Bitcoin bank Flexcoin closes after hack attack

LeafCutter · March 4, 2014, 12:55pm

Bank admits it does not have resources to cover loss of 896 bitcoin worth £365,000 stolen in raid.

http://www.theguardian.com/technology/2014/mar/04/bitcoin-bank-flexcoin-closes-after-hack-attack

LeafCutter

Fuzzybear · March 4, 2014, 1:47pm

Sad to hear this but please everyone be careful where u keep your bitcoins and peercoins, if u leave it on a site then u can loose them and have no recourse to get them back.

Best keep them in a wallet u control and put small amounts on the exchanges.

Fuzzybear

Sent from my HTC Desire using Tapatalk 2

nox · March 4, 2014, 5:15pm

+1 for Fuzzy’s advice!

Also keeping small amounts on an exchange, prevents you from trading when you shouldn’t (i.e. Reacting to a market, fear of missing out and drunk).

Ben · March 4, 2014, 5:58pm

I’ve made and lost money on that last one… but usually lost.

bhldev · March 5, 2014, 8:42am

Web security is a thousand times more complicated than even seasoned programmers think. Security is a special subfield of IT and you won’t be getting a security expert without paying at least $100k / year and even after that he could be defeated by a kid with too much time on his hands. Most programmers just ignore security in favor of quick development time or just don’t know any better. Security is always a cost-benefit analysis. For example you could store passwords in plain text and have them easily accessible or retrievable but completely vulnerable. If you encrypt the passwords then it’s two way (you can decrypt them) but with a certain amount of overhead. If you hash passwords then it’s one way but if the user ever forgets the password then it can’t be recovered. So it’s no shock that a small Internet startup strapped for cash would take the easier road on security issues. They definitely cannot afford security experts, nor would generic joe blow programmer have the experience or expertise. It’s not even an issue of money but experience. Vault of Satoshi has former securities exchange programmers. Joe blow startup with joe blow programmer wouldn’t.

However all that should be irrelevant. “No chargebacks” is a feature of all crypto and also a curse. Contrary to libertarian beliefs, the financial system doesn’t exist to rob the common man blind, but to fight money laundering, tax evasion and leave a paper trail. So even if you know absolutely nothing about programming and the web, if you knew your stuff about crypto you would know anyone with your coin can walk away with it at any time, hackers or no hackers. So the owners of a wallet startup with your lifesavings could walk away with all their coin to Sibera and say they were “hacked”. And why not with millions or hundreds of millions? If the company is lax with their internal security joe blow they hired for a few months could steal everything with little to no risk of criminal prosecution.

So the most important thing about choosing an online wallet is to know the identities, background and experience of the core developers. The next is to understand you are dangling a carrot in front of them with enough money for life.