Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
Re: The police
by
Zaft
on 20/05/2011, 19:09:34 UTC
I work in network security, and some of us have been discussing this recently.

Because Bitcoins are traded anonymously, they will be extremely easy to steal once the malware community begins to take notice unless something is done to secure how we access Bitcoins. At the moment, we simply turn on the program and go. We can even rip them straight from the computer. There's a tutorial on this very website on how to rip your Bitcoins and back them up to DropBox. Obviously, there needs to be an additional layer of security. Files need to be secured with passwords, the program needs to require a password that CANNOT BE RETRIEVED (if it is retrievable, it is possible for an exploiter to remotely retrieve it) IF LOST, and everything needs to be encrypted.

Here's what I mean.

With programs like ZeuS and SpyEye, the former of which now available free to the public, and both of which are STILL not detectable by any of the current anti-virus programs, having unsecure "money" sitting on your computer is almost inviting somebody to come steal it. With a normal person, I have to wait for you to log on to your bank account, so I can then save your information, log in myself, transfer your money out to a money mule and have them transfer the money overseas where it won't be affected by U.S./international law. With Bitcoins, I just need to access your computer, send the BitCoins (which is, as Bitcoin often touts, anonymous), and I'm done. You can't call up your bank and have them protect you. You can't get insurance on your Bitcoins. You can't "freeze" your Bitcoin account (considering it's your computer I'm accessing, and not an actual account). You're just shit out of luck.





And to migrate back to the main topic at hand, good luck getting the police to help. First off, you have to be able to convince them that Bitcoins have real value. Anything under $20 of damage is, by law, not dealt with by the police/courts. Second, you'll need to find the person who took it. Since Bitcoins are transferred anonymously, that means you'd have to get a professional cryptographer to decrypt my ZeuS and find where I'm accessing you from. And then, after all of that, you have to hope that I still have your Bitcoins. Chances are, by the time you actually figure out what's happened, I've already sold them, or transferred them to somebody else.