Tuesday, August 29, 2017

Don't own cryptocurrencies

A year ago I ended a post entitled The 120K BTC Heist:
So in practice blockchains are decentralized (not), anonymous (not and not), immutable (not), secure (not), fast (not) and cheap (not). What's (not) to like? 
Below the fold, I update the answer to the question with news you can use if you're a cryptocurrency owner.

Many Americans evidently believe that cryptocurrencies are anonymous enough to use bitcoin to evade taxes:
The IRS has claimed that only 802 people declared bitcoin losses or profits in 2015; clearly fewer than the actual number of people trading the cryptocurrency—especially as more investors dip into the world of cryptocurrencies, and the value of bitcoin punches past the $4,000 mark. Maybe lots of bitcoin traders didn't realize the government expects to collect tax on their digital earnings, or perhaps some thought they'd be able to get away with stockpiling bitcoin thanks to the perception that the cryptocurrency is largely anonymous.
Perhaps they should reconsider:
[the IRS] has purchased specialist software to track those using bitcoin, according to a contract obtained by The Daily Beast.
Especially, as Zeljka Zorz reports at Helpnetsecurity, if they used their bitcoin to buy something:
More and more shopping Web sites accept cryptocurrencies as a method of payment, but users should be aware that these transactions can be used to deanonymize them – even if they are using blockchain anonymity techniques such as CoinJoin.

Independent researcher Dillon Reisman and Steven Goldfeder, Harry Kalodner and Arvind Narayanan from Princeton University have demonstrated that third-party online tracking provides enough information to identify a transaction on the blockchain, link it to the user’s cookie and, ultimately, to the user’s real identity.
The paper is here. But owning bitcoins is a problem even if you don't use them to buy anything [my emphasis]:
First the hacker grabbed access to my friend’s Facebook Messenger and contacted everyone on his list that was interested in cryptocurrency, including me. ... Once it was clear that I had some bitcoin somewhere the hackers decided I was their next target.
Once you're a target the bad guys have two techniques for grabbing bitcoin from savvy owners who have enabled two-factor authentication (2FA) on their accounts using SMS, which is by far the most common 2FA technique. The first is SIM hijacking:
a hacker swapped his or her own SIM card with mine, presumably by calling T-Mobile. This, in turn, shut off network services to my phone and, moments later, allowed the hacker to change most of my Gmail passwords, my Facebook password, and text on my behalf. All of the two-factor notifications went, by default, to my phone number so I received none of them and in about two minutes I was locked out of my digital life.
This has become a routine ocurrence, as Nathaniel Popper reports in Identity Thieves Hijack Cellphone Accounts to Go After Virtual Currency:
“My iPad restarted, my phone restarted and my computer restarted, and that’s when I got the cold sweat and was like, ‘O.K., this is really serious,’” said Chris Burniske, a virtual currency investor who lost control of his phone number late last year.

A wide array of people have complained about being successfully targeted by this sort of attack, including a Black Lives Matter activist and the chief technologist of the Federal Trade Commission. The commission’s own data shows that the number of so-called phone hijackings has been rising. In January 2013, there were 1,038 such incidents reported; by January 2016, that number had increased to 2,658.

But a particularly concentrated wave of attacks has hit those with the most obviously valuable online accounts: virtual currency fanatics like Mr. Burniske.

Within minutes of getting control of Mr. Burniske’s phone, his attackers had changed the password on his virtual currency wallet and drained the contents — some $150,000 at today’s values.

...

“Everybody I know in the cryptocurrency space has gotten their phone number stolen,” said Joby Weeks, a Bitcoin entrepreneur.

Mr. Weeks lost his phone number and about a million dollars’ worth of virtual currency late last year, despite having asked his mobile phone provider for additional security after his wife and parents lost control of their phone numbers.

The attackers appear to be focusing on anyone who talks on social media about owning virtual currencies or anyone who is known to invest in virtual currency companies, such as venture capitalists. And virtual currency transactions are designed to be irreversible.
The problem is that the security of your account depends on the ability of your cellphone carrier's front-line support to resist social engineering, a notoriously weak defense:
Adam Pokornicky, a managing partner at Cryptochain Capital, asked Verizon to put extra security measures on his account after he learned that an attacker had called in 13 times trying to move his number to a new phone.

But just a day later, he said, the attacker persuaded a different Verizon agent to change Mr. Pokornicky’s number without requiring the new PIN.
The second technique is abusing the SS7 signalling protocol:
A known security hole in the networking protocol used by cellphone providers around the world played a key role in a recent string of attacks that drained bank customer accounts, according to a report published Wednesday.

The unidentified attackers exploited weaknesses in Signalling System No. 7, a telephony signaling language that more than 800 telecommunications companies around the world use to ensure their networks interoperate. SS7, as the protocol is known, makes it possible for a person in one country to send text messages to someone in another country. It also allows phone calls to go uninterrupted when the caller is traveling on a train.

The same functionality can be used to eavesdrop on conversations, track geographic whereabouts, or intercept text messages. Security researchers demonstrated this dark side of SS7 last year when they stalked US Representative Ted Lieu using nothing more than his 10-digit cell phone number and access to an SS7 network.

In January, thieves exploited SS7 weaknesses to bypass two-factor authentication banks used to prevent unauthorized withdrawals from online accounts, the German-based newspaper Süddeutsche Zeitung reported. Specifically, the attackers used SS7 to redirect the text messages the banks used to send one-time passwords. Instead of being delivered to the phones of designated account holders, the text messages were diverted to numbers controlled by the attackers. The attackers then used the mTANs—short for "mobile transaction authentication numbers"—to transfer money out of the accounts.
Because the vulnerability is a basic feature of SS7 implementations, there is nothing you can do to defend against the SS7 attack except not using phones for 2FA.

So, if you own bitcoin:
  • Don't use them to buy anything.
  • Don't, especially, use them to do anything illegal.
  • Don't let anyone know that you own them.
  • Don't write anything on-line sounding even mildly enthusiastic about cryptocurrencies.
  • Don't use phone-based 2FA on any of your accounts.
  • Do report any gains and losses to the tax authorities in your country.
Have fun!




6 comments:

Chris Rusbridge said...

Hi David, I always enjoy your posts even when I don't know much about the area (which, TBF, is most of the time these days ;-). I thought:

"Don't write anything on-line sounding even mildly enthusiastic about cryptocurrencies."

... well, you're not in much danger there, no-one could accuse you of enthusiasm for them!

But this was a bit of a wake-up:

"Don't use phone-based 2FA on any of your accounts."

... only because as an ordinary citizen I've been persuaded a couple of times to add phone-based 2fa to accounts (of no great financial consequence, but still). I think they generally only require the second factor logging in from a new origin (eg a web browser somewhere rather than my main computer), so I think loss of the phone number (usually immediately noticeable in the more usual context) would not prevent access. But perhaps there are wrinkles that have escaped me.

We hope you and yours are well. Been visiting my young fella, known to you, and his young fella, this week.

David. said...

Even if you wanted to buy stuff with Bitcoin, you'll face two difficulties:

"Coinmap, a service that maps bitcoin-accepting locations all over the world, shows a few places that accept bitcoin in Toronto, but it's clearly out of date—I called several businesses listed on the site and they had no idea what bitcoin even is."

and:

"A bigger problem is perfectly illustrated in a Reddit post from Wednesday morning complaining that a bitcoin transaction worth just $9 still hasn't gone through the network after two days of waiting. Two. Days. The likely reason is that the fee attached to the transaction in order to incentivize faster confirmation—50 cents, which is about as much of a premium as I'd pay for a $9 transaction—simply wasn't enough."

David. said...

Rob Beschizza at Boing Boing points to deadcoins.com, an amazingly long list of dead and worthless cryptocurrencies.

David. said...

The Bank of England's Bank Underground writes something sensible (my emphasis):

"What type of technology would you use if you wanted to create a central bank digital currency (CBDC) i.e. a national currency denominated, electronic, liability of the central bank? It is often assumed that blockchain, or distributed ledger technology (DLT), would be required; but although this could have some benefits (as well as challenges), it may not be necessary. It could be sensible to approach this issue the same way you would any IT systems development problem – starting with an analysis of requirements, before thinking about the solution that best meets these."

Simon Scorer's earlier post Central Bank Digital Currency: DLT, or not DLT? That is the question is also well worth reading.

David. said...

The Chinese government's crackdown on cryptocurrency exchanges is starting to have an effect on prices.

David. said...

Andrew Silver at The Register reports that:

"An Ethereum-backed contest has revealed a few new tricks for disguising malware as the harmless code the network uses to transfer and manipulate funds: digital smart contracts."

It is a good thing that Ethereum is concerned about security and running contests to finding and disclosing vulnerabilities. But:

"Since Ethereum was introduced in 2015, its security risks have been no secret in the blockchain community. After a $50m hack in 2016, the community controversially decided to roll back the digital records ledger with a new "hard fork" – essentially creating two versions of Ethereum, one before the hack and one after. Another $30m was stolen in July by hackers."

There is an inherent conflict between the ideas that (a) blockchain transactions are immutable and (b) blockchain software has vulnerabilities. The DAO hack was rolled back, but the idea that this is the way to deal with what will be the routine discovery of exploited vulnerabilities is not credible.