Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Archival
Re: The Bank of Bitcoin- The World's Most Secure Bitcoin Service- Unhackable!
by
TheBankofBitcoin.com
on 03/06/2013, 02:57:35 UTC
I want to say that I really do appreciate all those with well thought out constructive criticism, as opposed to those who glibly remark "nothing is unhackable" or similar comments.  I will say, however, that every comment (even those which might be considered to be "glib negativity") does offer a learning opportunity, and I do try to make the best of these opportunities.  So, I thank you all for your comments, whether I regard them as positive or negative.

I have stated over and over that it is our Paper Vaults, created using client-side javascript on the user's own computer, which are unhackable.  When these Paper Vaults are properly created and printed they are unhackable.  I am not saying that our site itself is unhackable, because it would be absurd to make that claim about any site, whether it is ours or more long-established sites such as bitaddress.org, or whatever. 

The reason for having our "Active Storage" at all rather than simply doing everything through our Paper Vaults is because we do have plans for additional services to be rolled out in the future, and Paper Vaults simply do not provide the necessary flexibility.  For example, we have already announced that we are planning to introduce Merchant Services very soon.  This will allow us to generate a unique Bitcoin Address each time a purchase is made from a vendor, rather than simply sending Bitcoins to the same Paper Vault address each time a purchase is made.  The purpose for this is, among other things, to provide a greater level of anonymity and privacy regarding a vendor's Bitcoin income.

We also have certain other services planned further out which would also rely upon the Active Accounts.  For now, however, I would like to mention that whenever someone Active Storage balance goes above a certain threshold we send an email to the Account Holder informing him or her that moving Bitcoins into a Paper Vault would be the safest way of storing large quantities of Bitcoins, and that only Bitcoins intended to be spent relatively soon should be kept in Active Storage.  This is done for two reasons: 1) to avoid large losses to our user's in the event that our site were hacked, and 2) to make our site a low-value target to hackers - in other words go hack someone like MtGox (or whomever) who actually HAS large quantities of Bitcoins on their server.

Also, about the word "Bank" in our web-service: No we are not a legally registered bank, but then again we are NOT storing or dealing in legal currency, but in Bitcoins.  This is an important legal distinction.  Also, "The Bank of Bitcoin" is not the name of a legal corporate entity, but the name of a website/web-service; another important legal distinction.

I would further like to state that it would be next to impossible to actually tell who is or is not checking the md5 hash of our Paper Wallet pages.  Let's not forget that typing in a long Bitcoin Address and Private Key can take some time, which can vary greatly from person to person, or even vary greatly for the same person on different visits.  It is far quicker to check the md5 hash than to type in the Address and Private Key, and because of this it is impossible to know when someone is checking the md5 hash.  I do understand and appreciate the high level of caution regarding Bitcoin security and am open to any workable suggestions that would fit into our business model.

Again, thanks for all your comments.