The cryptocurrency fintech startup Prime Trust lost the encryption key to its hardware wallet—and the recovery key—and therefore $38.9 million. It is now in bankruptcy.
I can’t understand why anyone thinks these technologies are a good idea.
Anonymous • September 6, 2023 7:49 AM
“I can’t understand why anyone thinks these technologies are a good idea.”
Maybe because the people are fed up with the current system that they are willing to undergo the risk rather than to submit to the corrupted system? Maybe they perceive that risk smaller than the risks they have to face from the corrupted system?
Centralized exchanges are prone to this kind of issues. Thanks to those issues the usage of atomic swaps and decentralized exchanges will increase.
Isn’t it chill? I am asking something else. Why would anyone use the centralized solutions that can lock you out of the life at will, censor you, deplatform you force you to use surveillance coins, if one can use that cool tech that doesn’t have those “features”?
xDSx • September 6, 2023 8:04 AM
We think these technologies are a good idea because the technologies we use otherwise are broken in such a way that we at the bottom are exploited, abused and at the merci of people and institution who do not care about us at all. Read up on the Cantillon effect, the fiat money system, the “fractual reserve” banking system and ask yourself why purchasing power declines all the time, essentially making those at the bottom poorer with each dollar the system “prints”. For a quick read, refer to “The Bitcoin Standard”, the first 6 or so chapter do not even speak about bitcoin at all but only explain how the current system has come about and why it is fundamentally broken. Well, maybe it is broken maybe it is doing exactly what it is supposed to do. Any yes, it is written by someone who actually knows what they aretalking about (professor of Economics at the Lebanese American University from 2009 to 2019 with a PhD in Sustainable Development from Columbia University, Masters in Development Management from the London School of Economics, and Bachelor in Mechanical Engineering from the American University of Beirut)
Peter Galbavy • September 6, 2023 8:04 AM
Looks like a great way to exfiltrate assets and shutdown an operation with very little come back. Nothing new though, retailers and others have been doing this for years.
iAPX • September 6, 2023 8:19 AM
Works the way it was intended.
As always people warning about the risks were ignored if not mocked.
Winter • September 6, 2023 8:29 AM
@xDSx
why purchasing power declines all the time,
Because wages have been stagnant since Reagan came to power (minimum wage decreased in real terms) but the economy has has doubled in real terms (GDP per Capita).
Republican policies in action!
Jon Payne • September 6, 2023 8:40 AM
Aren’t crypto currencies just a modern day ponzi scheme? Frankly, I like cash. It’s not electronic and can’t be tracked. If I give my mechanic a $100 Benji for fixing my car, nobody knows about except him and me. He might do the right thing and report it, and he might not. That’s on him.
Erdem Memisyazici • September 6, 2023 9:16 AM
I’m not sure why you would have a crypto start up if you also have not premined the heck out of it and had a massive quantum computer and a super computer to go alongside it for collisions and recovery. People don’t make their money from ads on this venture but rather control.
Clive Robinson • September 6, 2023 9:18 AM
@ Bruce,
Re : Crypto Cons
“I can’t understand why anyone thinks these technologies are a good idea.”
Maybe because you’ve found my fathers advice to me to be true.
He told me when I was young,
If you have the brains to commit the perfect crime, then you’ve enough brains to earn more money honestly
One of the failing in the US is the idea that anyone “can get rich quick” well simple mathmatics says otherwise, so what that says about the US education system I’ll leave to others to debate.
There are two ways to get rich quickly and without effort,
1, Improbability of chance.
2, Dishonest behaviour.
The first is actually the second in disguise. That is the people running games of chance take 20-60% for themselves…
Crypto currancy like NFT’s and what ever gets thought up next in a similar vein are a mixture of long and short cons and other criminal activities. If you are on the dishonest side and you can build up “idiot momentum” amoungst those who let their common sense get over ridden, then you can do very well “slicing off the top”.
If it was only those with more debt than sense getting harmed, then you could just shrug and say “evolution in action”. Unfortunately this is not the case, when you consider the power requirments carbon footprint and worse of crypto currancy and NFT’s not just in generating/mining but multiple storage of the block chain… You will find that the majority of the worlds population are being more than adversely effected.
The only “winers” in this game that are not totechnically criminals are those supplying the criminals.
I’ve mentioned this before, but if you’d invested in Nvidia or similar on which the mining rigs eyc were built then you would have made better than average returns.
From what has been said Nvidia are now the first trillion dollar semiconductor producer…
And they’ve already moved onto a new market “AI LLMs”… Only the US Gov want to put a crimp in this next “con game”.
It will be interesting to see how many crypto currency shills turn up and apologize for their past behaviours, but to be honest I don’t expect any unless they are carrying a begging bowl…
Erdem Memisyazici • September 6, 2023 9:52 AM
For reference, I don’t think I made this famous enough already, but NISTIR 8105 Table 1 clearly states that even the SHA-3 family is not safe from quantum logic gates and that larger outputs are needed.
That’s on top of always-a-zero-day hierarchy of broken hardware and software market we have today for all the clients.
I have not yet been told not to secure service to service traffic with HMACSHA512 tokens but I suspect that’s less than a decade away.
ramriot • September 6, 2023 9:58 AM
Seems to me anyone can make a simple operational security mistake that has greater or lesser consequences. Finding out that you lost the decryption key to your backups or that because of a config error they are useless following a crash can be career & company ending.
In this case & in light of the Ponzi like behaviour, I doubt the exact narrative presented & wonder if “the wallet event” was a vertent cash grab.
Mexaly • September 6, 2023 10:21 AM
Barnum claimed it was every minute.
Now that the population has grown,
it’s more like every six seconds.
Clive Robinson • September 6, 2023 10:26 AM
@ Erdem Memisyazici, ALL,
Re : Background hardware moving forward…
“…if you also have not premined the heck out of it and had a massive quantum computer and a super computer to go alongside it for collisions and recovery.
What’s the difference between a number of “mining rigs” and a “super computer”?
In many cases “not much”…
As for “Quantum Computers”(QC) maybe I’m getting old and jaded, but firstly they always appear to be thirty years away at best, and each step towards it makes the “destination” look smaller and smaller in real terms.
Likewise “Artificial Inteligence”(AI) I actually believe that currently we realy do not have a clue as to where the path to finding it is.
Yes we can keep throwing money at hardware, but mostly that has a flip side. Whilst it does not do much for QC or AI the spin-offs are bringing what you might call conventional or consumer computing up at a much faster rate…
Which makes the need for QC and AI even more niche…
AlanS • September 6, 2023 10:46 AM
@Clive
I am surprised that someone who appears to live in the UK doesn’t have a third option: Having the right connections.
Emily Stark • September 6, 2023 11:14 AM
@ Erdem Memisyazici,
For reference, I don’t think I made this famous enough already, but NISTIR 8105 Table 1 clearly states that even the SHA-3 family is not safe from quantum logic gates and that larger outputs are needed.
That table’s not clear at all, in that it uses the relative term “larger” without saying what’s being compared (and, similarly, talks about “large-scale” quantum computers without defining any cutoff from, for example, “small-” or “medium-scale”). Presumably as a result, you’ve misinterpreted it.
I guess they mean that quantum-security requires a longer hash than would be required for classical-security. Both SHA-2 and SHA-3 define sufficient algorithms. Actually, neither seems to define any vulnerable algorithms: the minimum hash length is 224 bits, giving 112-bit security. (So, am I missing something? That seems large enough, so why does NIST say “larger output needed”?)
See, for example:
I see no reason to think that the SHA2-256 hash used by Bitcoin is a weak point. The public-key crypto is; the generally terrible state of computer security is; and, of course, the fact that most of the companies involved in the ecosystem are incompetent and/or criminal.
Why does anyone think it’s a good idea? Well, some people seem to be getting rich off it, and we haven’t caught most of them (so, from their point of view, it was “good”). I used to be rather hopeful about cryptocurrency being a “stealth” security bounty program, to incentivize computer security (whether or not this was intended). But I suspect this whole thing might peter out before giving us a useful generalized result. Instead of new secure systems, we’re mostly getting old computers repackaged in miniature form with no network connections (“hardware wallets”).
Ray Dillinger • September 6, 2023 11:47 AM
This incident is likely not a cash grab; if the block chain is public, one cannot “find” the keys again to actually spend the assets without creating clear evidence that it has been found. The people who the assets are owed to would see you selling them and cry ‘foul,’ and then there’d be people with guns knocking on the door.
The cynic in me says, this is likely an attempted cash grab where the cash through some idiotic mischance somehow wound up dumped into an incinerator rather than in any spendable form.
What is the economic effect of these hallucinatory losses though? It’s not like any infrastructure, goods, real estate, or production capacity has been harmed. All that has happened is that a bunch of people who had putative control of these things via “wealth” in a form divorced from any such meaningful asset, now have less.
So is this just like burning a giant pile of cash, where all that really happened is that everybody else in the world is now slightly more wealthy in practical terms?
ATN • September 6, 2023 12:01 PM
Looks to me the perfect retirement plan from someone/few people inside that company:
If you have “the state of Nevada filed to seize control of the company because it was near insolvency”, you just claim you have lost all control of your wallet because you are dumb, and 5 years later you can enjoy a very nice retirement.
AL • September 6, 2023 12:03 PM
Like a lot of things in life, these technologies are seen as a lesser evil compared to something called “quantitative easing” (QE), where central banks create (“print”) new money, give it to the government to spend, and pretend that this is borrowing.
Here’s the money they’ve printed up so far.
https://fred.stlouisfed.org/series/RESPPANWW
With their backs against the wall, they’re trying to unwind QE. If they fail, and particularly if that chart starts hitting new highs, crypto currencies or something else are going to start looking real good.
Erdem Memisyazici • September 6, 2023 12:04 PM
@Emily Stark
So, am I missing something?
Yes. So am I at this time but that would be a lack of complete understanding of quantum logic gates. It’s a cost issue at best. Will get cheaper in a few years.
Clive Robinson • September 6, 2023 12:57 PM
@ AlanS,
Re :
“I am surprised that someone who appears to live in the UK doesn’t have a third option: Having the right connections.”
Two points to note,
1, It’s not just the UK by any means.
2, I don’t know about other people but those sorts of “right connections” I call “dishonest connections”.
Have I ever used “connections” yes all the good jobs bar two I’ve ever had are because friends said “you should go for it” or dropped my C.V. On their boss not “human remains” and I fitted in comfortably.
However our host @Bruce once told me off for my rather dim view of HR people, so I won’t go there. But I suspect more than one or two reading along are thinking thoughts that would not be strictly legal if voiced even with the right to free speech 😉
lurker • September 6, 2023 1:24 PM
@Bruce
“I can’t understand why anyone thinks these technologies are a good idea.”
In the single sentence above that you mention two technologies: “fintech” and “encryption”. Are you saying both of these are bad ideas?
Back in the day I lost two encrypted disks, a few years apart, from bitrot or somesuch. The password was written down on the advice of the resident graybeard, and not lost. Since then I’ve been leery of full-disk encryption. Documents that need it, yes; but invite lockout from your bootable system disk, no.
Anonymous • September 6, 2023 2:02 PM
@xDSx
We think these technologies are a good idea because the technologies we use otherwise are broken in such a way that we at the bottom are exploited, abused and at the merci of people and institution who do not care about us at all.
The flaw in your argument is that you seem to think the people exploiting the existing financial system are not also exploiting the crypto system in the exact same way.
As George Carlin once said, “it’s a big club, and you ain’t in it.”
this guy • September 6, 2023 2:03 PM
@Bruce
I can’t understand why anyone thinks these technologies are a good idea.
I guess: greed.
LeeHamm • September 6, 2023 2:04 PM
Slightly off topic but worth a mention…
Liberty Safe is illustrating a great argument for not having a back door in data encryption. Lots of physical safe owners are now wondering if their safes also have a back door, available to the FBI or other bad guys.
Emily Stark • September 6, 2023 2:17 PM
@ Erdem Memisyazici,
quantum logic gates. It’s a cost issue at best. Will get cheaper in a few years.
The papers are already based on hypothetical quantum computers much better than the current ones. Quoting Amy et al.: “Improving any of the issues listed above will certainly result in a better estimate and a lower number of operations[; however,] the decrease in the number of bits of security will likely be limited.” (Well, obviously it’s limited in the literal sense—a 140-bit security level can’t be reduced by more than 140 bits—so they must mean something like “small, in relation to the total number of bits.”)
A computation on the order of 2^140 or 2^150 cycles is unlikely to be feasible before the year 2100, under even the most optimistic estimates. If these hash attacks ever becomes practical, it’ll probably be long after every public ECDSA key is cracked. And, of course, if 256-bit hashes ever start looking weak, we can switch to the existing 384- or 512-bit ones that have already been defined. I don’t think this is where the surprises will come from.
Anonymous • September 6, 2023 2:48 PM
This is why crypto will never replace the traditional financial system. Users want and need failsafes, not this crap where losing a USB drive means you lose your life savings. That is not a viable system.
Clive Robinson • September 6, 2023 3:42 PM
@ LeeHamm, ALL,
“Lots of physical safe owners are now wondering if their safes also have a back door, available to the FBI or other bad guys.”
If it’s an electronic lock almost certainly, and if a physical lock “weak points” in the design.
This is norhing new, and it’s both a legal and safety requirment going back more than a century.
Have a think back on the Apple v. FBI / DoJ a few years back. The case got dropped by the FBI / DoJ when three things became clear,
1, Apple would fight every which way till hell froze over, and then some. Which as they made it clear to certain politicians Apple moving completely “Off Shore” and would not ever employ US Personnel again nor give the usual kick backs etc was a bit of an alarm.
2, Apple’s legal argument was gaining traction against the FBI / DoJ.
3, The FBI to avoide adverse case law found an excuse to drop the case.
In short the FBI and DoJ want nothing but “token security” which unfortunately in the case of both physical and electronic locked safes is all to easy to find out as Mossad demonstrate on a regular basis. Worse the FBI / DoJ want it without “legal oversight”…
With physical systems it’s near impossible to not “release the secret sauce recipe” as the tool marks will remain on the evidencence and legally have to be documentd in the chain of evidence.
So there is little or nothing “Liberty Safe” could do because such “back doors” are there for “safety reasons” so can not be argued away as Apple did.
vas pup • September 6, 2023 5:16 PM
Tag – encryption.
Government denies U-turn on encrypted messaging row
https://www.bbc.com/news/technology-6716502
“There has been a stand-off between the UK government and tech firms over a clause in
the Online Safety Bill relating to encrypted messages.
These are messages that can only be seen by the sender and recipient. The Bill states that if there are concerns about child abuse content, tech companies might have to access it.
!!!But platforms like WhatsApp, Signal and iMessage say they cannot access or view
anybody’s messages without destroying existing privacy protections for all users, and have threatened to leave the UK rather than compromise message security.
The debate has raged for several months and for some it has turned into an argument about privacy versus the protection of children. The government insists it is possible to have both.
!!!The government has denied that its position has changed. In a statement in the House of Lords, the minister, Lord Parkinson, clarified that if the technology to access messages without breaking their security did not exist, then Ofcom would have the power to ask companies to develop the ability to identify and remove illegal child sexual
abuse content on their platforms.
Indeed, the Bill already stated that the regulator Ofcom would only ask tech firms to access messages once “feasible technology” had been developed which would specifically only target child abuse content and not break encryption.
=>The government has tasked tech firms with inventing these tools. “As has always been the case, as a last resort, on a case-by-case basis and only when stringent privacy safeguards have been met, [the Bill] will enable Ofcom to direct companies to either use, or make best efforts to develop or source, technology to identify and remove illegal child sexual abuse content – which we know can be developed,” said a government spokesperson.
!!!Some security experts suggest such tech tools may never exist, and the tech firms
themselves say it is not possible.
Head of WhatsApp, Will Cathcart, posted on X Wednesday that “the fact remains that
scanning everyone’s messages would destroy privacy as we know it”.
Meredith Whittaker, president of encrypted messaging app Signal, has previously said =>it was “magical thinking” to believe we can have privacy “but only for the good guys”.
She told the BBC that the firm welcomed the latest clarification which was “a good
start to incorporating the voices of human rights defenders into the final stages.
Prof Ciaran Martin, former head of the National Cyber Security Centre, said in reaction to the minister’s clarification that in practical terms this meant the powers to access private messages would not be deployed: “The government is still technically taking the power but is =>placing so many conditions on its use it cannot to my mind ever be used.”
Another view is that this is an attempt at a last-minute diplomatic resolution in which neither the tech firms nor the government lose face: the government says it knew all along that the tech did not exist and removes immediate pressure from the tech firms to invent it, and the tech firms claim a victory for privacy.
!!!Currently, the two most viable tech solutions are
=>to either break the encryption – which would leave a backdoor open to any bad actors who found it –
=>or introduce software which scans content on a device. It is called client-side scanning and has been dubbed “the spy in your pocket” by critics.”
GuessWho • September 6, 2023 5:39 PM
Ridiculous that they were named “Prime Trust”. Although, maybe that was part of the con.
Wouldn’t surprise me if the keys are eventually found, some time after completion of the bankruptcy and without much public fanfare.
@Clive
One of the failing in the US is the idea that anyone “can get rich quick” well simple mathmatics says otherwise, so what that says about the US education system I’ll leave to others to debate.
The entire U.S. “land of opportunity” idea and all the selling of lottery tickets all fuel the same mentality…i.e. ignoring the evidence of how “well” others have fared and imagining that somehow I will make it. For example, USA has a huge amount of homeless and working poor but yet we have people coming here from other countries thinking it will be different for them.
All in the name of hope.
William • September 6, 2023 5:59 PM
Cryptocurrency is the answer to the polluting automobiles we thought was a solution to something, I think it was an old lady who swallowed a fly…
A crypto-mining company in Pennsylvania is seeking to burn tires to produce bitcoin, prompting an outcry from residents and environmental groups.
Stronghold Digital Mining says it is repurposing waste materials, while opponents worry about the risks of emissions to human health.
https://www.theguardian.com/us-news/2023/aug/31/bitcoin-mining-plan-pennsylvania-tire-burning
JT • September 6, 2023 6:37 PM
The people blaming this all on crypto and forgetting that the same thing can happen with real cash.
It has been said the at one time the South American drugs lords had so much raw cash coming in that they could not get it all moving into the real banking system. So they buried large amounts. I’m sure it was wrapped in plastic or something they thought would protect it. However they didn’t know that US cash, made of cotton based paper will rot over time.
You can lose real money to rot, fire, even termites love green backs.
Erdem Memisyazici • September 6, 2023 7:06 PM
@Emily Stark
I will go by the NIST estimate on that one.
Blaziken • September 6, 2023 8:19 PM
@JT
Re: forgetting that the same thing can happen with real cash.
I’d be just as critical of a fintech startup which stored all of the investments as “real cash”. This isn’t about crypto vs. cash.
Erdem Memisyazici • September 6, 2023 8:34 PM
@Clive Robinson
Which makes the need for QC and AI even more niche…
I suspect you’re not considering all-optical computation part of QC. There are all-optical routers in use today in networking and I doubt that trend is going to stop coming into consumer electronics.
There is a need for generating keys at lightspeed as well as bruteforcing them with all-optical computation and the way I see it simply the wavelengths will get shorter in time.
Who knows if that may push us to an era where we look for spacetime bending technology to beat keys changing at those speeds. Probably, but that’s definitely not anytime soon.
Emily Stark • September 6, 2023 8:37 PM
@ Erdem Memisyazici,
What NIST estimate are you referring to? The document you mentioned, NISTIR 8105 (from April 2016), says “There is not yet a consensus view on what key lengths will provide acceptable levels of security against quantum attacks. For symmetric key systems, one simple heuristic is to double the key lengths to compensate for the quadratic speedup achieved by Grover’s algorithm. But this recommendation may be overly conservative, as quantum computing hardware will likely be more expensive to build than classical hardware. At the same time, this recommendation does not take into account the possibility of more sophisticated quantum attacks. Our understanding of quantum cryptanalysis remains rather limited, and more research in this area is urgently needed.”
That document refers to NIST SP 800-57 Part 1, which gives no specific projections except that 112-bit security is insufficient for “2031 and Beyond” and 128-bit security is acceptable. As noted in 8105, those don’t account for quantum computers and should (probably) be doubled—which suggests that NIST sees no need for hashes longer than 512 bits (per table 3, the existing 512-bit functions have 256-bit classical security against collisions), or symmetric cipher keys longer than 256 bits.
But NIST have published a lot of documents. If you know of more recent or specific estimates regarding the post-quantum security of hashes and symmetric ciphers, I’d be interested to see them.
Erdem Memisyazici • September 6, 2023 8:53 PM
@Emily Stark
There is a book called Mind at Light Speed: A New Kind of Intelligence by David D. Nolte who is the Purcell Distinguished Professor of Physics and Astronomy at Purdue University. In his book you may read about the more recent advancements in machines that eliminate the need to convert optical information to electrical and back. AT&T appears to be one of the companies who have already implemented a device that does routing at the limits of the mass energy exchange rate.
All you really need for computation is wave propogation and for reliable computers a medium where the waves travel unimpeded. You can (for fun) make a computer from waves made on a superfluid for example but it would not be made for speed.
The lightspeed trend is in use and advancing in multiple industries. I wouldn’t doubt the NIST estimate of 2030s, those guys get to work with the best minds at work in academia worldwide.
A computer isn’t the next chip version to run your traditional OS.
Dave • September 6, 2023 8:53 PM
That court filing is an extremely long-winded way to say “rugpull”.
Chris Becke • September 7, 2023 2:19 AM
The ridiculous thing is they wrote down the password, but lost it. I mean it was a piece of laser etched steel not a piece of paper, but still, how did it not end up in a safe?
And if they were remotely competent, given the value of this thing, they would have made like 5 keys, any 3 of which could recover the password.
denton scratch • September 7, 2023 3:21 AM
And if they were remotely competent, given the value of this thing, they would have made like 5 keys, any 3 of which could recover the password.
They say they had a 3-of-5 multisignature hardware wallet, which signatories could access using these hardware devices. 32 pages of submission, and there’s nary a word about how the hardware devices all got lost. But not to worry; they’ve got a recovery seed-phrase, engraved on 5 titanium rods or whatever.
But they’ve lost all those too? Really?
OK, so there was “only” 30 million or so in the missing wallet. Apparently these guys were fine making massive losses on trades for several years, hundreds of millions. Isn’t this just another loss?
My reading is that the loss of the wallet is the reason Nevada revoked their Trust status, and appointed a receiver. But it’s not very clear.
Chris Becke • September 7, 2023 3:48 AM
Im guessing they went to a conference and gave them away as keychains.
Sean • September 7, 2023 3:59 AM
Well ,looks like they forgot the number one mantra for security, have both a backup, and an off site backup, and most importantly a backup that has been verified that it works.
Clive Robinson • September 7, 2023 7:08 AM
@ Erdem Memisyazici,
Re : Quantum Computing is niche and almost certainly will remain so.
People talk as though “Quantum Computing”(QC) is some magic solution to the worlds computing problems. The bad news is it’s not currently nor as far as we can see is it likely to be with the ways we currently do things. The QC algorithms in the main are not offering a great deal except in very niche applications. In the more general cases engineers are findong ways to get performance improvments at least as good on a cost/performance basis, and the “big problem” facing us is actually those writing code can not think in the right way.
“I suspect you’re not considering all-optical computation part of QC. There are all-optical routers in use today in networking and I doubt that trend is going to stop coming into consumer electronics.”
Optical computation is just another
“Make the car go faster tail foil, it does not however make the car fly.”
The real limits in computation are distance and complexity as held in place by the laws of physics.
The speed of light limits what can be done in a given linear distance and complexity limits what can be done in a given volume for the same reason.
Few realise that the biggest bottle neck on general computing is currently maths, and “carry propagation” solving this is not something that is going to work in a “general way” and going from 32bit to 64 or 128 bit integer widths is not making things any easier. The at best “half way house” solution currently is something that goes back to the ideas of Seymour Cray and it’s to do tiny things in parallel. In effect that is what GPUs do and why they are such a hot subject they are being looked at as “strategic weapons” and will get rather more than the ITAR treatment (which is actually detrimental in more ways than most currently consider).
It’s why “hardware algorithms” are being investigated and FPGA’s are in effect getting bolted on top of CPU’s for between five and several hundred times speed increase.
But the current apparent limit on clock speed is not the few Giga Hertz we currently see on general CPUs but getting up in the multiple decades of Giga Hertz and higher. But the problem is clock skew, the way to solve this is the notion of serial hardware programing which you can do with FPGAs but not general CPUs.
Each of these steps makes QC more and more niche in terms of what use it might potentially be in a half century or so.
I know my viewpoint on QC is not going to be popular with one or two people who read and occasionaly comment here, but they are entitled to their “science” viewpoint and I’ll stick with my “engineering” viewpoint. Each will take precedence at some point, but to be honest I don’t think we are likely to be around to see what finally drops out.
But realistically for QC to be of real general use, it needs to work at getting on for 200C not a fraction of a degree above the so called absolute zero…
Clive Robinson • September 7, 2023 7:35 AM
@ Sean,
“Well ,looks like they forgot the number one mantra for security, have both a backup, and an off site backup, and most importantly a backup that has been verified that it works.”
The number one mantra is,
“Don’t lock yourself out”
In ITCsec we tend to get off on numbers, that is,
“It will take more than four times the age of the universe to crack this…”
Real everyday physical world high security is based on other considerations and there the general rule is,
“Delay untill the guys with guns and a bad attitude turn up to clean up”
If they had 30million in cash, gold bars, precious stones etc, they would just have slung them in one or more bank vaults.
But no they were getting off on the “Techno-Bro” dream of security beyond the Government and even common sense…
So for what ever reason they claim they’ve locked themselves out. Yup a duller than duck-crap excuse which sounds like “the dog ate my homework” but has the advantage of being unprovable one way or the other…
What’s the betting that at some point in the future, when things get “written-off” somebody goes to a Swiss Clinic where some hypnotist enables them to remember what they saw laser etched on a bit of stainless?..
Clive Robinson • September 7, 2023 9:52 AM
@ Erdem Memisyazici, ALL,
Today The Register associated “The Next Platform” published an analysis on the financial considerations in Quantum Computing development issued by variois organisations.
The point to note from it is,
“… but it also shows you that expected revenues generated from quantum computing will not cover investment costs.”
This means that like “High Performance Computing”(HPC), it will have to be funded almost exclusively by a very niche set of customers with both a need and very deep pockets that usually only come via the tax payer…
Anyway have a read of,
“JUST HOW BIG – OR SMALL – IS THE QUANTUM COMPUTING RACKET?”
https://www.nextplatform.com/2023/09/06/just-how-big-or-small-is-the-quantum-computing-racket/
[1] From IBM on “High Performance Computing”(HPC),
“HPC is technology that uses clusters of powerful processors, working in parallel, to process massive multi-dimensional datasets (big data) and solve complex problems at extremely high speeds. HPC systems typically perform at speeds more than one million times faster than the fastest commodity desktop, laptop or server systems.”
MarkH • September 9, 2023 7:33 PM
@Erdem Memisyazici, all:
If you take nothing else from this blog: quantum computers won’t solve hard problems instantly by just trying all solutions in parallel.
… from Scott Aaronson’s blog.
Useful QCs are like extraterrestrial life: never yet confirmed to exist, so we can imagine whatever we like!
vas pup • September 10, 2023 7:04 PM
From MIT on subject:
https://www.technologyreview.com/2023/08/23/1077693/crypto-foul-play/
“The world of online misdeeds is an eerie biome, crawling with Bored Apes, Fancy Bears, Shiba Inu coins, self-replicating viruses, and whales. But the behavior driving fraud, hacks, and scams on the internet has always been familiar and very human. New technologies change little about the fact that illegal operations exist because some people are willing to act illegally and others fall for the stories they tell.
To wit: Crypto speculation looks a lot like online sports betting, which looks like offline sports betting; cyber hacking resembles classic espionage; spear phishers recall flesh-and-blood con artists. The perpetrators of these crimes lure victims with well-worn appeals to faith and promises of financial reward. In Fancy Bear Goes Phishing, Yale law professor Scott Shapiro argues that
!!!technological solutions can’t solve the problem because they can’t force people to
play nice online.
=>The best ways to protect ourselves from online tricks are social—public policies,
legal and business incentives, and cultural shifts.
For Hundreds, NFTs have value as cultural artifacts, and he’s not convinced that their time should be over (although he acknowledges that between 2019 and the writing of his book, more than $100 million worth of NFTs have been stolen, mostly through phishing scams). “Whether or not NFTs are a scam poses a philosophical question that wanders into moral judgments and cultural practices around free enterprise, mercantilism, and
materialism,” he writes.
To articulate how internet crime comes to be, Shapiro offers a new paradigm for the
relationship between humanity and technology. He labels technical computer code “downcode” and calls everything human surrounding and driving it “upcode.” From “the inner operations of the human brain” to “the outer social, political, and institutional forces that define the world,” upcode is the teeming ecosystem of humans and human systems behind the curtain of technology.
!!!Shapiro argues that upcode is responsible for all of technology’s impacts—positive and negative—and downcode is only its product.
=>Technical tools like the block-chain, firewalls, or two-factor authentication may be implemented as efforts to ensure safety online, but they cannot address the root causes upstream. For any technologist or crypto enthusiast who believes computer code to be law and sees human error as an annoying hiccup, this idea may be disconcerting.
!!! But crime begins and ends with humans, Shapiro argues, so upcode is where we must
focus both our blame for the problem and our efforts to improve online safety.
Constructing downcode guardrails to allow in only “good” intentions won’t solve online crime because bad acts are not so easily dismissed as the work of bad actors. The people who perpetrate scams, fraud, and hacks—or even participate in the systems around it, like speculative markets—often subscribe to a moral rubric as they act illegally.
In Fancy Bear, Shapiro cites the seminal research of Sarah Gordon, the first to
investigate the psychology of people who wrote computer viruses when this malware first popped up in the 1990s. Of the 64 respondents to her global survey, all but one had developmentally appropriate moral reasoning based on ethics, according to a framework created by the psychologist Lawrence Kohlberg: that is,
=>these virus writers made decisions based on a sense of right and wrong. More recent
research from Alice Hutchings, the director of the University of Cambridge’s Cybercrime Centre, also found !!! hackers as a group to be “moral agents, possessing a sense of justice, purpose, and identity.”
The definition of crime is also upcode, shaped by social contracts as well as legal ones.
!!!“If we are committing serious crimes like fraud,” he speculates, “it is crucially important that we find ways to justify our behavior to others and crucially, to ourselves.” While this rationalization certainly doesn’t excuse any crimes, it explains how people can perpetrate eye-boggling fraud again and again, even inventing new ways to scam. The human upcode that makes each of us see ourselves as the protagonist of our story is powerful, even and maybe especially when billions of dollars are at stake.
“The human mind is riddled with upcode that causes us to make biased predictions and irrational choices,” Shapiro writes. =>Take the “representativeness heuristic,” which leads us to judge something by how much it resembles an existing mental image—even if that may lead us to overlook crucial information. If an animal looks like a duck and quacks like a duck, the representativeness heuristic tells us it can swim. Phishing scams rely on this rush to pattern matching. For example, Fancy Bear, the titular Russian hacking group of Shapiro’s book, used a visually and tonally convincing message to attempt to hack into Hillary Clinton campaign staffers’ email accounts in 2016. It worked.
!!!!Also coming into play for scams, fraud, and hacks are the “availability heuristic,” which leads us to remember =>sensational events regardless of their frequency, and the “affect heuristic,” which leads us to emphasize our feelings about a decision over the facts, inflating “our expectations about outcomes we like”—such as winning a huge payout on a gamble.
The marketing pitch of communal faith and reward, the enticement to join a winning team, feeds a human social instinct—especially as more offline modes of connection are faltering.
Beyond money, “we’re just as motivated by identity and community (or its upside-down
cousin, tribalism),” writes Hundreds, “and the most fervent contemporary movements and trends masterfully meld them all together. The only thing that feels as good as getting rich is doing so by =>rallying around an impassioned cause with a band of like-minded friends.”
=>Technological innovation does not change our fundamental behavior as humans, but
technology has brought speed and spread to the gambling table. A single perpetrator can reach more victims faster now that the global world is connected.
For Shapiro, effectively addressing online fraud, hacks, and scams requires political, economic, and social shifts such as creating incentives for businesses to protect customers and penalties for data breaches, supporting potential hackers in finding community outside of crime, and developing government and legal policies to prevent illicit payment through mechanisms like crypto-currencies.
Shapiro admits that shifting upcode this way will likely take generations, but the work has already started. The SEC’s recent moves against crypto exchanges are promising steps, as are the FTC’s public warnings against scammy AI claims and generative AI fraud. Growing public awareness about the importance of data privacy and security will help too. But while some humans are working on evolving our social systems, others will continue to hunt online for other people’s money. In our lifetimes, fraud, hacks, and
scams will likely always find a home on the internet. But being aware of the upcode all around us may help us find safer paths through the online jungle. “
Laurent Debacker • September 15, 2023 3:49 AM
The reasoning of people who don’t want to trust the “government” is strange…
Using Bitcoin, you can’t just give your wallet ID to your contacts to receive payments, because anyone can see all transfers between all accounts.
Also, you can’t just put coins on one wallet hosted by one exchange… See what happened to FTX, Mt Gox, etc. No guarantees, just gone. So you to learn to transfer your tokens, holds backups, etc, etc
Fees on many exchanges are ridiculous.
Using Cash? You can always give money hand to hand for free, no question asked. Your colleagues won’t know your bank balance because you gave them your account ID. Your account is guaranteed up to some amount in many countries. So you just open an account in two banks in case one bank goes belly up. If you don’t fully trust the policies of your government, you can always hold multiple currencies, and also open accounts in different countries.
If people want to play roulette with Bitcoin, this is fine, but we should make sure that regular taxpayers are not losing a penny on compensations to people who lost Bitcoins.
Bryan Yute • September 16, 2023 2:42 AM
Go file an email complaint to ( support (@) deftrecoup (.) com ) to know your chances of getting back your loss to any scam. Get your finances and sanity restored.
PS. This is not an advert, they helped me on a different case but they are credible.
Wow • September 29, 2023 10:22 AM
I can’t believe how many people dom’t understand crypto and feel the need to give their opinion. This is the same as complaining that knives are dangerous and stupid because murderers use knives…..
I swear sometimes I feel like the smartest people are the dumbest.
1&1!=2 • September 29, 2023 12:42 PM
@Wow:
“I swear sometimes I feel like the smartest people are the dumbest.”
And what exactly are you trying to say with,
“I can’t believe how many people dom’t understand crypto and feel the need to give their opinion.”
Or are we to assume you are one of the ‘smartest people’ you refer to?
HALLMARK E. • January 29, 2024 6:54 AM
i lost my hard-earned Bitcoins ,it was stolen due negligence in use of public computer without a virtual private network (VPN), few information got exposed without my knowledge, i lost $29,800 .my financial stability was hanging by a thread. I was devastated and didn’t know where to turn. But since crypto is still new,There is also no protection or insurance for lost or stolen cryptocurrencies, during a research thoroughly for about four hours I came across a (website /Generationxweenie@gmail .Com ) they promise to recover my coins, out of curiosity I hired them and the result was amazingly wonderful.I am one of the few lucky who got my wallet retrieved under their watch. it’s not just their technical prowess that sets them apart; it’s their compassion and understanding. They stood by me through the entire process, answering my countless questions.i just got my first Tesla with the recovered coins.
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Ted • September 6, 2023 7:46 AM
Every interim CEO of a bankrupt cryptocurrency company should have a degree in Rhetoric.