http://www.coindesk.com/bitgo-update-expands-security-controls-for-consumers/
Multi-sig for individual users with BitGo. While regular folks may be slow to adopt it, I predict 2015 will see a marked drop in BTC losses among companies/exchanges/organizations as they migrate to multi-sig.
Couldn't happen too soon; an exchange I used up until a few weeks ago (Allcrypt) just announced their BTC wallet was emptied over the weekend. That's eerie because that's the 2nd time I've left an exchange shortly before it collapsed (Mintpal). And for that matter, I was able to profit in the chaos surrounding Cryptorush's end as well (lost $20 when it shut down, but profited several times that amount in the final day as people struggled to extract funds.)
Multi-sig for individual users with BitGo. While regular folks may be slow to adopt it, I predict 2015 will see a marked drop in BTC losses among companies/exchanges/organizations as they migrate to multi-sig.
Couldn't happen too soon; an exchange I used up until a few weeks ago (Allcrypt) just announced their BTC wallet was emptied over the weekend. That's eerie because that's the 2nd time I've left an exchange shortly before it collapsed (Mintpal). And for that matter, I was able to profit in the chaos surrounding Cryptorush's end as well (lost $20 when it shut down, but profited several times that amount in the final day as people struggled to extract funds.)
There should be a more secure 2fa on withdrawals and account activity for platforms. Phishing and other issues will result in a lot of users getting hacked potentially even with insurance, it costs the business significant amounts. Google 2fa/sms/authy are all text based and generated on a time seed which is vulnerable to multiple attack vectors, any time you use a text based 2fa it's like typing a private key in. I wish more exchanges would use clef... public/private key crypto with anti-phishing.
http://sakurity.com/blog/2015/03/15/authy_bypass.html/
Anyways, multi-sig should really be ubiquitous and I still don't understand why companies choose to keep all funds in one "hot wallet". It costs almost nothing to split funds amongst multiple wallets, and have distributed multi-sig keys. Sorry to hear you lost funds, I think this mass incompetence of putting all eggs in one basket with one key is ridiculous.
The main issue is that waiting for a withdrawal on an exchange is annoying and makes users worry. Without this mass hot wallet with direct access from the platform means wallets have to be cycled and requires more complex architecture. Simply put the small players don't have the staff or development to protect customers in the same manner, a wallet provider adding this feature is per user, and separate while an exchange is one wallet or a few wallets for everyone
