Bitcoins and Geek Security = ?

nospam@example.com (Junaid Loonat) — Fri, 01 Jul 2011 21:47:00 +0200

Many tech-savvy geeks over-engineer the simplest of solutions, solely for extensibility.
Moreover, security-minded geeks tend to be unusually paranoid and enforce (sometimes complex) security practices accordingly.
Neither of these should be seen as faults, but rather as unique traits that us (as geeks) often share.

Bitcoin, the first P2P crypto-currency, has gained much popularity in recent months with its value reaching a peak of over $30 on one of its supporting money exchanges.
Being supported mostly by geeks, it's not surprising that a number of e-businesses and services have been established to support the virtual currency.
As expected, there have already been a number of breaches by malicious users seeking some Bitcoin booty.
Although the cryptography behind Bitcoin is interesting, I find the behavior of the Bitcoin community more fascinating.
This is especially concerning security and privacy matters.

As a penetration tester, I regularly assess applications/infrastructure with direct contact to real-life currency e.g. online personal/business banking solutions.
Furthermore, having also worked on (fraud) forensic investigations, I have a good understanding of the average banking client.
With this in mind and after comparing the attitudes of my other non-security-aware geek friends, I find it truly inspiring the manner in which most Bitcoin community members have a burning desire to ensure that their (Bitcoin) wallets are kept safe from theft.

The forums showcase some of the proposed ideas that, while not always practical or effective, illustrate how far a member would go to ensure that earnings are not stolen. Below are a few threads, in no particular order, that I found interesting:

Bitcoin Stock Exchange Security Standards (... it's like the start of a Bitcoin PCI-type standard)
Swapping Wallets for Increased Anonymity
Secret keys could be memorizable
How I manage and protect my wallets
HOWTO: have a safe BTC storage w/o - encryption, backups, or a clean computer!
Idea for a hardware-based Bitcoin savings account (... my favourite)

Whether (or not) Bitcoin will succeed in the long run is questionable.
But in a world where the top 10 hacks resemble the previous year's list, I have found a sparkle of hope to believe that the next generation of internet users just might be smart (or determined) enough to eradicate the age-old vulnerabilities that plague applications/infrastructure today.

[side note: The hacker/cracker arms race will never end as new vulnerabilities will always be discovered, but I can at least hope that some of the older vulnerabilities will eventually become extinct.]

HP Printer Bloatware & Wifi Security

nospam@example.com (Junaid Loonat) — Sun, 13 Feb 2011 07:50:00 +0200

After experiencing each of the major printer brands, I quite like HP for their quality and reliability.
A short while back, I was on the prowl for a new printer and happened to come across a couple of wireless printers.
Being a geek, I immediately knew this was some tech that I definitely needed in my life...

Continue reading "HP Printer Bloatware & Wifi Security"

Thoughts of a Cyber-LOONATic - Hacking

Bitcoins and Geek Security = ?

HP Printer Bloatware & Wifi Security