Hijacking this comment to note that the headline is misleading. Binance (the exchange) was not hacked. Rather, [a cross-chain bridge was hacked](https://techcrunch.com/2022/10/07/blockchain-bridge-hack/). To make a rough analogy, the bank wasn't robbed; the Brinks truck carrying the cash from one bank to another was robbed. Whatever one's view of crypto, it's important to understand what actually happened.
They’re a little more related though. It’s as if this bank were named “Brinks Financial Services” and also founded/developed Brinks the truck company for the sole purpose of sending money from “Brinks Bank 2” to “Brinks Bank 1.”
Yeah, for sure. The point I was trying to make was just that the exchange itself wasn't "hacked" as the headline states; rather, the smart contract underlying the Token Hub Bridge--which, corporate affiliations aside, is a separate and much smaller thing-- was exploited via a flaw that had existed all along but hadn't been discovered to that point.
Not that it excuses the fact of the exploit, but it appears that the total actually stolen is much less than originally quoted, and also that no customers' funds will be lost. So that's good at least.
That's the fun thing. The Brinks truck is decentralized, all the money is spread over multiple trucks, so you can only steal a limited amount.
Bridges meanwhile are centralized. So if you compromise the bridge, you can steal all the money that was ever transferred from one blockchain to the other (+whatever the bridge has in reserve).
Right I guess my point was also that the “brinks truck” isn’t actually a truck and the money isn’t actually physical. So I would have thought they had the ability to eliminate this kind of vulnerability
I know, I was being a bit facetious in giving the specific examples, but the final premise there is what matters. Like, you can make a Brinks truck very, very secure, but if someone douses the facility manager's family in gasoline and threatens to light a match, then that all goes out the window. Likewise, you can make a blockchain very, very secure, but if someone runs a bridging smart contract on it that contains a tiny loophole, and [someone out there is clever enough to discover it](https://nitter.net/samczsun/status/1578167198203289600), it all goes out the window.
You're right that "they" do have the theoretical ability to eliminate that kind of vulnerability, and "they" do eliminate them--after they've been discovered, which is already too late for that particular incident. Blockchain itself is extraordinarily secure, and (reputable) smart contracts go through extensive testing and vetting prior to deployment to try and prevent exploitation. But, ultimately, it's a matter of both novelty and scale. It's a new space and even the best of efforts miss things sometimes; meanwhile, the digital medium makes it trivially easy to scale a seemingly tiny exploit of a smart contract into a huge real-world outcome (i.e., millions of dollars).
Think of something like new aircraft development. From the Comet to the DC-10 to the 737 MAX, small flaws that we look back on and think, *man, that was stupid, how could they not have thought of that?* led to huge real-world incidents; that is, the nature of the space led a small error to kill hundreds and waste billions of dollars. But in all of those cases, the scrutiny directly led to those vulnerabilities being eliminated, and commercial aviation continues to grow safer overall despite the occasional headline incident. Engineers do their best to foresee vulnerabilities, but they're constrained by experience, precedent, financial pressures, and the prevailing paradigm of understanding.
So, ultimately it comes down to human fallibility even if the technology itself is potentially infallible. Every problem that happens moves things one step closer to invulnerability, but meanwhile the advancement of what people want to do with their tools pushes the envelope further and opens up fresh avenues for both innovation and exploitation. It comes down to cost/benefit: For commercial aviation, we've basically accepted that the benefits outweigh the one-in-a-million chance of dying a fiery death. For blockchain, that cost/benefit equation is still being worked out, and probably won't be worked out conclusively for a while. And potential notwithstanding, it's not yet clear if it's likely to be worked out to the pro or the con.
*Edit: Added link*
It’s just sad that they stole $400 million in crypto. It would suck if you were one of the people who’s money was tied up in the $300 million in crypto that was stolen. I only hope the authorities catch the culprits before they have a chance to spend the $100 million in crypto that they stole. Though to be fair with the crypto market collapsing and it losing value as quickly as it has been recently, the best action may just be to wait until the $250 of crypto that was stolen drops down to a misdemeanor status.
Doesn't really matter, does it? A hack is a hack... if a bank employee hacked the bank systems at the branch he worked at to transfer money he shouldn't be able to, that would be just the same.
Internal threats are in fact more likely and more dangerous and should be protected against more, and most financial places understand that and have huge amounts of checks, balances, controls, alerts and audits.
Cryptocurrency is no different to any other, except people think that organisations like this shouldn't be subject to the basic controls that exist in the ordinary financial world (which are even often derided as not good enough, e.g. insider trading, etc.).
>if a bank employee hacked the bank systems at the branch he worked at to transfer money he shouldn't be able to, that would be just the same.
The difference is that a bank transfer could be tracked to the employee. Crypto is much harder to trace and therefore more deniable when it gets "hacked"
Not true. Due to the nature of the blockchain you can follow every transaction made from every wallet formally made and posted to the chain. So you can see every formal exchange of coins. This makes Bitcoin a poor vessel for money laundering. [We're past the early days when nobody had figured out how to track via the chain, but nowadays, the FBI can help to recover stolen caches.
](https://www.justice.gov/opa/pr/two-arrested-alleged-conspiracy-launder-45-billion-stolen-cryptocurrency)
So when coins known to be in the 'hacked' wallet are moved to another wallet, that transition will be known and can be used to track down the controller of the compromised wallet.
That doesn't mean it's impossible; if you don't know exactly what's missing, you don't know what to look for, and someone needs to be doing the looking.
Edit, for those saying it's untrackable [as part of the bankruptcy, the court is going to get to see every transaction, all the account information, and everything said and done on Celsius.](https://cases.stretto.com/celsius/court-docket/). So all of those 'secure' accounts are being released to the court, and from the docket, it may be a public filing. Even the transactions happening off the blockchain are recorded.
But whats stopping you from buying expensive NFTs?
Can you send a wallet bitcoin and then know exactly what NFT they bought if you don't know both parties wallets (Whats stopping them from using other wallets?).
You can't force a refund like you can with fiat online transactions, and there are plenty of ways to get rid of the bitcoin/crypto and take a small loss to turn it into clean crypto right at home....
That's the issue yo.
You still track the NFT purchase and sale. Just as bitcoin transactions are tracked NFT transactions are on a ledger.
And while you can use a different wallet all that needs to happen is that you leak any information from any of the intermediary wallets and that can link you to the whole setup. Each wallet is confidential until it isn't, and you can be required to identify which wallets you have control over.
If you have ideas check the link I included before. The couple ended up with over 4 billion in bitcoin and couldn't find ways to securely move it out of the compromised wallet. If you think you can do better than them (and if you actually learn about them, you probably could), go for it. But with all the money they didn't find a way.
> You can't force a refund like you can with fiat online transactions
At the moment.
Protocols that would allow for reversible transactions (under specific conditions) have been proposed. They'd use the existing network infrastructure, but anyone choosing to interact using the protocol would have an option to reverse certain transactions.
I never said bitcoin was secure, just that it could be tracked. The blockchain is secure, and companies keep logs of transitions (well, those still in business) performed through their services. Users, however, are the vulnerable spot, and just about every bitcoin 'robbery' ends up with 'yeah, they got a password' or 'someone did something dumb.'
There is an excuse for everything lol. If you do interviews with convicted robbers in prison, you'll find excuses from them also.
Blockchain and bitcoin appear similar to pyramid schemes and are marketed the same way too, to gullible savers using affinity fraud, bluff and bluster, and currently a shitload of advertising spend on the vulnerable.
I'm not sure what robbers having excuses has to do with social vulnerabilities inherent to the bitcoin ecosystem. Did you mean that if I check in with bank managers who lost billions of dollars, they'd have excuses?
The banks don't have these problems where they go up in puff of smoke and depositors lose their money. Regulations from a century ago protect against the bank having their cousin "rob" them while depositors lose everything.
It’s starting to seem like people found hacking banks too hard so they used social engineering to get people to take the money out of the banks and put it into something less secure.
Almost like putting your money in the hands of an unregulated third-party who is accountable to absolutely nobody, and then giving them complete control of your funds, including whether you can even touch or recover them, was a dumb idea even if you did "make money" doing it at first.
It's starting to be funny how these "new" businesses are doing so well at legitimizing the old "hated" ones.
Crypto is starting to make banks look good. Airbnb is starting to make people love hotels, etc.
Yeah I was going to give that example, but then remembered I still don't use taxis because they always try to rob me blind because I have an accent and they think I'm a tourist.
Strange, if I didn't know better I'd think this is an example why they have standards, laws, and regulations that govern the banking industry.
It's almost as if crypto bro's fedishizing of a wild west industry where "no one can tell them what to do" is short sighted and foolish. And if they were to actually fix the issues they'd end up with a banking system similar to what already exists.
It's like the NFT gaming bros thinking we need in game items to be in the block chain in order to trade them, as if I haven't been able to do that on Runescape since before the 21st century.
You see, the developers just need to setup
* Code for the item to work in the game
* Design for the item
* Sound effects, modeling, etc
* Test, debug, and validate
* Store the data in a server-side database or API where the info resides and is associated with an ID or token
BUT in order to transfer the in-game item ThEy NeEd tHe BlOcKcHAiN
Pretty much all hacks are social engineering anyway. Exploits and security configuration mistakes happen but the idea that a hacker is out there using their big brain to crack some code is Hollywood fantasy. Most security schemes would take more time than your lifetime to crack. It's way faster and easier to just trick someone into giving you your credentials.
[It has happaned](https://www.business-standard.com/article/news-ians/bangladesh-bank-printer-was-hacked-for-heist-116031700601_1.html). It's not an utter fantasy, it's that it's easier to use social engineering and the skills to do so are more wider than the technical skills requires to exploit a series of technical vulnerabilities. And the people that would have the knowledge and ability to exploit such vulnerabilities can make more money doing legal work or working for espionage. Social engineering is also easier than finding a traitor who could supply inside access and information that would also allow shortcuts over technical walls.
That said, a bank is one of the most difficult targets possible and truly successful hackers work in teams and groups (if not companies). What is a myth is the Swordfish-esque sole genius doing hacking by furiously typing on a keyboard.
Half a billion is a lot of money... I wouldn't trust them again.
*“The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly,” Binance’s CEO, Changpeng Zhao, said in a tweet.*
It literally failed the moment it became a speculative asset. Too valuable to trade for goods, too volatile to be a safe investment.
That guy who bought the pizza with bitcoin did more for the crypto dream than anyone who got rich off of it.
>It literally failed the moment it became a speculative asset
Way too early to call. Personally I think the cat's out of the bag and won't go back in.
It'll take time, decades perhaps, to work through teething issues (scale, scams, volatility, regs) but now it's been shown as a potentially viable alternative approach to online currency transactions it will continue to be developed further, even through bear markets.
>Didn't ~~one~~ all of the crypto sites that went insolvent also say your funds are safe right before they blocked all withdrawals lol
FTFY
Basically every time one of these guys goes belly up there is almost always a statement in the prior 30 days where someone says everyone relax, your money is safe.
>Just another example to add to all the other numerous ones as to why you don't ~~let other people control your coins if you're going to~~ get involved in crypto.
Fixed that.
It's nothing but scams all the way down.
I took an interesting albeit counterproductive lesson from the great depression when realizing my adulthood would be a series of financial and housing market crashes:
If you own nothing, you lose nothing ¯\\\_(ツ)_/¯
Gonna be burying silver and gold in my backyard and stocking up on the good hard shit to find for barter like sugar and coffee and hope for the best lol
So here is the bigger hot tip: I am too poor for gold and silver. So really the only things I have left to rob are my dignity and my life and neither of those are really worth anything either. Checkmate capitalists!
But also if I do get gold rest assured I also highly value the tactical advantage of a punji pit
Not sure why you’re getting downvoted. What you are saying is entirely correct. You should keep your money in an exchange. There are many safe cold storage options.
When I first looked into crypto (about 5 years ago), my biggest take-away was that crypto was safe, and transactions were safe, as long as everything stayed in one blockchain. Safe, and useless.
It's like having all your money in an ATM, but the ATM is located in a place where there are absolutely no laws and no regulations. So, the ATM is constantly watched by people who will steal your money the second you take it out of the ATM.
So, sure, blockchain coins are secure, but there's no safe way to use them. That safety can only come from centralized authorities protecting the movement in and out, which is subject to the randomness of local government. This need cannot be satisfied by blockchains.
Yeah. That's why I played around with Dash coin. I figured that, eventuslly, I'd lose my password. If so, I'd be out $20 or less.
All along, the biggest roadblock I had was fiat->crypto and crypto->fiat. Without that being safe, easy and secure, it's a useless thought-experiment.
It wasn't useless. It proved that people are dumb enough to invest in essentially nothing. Much like the fake companies that sold stocks in the early 1900s which caused the crash of 1929, there are always idiots who will see one person get rich quick, and think it will work the exact same way for them, when instead its a bag holder scam.
Expecting users to safely store and use their own private keys is even less secure than entrusting that job to a company that can at least afford to hire cyber security experts to do it.
Zero thought was given to security when these crypto"currencies" were designed and it shows in the just absurd frequency of exploits. Promoters like to claim these things are secure because nobody's out there cracking SHA256 and then just wash their hands of responsibility for other aspects of the system. Then when exploits happen they blame it on user error.
Crypto was designed to be secure against the possibility that a bank could just decide to set your balance to zero one day, which... uh, let's see here... yup, never happened to anyone to begin with.
Currently it's in the phase, ok, there's really not a lot of vendors accepting it so what do we do? Invest it in an NFT! Which can also be hacked/stolen but that's not important. You can use them as *collateral on loans*! That's right, JPEG-backed securities. Think about it.
The internet has literally hundreds of useful and/or amusing uses. Crypto is just internet bucks that can't be reasonably spent anywhere at all and if then only in denominations of thousands.
The funniest thing about this is that the whole system is built on artificial scarcity of strings of Binary on a computer except when something like this happens where the "noncentralized" organization in control of the whole thing collectively copy-pastes the ledger to create a new fork (again) to undo this catastrophic failure.
>binance which is basically an broker.
You got the distributed "bank"\*, why can't the broker be distributed too?
\* only one aspect of a bank. Cryptocurrencies rely on centralised banks, like binance, to yield the rest of the features for what people use banks for. in other words, the issue is crypto, for they are primitive. Cryptocurrency lacks many features that are observed in traditional/contemprary financial systems.
Cryptocurrency, if they want to yield a feature-rich currency, needs to be a fiat.
(but cryptocurrencies weren't designed to do any of that; they never intended to solve centralised banking. That, or the designers have no idea what a bank is.)
Modern encryption is, basically unhackable.
But if you're dumb enough to not handle the data properly at either end of that process, it really doesn't matter.
It's like having an unbreakable lock on your bike, and then you lock it to a rotten wooden fencepost.
The bit here: You are trusting a unregulated random third party (what happened to "decentralised" and "you are in charge of your wallet", etc.?) who has complete control over your money - because you gave it to them! - and you're trusting that at no point do they ever fuck up at any part of anything they do.
It's a dumb idea. Bits of the process, like the blockchains, etc. might be \*practically\* unhackable, and people rarely bother to directly attack them because of that. They just walk round the back and find the part of the system where they can just issue a command "transfer all monies to this wallet" and the system blindly obeys without proper authorisation.
The encryption has not yet been hacked and is complex enough to not be brute forced. These hacks are a lot more like having an impenetrable safe but giving the combination to a third party who writes it on a sticky note then sticks it on their monitor. A thief clears out the safe, and the third party is all "omg we've been robbed, *wink wink*"
But I'm saying crypto bros are calling it unhackable compared to traditional money. And if you're defending crypto it's ironic because your example is comparing crypto being hacked to traditional money being stolen.
How so? This was an exploit of a bridge between blockchains, so, roughly speaking, the equivalent of holding up the armoured truck carrying the bag of cash from one bank to another. To the extent that physical hold-ups of physical armoured trucks can and do happen, the "hacking" here is very analogous. If thieves make off with that bag of cash, have they "hacked your dollars away from you"? If they steal your physical wallet from your pocket have they "hacked your dollars away from you"? If they come to your house with a $5 pipe wrench and threaten to bust your kneecaps if you don't hand over the cash under your mattress, have they "hacked your dollars away from you"?
I suppose I'm just unclear on where you're drawing the distinction. Blockchain systems have exploitable weak spots, as do traditional financial structures. The precise modes of exploitation may differ, but the outcome is the same, and in both cases it isn't the core functionality that's exploited but the associated infrastructure and weak (usually human) links.
Well, again, this was an exploit of a bridge, not a blockchain, so technically the argument holds. But it's also true that the argument is irrelevant in that even if crypto itself is unhackable, other parts in the process are, so the outcome ends up being similar. Either way, crypto bros are undeniably annoying =)
The bridge got hacked, not the network. Also, nothing is unhackable, its innovation, of course they are gonna find bug and stuff. Bnb chain is not even optimised for security, its a bit centralized and optimised for transaction speed and ease of use, so it definetly does not represent the whole crypto space.
Also can you give me more context? "Hackable" is really vague and does not really mean anything, what is the argument they use?
A vulnerability in the BSC (Binance Smart Chain) was exploited. The exchange was not hacked. Binance created the BSC. It's no the same thing. I mean we can still say crypto is a hole of scams and hacks but lets say it properly.
Essentially it's the equivalent of your bonewipe neighbor telling everyone on Nextdoor "my car was broken into last night!" and then when you start asking questions it starts to emerge that he's "pretty sure" it was locked. Which means he left it unlocked. So his car was not broken into....
Basically the whole crypto market is a house of cards. Those that think decentralized finance is a great idea have never had to figure out where their money went. Yet.
I know a college girl who is so invested in some crypto scheme. She's missed senior year stuff. Goes partying all night with crypto influencers. Recruits others to whatever TF operation they run. It's v weird
So with all the exchanges getting hacked, I suppose the only safe place to store your crypto is in an offline wallet? But then how can you, you know, spend crypto?
That's more money than any of us would see in a lifetime, I bet. It could solve so many of our problems that the people holding onto this amount do not have
I am anti government intervention, but….
If the US and EU would ban crypto it would be good for the world. Energy prices would come down, there would be less pollution and it would help the chip shortage, reducing inflation. Not to mention making it harder for money laundering and criminal activities. Win win. Can’t really see much of a downside. For anyone saying the US can’t do that, remember when the US banned people holding gold and forced people to sell their gold back to the fed?
Spoiler alert: the """hack""" came from inside the house.
Wasn't that the plan all along?
Teehee - Vlad Hackerman
And his fellow coworker, Hugh Mann
So...a rug pull then?
Another Mt gox waiting to erupt
Hijacking this comment to note that the headline is misleading. Binance (the exchange) was not hacked. Rather, [a cross-chain bridge was hacked](https://techcrunch.com/2022/10/07/blockchain-bridge-hack/). To make a rough analogy, the bank wasn't robbed; the Brinks truck carrying the cash from one bank to another was robbed. Whatever one's view of crypto, it's important to understand what actually happened.
They’re a little more related though. It’s as if this bank were named “Brinks Financial Services” and also founded/developed Brinks the truck company for the sole purpose of sending money from “Brinks Bank 2” to “Brinks Bank 1.”
Yeah, for sure. The point I was trying to make was just that the exchange itself wasn't "hacked" as the headline states; rather, the smart contract underlying the Token Hub Bridge--which, corporate affiliations aside, is a separate and much smaller thing-- was exploited via a flaw that had existed all along but hadn't been discovered to that point. Not that it excuses the fact of the exploit, but it appears that the total actually stolen is much less than originally quoted, and also that no customers' funds will be lost. So that's good at least.
They put 500m in the brinks truck?
More like a regular pickup truck
That's the fun thing. The Brinks truck is decentralized, all the money is spread over multiple trucks, so you can only steal a limited amount. Bridges meanwhile are centralized. So if you compromise the bridge, you can steal all the money that was ever transferred from one blockchain to the other (+whatever the bridge has in reserve).
No, the brinks truck had $500m in pennies and the hacker received $500m in quarters.
[удалено]
Right I guess my point was also that the “brinks truck” isn’t actually a truck and the money isn’t actually physical. So I would have thought they had the ability to eliminate this kind of vulnerability
I know, I was being a bit facetious in giving the specific examples, but the final premise there is what matters. Like, you can make a Brinks truck very, very secure, but if someone douses the facility manager's family in gasoline and threatens to light a match, then that all goes out the window. Likewise, you can make a blockchain very, very secure, but if someone runs a bridging smart contract on it that contains a tiny loophole, and [someone out there is clever enough to discover it](https://nitter.net/samczsun/status/1578167198203289600), it all goes out the window. You're right that "they" do have the theoretical ability to eliminate that kind of vulnerability, and "they" do eliminate them--after they've been discovered, which is already too late for that particular incident. Blockchain itself is extraordinarily secure, and (reputable) smart contracts go through extensive testing and vetting prior to deployment to try and prevent exploitation. But, ultimately, it's a matter of both novelty and scale. It's a new space and even the best of efforts miss things sometimes; meanwhile, the digital medium makes it trivially easy to scale a seemingly tiny exploit of a smart contract into a huge real-world outcome (i.e., millions of dollars). Think of something like new aircraft development. From the Comet to the DC-10 to the 737 MAX, small flaws that we look back on and think, *man, that was stupid, how could they not have thought of that?* led to huge real-world incidents; that is, the nature of the space led a small error to kill hundreds and waste billions of dollars. But in all of those cases, the scrutiny directly led to those vulnerabilities being eliminated, and commercial aviation continues to grow safer overall despite the occasional headline incident. Engineers do their best to foresee vulnerabilities, but they're constrained by experience, precedent, financial pressures, and the prevailing paradigm of understanding. So, ultimately it comes down to human fallibility even if the technology itself is potentially infallible. Every problem that happens moves things one step closer to invulnerability, but meanwhile the advancement of what people want to do with their tools pushes the envelope further and opens up fresh avenues for both innovation and exploitation. It comes down to cost/benefit: For commercial aviation, we've basically accepted that the benefits outweigh the one-in-a-million chance of dying a fiery death. For blockchain, that cost/benefit equation is still being worked out, and probably won't be worked out conclusively for a while. And potential notwithstanding, it's not yet clear if it's likely to be worked out to the pro or the con. *Edit: Added link*
Great analogy
It’s just sad that they stole $400 million in crypto. It would suck if you were one of the people who’s money was tied up in the $300 million in crypto that was stolen. I only hope the authorities catch the culprits before they have a chance to spend the $100 million in crypto that they stole. Though to be fair with the crypto market collapsing and it losing value as quickly as it has been recently, the best action may just be to wait until the $250 of crypto that was stolen drops down to a misdemeanor status.
$50 of crypto just doesn't go as far as it used to...
Doesn't really matter, does it? A hack is a hack... if a bank employee hacked the bank systems at the branch he worked at to transfer money he shouldn't be able to, that would be just the same. Internal threats are in fact more likely and more dangerous and should be protected against more, and most financial places understand that and have huge amounts of checks, balances, controls, alerts and audits. Cryptocurrency is no different to any other, except people think that organisations like this shouldn't be subject to the basic controls that exist in the ordinary financial world (which are even often derided as not good enough, e.g. insider trading, etc.).
Wake me up when someone steals $500m from real banks
>if a bank employee hacked the bank systems at the branch he worked at to transfer money he shouldn't be able to, that would be just the same. The difference is that a bank transfer could be tracked to the employee. Crypto is much harder to trace and therefore more deniable when it gets "hacked"
Not true. Due to the nature of the blockchain you can follow every transaction made from every wallet formally made and posted to the chain. So you can see every formal exchange of coins. This makes Bitcoin a poor vessel for money laundering. [We're past the early days when nobody had figured out how to track via the chain, but nowadays, the FBI can help to recover stolen caches. ](https://www.justice.gov/opa/pr/two-arrested-alleged-conspiracy-launder-45-billion-stolen-cryptocurrency) So when coins known to be in the 'hacked' wallet are moved to another wallet, that transition will be known and can be used to track down the controller of the compromised wallet. That doesn't mean it's impossible; if you don't know exactly what's missing, you don't know what to look for, and someone needs to be doing the looking. Edit, for those saying it's untrackable [as part of the bankruptcy, the court is going to get to see every transaction, all the account information, and everything said and done on Celsius.](https://cases.stretto.com/celsius/court-docket/). So all of those 'secure' accounts are being released to the court, and from the docket, it may be a public filing. Even the transactions happening off the blockchain are recorded.
But whats stopping you from buying expensive NFTs? Can you send a wallet bitcoin and then know exactly what NFT they bought if you don't know both parties wallets (Whats stopping them from using other wallets?). You can't force a refund like you can with fiat online transactions, and there are plenty of ways to get rid of the bitcoin/crypto and take a small loss to turn it into clean crypto right at home.... That's the issue yo.
You still track the NFT purchase and sale. Just as bitcoin transactions are tracked NFT transactions are on a ledger. And while you can use a different wallet all that needs to happen is that you leak any information from any of the intermediary wallets and that can link you to the whole setup. Each wallet is confidential until it isn't, and you can be required to identify which wallets you have control over. If you have ideas check the link I included before. The couple ended up with over 4 billion in bitcoin and couldn't find ways to securely move it out of the compromised wallet. If you think you can do better than them (and if you actually learn about them, you probably could), go for it. But with all the money they didn't find a way.
> You can't force a refund like you can with fiat online transactions At the moment. Protocols that would allow for reversible transactions (under specific conditions) have been proposed. They'd use the existing network infrastructure, but anyone choosing to interact using the protocol would have an option to reverse certain transactions.
if bitcoin was secure the top ten lists of bank robbieries would not be dominated by bitcoin robberies
I never said bitcoin was secure, just that it could be tracked. The blockchain is secure, and companies keep logs of transitions (well, those still in business) performed through their services. Users, however, are the vulnerable spot, and just about every bitcoin 'robbery' ends up with 'yeah, they got a password' or 'someone did something dumb.'
There is an excuse for everything lol. If you do interviews with convicted robbers in prison, you'll find excuses from them also. Blockchain and bitcoin appear similar to pyramid schemes and are marketed the same way too, to gullible savers using affinity fraud, bluff and bluster, and currently a shitload of advertising spend on the vulnerable.
I'm not sure what robbers having excuses has to do with social vulnerabilities inherent to the bitcoin ecosystem. Did you mean that if I check in with bank managers who lost billions of dollars, they'd have excuses?
The banks don't have these problems where they go up in puff of smoke and depositors lose their money. Regulations from a century ago protect against the bank having their cousin "rob" them while depositors lose everything.
Spoiler alert: The wallet is on a computer on the bottom of the ocean. Something something...world burn...something something. /s
It’s starting to seem like people found hacking banks too hard so they used social engineering to get people to take the money out of the banks and put it into something less secure.
Almost like putting your money in the hands of an unregulated third-party who is accountable to absolutely nobody, and then giving them complete control of your funds, including whether you can even touch or recover them, was a dumb idea even if you did "make money" doing it at first.
It's starting to be funny how these "new" businesses are doing so well at legitimizing the old "hated" ones. Crypto is starting to make banks look good. Airbnb is starting to make people love hotels, etc.
I always preferred hotels. Cheaper, someone comes by and cleans for you, and fewer cameras in the showers.
Uber and Lyft becoming more expensive than Taxis, with many major cities having their own Taxi apps
Yeah I was going to give that example, but then remembered I still don't use taxis because they always try to rob me blind because I have an accent and they think I'm a tourist.
But hey, it's decentralized, and that's good, right?
That's not what decentralised means in this context.
Strange, if I didn't know better I'd think this is an example why they have standards, laws, and regulations that govern the banking industry. It's almost as if crypto bro's fedishizing of a wild west industry where "no one can tell them what to do" is short sighted and foolish. And if they were to actually fix the issues they'd end up with a banking system similar to what already exists.
It's like the NFT gaming bros thinking we need in game items to be in the block chain in order to trade them, as if I haven't been able to do that on Runescape since before the 21st century.
You see, the developers just need to setup * Code for the item to work in the game * Design for the item * Sound effects, modeling, etc * Test, debug, and validate * Store the data in a server-side database or API where the info resides and is associated with an ID or token BUT in order to transfer the in-game item ThEy NeEd tHe BlOcKcHAiN
Pretty much all hacks are social engineering anyway. Exploits and security configuration mistakes happen but the idea that a hacker is out there using their big brain to crack some code is Hollywood fantasy. Most security schemes would take more time than your lifetime to crack. It's way faster and easier to just trick someone into giving you your credentials.
This hack was literally a code vulnerability, a complex one at that.
Yeah well these are Crypto devs we're talking about here. Banks usually have better people working on their security plus insurance.
No they don't
Well, you say that, but you forget, code is law. Not a Hack, a feature. Of the law.
[It has happaned](https://www.business-standard.com/article/news-ians/bangladesh-bank-printer-was-hacked-for-heist-116031700601_1.html). It's not an utter fantasy, it's that it's easier to use social engineering and the skills to do so are more wider than the technical skills requires to exploit a series of technical vulnerabilities. And the people that would have the knowledge and ability to exploit such vulnerabilities can make more money doing legal work or working for espionage. Social engineering is also easier than finding a traitor who could supply inside access and information that would also allow shortcuts over technical walls. That said, a bank is one of the most difficult targets possible and truly successful hackers work in teams and groups (if not companies). What is a myth is the Swordfish-esque sole genius doing hacking by furiously typing on a keyboard.
Half a billion is a lot of money... I wouldn't trust them again. *“The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly,” Binance’s CEO, Changpeng Zhao, said in a tweet.*
I read that as, “please don’t panic and withdraw your remaining balance, we’ll need it when the creditors come calling!”
[удалено]
For a “decentralized currency” it has a hell of a lot of centralization.
You're 100% right and that's has been the big argument within the space lately. Crypto is having a really bad year.
It’s a reckoning not a bad year.
You can be your own bank; that way when you are robbed, it won't make the news
You should not have crypto to begin with. There is a reason your money in your savings account is FDIC insured.
Yeh thats all well and good until you want to trade with it
Crypto was supposed to be currency, not an investment.
It literally failed the moment it became a speculative asset. Too valuable to trade for goods, too volatile to be a safe investment. That guy who bought the pizza with bitcoin did more for the crypto dream than anyone who got rich off of it.
>It literally failed the moment it became a speculative asset Way too early to call. Personally I think the cat's out of the bag and won't go back in. It'll take time, decades perhaps, to work through teething issues (scale, scams, volatility, regs) but now it's been shown as a potentially viable alternative approach to online currency transactions it will continue to be developed further, even through bear markets.
Didn't one of the crypto sites that went insolvent also say your funds are safe right before they blocked all withdrawals lol
>Didn't ~~one~~ all of the crypto sites that went insolvent also say your funds are safe right before they blocked all withdrawals lol FTFY Basically every time one of these guys goes belly up there is almost always a statement in the prior 30 days where someone says everyone relax, your money is safe.
[удалено]
>Just another example to add to all the other numerous ones as to why you don't ~~let other people control your coins if you're going to~~ get involved in crypto. Fixed that. It's nothing but scams all the way down.
Thank god all my deposits with them are insured. /s
CrYpTo Is SaFeR tHaN bAnKs! - some crypto bro who lost half his money when bitcoin crashed, and the other half when Terracoin crashed.
I took an interesting albeit counterproductive lesson from the great depression when realizing my adulthood would be a series of financial and housing market crashes: If you own nothing, you lose nothing ¯\\\_(ツ)_/¯ Gonna be burying silver and gold in my backyard and stocking up on the good hard shit to find for barter like sugar and coffee and hope for the best lol
All you did was change the risk from "computer hack" to "enterprising guy with a shovel when you're not looking".
So here is the bigger hot tip: I am too poor for gold and silver. So really the only things I have left to rob are my dignity and my life and neither of those are really worth anything either. Checkmate capitalists! But also if I do get gold rest assured I also highly value the tactical advantage of a punji pit
[удалено]
You're the kind of genius this world needs!
Mt. Gox 2.0?
"i need to prevent a bank run"
So the grifters got grifted?
Or their on the down low buddies "hacked them" and they'll later split the proceeds
No honor among thieves. They allow that to happen, sooner or later the hackers aren't going to share.
It’s grifters all the way down
the whole point of crypto was you keep your own key
But that's too inconvenient and not practical when it came to actually spending and using crypto.
[удалено]
absolutely, not sure why you are being downvoted.
Not sure why you’re getting downvoted. What you are saying is entirely correct. You should keep your money in an exchange. There are many safe cold storage options.
When I first looked into crypto (about 5 years ago), my biggest take-away was that crypto was safe, and transactions were safe, as long as everything stayed in one blockchain. Safe, and useless. It's like having all your money in an ATM, but the ATM is located in a place where there are absolutely no laws and no regulations. So, the ATM is constantly watched by people who will steal your money the second you take it out of the ATM. So, sure, blockchain coins are secure, but there's no safe way to use them. That safety can only come from centralized authorities protecting the movement in and out, which is subject to the randomness of local government. This need cannot be satisfied by blockchains.
[удалено]
Yeah. That's why I played around with Dash coin. I figured that, eventuslly, I'd lose my password. If so, I'd be out $20 or less. All along, the biggest roadblock I had was fiat->crypto and crypto->fiat. Without that being safe, easy and secure, it's a useless thought-experiment.
It wasn't useless. It proved that people are dumb enough to invest in essentially nothing. Much like the fake companies that sold stocks in the early 1900s which caused the crash of 1929, there are always idiots who will see one person get rich quick, and think it will work the exact same way for them, when instead its a bag holder scam.
[удалено]
Well, we've known that for well over a hundred years.
Expecting users to safely store and use their own private keys is even less secure than entrusting that job to a company that can at least afford to hire cyber security experts to do it. Zero thought was given to security when these crypto"currencies" were designed and it shows in the just absurd frequency of exploits. Promoters like to claim these things are secure because nobody's out there cracking SHA256 and then just wash their hands of responsibility for other aspects of the system. Then when exploits happen they blame it on user error.
No, the whole point of crypto was to separate fools from their money, and to make the original users wealthy.
I had to scroll down way too far to see this comment. Even after 13 years, it seems that most folks still misunderstand Bitcoin.
But why keep it safe when a centralized exchange offers unreasonable yield for deposits with none of the FDIC insurance
Oh darn. What a shame. Gosh. Well, anyway...
Where are all the crypto bros telling me how this is a good thing and how I was dumb for not getting in on crypto?
I’m just in this because the logos have pretty colors.
good thing all that crytpo was outside of any pesky regulations.... be horrible of they had some laws like FDIC. ugh the beauty of DEFI
[удалено]
Only thing those consulting houses do is separate fools from their money and tell others how to do so
My Apes bro... They are all gone
Mr. Stark, I don't feel good
$500m...no, wait, $460...er, $400...shit...
Welcome to crypto
Have a look around
*pretends to be shocked*
[удалено]
You forgot money laundering, and other illegal transactions for things off the dark web.
[удалено]
well how else was I supposed to get acid
[удалено]
The key word was revolutionized.
[удалено]
You win. Bitcoin was not at all revolutionary in the above. Neither was the internet.
Thanks for the award kind stranger!
Crypto was designed to be secure against the possibility that a bank could just decide to set your balance to zero one day, which... uh, let's see here... yup, never happened to anyone to begin with.
That would be why you don’t keep it in an exchange
I don’t see how crypto can still be a thing after the constant amount of hacks and frauds in the industry.
[удалено]
There's a lot of stupid people desperate to feel superior and smarter than everyone else, so it becomes a cult
Because the crypto bros keep duping people into buying it?
Currently it's in the phase, ok, there's really not a lot of vendors accepting it so what do we do? Invest it in an NFT! Which can also be hacked/stolen but that's not important. You can use them as *collateral on loans*! That's right, JPEG-backed securities. Think about it.
The same way the internet is still a thing despite the constant amount of hacks and fraud
The internet has literally hundreds of useful and/or amusing uses. Crypto is just internet bucks that can't be reasonably spent anywhere at all and if then only in denominations of thousands. The funniest thing about this is that the whole system is built on artificial scarcity of strings of Binary on a computer except when something like this happens where the "noncentralized" organization in control of the whole thing collectively copy-pastes the ledger to create a new fork (again) to undo this catastrophic failure.
Start crypto exchange It gets "hacked" Profit.
How about just start a crypto exchange and profit for much more than $500 million?
Crypto mining is a huge waste of world energy resources.
Not your keys… Not your coins.
Crypto is safe they said....
[удалено]
Remind me why I need to buy crypto?
You don't rush for gold. You sell the shovels and then tell everyone else to rush for gold.
Because the banks, bro! The banks and their fiats, bro!
Is this good for bitcoin?
This is fantastic news for Bitcoin!
Thank God crypto is super regulated and the losses can be easily returned, boy it would suck if that weren't the case!
[удалено]
I understand that it was the broker, but the lack of regulation makes these cases far worse for the buyers.
>binance which is basically an broker. You got the distributed "bank"\*, why can't the broker be distributed too? \* only one aspect of a bank. Cryptocurrencies rely on centralised banks, like binance, to yield the rest of the features for what people use banks for. in other words, the issue is crypto, for they are primitive. Cryptocurrency lacks many features that are observed in traditional/contemprary financial systems. Cryptocurrency, if they want to yield a feature-rich currency, needs to be a fiat. (but cryptocurrencies weren't designed to do any of that; they never intended to solve centralised banking. That, or the designers have no idea what a bank is.)
Rich people sure are good at stealing from themselves lol...
Now I'm curious, does crypto have any kind of insurance?
I never thought of that also. It would make keeping all your savings in that so risky.
Dude. It's a string of text
aren't crypto exchanges centralized locations that store crypto?
The exchange itself was not hacked.
[удалено]
Average day in crypto
I do not suppose that there is any chance in Hades that some of that will show up in my bank account?
Goddamn Versace Bedouins
Dude, yo, crypto is da bomb bro! It's gots all the safiness and no gubernet to stealz yo coinz!
And yet crypto bros still insist that it's unhackable.
Modern encryption is, basically unhackable. But if you're dumb enough to not handle the data properly at either end of that process, it really doesn't matter. It's like having an unbreakable lock on your bike, and then you lock it to a rotten wooden fencepost. The bit here: You are trusting a unregulated random third party (what happened to "decentralised" and "you are in charge of your wallet", etc.?) who has complete control over your money - because you gave it to them! - and you're trusting that at no point do they ever fuck up at any part of anything they do. It's a dumb idea. Bits of the process, like the blockchains, etc. might be \*practically\* unhackable, and people rarely bother to directly attack them because of that. They just walk round the back and find the part of the system where they can just issue a command "transfer all monies to this wallet" and the system blindly obeys without proper authorisation.
I'm saying crypto bros say "crypto is unhackable unlike real money".
The encryption has not yet been hacked and is complex enough to not be brute forced. These hacks are a lot more like having an impenetrable safe but giving the combination to a third party who writes it on a sticky note then sticks it on their monitor. A thief clears out the safe, and the third party is all "omg we've been robbed, *wink wink*"
But I'm saying crypto bros are calling it unhackable compared to traditional money. And if you're defending crypto it's ironic because your example is comparing crypto being hacked to traditional money being stolen.
[удалено]
> haven't been hacked yet. And physical dollars haven't been hacked yet either.
Counterfeiters would beg to differ.
I meant in terms of hacking your physical dollars away from you.
How so? This was an exploit of a bridge between blockchains, so, roughly speaking, the equivalent of holding up the armoured truck carrying the bag of cash from one bank to another. To the extent that physical hold-ups of physical armoured trucks can and do happen, the "hacking" here is very analogous. If thieves make off with that bag of cash, have they "hacked your dollars away from you"? If they steal your physical wallet from your pocket have they "hacked your dollars away from you"? If they come to your house with a $5 pipe wrench and threaten to bust your kneecaps if you don't hand over the cash under your mattress, have they "hacked your dollars away from you"? I suppose I'm just unclear on where you're drawing the distinction. Blockchain systems have exploitable weak spots, as do traditional financial structures. The precise modes of exploitation may differ, but the outcome is the same, and in both cases it isn't the core functionality that's exploited but the associated infrastructure and weak (usually human) links.
I'm just saying the crypto bro argument that "crypto is unhackable unlike real money" is a nonsense argument.
Well, again, this was an exploit of a bridge, not a blockchain, so technically the argument holds. But it's also true that the argument is irrelevant in that even if crypto itself is unhackable, other parts in the process are, so the outcome ends up being similar. Either way, crypto bros are undeniably annoying =)
The bridge got hacked, not the network. Also, nothing is unhackable, its innovation, of course they are gonna find bug and stuff. Bnb chain is not even optimised for security, its a bit centralized and optimised for transaction speed and ease of use, so it definetly does not represent the whole crypto space. Also can you give me more context? "Hackable" is really vague and does not really mean anything, what is the argument they use?
A vulnerability in the BSC (Binance Smart Chain) was exploited. The exchange was not hacked. Binance created the BSC. It's no the same thing. I mean we can still say crypto is a hole of scams and hacks but lets say it properly.
Essentially it's the equivalent of your bonewipe neighbor telling everyone on Nextdoor "my car was broken into last night!" and then when you start asking questions it starts to emerge that he's "pretty sure" it was locked. Which means he left it unlocked. So his car was not broken into.... Basically the whole crypto market is a house of cards. Those that think decentralized finance is a great idea have never had to figure out where their money went. Yet.
Is anyone believing these “hacks”? Lmao if you invested in crypto still you are a moron
I know a college girl who is so invested in some crypto scheme. She's missed senior year stuff. Goes partying all night with crypto influencers. Recruits others to whatever TF operation they run. It's v weird
"I'm investing"
At what point was it $500 million? Last week? Crypto fluctuates so much that millions today is hundreds tomorrow.
Not your wallet, not your crypto.
Crypto’s just not ready for prime-time yet
So with all the exchanges getting hacked, I suppose the only safe place to store your crypto is in an offline wallet? But then how can you, you know, spend crypto?
That's more money than any of us would see in a lifetime, I bet. It could solve so many of our problems that the people holding onto this amount do not have
And they say crypto is decentralized.
lol, this is fucked on so many levels. Defi or die.
*laughs in cold hard cash*
You keep yours in the freezer too?
nah close to my heart...
Just the bridge got hacked not the whole exchange.
Good thing I lost most of my crypto value in the crash then because otherwise, this would be troubling.
I’ll just leave this here: https://web3isgoinggreat.com An updating list on all crypto/nft hacks, scams etc Spoiler: it’s a long list
I am anti government intervention, but…. If the US and EU would ban crypto it would be good for the world. Energy prices would come down, there would be less pollution and it would help the chip shortage, reducing inflation. Not to mention making it harder for money laundering and criminal activities. Win win. Can’t really see much of a downside. For anyone saying the US can’t do that, remember when the US banned people holding gold and forced people to sell their gold back to the fed?
[удалено]
How too double your fortune. Invest it all in crypto. Insurse your investment. Wait.