Hacker News new | comments | show | ask | jobs | submit login

If a lay person were to ask how they get back their dollars if they are stolen from their wallet, say due to a person mugging them, what do you tell them?

To put their money in a bank. But there are no secure Bitcoin banks.

But it is too late to use a bank. He was mugged and his money stolen. What do you tell him?

You avoid answering because you know that cash theft is a big hassle.

Bitcoin shares some of the properties of cash. This includes its advantages (direct people-to-people transactions, no account can be "frozen", pseudo-anonymity, etc) but also its inconvenients (thefts are hard to recover). And smanek's point is that if cash is good enough despite its weaknesses, then surely Bitcoin is good enough too.

Furthermore, unlike cash, Bitcoin has numerous ways to palliate these inconvenients. Two examples:

0. You cannot "back up" cash (if you put it in a bank, you lose all its aforementioned advantages), but you can back up bitcoins by making copies of a wallet file. Very useful especially when using deterministic wallets.

1. Cash can only be secured in primitive ways (physical security), but Bitcoins can also be secured by using wallet encryption, storing them offline, remembering them (brainwallet!). Soon you will be able to store them on tamper-proof credit-card-sized hardware Bitcoin wallets protected with PINs or similar.

I will be the first one to admit that Bitcoin is not yet easy enough to be used securely by inexperienced users. But these problems are solvable, and are being solved.

You can buy and sell bitcoins on Coinbase, which is also a wallet (bank). They keep 87% of their funds offline to prevent customers from loosing their funds in the case of hacking.


There's no such thing as 'offline' Bitcoins. It's not like your client has to be connected to the Internet in order for someone to steal your shit.

I would suggest researching a little bit next time before making a post like this.

There are in fact some very clever ways to make completely offline and non-physical Bitcoin wallets.

Yeah, and I know what they are, although I wouldn't describe generating a wallet on an offline PC and keeping it offline as 'very clever'. At any rate, after reading it again I think I confused what the parent was insinuating, so nevermind.

You print the bitcoin hash. That's offline to me.

Right, and while you could store cash or bitcoins physically in a bank, there's no point in doing so for the average consumer. Cash is comparable to bitcoins in this regard: it's a riskier form of money because it's anonymous and can be stolen relatively easily, but it's also really convenient for financial transactions.

Coinbase is giving it a go. Seems like they've convinced some investors to help them along with that plan too.

Yes, they were funded by both YCominator (YC S12) and FundersClub (>$600k)

Nothing preventing there from being one, aside from the good 'ol risk of 51% attack.

all that would do is to enable the attacker to double-spend their own btc. Not much else.

That sounds pretty catastrophic to me.

Similar frauds occur every day with "normal" currencies, though.

Would their be a market for a Bitcoin bank?

I'm willing to bet that I have more protection securing the contents of my Bitcoin Wallet than Wells Fargo has protecting my account at any level.

The endgame security isn't provided by Wells Fargo, it's provided by the federal government.

Not security, insurance.

I'm not sure why he was downvoted. FDIC isn't the only insurance. Banks have other insurance to protect against theft.

Also, banks are protected in a way since they don't really hoard cash or valuables. They invest it which spreads out the risk.

Furthermore, the federal government will go after criminals to recover money. Good luck getting them to help you with BTC theft.

Same result.

People in the thread were talking about computer security mostly, though. In the end, the best "protection" is that insurance will reverse your losses in case security fails. Something a lay person "securing" their bitcoins on their own computer won't have.

Items not covered by FDIC: "Losses due to theft or fraud at the institution."


FDIC Regulation-E.

Consumer liability for unauthorized transfers. The consumer has limited liability if reported expediently.

You should read up more closely on the FDIC regulation -- they don't just provide insurance.


Also, a clever little loophole: if the bank goes insolvent paying their accounts back, you are then covered under FDIC insurance.

>I'm willing to bet that I have more protection securing the contents of my Bitcoin Wallet than Wells Fargo has protecting my account at any level.

Would you say this is true for most users?

Currently? Of course not. But when the idea of storing money on your computer (e.g. in a file) becomes more widespread, then the answer would be yes. Or at the very least it would be equally secure.

It's not that hard to provide people with a secure environment, as long as that environment is designed with with security in mind. A non-jailbroken smartphone is probably good enough, though a dedicated device might be better. And you can use live boots.

I can see a future where we use such (or similar) things to do money transfers.

Wells Fargo is a bigger target, but they also have many more layers of protections and an interest in providing customer service. My hunch would be that it would be easier for a criminal to profit off of attacking WF than attacking a personal bitcoin user, but that it would be easier to actually cause financial harm to a personal bitcoin user (even without profiting themselves). But to clarify that, I have a couple of questions about how storing your own bitcoins works, since I've never used it:

* How does bitcoin storage work with offsite backups? If someone compromised the backup, would that give them access to your money?

* If you lose the file (hard drive crash, home burns down, backup system fails, whatever), does neither you nor anyone else have that money anymore? I.e., someone wouldn't have to gain access to the money themselves to deprive you of it?

keep your wallet file encrypted and back it up to multiple locations on a regular basis (to update the backups with new private keys that are created by your client software).

there are also ways of generating bitcoin keys completely offline as well as producing signed valid bitcoin transactions completely offline. This way you can forward funds to keys that are not on a machine connected to the internet, or keys that are backed up only on paper (in multiple safety deposit boxes if you like). And also you can then put signed transactions from the offline machine onto a usb stick or whatever and then use a networked machine to forward those valid transactions to the bitcoin network.

Coinbase is doing something like this for their storage of customer funds. Coinbase seeks to be a bitcoin bank that wont get hacked or that if it somehow does get hacked (cough inside job, cough) that only very small losses could occur.

For what it's worth, Coinbase has no reported cases of fraud. We are tracking these kinds of things here:


For example, Bitfloor (which had 250K USD stolen): http://howdoyoubuybitcoins.com/from/bitfloor/

Verses Coinbase, which has no such history: http://howdoyoubuybitcoins.com/from/coinbase/

Absolutely not. But then again, I used Android at version 1.6, I run a 12 hour old nightly rom and my desktop is my server running 3.7-rc5 and running a 12TB BTRFS RAID. "Stable" or "mainstream" isn't really in my vocabulary.

To be sure, I'm not advocating that my parents start using BitCoins. I just tire of this implication that somehow USD is, by virtue of being USD, automagically more secure than Bitcoins.

Armchair loud mouths (I have one in mind who went into hiding after trolling HN repeatedly) stop by for months following an online wallet incursion to tell us how stupid Bitcoin and Bitcoin users are.

Yes, but somebody can have illusion that he can sue Wells Fargo in case of broken security.

Sure, but if you use a "real" Bitcoin bank, theoretically there is someone you can go sue as well. They won't have the bank roll that WF has, you're right, but there is still grounds for a civil case I'd imagine.

Are those protected contents stored in a computer that can be carried away?

If they're protected by a strong password and backed up, a stolen computer isn't a problem.

For long-term storage of large amounts of value, use redundant flash drives in a safety deposit box.

:) I'd be happy to send you a copy of the image of my flash drive if that's your concern. I also do not only have one copy of my wallet, if that was your concern as well.

But this is in fact the reason people don't pay for goods and services by mailing cash.

"That wasn't your fault - at least your wallet wasn't somehow accessible from the Internet, heh heh..."

Nothing mandates that you keep your bitcoin wallet networked.

That mugging is a terrible analogy, considering these Bitcoin owners are giving their money willingly to their muggers.

Applications are open for YC Winter 2018

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact