Home Precious Metals

Just how 'safe' IS Bitcoin? Can it be hacked?

tincuptincup Posts: 4,721 ✭✭✭✭✭

We are all familiar with the Colonial Pipeline hack and ransom that has taken place this last week; $5 million was apparently paid as ransom to get the encryption key back.

Now it is reported that the bad guys' computer (Darkside) server has been breeched... was inaccessible... AND bitcoin gone missing. Hmmm... appears that Bitcoin CAN be hacked?? Secret Ops? So much for Bitcoin being untraceable?

"A few hours ago, we lost access to the public part of our infrastructure, namely: Blog. Payment server. DOS servers," Darksupp wrote.
"The Darkside operator also reported that cryptocurrency funds were also withdrawn from the gang's payment server, which was hosting ransom payments made by victims," said Recorded Future.""

https://barrons.com/articles/servers-of-colonial-pipeline-hacker-darkside-forced-down-security-firm-01621002013

Physical silver may not have seen the spectacular gains that crypto currency has made... but at least physical silver can't be hacked by pressing keys on a keyboard (though certainly can be physically stolen, and plenty of examples of that from homes and at coin shows)

----- kj

Comments

  • HigashiyamaHigashiyama Posts: 2,133 ✭✭✭✭✭

    I am very far from being an expert, but I think you get a pretty good answer if you search that on Google. The underlying Bitcoin creation and monitoring process seems very solid, but there is some hacking risk associated with exchanges or if you leave your wallet in an insecure location.

    Higashiyama
  • rickoricko Posts: 98,724 ✭✭✭✭✭

    The prevailing theory I have heard (from IT and CS professionals - I am not one) is that "If the human mind created it, the human mind can break it." Cheers, RickO

  • LukeMarshallLukeMarshall Posts: 1,881 ✭✭✭✭✭

    I think since it’s inception people have been trying to hack it but so for no one has been able to crack the version of SHA256 encryption it uses.

    From what I understand the main point of attack on bitcoin is a 51% attack, which by malicious entities acquire more then half of the total computing power of the network and are able to mine a side chain in private faster then the public chain.

    They can then spend their bitcoin on the public chain and then reveal their longer chain which the minority miners will see as the true chain and abandon the short chain and “orphan” it’s blocks.

    Of course this creates a scenario where the bad player can spend his bitcoin on the orphaned chain and the longer chain which is called a double spend.

    This has happened on several cryptos with a smaller total hash rate including some very long chain re-organizations of the etherum classic chain earlier this year which can severely undermine the confidence in the network!

    I am fascinated by the solutions to this problem, which classic did implement some safeguards including checkpointing where a hard block is coded where previous blocks are now locked in but I believe this requires a 3rd party trust piece, and creates a centralized solution (which goes against the decentralized nature of some crypto)

    Checkpoints are not the sole defense either, and the biggest defense to 51% attacks is the distribution of mining hash in the case of algorithms that are tweeked to only be computed on a graphics card, or a CPU instead of Powerful ASICs that are primarily produced and centralized in China.

    After all Satoshi (bitcoin creator) is famous for stating “one CPU, one vote” which lends to distribution of miners IMO.

    Words

    It's all about what the people want...

  • derrybderryb Posts: 36,017 ✭✭✭✭✭
    edited May 15, 2021 7:16AM

    Most here are trading crypto through an exchange just as they would stocks and etfs. All platforms are subject to internal theft and hacking just as are your Amazon, Ebay and banking accounts. Odds? have you been hacked yet?

    If you can't hold it in your hand you own it only as long as someone else says you do. Unfortunately the digital world requires risk.

    "Do you hear alarm bells ringing? Neither do I. And that’s a huge problem." - Simon Black

  • SmudgeSmudge Posts: 9,162 ✭✭✭✭✭

    I would worry about forgetting my password.

  • s4nys4ny Posts: 1,562 ✭✭✭

    I am sure the brightest hackers are working on Crypto. They would probably try to hack the custodian rather than start to falsely mine Bitcoin or one of the others. Even Equifax got hacked, a major embarrassment.

  • TwoSides2aCoinTwoSides2aCoin Posts: 43,758 ✭✭✭✭✭

    Money is risky business, until there's no money. Voila. Crypto.

  • Namvet69Namvet69 Posts: 8,592 ✭✭✭✭✭

    I think a brute force hack is possible, given the use of a botnet. IMO. Peace Roy

    BST: endeavor1967, synchr, kliao, Outhaul, Donttellthewife, U1Chicago, ajaan, mCarney1173, SurfinHi, MWallace, Sandman70gt, mustanggt, Pittstate03, Lazybones, Walkerguy21D, coinandcurrency242 , thebigeng, Collectorcoins, JimTyler, USMarine6, Elkevvo, Coll3ctor, Yorkshireman, CUKevin, ranshdow, CoinHunter4, bennybravo, Centsearcher, braddick, Windycity, ZoidMeister, mirabela, JJM, RichURich, Bullsitter, jmski52

  • LukeMarshallLukeMarshall Posts: 1,881 ✭✭✭✭✭

    @Namvet69 said:
    I think a brute force hack is possible, given the use of a botnet. IMO. Peace Roy

    With current computing (even all the supercomputers) a brute force attack on a bitcoin private key (256bits containing a possible 2^256 different private keys (larger than a 1 followed by 77 zeroes)) is all but impossible and would take millions of years.

    If Quantum computing can do this in less than 10min (the general time it takes for bitcoin to record a block) then Bitcoin in its current state is essentially broken at that point. (Maybe the dawn of quantum bitcoin 🤔)

    The other piece about BotNets is that I’ve heard is them actually mining crypto and thus helping to protect the network... that being said a BotNet is generally going to hijack your CPU so even with an army of millions of computer CPUs , the target is generally not bitcoin (which has moved past CPU mining long ago) but other cryptocurrencies that rely on CPUs specifically to hash its algorithm (think Monero)

    It's all about what the people want...

  • chesterbchesterb Posts: 961 ✭✭✭✭✭

    Yeah it's a risk that I'm worried about too but it keeps going up and up and up. Is the risk greater that it gets hacked or that it continues to increase in value and you missed the opportunity to invest in it? I have PMs too but crypto is my insurance that the world keeps on, keeping on and doesn't go to pot.

  • cohodkcohodk Posts: 18,493 ✭✭✭✭✭

    Just how 'safe' IS Bitcoin? Can it be hacked

    Ask Darkside. Lol

    Excuses are tools of the ignorant

    Knowledge is the enemy of fear

  • tincuptincup Posts: 4,721 ✭✭✭✭✭

    Yep... just in the news today.... DOJ recovered/seized 2.6 million of the Colonial Pipeline ransom... they were able to identify the addresses of the virtual wallet through the blockchain public ledger using public blockchain explorers, then were able to find the key....

    It can be hacked.

    ----- kj
  • pmh1nicpmh1nic Posts: 3,116 ✭✭✭✭✭

    From what I understand some of the thief that has occurred happened on the exchange which it’s recommended that once a transaction is finalized the crypto should be taken off the exchange and put into your personal wallet off the exchange. Some go further to say it should be taken of the web entirely and put in hardware wallet similar to a secure thumb drive.

    As far as BTC as a whole my concern is future government regulation. If federal resources are going to be devoted to tracking down stolen BTC and trillions of dollars in transactions will be transacted in BTC I can’t see the major governments not getting involved to regulate and control it…and taxing it.

    The longer I live the more convincing proofs I see of this truth, that God governs in the affairs of men. And if a sparrow cannot fall to the ground without His notice is it possible for an empire to rise without His aid? Benjamin Franklin
  • element159element159 Posts: 493 ✭✭✭

    @cohodk said:
    Just how 'safe' IS Bitcoin? Can it be hacked

    Ask Darkside. Lol

    Well, ask their affiliate :) It was the affiliate's share that got seized, at least according to what has been published.
    It is not such a surprise that a wallet could be identified. Possibly DarkSide has better security processes and maybe their wallet could not be identified.

    But how DID they get the private key???

    image
  • 1630Boston1630Boston Posts: 13,770 ✭✭✭✭✭

    Anything can be hacked!
    Once the Quantum computers are up and running it will be a more likely OR less likely :)
    .
    A conventional computer bit is either 0 or 1, and cannot simultaneously represent 0 and 1. On the contrary, a qubit can represent both 0 and 1 at any given time, a phenomenon known as superposition. As a result of this feature, a quantum computer can process massive calculations, which effectively increases the new technology’s power and capacity.

    A completely robust quantum computer is likely more than a decade away. However, leading tech giants, such as Google, Intel, IBM, and Microsoft, already have tiny quantum computers, which they incrementally pack more quantum bits to enhance their performance. Other vendors leading the way in this technology include Toshiba, NTT, Honeywell, D-Wave Solutions, and Alibaba Quantum Computing. A review of these companies indicates a race towards the development of systems that can solve complicated transactions using numerous variables. Some application areas include predicting fluctuations in stock markets, designing AI, weather forecasting, and cracking complex cryptography methods. Quantum computers rely on probabilistic algorithms that give results within certain probabilities, instead of exact answers. This feature makes the technology ideal for a set of special problems in risk management, finance, and areas with a range of probabilities.

    With this in mind, it is important to identify significant cybersecurity challenges that lie ahead of the arrival of general-purpose and easily accessible quantum computers.

    .

    Successful transactions with : MICHAELDIXON, Manorcourtman, Bochiman, bolivarshagnasty, AUandAG, onlyroosies, chumley, Weiss, jdimmick, BAJJERFAN, gene1978, TJM965, Smittys, GRANDAM, JTHawaii, mainejoe, softparade, derryb

    Bad transactions with : nobody to date

  • 1630Boston1630Boston Posts: 13,770 ✭✭✭✭✭

    Quantum Computing can Easily Break Modern Cryptography
    The uttermost worry of cybersecurity analysts is that new devices, based on quantum physics believed to be superior to the standard computers, will enable cyber attackers to break what they believe are secure cryptography methods. This prediction, in turn, renders trusted encrypted communication and data storage insecure.

    Classical digital ciphers rely on complex mathematical formulas to convert data into encrypted messages for storage and transmission. A digital key is used to encrypt and decrypt the data. Consequently, an attacker attempts to break the encryption method used to steal or modify protected information. The obvious way to do this is to try all possible keys to identify the one that decrypts data back to a readable form. The process can be handled using a conventional computer, but it requires a huge effort and time to accomplish. The American Scientists states, “the world’s fastest supercomputer would need trillions of years to find the right key.” In contrast, Grover’s Algorithm, a quantum computing method, simplifies and speeds up the cracking process.

    Successful transactions with : MICHAELDIXON, Manorcourtman, Bochiman, bolivarshagnasty, AUandAG, onlyroosies, chumley, Weiss, jdimmick, BAJJERFAN, gene1978, TJM965, Smittys, GRANDAM, JTHawaii, mainejoe, softparade, derryb

    Bad transactions with : nobody to date

  • tincuptincup Posts: 4,721 ✭✭✭✭✭

    So there is coming a time... when having a user ID and password will no longer be sufficient? If so, what is to be done with any on-line account for protection?

    ----- kj
  • RobMRobM Posts: 527 ✭✭✭

    @tincup said:
    So there is coming a time... when having a user ID and password will no longer be sufficient? If so, what is to be done with any on-line account for protection?

    Multi-factor authentication, biometrics, etc.

  • ffcoinsffcoins Posts: 517 ✭✭✭

    User ID and password are the lesser worries; encryption for nuclear codes and other state secrets a bigger issue.

    Luckily, there's already a healthy post-quantum cybersecurity industry researching how to adapt encryption to these changes, Cisco being an example.

  • derrybderryb Posts: 36,017 ✭✭✭✭✭

    a bird in the hand is worth a dozen in the bush

    all assets not under your own physical lock and key are subject to poof.

    "Do you hear alarm bells ringing? Neither do I. And that’s a huge problem." - Simon Black

  • element159element159 Posts: 493 ✭✭✭

    Sure, quantum computing can make the encryption strength vanish. But it is not here yet! There are experimental devices but nowhere near anything that could actually do this now.

    So how did they get the private key? Perhaps, the bitcoin was being held by some exchange, which had the private key, and the exchange could be, and was, compelled by law to fork them over. But it is not clear that is what happened.

    image
  • pmh1nicpmh1nic Posts: 3,116 ✭✭✭✭✭

    While I haven't got a clue about how to hack I'm thinking more in line with someone, somehow obtaining a password and whatever other authentication was required to steal the crypto. While the underlying system may be secure how secure is my phone or personal computer?

    The longer I live the more convincing proofs I see of this truth, that God governs in the affairs of men. And if a sparrow cannot fall to the ground without His notice is it possible for an empire to rise without His aid? Benjamin Franklin
  • BAJJERFANBAJJERFAN Posts: 30,959 ✭✭✭✭✭

    So who or what determines the "value" of a bitcoin on a daily basis? Or is it now like a stock in that there are simply buyers who are willing to settle for more or less?

Sign In or Register to comment.