>Um, for $220M in locked-up Bitcoin, you don't make 10 password guesses but take it to professionals to buy 20 IronKeys and spend six months finding a side-channel or uncapping. I'll make it happen for 10%. Call me.
>We're not talking about some NSA-built crypto processor installed on an SSBN, but an old $50 piece of consumer kit. There is no way it's hardened against the last ten years of USENIX papers that have never been used in practice.
Co-founder and former IronKey CEO also chimed in
>I was co-founder and CEO of IronKey. We had numerous conversations with the NSA during the development of the products. If the person is using the first generation of IronKey before we sold the company to Imation, it will be very challenging.
>A good first step is to try to image the NAND flash. Then it will not be destroyed. You can certainly try to brute force the AES encrypted contents. It's CBC mode AES by the way. Keys generated by FIPS compliant RNG. See you in 1,000 years.
That said, side channels may not be that relavant if you're starting from a place of having to guess the key. Usually that's more about leaking secrets, not bypassing the encryption from a cold start state.
> >We're not talking about some NSA-built crypto processor installed on an SSBN, but an old $50 piece of consumer kit. There is no way it's hardened against the last ten years of USENIX papers that have never been used in practice
I don't have much hope for his twitter byline:
> Trustworthy tech at the Stanford Internet Observatory
Obviously not trustworthy if he's deleting tweets which show him in a negative light - i.e. talking authoritatively out of his arse on subjects which more informed people call him out on. And then deleting any evidence of it.
Or, you know, maybe gobs of people crawled out of the woodwork harassing him and/or begging him to get into their wallets that they can't access. Both of which are extremely plausible and valid reasons for deleting the tweet.
Even the individual with the wallet going "sure, let's talk offline" is a valid reason to remove tweets.
> We're not talking about some NSA-built crypto processor installed on an SSBN, but an old $50 piece of consumer kit. There is no way it's hardened against the last ten years of USENIX papers that have never been used in practice
It would be very challenging for ne to build an app, for many people on HN, it would be trivial.
Downvoters: Ok so how should he correctly remember that huge password that unlocks his $240m (7,500 BTC) wallet with in 2 attempts? Pen and paper? All from memory?
Next time use a password manager. Period.
It sucks that people are learning the hard way of their incredibly secure but unrecoverable methods. It's also a shame that there are probably countless instances of this and so a considerable amount of bitcoin is just totally lost and out of circulation, permanently.
Unless you own a bunch of btc, then it's deflation.
Though yeah, very sad.
Password managers are good advice for 99% of use cases. Protecting an asset worth hundreds of millions is a bit of a special case and you shouldn't follow the same advice as if you were trying to protect your hacker news login credentials.
Like, have a thing where if your wallet is inactive for a period of greater than one year then all the money inside gets transfered to your spouse/mother/financial-trust so that you can recover it?
This is the underlying mechanism for Unilateral Channel Close in the lightning smart contracts (on bitcoin), a timeout spend clause.
Note: It wasn't a thing when these coins were first acquired, so it doesn't really help in the situation.
This is the entire point of having a hardware wallet. If this situation changes your mind about them, then you were clearly just buying them blindly without knowing what it is.
It solves a fun niche for me - a relatively secure but technologically simple way for my parents to keep in the safe in case of my early demise. My spouse and in-laws have the PIN codes in their safes.
Seems about as good as I can get to store any keys/passwords/sensitive digital info you have without needing a SRE to be involved with unwinding your estate.
Are there foolproof ways to verify these claims?