| ▲ | gargan 5 days ago |
| You don't need a spoofed email to steal someone's crypto. Criminals can just hold a gun to your head and demand your keys. It's happened lots of times and it's why traditional banks are way more secure than crypto. Well done to the author for talking about it, but I hope the real lesson is learned that crypto isn't a real store of wealth and can be stolen at any time.... |
|
| ▲ | pavel_lishin 5 days ago | parent | next [-] |
| True - but a phone call scales much easier than driving to someone's house with a gun. |
| |
| ▲ | lo_zamoyski 4 days ago | parent | next [-] | | I've been told that scammers aren't interested in making scams too good, the idea being that you want to select for people who are bad at recognizing a mediocre scam, because they'll be more likely to play along for the entire scam. | |
| ▲ | prawn 4 days ago | parent | prev [-] | | Not just scale either. On the phone you're dealing with people having less fear from local repercussions, from reprisal, less care for the community, etc. |
|
|
| ▲ | ghurtado 5 days ago | parent | prev | next [-] |
| > Criminals can just hold a gun to your head and demand your keys. Sure, but this is Hacker News, not Mugger News. |
| |
| ▲ | ajross 5 days ago | parent [-] | | You miss the point. You can't mug someone for their Vanguard account. Robbery risk is limited to cash on hand, or arguably whatever the ATM limit is on your bank account. | | |
| ▲ | hvb2 5 days ago | parent | next [-] | | Aren't elderly phone scammed out of huge amounts from bank accounts often?? | | |
| ▲ | Legend2440 5 days ago | parent | next [-] | | Yes, but it's more involved. They typically get the victim to withdraw the money themselves, then send it to the scammers via wire transfer. Like crypto, wire transfers are difficult to track and irreversible. | | |
| ▲ | carlosjobim 4 days ago | parent | next [-] | | There's nothing easier to track than a wire transfer. Banks just don't want to do it. | |
| ▲ | beeflet 4 days ago | parent | prev [-] | | So what is stopping someone from holding a gun to your head and forcing you to conduct a wire transfer over the phone or internet? | | |
| ▲ | Legend2440 4 days ago | parent [-] | | Online banking wire transfers are subject to a relatively low daily limit. You must appear in person and show ID to wire large amounts of money. The victim may also have a chance to cancel the transfer, because they’re not instant. (especially outside of business hours) It’s just not an attractive way to mug someone, it’s easier to take them to an ATM. | | |
| ▲ | hvb2 4 days ago | parent [-] | | This is only true in the crappy system of the US. In Europe a wire is instant with no recourse. Most banks have processes for giving money back in some of these cases. |
|
|
| |
| ▲ | fabbbbb 5 days ago | parent | prev | next [-] | | Not sure about the distribution, often it’s cash or jewelry that’s already home. Bank tellers and even taxi drivers get increasingly educated to stop such suspicious withdrawals/meetings. | |
| ▲ | doctorpangloss 4 days ago | parent | prev [-] | | you're suggesting that the poster is shoving his hate of crypto currencies into this conversation, and not making a sincere statement about security that withstands even the tiniest amount of scrutiny? |
| |
| ▲ | janalsncm 5 days ago | parent | prev | next [-] | | Actual risk is lower than that since you’ll possibly get your money back from a real bank. | |
| ▲ | aqme28 5 days ago | parent | prev [-] | | People do get taken hostage until they give up their crypto accounts sometimes. There was a prominent one in NYC recently that was on the news again due to--basically-- the alleged involvement by one of the stars of a popular reality tv show. |
|
|
|
| ▲ | beeflet 4 days ago | parent | prev | next [-] |
| In cryptocurrency, you can use a multi-signature account to define your own security setup. For example, even a 2-of-2 setup with a trusted authority like a bank is straight-forward improvement in security over the conventional bank system. You can go further, for example consider a 3-of-5 setup with 2 keys in security deposit boxes, 1 key on a laptop, 1 key on a phone, and 1 key on a hardware token. You can set the hardware token to erase its keys when the wrong pin is entered, making it pretty rubber hose proof. |
| |
| ▲ | hvb2 4 days ago | parent [-] | | But no one will require that. When you do, no new money will flow into crypto and the music stops. And no one in crypto wants that. So you want there to be as low of a barrier of entry as possible, which is how we get here... Especially when transactions can't be traced | | |
| ▲ | beeflet 3 days ago | parent [-] | | It doesn't need to be required of anyone. People are responsible for their own funds and have their own security/effort profiles. The "right way" of doing things will be discovered through natural selection. If some idiot leaves all of their funds on an exchange like this, and it gets hacked, then good. That's how the market evolves and money moves out of the hands of the incompetent and into the competent. |
|
|
|
| ▲ | ProllyInfamous 4 days ago | parent | prev | next [-] |
| Multisignature wallets are the answer to this. Also helps spendthrifts (to require group concensus for bitcoin redemption). Of course, this doesn't help if you don't have trusted associates — and can be (even more) dangerous with multiple people responsible for crypto custody. Also helps if you have offline ("cold wallet") storage, which would require hours to importPrivKey and redeem. Slow them down... |
|
| ▲ | BehindTheMath 4 days ago | parent | prev | next [-] |
| https://xkcd.com/538/ |
|
| ▲ | bingboingbang 4 days ago | parent | prev [-] |
| There's a non-zero chance someone can just roll a new key and it happens to be yours, and poof, your money is gone with no recourse. It's a tiny, infinitesimal chance: but it's a heck of a lot greater of a chance than the same thing happening with a bank account, especially the "no recourse" part. |
| |
| ▲ | Jleagle 4 days ago | parent | next [-] | | I think you're misunderstanding how small the chance of creating the same wallet as someone else is. There are 2^256 wallets. There are 2^72 grains of sand on earth. The chance of your bank screwing up is a lot higher, by trillions. | |
| ▲ | vkou 4 days ago | parent | prev | next [-] | | Let's be realistic. I'm a huge critic of the cult of crypto, but the odds of a key collision are smaller than the odds of <some highly improbable series of mistakes/coincidences/malice happening that result in you losing your money in the traditional banking system>. The odds of a 'someone gets access to your account/wallet and instantly drains it with no recourse' are much higher in the crypto space, as the author of the post experienced. | |
| ▲ | beeflet 4 days ago | parent | prev [-] | | The odds of the bank making an error related to your account and crediting you money is far greater than the odds of generating the same keypair as someone else. |
|
