As some of you know by know, I have been a proponent of Bitcoins for some time. I believe that Bitcoin is a truly revolutionary technology and a harbinger of things soon to come.
At the same time, Bitcoin is also a nascent technology and as such has many rough edges that still need to be smoothed out. One of its most serious weaknesses is the security model. A prominent member of the Bitcoin community unfortunately learned this the hard way when over $500,000 USD in current value were stolen.
Currently, all wallets are stored on the hard drive in unencrypted form. This means that anyone with access to your hard drive can steal your coins. This is akin to walking around on the street with tens of thousands of dollars in your pocket. Anyone can mug you and take it all, leaving you with little to no recourse.
What makes this a particularly glaring flaw is that anyone with a copy of your digital wallet can not only steal your current coins, but all of your future coins as well. You see, your bitcoin wallet is really more like the keys to the safe. If someone copies your keys, they can access your safe anytime they want.
Bitcoin will soon feature encryption which should reduce the surface area of this sort of attack, but that won’t protect users if they’ve been using unencrypted wallets in the past and those managed to leak out with them unaware. They would have to transfer all coins to the new wallet, and ensure nobody was still using any of their old addresses.
This also still leaves the problem of keyloggers, trojans, and weak passwords. If your keys can be duplicated, and worse, can be used against your future coins as well, then you only have to fail once to be wiped out. That is simply not robust and not acceptable for any system which can store large amounts of value.
When it comes to the banking system, fraudulent transactions can be reversed and can be traced. Bitcoins are more akin to physical cash or bullion, which leads to many advantages such as decentralization and lower fees, but also leads to many disadvantages as people become responsible for their own security.
The reality is that most people are not security experts and most people do not run uber-hardened systems. If Bitcoin is to become a serious competitor then the infrastructure surrounding it needs to become more robust. I still believe that it is a truly revolutionary technology with great potential for disruptive change, and it has a great future for micropayments and other similar niches, but it is currently too easy for an average user to get hacked or otherwise lose all of their Bitcoins.
Posts of the week
This week I guest posted over at Super Frugalette, writing “Going for quality is the frugal way”. This post is about the ongoing choices we have to make between quality and cheap.
On to weekend reading!
Weekend Reading
- Financial Risk in Leveraged Investing (Beating The Index)
Bitcoin
- A risky currency? Alleged $500,000 Bitcoin heist raises questions (ars technica)
- Bitcoin and the End of State-Controlled Money (The Biz of Life)
- Bitcoin Open Forum (FOFOA)
- BitCoin – How I Missed The Trade Of The Year (Run to Gold)
- I just got hacked – any help is welcome! (25,000 BTC stolen) (Bitcoin forums)
- The Rise of Virtual Currencies (The Amateur Financier)
The economy
- A collection of Links on China (101 Centavos)
- Overexposed: European Debt, Systemic Risk, and Stealth Bailouts (Balance Junkie)
- PEAK OIL. It’s Here. We’re Screwed. [CHART] (Darwin’s Money)
- Poor People Control 61% of World’s Wealth (The Daily Capitalist)
Investing
- A Millionaire Teacher (DIY Investor)
- Fractional Shares (MomVesting)
- Short List of Stocks for June 2011 (The Passive Income Earner)
- Vanguard is finally coming to Canada (My Own Advisor)
Miscellaneous
- 4 Quick Ways to Use Leftover Chicken (Out of Debt Again)
- Avocados Or 5 Dollar Bill? (Everyday Tips and Thoughts)
- Borsodi, industrial slavery, and rebooting the Matrix (Early Retirement Extreme)
- Craigslist – Getting Rid of Stuff (Budgeting in the Fun Stuff)
- Dirty Marketing (In Search of Salt)
- Early retirement… the depressing truth? (7million7years)
- Gold Plated Pensions – A Blessing Or A Curse? (youngandthrifty.ca)
- It Does Not Pay To Be Responsible (Investor Junkie)
- Light Bulb 110 Years Old (Frugal Zeitgeist)
- Proud To Be A Yakezie Blackbelt! (My Personal Finance Journey)
- The Diminishing Value of Your Degree (Finance Fox)
- The High Cost of Drugs and Crime (Hope to Prosper)
Personal finance
- Buying a House – Run the Numbers! (Couple Money)
- How To Get Rich Off $30,000 Per Year (Buy Like Buffett)
- Money Problems: Why Do You Have Them? (Life and My Finances)
- Save By Sharing One Car (retireby40.org)
- What Do You Do at Night? I Try to Make Money (My Journey to Millions)
- What if Everyone Was a Frugaler? (Beating Broke)
- What is the Durbin Amendment? (Wealth Artisan)
- When Babci’s Frugalness Goes too Far (First Gen American)
- When Good Personal Finance Practices Go Too Far (Len Penzo)
Carnivals
- Canadian Finance Carnival #40 (Canadian Finance Blog)
- Carnival of Financial Planning – Edition #188 – June 10, 2011 (The Skilled Investor)
- Festival of Frugality #283: Coupon Facts Edition (Chief Family Officer)
- The Yakezie Carnival: Wedding Edition! (The Amateur Financier)
Have a great weekend, everyone.
I had never heard about Bitcoin until earlier this week. I thought it was an interesting concept. One of the features of Bitcoin as I understood the article that I was reading was the security since I thought it was a 32 character password (? not sure if I am right since I am not tech savvy). Now I see that someone lost $500,000 worth! Unbelievable. I will have to learn more but am thinking that having all eggs in one place is not a good idea.
A Bitcoin is just about impossible to fake, but they are not impossible to steal… that’s the downside. Imagine a cash that was very difficult to counterfeit, but could still be taken from someone else’s wallet. That’s the situation we have with Bitcoins.
Have you tried mining Bitcoin? How did it work out?
I tried for a few days and it was just not fun. The computer spew out so much heat, it was making me uncomfortable.
I did back near the project’s beginnings back when it was still easy to do so with cpu mining. I didn’t take it seriously at the time though and I just ran it every now and then, so I certainly didn’t amass a stash like the guy in the story. In retrospect I should have been pumping those 24/7!
Thanks for the link Kevin! I’m certainly not sold on the Bitcoin concept. It just doesn’t seem practical, and something else is going to be bigger and better, and leave them in the dust… that someone will probably be Google by the way things are going. 😉
Bitcoin is still a big experiment so it’s hard to say where things will end up, but it’s really great to see things progress and to see so much innovation taking place. In that sense there are no real losers since every iteration is a step forward.
Every time I hear anything about Bitcoin, I think of you! I had never heard of it until I read about Bitcoin on your blog awhile ago.
Thanks for the link, and have a really great weekend!
Hope you enjoyed the weekend as well! 🙂
$500K is a lot of money to have stashed in bitcoins. I don’t think I would be comfortable having $5K in BitCoins at this point in their development.
The early adopters are those with the largest balances since they mined Bitcoin when they were worth pennies and when there wasn’t much mining competition. Now these balances are worth millions and this is attracting hackers like flies to honey.
Thanks for the mention. I hear Bitcoin has been having some problems of late.
Yep first there was the huge hack and then apparently millions in value were stolen on MTGOX. It’s been reported that the theft has been reversed save for $1000 USD, but at this time since not much information has been released it’s hard to say how many bitcoins and USD made it off the exchange before it was shut down.
I’m not yet sold on Bitcoin, but could be interesting to watch the uptake. I guess I’m taking a wait and see approach like others.
Thanks very much for the mention, have a great weekend!
Thanks, Mark! Whether it’s Bitcoin or something else this is a pretty interesting experiment!
Hi Kevin, Just saw an article about this in Bloomsburg Businessweek magazine. Thanks for the info, very interesting. Clearly, the hacking risk seems kind of scary.
Internet security is going to become increasingly important as more and more of our lives move online! This is clearly being seen with the events at Sony and other places. I just hope that this isn’t used as an excuse to wrap up some dirty legislation in the guise of protecting internet users.
Thanks for the mention! I can’t say I am sold on bitcoin but I find it an interesting concept.
I think it will continue to fill a niche so long as people continue to find it valuable. It needs more work before it’s ready for the mainstream, though.
Sad they lost that cash :(. I guess I will wait at least until bitcoin encrypts their cash but still very interested.
Thanks for the link.
Encryption should be the minimum, but it only reduces the attack vectors, it doesn’t eliminate them. Also, since a wallet is really like the keys, just having a wallet out there in the wild is a risk even if it’s encrypted. After all, if the safe is valuable enough one can bring significant resources to bear against cracking the encryption.
Thanks for the link Kevin. I appreciate it… though I think you might have been thinking of other things when you entered my blog name 😉
Haha woops! I’ll go and fix that right now.
Fascinating stuff…. Logical that that the solid encryption of Bitcoins themselves doesn’t extend to the individual “wallets”. Not very practical, but logical. If Bitcoin is to progress beyond curiosity, it will have to address these issues, and it sounds like they are being addressed.
Thanks for the link.
Unfortunately the data has to be decrypted at some part of the chain in order for it to be read. It’s like having a set of keys to the safe… you need at least one copy! Encryption would not have helped the guy who was hacked because his computer was compromised… meaning the hacker would have had full access to his data and could have used a keylogger to capture his password.
Something stronger will be needed down the road. I’m not sure what, but probably some form of two-factor or even higher encryption is needed, as well as confirmation for large transactions. This is impossible with a decentralized non-repudiable currency like Bitcoin unless you build infrastructure on top of it that supports it, but then you introduce counter-party risk by doing so.
It’s still looking good for micro-transactions IMO but I’m not sure about keeping large stores of value in the system, especially not ATM.
Speaking of counter-party risk, the largest exchange MTGOX has been down for a couple of days now after a major break-in compromised everyone’s accounts and drove the market price to $0.01! They are currently auditing their systems and preparing for a rollback of the most recent trades.
I guess I’m out of the loop, but I hadn’t heard of Bitcoin until I read your article. Thanks for enlightening me! Thanks for including my article too. 🙂
You’re welcome! Definitely a lot of interesting developments with Bitcoin.
Thanks for the mention, Kevin. Hope you’re well!
Thanks for stopping by! 🙂