How secure is Google Authenticator? What are some hardware two-factor authentication options? When will these hardware security options become cheap enough for frontier markets?

These questions are from the HoshoCon event and the Seattle ‘Internet of Money’ tour event, which took place on October 11th and November 10th 2018 respectively. If you want early-access to talks and a chance to participate in the monthly live Q&As with Andreas, become a patron: https://www.patreon.com/aantonop

RELATED:
Advanced Bitcoin Scripting, Part 1: Transactions and Multisig – https://youtu.be/8FeAXjkmDcQ
Advanced Bitcoin Scripting, Part 2: SegWit, Consensus, and Trustware – https://youtu.be/pQbeBduVQ4I
What is a private key? – https://youtu.be/xxfUpIV9wRI
Public keys vs. addresses – https://youtu.be/8es3qQWkEiU
How do I choose a wallet? – https://youtu.be/tN6b62sEpsY
Secure, tiered storage system – https://youtu.be/uYIVuZgN95M
Hardware wallets and attack surface – https://youtu.be/8mpDcBfNA7g
Setting up secure storage devices – https://youtu.be/wZ9LxLLvfXc
What is a private key? – https://youtu.be/xxfUpIV9wRI
How do mneomonic seeds work? – https://youtu.be/wWCIQFNf_8g
Using paper wallets – https://youtu.be/cKehFazo8Pw
Wallet design and mass adoption – https://youtu.be/WbZX6BDZJHc
Cryptographic primitives – https://youtu.be/RIckQ6RBt5E
Public keys vs. addresses – https://youtu.be/8es3qQWkEiU
Re-using addresses – https://youtu.be/4A3urPFkx8g
Coin selection and privacy – https://youtu.be/3Ck683CQGAQ
Multi-signature and distributed storage – https://youtu.be/cAP2u6w_1-k
Nonces, mining, and quantum computing – https://youtu.be/d4xXJh677J0
Software distribution security – https://youtu.be/_V0vqy046YM
Protocol development security – https://youtu.be/4fsL5XWsTJ4
Geopolitics and state-sponsored attacks – https://youtu.be/htxPRTJLK-k
How to get people to care about security – https://youtu.be/Ji1lS9NMz1E
Honest nodes and consensus – https://youtu.be/KAhY2ymI-tg
Why running a node is important – https://youtu.be/oX0Yrv-6jVs
Full node and home network security – https://youtu.be/uo58zmyXqFY
Running nodes and payment channels – https://youtu.be/ndcfBfE_yoY
What is Segregated Witness (SegWit)? – https://youtu.be/dtOjjB4mD8k
SegWit and fork research – https://youtu.be/OorLoi01KEE

Andreas M. Antonopoulos is a technologist and serial entrepreneur who has become one of the most well-known and respected figures in bitcoin.

Follow on Twitter: @aantonop https://twitter.com/aantonop
Website: https://antonopoulos.com/

He is the author of two books: “Mastering Bitcoin,” published by O’Reilly Media and considered the best technical guide to bitcoin; “The Internet of Money,” a book about why bitcoin matters.

Subscribe to the channel to learn more about Bitcoin & open blockchains; click on the red bell to enable notifications about new videos!

MASTERING BITCOIN, 2nd Edition: https://amzn.to/2xcdsY9

Translations of MASTERING BITCOIN: https://bitcoinbook.info/translations-of-mastering-bitcoin/

THE INTERNET OF MONEY, v1: https://amzn.to/2ykmXFs

THE INTERNET OF MONEY, v2: https://amzn.to/2IIG5BJ

Translations of THE INTERNET OF MONEY:
Spanish, ‘Internet del Dinero’ (v1) – https://amzn.to/2yoaTTq
French, ‘L’internet de l’argent’ (v1) – https://www.amazon.fr/Linternet-largent-Andreas-M-Antonopoulos/dp/2856083390
Russian, ‘Интернет денег’ (v1) – https://www.olbuss.ru/catalog/ekonomika-i-biznes/korporativnye-finansy-bankovskoe-delo/internet-deneg
Vietnamese, ‘Internet Của Tiền Tệ’ (v1) – https://alphabooks.vn/khi-tien-len-mang

MASTERING ETHEREUM (Q4): https://amzn.to/2xdxmlK

Music: “Unbounded” by Orfan (https://www.facebook.com/Orfan/)
Outro Graphics: Phneep (http://www.phneep.com/)
Outro Art: Rock Barcellos (http://www.rockincomics.com.br/)

source

RELATED ARTICLESMORE FROM AUTHOR

12 COMMENTS

  1. I would love examples of the "game theory" of how a USB hardware security device would be hacked on the computer side: such as, grabbing coins during a transaction via intercepting the address somehow (showing the wrong address on the computer side and the user confirming the wrong address on the device, etc.). For instance: you would fairly soon realize that the funds were not making it to the destination when the recipient doesn't report a successful transaction, and when you investigate, you will limit your losses by stopping using that computer before spending more, and you could cause an investigation that leads to catching the culprit in a full-public-ledger Bitcoin system like we used to have. Of course, today they're trying to turn transactions private, so that would turn out differently. I just want to hear examples of how this turns out.

  6. What, what? An SMS 2FA is way LESS secure? How is that possible? I mean whereas the app could be accessed remotely, there is no way a "hacker" could more easily just send a proper SMS to my phone number and access that, right?

  8. Praying and hoping that an economic downturn alone will automatically translate into a rise of value in crypto is fallacious at best: Crypto as a storage of value has several major hurdles to overcome to actually compete and perhaps overtake fiat/digital fiat, credit cards and other traditional access to liquidity, loans & credit. Acquiring crypto, spending crypto and cashing out of crypto is far from being stupidly easy – and it needs to become "stupid easy" before we will see masses (and their transferable assets) migrate said assets from one system to another – case in point: silver and gold – hoarders and dreamers dying to see a zombie and/or nuclear apocalypse thinking that only precious metals will then allow them to buy fuel and bread while these assets skyrocket to the moon is just plain dumb – Do I need to remind everyone why this is stupid?!? Crypto, on the other hand, has real potential of establishing itself as part of a serious international trade system, however, building an easily accessible & usable transactional systems around this asset class is detrimental to the entire system's survival; Innovation is the key here which has not much to do with the downfall of wall Street: "Buy crypto because money is shit" is a very weak sales argument – Miners, Hodlers and crypto day traders do not help advance crypto adoption – but using and spending crypto with trust and confidence does help grow this tiny novelty ecosystem into the novel marketplace it needs to become – by proving itself superior (not by comparison) but by decree and trust.

  9. Good video. More useful videos like this should propagate the crypto sphere. I think we lost our way as crypto enthusiasts (not the crypto projects themselves) in 2017 where price and moon talk was all you heard. In 2018 it's not better, still all the talk is about prices, prices or prediction of prices, "when next moon bull run, etc, etc. It's all "white noise". Personally, I'd like more videos of substance like this one and adoption, etc.. Keep up the good work Andreas!

  10. RE: 7:45 … I'd like to point out that most hardware wallets do not "improve privacy" but, on the contrary, usually reduce a user's privacy when compared to a good software wallet like Electrum. A hardware wallet like TREZOR for example will export your xpub key in a web app or to myetherwallet.com, malware on your computer, etc. A bitcoin xpub for.example will expose all of your previous and future transactions to anyone with access. If an attacker observes your IP address at the same time (especially if you are at home, logged into some network associated with your identity, etc) — they will have tremendous amounts of clustering metadata to deanonimize your transactions.

    One can hiwever use the TREZOR with Electrum for Bitcoin transactions. This will improve your privacy if you trust the backend server. You can also use Tor, which will obfuscate your IP address.

    Note: none of this affects the hardware wallet's ability to secure your private keys. Reputable hardware wallets work great for this purpose.

    One can make an argument that privacy and security are interdependent in the situation where an attacker might target you directly based on leaked information.

    One final comment: in the situation of Monero, hardware wallets directly interact with the full-node software, so they offer nearly identical privacy. Which is good.

  11. What's that? There's a $20 hardware wallet? I thought I missed out on the Black Friday 50% Nano S deal. Now where is this $20-$30 Hardware wallet? Guess I can wait. I still didn't buy any coins yet. Guess I'm still waiting for this meltdown to finish. Thanks for another quick and honest vid.

LEAVE A REPLY

Please enter your comment!
Please enter your name here