Slashdot Mirror
Security Breach Forces Bitcoin Bank Inputs.io To Halt Operations
New submitter BitVulture writes "The hardcore Bitcoin community is abuzz with news of the closure of Inputs.io, a supposedly secure online Bitcoin wallet, after an attack resulted in the loss of 4100 Bitcoins. A PGP-signed message at the home page of the now mostly non-operational site briefly explains the situation: 'Two hacks totalling about 4100 BTC have left Inputs.io unable to pay all user balances. The attacker compromised the hosting account through compromising email accounts (some very old, and without phone numbers attached, so it was easy to reset). The attacker was able to bypass 2FA due to a flaw on the server host side.'
There's no word yet whether Inputs.io will eventually resume operations or whether the security breach will force the Bitcoin bank out of business."
This is for worst or better, online wallet that CONTAINS your private key can be hacked like inputs.io. That's why it's recommended to use wallet like blockchain.info where you hold the private key so they can't spent bitcoin for you. In some case where they must hold the key for you (exchange service for instance) most of their coin should be in cold storage / not allocate to direct individual. In another news, Bitcoin value is at all time high over $300.
I'm so glad that Bitcoin is such a simple solution to the complexity of cash!
I don't respond to AC's.
Unlike traditional bank, you can trace the money stolen where it goes but unable to get it back. Bitcoin have no way to force a transaction except if everyone would update their software to approve a transaction without the valid cryptographic signature something unlikely to happen considering the thousands of instance running.
Pick any two.
Holy shit, 4100? Is that ALL the bitcoins!?!? XD
No, but it is about $1.23M at current exchange rates.
It's computer fraud and abuse. It's not like they really robbed a bank.
which, amazingly enough, in mots of the west gets a lot more of jailtime for you even if you stole nothing of actual monetary tangible value....
though, again as usual, one needs to ask if they just took it themselves, their ex-employee took it or..
world was created 5 seconds before this post as it is.
We seem to be fast approaching the point where computer-based theft will be the way you "really rob a bank".
It's not like today's banks have all got huge safes full of bags with dollar signs on them -- not in the U.S., anyway. Money is becoming increasingly virtual. A dollar bill doesn't actually represent value; it represents debt, an IOU. A bank doesn't need to keep one physical dollar bill on hand for every dollar in its bank accounts; it only needs a fraction, because you don't expect 100% of your customers to come in on the same day to cash out. And thanks to the Federal Reserve system, there aren't even physical assets (like gold bars) of equal value to all the Federal Reserve notes in circulation. It's a bizarre system that only works as long as debt keeps circulating (buying and selling) and accumulating (loans with interest).
Koans and fables for the software engineer
It does not sound like Nation State Attacker was at work here.
The attack was not so sophisticated that the infosec boys were left scratching their heads as to how the breach was made. In fact, for a so-called vault, Inputs.io leaving up the access to old accounts that skirt 2FA seems sloppy.
And, certainly, having 4100 BTC to spend for your porn and drugs would be motivation to some who are capable of such an attack.
But I assume central banks and gov'ts with propped up currencies don't want to see Bitcoin really take off. Just breaking everyone's trust in BTC is a win for them.
SLASHDOT: news for people who can't concentrate on work or have no life at all and got tired of yelling back at the TV.
Credit existed long before the Federal Reserve. J. P. Morgan used created money to help out banks in the Panic of 1907. The Bank of England created money to get its country out of panics in the 1800s. The private banking system evolved the system that the Fed later put in place on a more equitable basis (loaning to all banks instead of only to those that Morgan had a personal affinity for, for example). Elasticity was necessary for the banking system to function. The Fed just made that elasticity more under the public's control, so that it could be used for the General Welfare instead of for Morgan's private profits.
Hey, if there was a country behind it we'd call it currency despite being pretty much the same system, where someone says one blubber is worth x dollars and you can create some by ... well, by creating some.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Damn right. I don't see them getting any bailouts any time soon.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
WoW gold is ultimately money in Blizzard's bank accounts, which are indeed taxed.
No kidding!!! What do you say at this point?
Credit existed in fourth (and probably fifth) century BC Athens. It was also largely responsible for inflation then: the monetary system was metal-based, but even the ancients noticed that old inscriptions and laws mandated unreasonably low prices for sacrificial animals, while people in their own time were buying and selling real estate for amounts of credit that couldn't be physically transported in any reasonable way as cash and that might not have even been available in circulation. The Athenians didn't have a Federal Reserve or central bank, just a mint for the physical coins and some private bankers for the credit. That's all you need to get the "bizarre system" that keeps cropping up in history.
As a side note, that "bizarre system" almost always ends up with the poor holding physical currency and the rich using credit. Playing along with the system gets you more stuff, because you can buy more with big credit than you can with two obols (although you could at least rent a prostitute for that).
Dillinger lives. He drives a Tesla, and carries ultrabook instead of a machine gun.
---- Teach Peace. It's Cheaper Than War.
But it's disappointing, because Bitcoin represents everything that us nerds reading slashdot should like: It's a mix of cryptography, freedom of speech, computing, networking, finance, economics, and even politics. Most of us here dig that stuff.
Speak for yourself. One of the founding principles of geekdom that I learned from geeks much older and much smarter and much wiser than me, and that I still believe wholeheartedly in is: KISS (Keep It Simple, Stupid). Bitcoin fails KISS, spectacularly.
Bitcoin is a laughably complex solution that's looking for a problem. It's a Rube Goldberg contraption. It's much more complex than any other payment system, it's value as a currency is wildly unstable, it's prone to all sorts of technical and security problems, and it's insanely un-private.
The whole thing is a load of garbage or a brilliant performance art piece, depending on how you look at it.
I don't respond to AC's.
Yes, they're screwed. They trusted a third party with their coins, which is simply a bad idea. Now, deposit insurance is great for bank accounts, as most people don't really have any other choice than to give a bank their money to hold for them. That's not true with Bitcoin. You can be your own "bank", and it is, in fact much safer than using a third party as one. Rule of thumb: do not use web wallets. If you must use one, only store small amounts for short periods of time there.
Well, I agree with you on one point: Robbing a bank by walking into the lobby of your local branch is very romantic, but it's a horrible and dangerous way to steal money, and has lousy returns. I'd say we've long past the point where that was the best way to rob a bank. (I'd say owning or running a bank is probably the best way to rob it...)
A bank doesn't need to keep ANY dollar bills on hand for dollars in their bank accounts; only branch banks need physical currency at all. There are plenty of non-branch banks out there that don't have any physical currency; what would they need it for? The Fed does not require any bank, even Federal Reserve members, to hold any particular portion of their assets in currency (although I do think Federal Reserve members do need to let their account holders withdraw their deposits as cash at any point; it's how the Fed actually distributes cash out into the economy.)
A dollar bill doesn't represent "debt"; it represents one dollar's worth of the world's total supply of dollars/dollar-denominated assets. In that sense, it's little different from a share of stock. Some of those dollar-denominated assets are debts, some are coins in my pocket, some are bits on my bank's hard disks, some consist of stacks of $100's in a cave in some benighted 3rd-world kleptocracy. If the supply of dollars increases faster than dollar-denominated assets, we have inflation, if the reverse happens, we have deflation.
You may of course choose to blame the Federal Reserve for whatever you like, but the Fed did not create fractional reserve banking or fiat currency, nor did they originate the idea of moving money around through a method other sacks of cash.
And even if we still had the gold standard, why would we tie the amount of gold on-hand to physical currency? Virtual currency is easier and safer to store, manage, and move. An electronic dollar is no different from a $1 bill in my pocket.
BTW, yes, credit is the backbone of every modern economy in the world; this is hardly new... it's been the case for centuries. Modern capitalism would be utterly impossible without it.
I've been analyzing bitcoin lately, and have come up with the following reasoning:
As the coins are limited to 21M coins, you can, at this date, purchase 1/21Mth part of all the coins in the world for $300,-
Even if you put the odds of bitcoin supplanting US dollar very slim (1:1000), the only rational choice is to buy bitcoin.
If in 2030 the world uses bitcoins, you end up owning a sizeable portion (1/21M) of the entire money supply of the world's default currency.
How is this not a good deal? Heck, even at 1:1000000 odds of bitcoin supplanting US dollar would still make sense at $300,- per coin.
Where is fault in my logic? It seems too easy.
Bram Stolk http://stolk.org/tlctc/
So, for security, you had to provide a telephone number? Ahahahahaha.
Bitcoin makes everything about currency handling harder for the average person.
That's not a feature of Bitcoin.
The only interesting thing with Bitcoin is that there's a limit to the amount of bitcoins. But just as a govenrment mandate detached the dollar from gold, a government mandate could change relevant representations+algorithms to allow the government to produce more bitcoins at will. And, just as everyone accepted who accepted US dollars accepted the former change, they'd accept the latter change too.
Bitcoin is an open source project, used by many to get away from centralized controls like that. Many people would stop using it, or work on making the proper version more anonymous rather than switch to some specific government's fork of Bitcoin.
It's much more complex than any other payment system
That partly has to do with it being a decentralized cryptocurrency. Without central authorities or trusted servers, it takes quite a bit more to force everyone in the network to work together and agree on the state of the system. (And as digital currency systems can go, it is still pretty far from the most complex. Look up older partially anonymous Chaumian currencies.)
it's value as a currency is wildly unstable
Because it's not widely used yet. You can't peg the value of a decentralized currency to a centralized one. Its value works just by supply and demand, and as demand fluctuates wildly, so will its value.
it's prone to all sorts of technical and security problems
The article is about a specific vulnerable site that got hacked, not the bitcoin system or software itself.
Bitcoin didn't fail. Some site named "inputs.io" did.
Not that this is what's going on, of course, but this came to mind:
1. open bitcoin "bank"
2. get lots of deposits
3. "get hacked" and close up shop
There is no step four, the profit's in step three.