows you to enter 10 times a password before its rendered useless. It has hardware tampering and you can't make an image of it so that you can try more times. If you put the password wrong 10 times you lose all the data but you can erase/reformat the drive and still use it. Original tweet of Stefan: https://twitter.com/justmoon/status/1349069290587058177

[0] https://www.ironkey.com/en-US/


Should have used a password manager.

Downvoters: Ok so how should he correctly remember that huge password that unlocks his $240m (7,500 BTC) wallet with in 2 attempts? Pen and paper? All from memory?

Next time use a password manager. Period.


Password manager use while applying an indirect name for the entry isn't a bad idea, especially if it's your main PM since you can obfuscate it among the other entries.

It sucks that people are learning the hard way of their incredibly secure but unrecoverable methods. It's also a shame that there are probably countless instances of this and so a considerable amount of bitcoin is just totally lost and out of circulation, permanently.


> It sucks that people are learning the hard way of their incredibly secure but unrecoverable methods. It's also a shame that there are probably countless instances of this and so a considerable amount of bitcoin is just totally lost and out of circulation, permanently.

Unless you own a bunch of btc, then it's deflation.

Though yeah, very sad.


No. You should not use a password manager for a hardware security device. The point of those (among other things) is to protect you from your computer being compromised. It defeats the point if you stuff the password into your computer. Security is about the weakest link.

Password managers are good advice for 99% of use cases. Protecting an asset worth hundreds of millions is a bit of a special case and you shouldn't follow the same advice as if you were trying to protect your hacker news login credentials.


Never put all your eggs into one basket. I only own a negligible amount of coins but have them distributed among 4 storage methods, one of them a printout in a book

As is the case here, what is negligible now may not be in the future.

How many coins?

Articles like these have it backwards if you ask me. If he had access to the device then he probably would have sold (most of) his bitcoins a long time ago.

This is a great point. If he manages to get it unlocked, forgetting the password is probably the best things that’s ever happened to him

Could this kind of problem be solved well using smart contracts? (Not for Bitcoin, obviously, but on some more sophisticated blockchain system).

Like, have a thing where if your wallet is inactive for a period of greater than one year then all the money inside gets transfered to your spouse/mother/financial-trust so that you can recover it?


This can actually be solved using smart contracts in bitcoin, it is built into the underlying bitcoin opcodes -- CSV https://github.com/bitcoin/bips/blob/master/bip-0112.mediawi...

This is the underlying mechanism for Unilateral Channel Close in the lightning smart contracts (on bitcoin), a timeout spend clause.

Note: It wasn't a thing when these coins were first acquired, so it doesn't really help in the situation.


Ironically, losing access to a wallet helps drive Bitcoin prices up, because there are fewer Bitcoins floating.

What's ironic about that?

I see it as ironic as the reason it’s valuable and they want access is because people keep losing access driving up the price

Yes, ironic in the sense that, by retiring those bitcoins from circulation, usable bitcoins are more scarce, which drives prices up, making the loss even more valuable in the future.

Who'd want an IronKey digital wallet after reading this!

On the contrary, I think it's good marketing for IronKey if their bruteforce/tamper resistance has held up in the face of someone with that much motivation to bypass it.

I had to throw my Ironkey away because it doesn't work over USB-C to USB-A adapters

That’s also a positive

The same people who wanted one before?

This is the entire point of having a hardware wallet. If this situation changes your mind about them, then you were clearly just buying them blindly without knowing what it is.


bought one actually - not quite due to this news, but because it reminded me I needed to get around to it.

It solves a fun niche for me - a relatively secure but technologically simple way for my parents to keep in the safe in case of my early demise. My spouse and in-laws have the PIN codes in their safes.

Seems about as good as I can get to store any keys/passwords/sensitive digital info you have without needing a SRE to be involved with unwinding your estate.


What's to stop someone from buying an old IronKey, telling this same story, and then auctioning it off for millions? (valued for both the small chance of decryption and for the media attention)

Are there foolproof ways to verify these claims?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: