What happens when wallets (personal or at an exchange) are hacked? What is “sweeping” with regards to private keys? After a hack, is it possible to track the stolen bitcoin and identify the hacker? How do you keep bitcoin safe in a group / corporate environment? Is it possible to create a multi-signature setup with Trezor and Electrum? Could passphrases be brute-forced? What is happening with browser extension deprecation?
You will have to evaluate which tools are the best based on the amount of cryptocurrency you own, your circumstances, and your threat model.
“‘I Forgot My PIN’: An Epic Tale of Losing $30,000 in Bitcoin” – https://www.wired.com/story/i-forgot-my-pin-an-epic-tale-of-losing-dollar30000-in-bitcoin/
These questions are from the MOOC 9.3 and 9.4 sessions, as well as the (rescheduled) April Patreon Q&A session, which took place on March 2nd, March 9th, and May 5th 2018 respectively. Andreas is a teaching fellow with the University of Nicosia. The first course in their Master of Science in Digital Currency degree, DFIN-511: Introduction to Digital Currencies, is offered for free as an open enrollment MOOC course to anyone interested in learning about the fundamental principles. If you want early-access to talks and a chance to participate in the monthly live Q&As with Andreas, become a patron: https://www.patreon.com/aantonop
RELATED:
Software distribution security – https://youtu.be/_V0vqy046YM
Protocol development security – https://youtu.be/4fsL5XWsTJ4
Geopolitics and state-sponsored attacks – https://youtu.be/htxPRTJLK-k
How to get people to care about security – https://youtu.be/Ji1lS9NMz1E
Exchanges, identity, and surveillance – https://youtu.be/TVFy8xXfxAA
What is the roadmap? – https://youtu.be/5Eoj_sKyC90
Why developers are leaving banks – https://youtu.be/GqOZ4IAQ-xQ
Honest nodes and consensus – https://youtu.be/KAhY2ymI-tg
Why running a node is important – https://youtu.be/oX0Yrv-6jVs
Lessons from the hard fork – https://youtu.be/hnAWAVNnGCw
Cryptographic primitives – https://youtu.be/RIckQ6RBt5E
Nonces, mining, and quantum computing – https://youtu.be/d4xXJh677J0
Public keys vs. addresses – https://youtu.be/8es3qQWkEiU
Re-using addresses – https://youtu.be/4A3urPFkx8g
Using paper wallets – https://youtu.be/cKehFazo8Pw
Wallet design and mass adoption – https://youtu.be/WbZX6BDZJHc
Secure, tiered storage system – https://youtu.be/uYIVuZgN95M
The Courage to Innovate Without Permission – https://youtu.be/ywq6NBETUJ8
What is Consensus: Rules Without Rulers – https://youtu.be/2tqo7PX5Pyc
Decentralized Truth – https://youtu.be/XCVaabu3J04
Andreas M. Antonopoulos is a technologist and serial entrepreneur who has become one of the most well-known and respected figures in bitcoin.
Follow on Twitter: @aantonop https://twitter.com/aantonop
Website: https://antonopoulos.com/
He is the author of two books: “Mastering Bitcoin,” published by O’Reilly Media and considered the best technical guide to bitcoin; “The Internet of Money,” a book about why bitcoin matters.
THE INTERNET OF MONEY, v1: https://www.amazon.co.uk/Internet-Money-collection-Andreas-Antonopoulos/dp/1537000454/ref=asap_bc?ie=UTF8
[NEW] THE INTERNET OF MONEY, v2: https://www.amazon.com/Internet-Money-Andreas-M-Antonopoulos/dp/194791006X/ref=asap_bc?ie=UTF8
MASTERING BITCOIN: https://www.amazon.co.uk/Mastering-Bitcoin-Unlocking-Digital-Cryptocurrencies/dp/1449374042
[NEW] MASTERING BITCOIN, 2nd Edition: https://www.amazon.com/Mastering-Bitcoin-Programming-Open-Blockchain/dp/1491954388
Translations of MASTERING BITCOIN: https://bitcoinbook.info/translations-of-mastering-bitcoin/
Subscribe to the channel to learn more about Bitcoin & open blockchains!
Music: “Unbounded” by Orfan (https://www.facebook.com/Orfan/)
Outro Graphics: Phneep (http://www.phneep.com/)
Outro Art: Rock Barcellos (http://www.rockincomics.com.br/)
source
sir I will appreciate if u please tell me how to recover bitpay multisig wallet if u have all three phrases
Sir is copay multisig very safe?
Can you talk about threshold cryptography? Much better than multi sig and will be more prevalent over the next year.
6:20 multisig
Dear Andreas these wallet oriented lectures are one of the most valuable ones in my opinion. Thank You!
Is this the reason why ledger made a desktop wallet to move away from chrome, what about metamask like wallets
"As soon as an attacker gains control of your private keys, the first thing they will do is do a sweep."
I disagree.
An attacker that has access to your private keys may also have access to the private keys of many other people, accessed by the same unknown exploit or vulnerability that affects the victim(s).
If the attacker sweeps one wallet from one victim, or even several victims, the likelihood of the security vulnerability that led to the compromised keys becoming known increases. Once the vulnerability becomes known, people will react and destroy the attacker's chance of stealing the funds.
If I'm malwaring many different victims via a specific attack vector, it is in my interest as an attacker to wait before sweeping. If I sweep 1-2-3-4 victims, other potential victims will get wise and adjust. As an attacker, I would rather wait until the attack has allowed me access to a larger number of victim's wallets, THEN sweep.
We will see this one day. A major exploit that some attacker sat on for months, or years, quietly accumulating private keys…and then one day…BAM…time to sweep.
The future fucking scares me.
i really hope to have the knowledge that Andreas has some day.
Please unblock my Twitter I have no idea why it's blocked. ??
Whats a multisig system?
Trezor uses a doubling delay and Ledger uses a wipe after X failed attempts for protecting the pin from brute force attacks. Both are effective methods for pin protection.
something about the music at the end gives me a bittersweet aching feeling, somewhat like nostalgia. Except it's a premonitory sort, as if I can already feel how someday I'll look back at now and long for the relative youth or innocence or simple life that I'm current experiencing
Omg andreas replyed to me? #1 fan here?
I would be lost in the crypto dessert dying of thirst without this dude. Thanks Andreas one of my favorite videos of you is when you schooled The Canadian Banking Committee. I recommend this vid for everyone, still relevant in many ways it seems https://www.youtube.com/watch?v=xUNGFZDO8mM
Great info – Thanks
Thank you
Many thanks for yoir contents au usual.
About tracking stolen crypto.: once the cryptos are moved to an exchange wallet why can't the person be identified? There is an identity behind it (kyc is required) and i guess in case of theft some agency can enforce the disclosure of the identity… what do i miss here?
thanks
for high profile thefts there are companies like chainalysis or elliptic and more than are specialized in reconciliation Wallet adresses to IP adresses. This is how the IRS know who owns what for eg
Next level Smashed the like
Andreas, Thank you for your service work.
Thanks for doing your part Andreas.
Always use a strong password and backup wallet.dat, DeepOnion and other QT wallets are the same.
By far the best friend to the bitcoin community. Thanks Andreas.
If(andreas) likes++;
I make my own paper wallets :p
Who the fuck down voted