26 – Bitcoin Security Issues – Tech Time Podcast

$250m in Bitcoin Locked in a Virtual Vault after Director of CryptoBank Dies

  • The BC – Based QudrigaCX Bank is in court today in Halifax seeking protection from its creditors under Canadian Bankruptcy law.
  • According to QudrigaCX’s website, they are “Canada’s biggest cryptocurrency trader” and a “leading bitcoin exchange”.  Turns out it was just a guy with a computer.
  • Gerald Cotten (Chief Executive Officer) of QuadrigaCX, died on Dec 9 in India (apparently doing humanitarian work) due to complications with Crohn’s disease.  He was 30 years old.
  • According to court documents, Cotten (the only director of the Bank/Exchange) was the only one who knew the passwords and took them with him to the grave.
  • QudrigaCX held around $250 million in bitcoin that is now inaccessible, locked in encrypted wallets.
    • There is a Hot Wallet (like a cash register with a float).
    • Cold Wallet (like a safety deposit box).  Usually completely offline and is required to be plugged in and a password to access.
  • If this was a regular bank, the government of Canada would be doing something to recover the lost $250 million. Because this is Crypto-Currency and completely unregulated, the Government is doing nothing.
  • On Reddit, many are claiming there is more going on.
    • Some claim accounts are actually being drained.
    • Others claim the accounts never had the money in it and it was a ponzi scheme.
    • Many call into question the death certificate from India.
    • Two weeks before his death, Cotten left a will with a plane, two houses and $100k for the care of his two Chihuahuas.  Why no conversation over the passwords if they talked about the dogs???
  • David Gerard (blockchain expert) states, “Crypto is amateur hour… People assume these are active institutions that operate under rules and regulations, and they operate under very few… It’s really hard to tell if a seemingly credible operator is just a guy in his basement”.
  • Most active comment, (Alex Reti), They can’t have it both ways.  The whole point of “crypto” is to avoid the control of “Big Brother”.  So when things go south, they can’t expect “Big Brother” to come riding to the rescue.

Apple Disables Group FaceTime due to Privacy Bug

  • The Group FaceTime function has been removed after users claimed the microphone could be accessed without the person picking up.
    • This was done by calling the individual and then immediately calling another person in.  The caller could then hear the first person called.
    • This bug was discovered by a teen playing Fortnite.
  • As of Feb 5, the bug has not been fixed.

Lawyer Sues Apple Over FaceTime Eavesdrop Bug, Says It Let Someone Record a Sworn Testimony

  • A lawyer in Houston has filed a lawsuit against Apple over a security vulnerability that let people eavesdrop on iPhones using FaceTime.
  • alleges that Apple ‘failed to exercise reasonable care’ and that Apple ‘knew, or should have known, that its Product would cause unsolicited privacy breaches and eavesdropping,'” reports CNBC.
  • It alleged Apple did not adequately test its software and that Apple was ‘aware there was a high probability at least some consumers would suffer harm.’
  • From the report: The suit says that Williams was “undergoing a private deposition with a client when this defective product breached allowed for the recording” of the conversation.
  • Williams claimed this caused “sustained permanent and continuous injuries, pain and suffering and emotional trauma that will continue into the future” and that Williams “lost ability to earn a living and will continued to be so in the future.” The lawsuit also says that iOS 12.1, the latest major release of the iPhone operating system, was defective and “unreasonable dangerous” and that Apple “failed to provide adequate warnings to avoid the substantial danger” posed by the security flaw. Williams is seeking compensatory and punitive damages as a result of the exploit.

Samsung Leaks – Cryptocurrency wallet, Wi-Fi 6, Foldable Phone, Bezeless Tablet.

  • Leak shows a Galaxy S10 running the rumored Samsung Blockchain KeyStore.
    • Would you trust Samsung (or another phone maker) with crypto?  Hackers?
  • Leak also shows Galaxy S10 phones will all support Wi-Fi 6
    • Not much faster individual speed but increased speeds for all Wi-Fi 6 devices connected to a Wi-Fi 6 router (increased speed when many devices are connected).
  • In a video uncovered by Slashleaks, Samsung shows two devices expected to be revealed at the Unpacked event at the end of the month.
    • Samsung’s Foldable Phone.  A woman is holding a much sleeker looking version of the phone than we saw in October.
    • A bezeless “all screen” tablet with a stylus.

You may also like...