Coinbase made everyone whole, and the attackers stole the credentials (not because of Coinbase's fault) ahead of time, and the attackers had to perform a "SIM swap" type attack on the users. "Breach" may be the required term for the Californian government, but this wouldn't qualify to most people as a traditional breach (i.e., compromise of Coinbase's infrastructure).
> ... the attackers had to perform a "SIM swap" type attack on the users
Minor nitpick: I find your framing problematic as it transfers "burden of security" to the end-users over a process that did not involve them: this was not an attack on the users - it was an attack on the telecoms infrastructure.
I have a similar gripe against "identity theft", which really ought to be "fraud against corporation X, using false identity" - however, that framing is necessary to make consumers accept, by default, the burden of clearing debts they were never party to simply because the defrauded party did not have adequately verify perpetrators identity.
I agree. From Coinbase's perspective, they ought to defend their infrastructure against fraud, whether that is a direct attack on the users, an attack on the users' telcos, or insider activity directly.
From the telco's perspective, they have a responsibility to stop SMS and SIM fraud, and our regulations have failed to properly hold them accountable in this domain.
I would add that the users have some responsibility for losing their emails/passwords, but my initial framing insufficiently demands responsibility for the service providers in this instance. The service providers should be expected to take all reasonable steps to prevent fraud on their platforms, and that should include extra scrutiny of SMS-based authentication mechanisms (e.g., identity verification). This is why Coinbase paid them back, accepting some responsibility for the fraud.
I fully agree that users are not absolved of all responsibilities or vigilance (e.g. over passwords/devices). I think the legal framework has to be overhauled to clarify the culpability of all parties involved, rather than the current "Sucks to be you" attitude towards consumers, who are the least powerful, and have the least agency in these issues.
Telcos have no responsibility to stop SIM fraud. Telcos have communicated the last 30 years SMS is not secure (travels as plain text) and should not be used for 2FA. If companies have ignored this advise then it is on them.
SIM swapping also allows you to intercept voice calls, which are encrypted and supposed to be secure. The idea that telcos have no responsibility to stop people from taking over the telephone number that customers pay for is completely absurd. Moreover, often the SIM swapping is done by employees of the Telco itself using company infrastructure.
No you are not correct. The whole underlying mobile phone network infrastructure is based on (failed) trust and is not secure. Though it is slowly being replaced.
The incumbent telcos would love a regulatory framework where they must store address info and other personal data of their clients: Clients would then be much less likely to switch.
International tourists will also be less likely to get a local SIM card and then pay exorbitant roaming charges.
(Here in South Africa, clients must provide proof of their residential address. Some telcos even insist on verifying the thumbprints of their clients)
Don't see how that's relevant to the thread at hand. The problem here is that the Telco has an existing paying customer for a number, and has systems that allow other malicious actors to take over that number instead. It's not about verifying the absolute identity of the account owner, they only need to verify that the new SIM using a number has permission from the person who rightfully owns the account. In many cases, this fraud is being committed by employees of the carrier (e.g. at it's retail locations). That means the carrier clearly doesn't have adequate controls to prevent abuse.
This isn't really true. Google Voice numbers are managed by bandwidth.com and have been taken by attackers submitting fraudulent number portability requests in the past.
Coinbase and other sites (especially those that deal in money) should stop using SIM cards as a form of authentication. While carriers should probably do more to secure SIMs and phone #s, it has always been known that the system was never designed to be used as a security mechanism, and Coinbase using it as such is a security flaw that they are responsible for.
Okta architect here. It's hard enough getting MFA to work in a large organization where technically illiterate people are surrounded by coworkers to ask who have all figured out their RSA tokens or Okta Verify enrollment. Trying to manage this for the general public would be an incredible undertaking.
The cost benefit analysis probably does not make sense for a gazillion low balance users. It may make sense to enforce strong factors for high balance users. You have to balance that against them taking their business elsewhere.
In Europe all banks are using 2FA, and it's usually based on TOTP (and enrolling the first phone is a pain usually requiring QR codes and whatnot). 17 years ago some were using smartcards as 2FA. It's doable and secure, to the point that identity theft is almost unheard of (and usually used more as a synonym of catfishing than in the American sense).
SMS is handy but it should be a last resort rather than the main second factor.
I bank with a major European bank, and they still rely on SMS for 2FA for every online transaction, except for logging into their website. They offer 2FA through their app, but that only works with iOS or Android with full Google Play services---for non-Google folks running LineageOS or /e/ OS, they're stuck with SMS 2FA.
Yeah what I meant is that companies should propose other methods than SMS.
SMS can be good enough to confirm a password reset link that was sent by email (so you will not really do anything without access to an account's linked email address), but not as the main second factor for login.
This. Nerdy people don’t understand how much people struggle with this.
RSA enrollment is probably the single most challenging end user issue our IT folks deal with. After password reset it’s the #2 call, and lots of time, training and engineering effort has been expended to improve the experience. (And those efforts were very effective!)
So to sum up, an organization promising to take people's money and keep it safe can't afford to do it except for people with a great deal of money. However, they're still going to accept smaller amounts of money. Did I get that right?
Depends on how you define "keep it safe". If I give you $100 to keep safe, I don't care how many times you get robbed as long as I get $100 back when I want it. If I can get my money, it's safe.
When I went looking for an online brokerage in the USA with a reasonable login process (i.e. 2FA, not by SMS ever) it seemed pretty hard to find one. (Maybe that's changed?) These brokerages handle amounts much greater than a software engineer's retirement savings.
I think the difference for me is the extent to which transactions are traceable, revertable, and regulated. The median reaction to theft in the cryptocurrency world is somewhere between "caveat emptor" and "ha ha, buddy, you fucked up".
For traditional finance, it's pretty different. E.g., "If fraudulent electronic withdrawals are made from your bank or credit union account but your ATM or debit card is not lost or stolen, you are not liable if you write to let the bank or credit union know about the error within 60 days of when they send you the account statement showing the fraudulent withdrawals." https://ovc.ojp.gov/sites/g/files/xyckuh226/files/media/docu...
But could one simply take the secret when initializing the app and stick it in another, like andOTP? My employer told us that the corporate intranet required we use Google Authenticator, but when I try other OTP apps, it still works.
A decent point. It scares me to imagine all the security checks that would be required to make SMS actually secure against these kind of attacks, and then getting everyone to actually follow them.
> I have a similar gripe against "identity theft", which really ought to be...
... bank robbery by unknowing proxy. If we reframed the narrative, I bet banks and financial institutions would bust their asses to make things better.
They already do for the most part though right? That is, they lose a huge amount of money to "identity theft" and have ample incentives to stop/prevent it.
It was not a simswap/simjack attack, they exploited an oversight in coinbase's password-reset 2fa to send the challenge code for one user to another user's phone number.
Yes! From the linked pdf that came from Coinbase[1]:
"However, in this incident, for customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account"
The key part being: "a flaw in Coinbase’s SMS Account Recovery"
I haven't been able to verify these sort of claims any more than I've been able to speculate it was blanket telco Letters-of-Authorization (LoAs) [0][1] or classic SIM swaps that resulted in the account takeovers. I'm not claiming you're wrong, but given the timing of the LoA fraud and the attacks, it seemed likely to me that this was not an actual web vulnerability.
What makes you believe a specific exploit like that existed against Coinbase's 2FA? And if it existed, then why wasn't that caught in a routine pentest?
With only the pdf to go on, I address the "flaw" in more detail in these comment threads [0] [1]. In short, I believe the "flaw" is likely to be "we used SMS for identity verification, without additional necessary scrutiny."
The technical barrier to entry for accruing and using breach databases is near-zero [2], same with the barrier to SMS fraud. Both are routine and easy methods for criminal groups with no special technical abilities, and therefore they are likely. Since the onus is on Coinbase to do identity verification in account recovery, a large number of successful takeovers would be a "flaw" in their process, even if it's not a technical flaw (which I would expect to be expressed in language like "vulnerability").
Accepting untrusted, unauthenticated user input as a SMS verification number would be a serious login-related flaw, and certainly Coinbase pentests their login pages. Any competent pentester would discover such a flaw. So between "Coinbase shipped a critical and obvious login flaw to prod" and "a routine and common criminal tactic was employed successfully against them," I find the latter more likely.
I find your take on this very strange. Given that, again, Coinbase themselves called this "a flaw in Coinbase’s SMS Account Recovery process", it would be bizarre that this was just "standard" run-of-the-mill SIM-swapping, because of course SIM-swapping is always an inherent danger with SMS 2 factor.
Coinbase is very clear in the breach notification that attackers had already acquired users' (a) emails, (b) passwords, and importantly (c) already have access to the users' primary email accounts. At that point, the only thing left preventing account takeover would be the 2FA challenge, and since Coinbase said there was "a flaw in Coinbase’s SMS Account Recovery process" I find it a bizarre conclusion to think that flaw was just a standard SIM-swap.
Edit: Actually, pretty positive it was not just a standard SIM-swap given that, if it were, Coinbase would not have specifically called out "a flaw in Coinbase’s SMS Account Recovery process". If it were just normal SIM-swapping bad guys would have just used that to defeat 2FA during the login process - there would have been no need for them to mess with the account recovery process. That's actually not that uncommon a bug, where 2FA works great to protect login, but there is an oversight that makes it not required during the account recovery process (by definition you're letting people into an account during the recovery process even if they're missing one of their authentication methods) that makes the whole 2FA moot.
If they use that wording, though, they are putting themselves on the hook to fix the "flaw". That's why I'm skeptical that it was just simjacking. I don't see a way that Coinbase could implement SMS 2FA in a way that doesn't have that "flaw".
>As soon as Coinbase learned of this issue, we updated our SMS Account Recovery protocols to prevent any further bypassing of that authentication process
How is it possible to update the SMS recover protocol to prevent sim swapping?
No, I don't think they have. The document says they will, not that they have. I personally know someone who was had 2FA and tends to be security knowledgeable and was struck by this on 6/7, which is well past their claimed date, so either they are lying or the hacking continues undetected. He has had no ability to get anyone on the phone who will help with the issue. He lost less than $2,000, but it is ridiculous how crypto currency combines the worst of the wild west with the worst of banking with the worst of crappy customer service.
Some exchanges have good customer service, but Coinbase isn't one of them. They went the route of minimizing customer support staff that many tech companies do.
Big difference! I have personal experience of Coinbase emailing me (in writing!) that I’d get a bank overdraft fee refunded from their system-wide mistake of double-charging cryptocurrency orders. This happened right before their IPO.
Long story short, I was never refunded despite raising two support tickets. :(
> but it is ridiculous how crypto currency combines the worst of the wild west with the worst of banking with the worst of crappy customer service.
Crypto's value is because it is the wild west. Otherwise, it'd be gold: custodians holding the commodity for owners, most of it locked in cold storage, fully regulated, and governments pursuing theft whenever reported.
Eventually, the end state desired will be reached (regulation, customer service, insurance, pursuit of value theft, etc), it's just taking time for governments and Big Finance to catch up.
Bitcoin is a self custody asset just like gold, and IMHO that and it's de-centralized exchange is actually where all the value comes from if it has any. People do own gold and store it on their own property as well.
Gold owners also use responsible custodians when they don't store the gold themselves. I think bitcoin owners do not do the same because they want to have easy access to trading and there aren’t companies that both operate trading and are either responsible custodians or make it easy to use a different custodian for storage.
They already support other forms of 2FA, so I guess you mean they should turn off support for SMS. Keep in mind that for many users the alternative is no 2FA at all (they don't browse HN and Krebs), which is much, much worse.
Coinbase should continue doing what they are doing, which is to support SMS, and educate and encourage users where possible to use something else instead.
What they should be doing, is to subsidise YubiKeys to their high-value customers.
Not just to lock down the logins to Coinbase, but to also secure their customers' email, Twitter accounts, and as many other online systems as would support hardware backed WebAuthn. Hell, PokerStars did this with RSA tokens back in 2008 so it's not like it's a new idea.
Yes. You need NFC chipped phone and and NFC model YubiKey.
That also solves a major usability issue: instead of trying to juggle between a mobile application and a TOTP authenticator (on the same device!), or plugging in a USB adapter for authentication needs, you just quickly tap/wave your keyring next to the phone. Or take your phone quickly by your pocket when you need the second factor.
Which works fine until they buy a new phone and trade in or reset the old one without transferring the private keys -- and now you're locked out of your own account because you lost your second factor.
> and now you're locked out of your own account because you lost your second factor.
To verify someone's identity ("Identity Proofing") using Stripe Identity [1] costs ~$2. They support IDs from 33 countries, and have implemented fraud detection in the flow. If you were so paranoid as to defend against someone stealing your government issued ID (used in the proofing process), you could paper mail a OTP to physical address on file.
Does it suck and its the cost of no digital ID infrastructure in the US? Yes. Is it insurmountable? Not at all. At the end of the day, people are the weakest link, and we must fallback to meatspace trust anchors (in this case, possession of government provided ID that can be provided on demand with robust fraud detection mechanisms). You are who you are, and own what you own, not because of key material but because of the law.
Emergency single-use codes. They can be printed and stored in a safe. Not every service with 2FA has this feature, I have no idea why. How hard could it possibly be?
But then bad guy just logs in to Authy with the same stolen credentials because most normal people will probably use the same credentials for everything, including Authy. And arguably, the smartest tech-savvy folk wouldn't be storing their 2FA keys in the cloud like Authy anyway.
If your cloud account is protected by 2FA that's also in the cloud... it's turtles all the way down.
I'm not entirely familiar with coinbase, so is it really 2fa or is it 1fa in that you can use SMS as a recovery method when you don't know your password?
Wait, why should they accept customer funds if they don't think they can keep them safely? If somebody is saying, "Let me hold on to your money for you," it seems like a minimum bar is them being pretty sure it's not going to go anywhere.
You can change your phone number by re-validating your identity. During the 2FA step when logging in, you can click on "I need to change my phone number" (or similar).
Coinbase does allow SMS to be turned off. I did that on my account. When SMS is turned off, and when a U2F security key is the only 2FA you configured, if you lose the security key the only way to recover the account is to contact their support department and provide a photo of yourself holding your ID.
I don't know about you, but in the days of smartphones, login + mail + sms seems pointless. The only lock is the pin code / fingerprint on your phone, since when that is unlocked, the attacker gets to trigger all validation steps.
The important part is having physical access to the phone. A targeted attack against you now requires a physical element, rather than being entirely online.
Agree with everything you say, but add to that a lot of sms 2fa exploits are sim or redirection attacks. It’s possible to get access to a phone number without access to the phone.
Here’s an old story of a friend who had a weird talk with someone who had redirected their phone:
In the linked PDF, Coinbase does not claim to have knowledge of a vulnerability in their system (edit: though it does note "the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process," I interpreted that as "we supported SMS account recovery at all" which is inherently broken [0]). The requisite two-factor bypass is detailed in the linked pdf:
> Even with the information described above, additional authentication is required in order to access your Coinbase account. However, in this incident, for customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account.
My guess is, because funds were stolen from users' accounts, the CA breach notification laws apply and this needed to be disclosed as such. However, that doesn't necessarily mean that Coinbase was technically "breached," only that customer accounts were compromised.
If the attacker controls your personal email associated with Coinbase, accompanying passwords, and phone number, and you use SMS 2FA, then your funds were stolen. Otherwise, they were safe. That's my reading of the article.
They also say "we updated our SMS Account Recovery protocols to prevent any further bypassing of that authentication process". What did they update if it wasn't due to a weakness on their side?
EDIT: on reading some of their docs, recovery is supposed to be followed by the user submitting ID documents etc before they get full access back - maybe that's the part they didn't do before or that could somehow be circumvented? (which is a flaw, but still requires intercepting the SMS to use?)
I bet that control of email address + SMS 2FA was sufficient, alone, to recover the Coinbase account password. Lots of systems permit this kind of recovery, and while I may tell a technical crowd "if you use SMS for 2FA, that's on you" less technical users may not have the requisite background to understand the security tradeoff they make in doing so.
The "flaw," in my reading of it, was to support SMS-based account recovery at all. But I'm not necessarily right here, and open to alternatives.
Looking at his other comments, he's speculating. The document talks about obtaining an SMS verification token, they say "we updated our SMS Account Recovery protocols to prevent any further bypassing of that authentication process", and have not removed SMS as an authentication option. I see no reason to think this vulnerability was a SIM swap. Him stating it as if it's a fact in his original comment is very misleading.
It doesn't matter who techinically is at fault Coinbase wants to stay ahead of the potential bad press and people pulling all their funds from the platform. Probably just figured this was cheaper.
I'm in no way arguing that they shouldn't notify people/replace money/..., I just wonder where the confidence for the claim that it was just SIM swapping comes from.
These days in infosec circles simply having SMS-based 2FA enabled is now considered a no-no because of the notoriously bad (and inconsistent) security measures at large mobile carriers.
There is some speculation in another comment that their SMS verification server may have actually had a technical flaw, and the issue was not a lack of separate identity verification on SMS [0].
However, around the time of the breach date (March - May 2021), there were a number of "B2B" services that offered a "type in any SMS number and you will get all text messages to that number," type feature intended for customer support teams to use for shared SMS access. Those systems often had privileged access to telcos and were regularly exploited by attackers to break 2FA without even a SIM swap [1]. With those tools, stealing all SMS to a number required only intent, not conversations with telco support personnel.
Even though I stopped using coinbase, I appreciate the company compared to others because:
1) They had a reasonable account recovery process after I lost my phone and therefore google authenticator. Binance's process was needlessly annoying and pointless, kucoin straight up decided this was a good opportunity to just block my account completely and steal my money, even after email verification, as well as me supplying all emails they sent me about account activity.
2) They were the most transparent about new requirements about identity verification than others, and still allow withdrawals without verification.
>the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process
Your speculation and conjecture dismisses you from any and all future discussions on this matter. You have demonstrated that your are unfit to comment.
>"We will be depositing funds into your account equal to the value of the currency improperly removed from your account at the time of the incident. Some customers have already been reimbursed -- we will ensure all customers affected receive the full value of what you lost. You should see this reflected in your account no later than today."
I sympathize with the "Not your keys, not your coins" crowd, but you have to admit that you are far more likely to be compensated in the event of an attack if you are using a large exchange. Not guaranteed, of course, but Coinbase has an image to maintain.
I also believe, personally, that a large exchange has much better security than anything I could muster with a hot wallet. Yes, I know I can airgap a cold wallet but I like the ability to quickly sell some amount of crypto at market rates without having to transfer from a paper wallet. I also worry about physical security since my home has been burglarized before. Therefore, I keep my coins on exchanges and follow good practices with 2FA across my accounts (no SMS for any) and have withdrawal delays / whitelisting active.
Wonder how many people follow this reasoning to the next logical conclusion and realize that there is literally nothing to differentiate the coins at all from regular banking except for the lure of speculation.
I am a cryptocurrency enthusiast/advocate, but I've come to the realization that "being your own bank" is actually a terrifying and merciless burden. One small mistake has the potential to wipe you out and there is no way to get your funds back.
Despite all the criticisms that come with "the banking system", banks do provide a lot of value to individuals. It is completely understandable that people would want to wrap their decentralized currency inside of a centralized system (exchanges, custodianship, IRAs, etc.) for the benefits that having a bank-like organization can provide.
There are hybrid systems which offer the best of both worlds. For example, the open source Muun wallet uses a 2-of-2 key system[0] in which Muun only has access to one of the two keys so, unlike a traditional bank or a custodial exchange like Coinbase, they can't spend any funds without your signature. Your Muun wallet app also only has one key, so authentication with the Muun service is necessary to complete transactions—this allows Muun to disable the wallet in the event the phone is lost or stolen, by refusing to countersign its payments. A recovery code kept offline, on paper, allows you to set up a new Muun wallet and recover your funds in the event that the phone holding the original wallet becomes unavailable for any reason. Finally, for complete self-custody you can export a PDF with encrypted versions of both keys plus some additional data ("output descriptors") which, together with the offline recovery code, can be used in an emergency to transfer your funds to a new wallet without any involvement from Muun.
This does involve using a centralized service to an extent, but the amount of trust you are asked to extend is limited. They can't unilaterally take your funds, and they can't stop you from moving them to another wallet which you fully control. At the same time, you can safely use the wallet online with the additional convenience and safeguards provided by Muun, and it would be difficult to lose your funds permanently from "one small mistake".
That backup defeats the 2 of 2 multi-sig, though. Users really still are their own bank in this model. If their backup is stolen, the thief can empty their wallet. It’s just not kept online. Not much different from using a hardware wallet in that respect.
> That backup defeats the 2 of 2 multi-sig, though. Users really still are their own bank in this model.
As I said, it's a hybrid—so it has some elements of "being your own bank" as well as elements of a custodial system. The point of the multi-sig model is to allow the wallet to be used for day-to-day transactions like a "hot" wallet or a custodial exchange without the risk of carrying the complete keys everywhere on an Internet-connected device and without giving up control over the funds. The backup and the 2-of-2 multi-sig each serve important functions; neither "defeats" the other.
> If their backup is stolen, the thief can empty their wallet.
And no one ever has their traditional bank account emptied due to poor password hygiene or a vulnerability in the bank's 2FA system? Transferring custody to a third party doesn't mean you can stop worrying about security. If you don't have something equivalent to this offline backup then it's true that there is one less way for a thief to gain access to the account, but then you risk being unable to prove that you are the authorized owner of the account and losing your funds that way.
> Not much different from using a hardware wallet in that respect.
Hardware wallets have a different set of trade-offs. Personally I don't like to carry mine around with me like a ordinary wallet (or my phone) for use in daily payments. It's probably secure enough that I could do that safely, but there's always the risk of losing it, and for small, everyday payments it's just not as convenient as using an app on your phone. Also, Muun works with the Lightning network, which requires an online component; I'm not aware of any hardware wallets which can fill that role.
That's a reasonable concern. You can easily verify for yourself that the recovery process works, and you can audit the source code for the Android client (and build it from the audited code) to ensure that it handles the keys as advertised. If this were your typical proprietary system then I might be worried, but Muun is pretty transparent.
The biggest potential point of failure, if you installed pre-built binaries from a third party such as Google Play or the Apple App Store, is that it could be updated to a new version which leaks the wallet-side private key. Which is a potential concern with any wallet software you don't audit for yourself. Of course you're also trusting the system software provider (i.e. Google or Apple) to run the application properly, as with any software running on their respective operating systems.
Personally I trust it with funds comparable to what I would normally keep in a wallet for daily use, not a safe or a bank vault. For larger amounts where the inconvenience of cold storage is justified I use a hardware wallet (Trezor).
There are ways to mitigate, such as multisig wallet. For day to day, use a wallet with a small amount. When it's balance runs low, you can replenish the amount from your vault, that requires at least 2 signatures. Crypto is not about completely eliminating trust from the system, but rather being able to choose whom you trust and control, what a trusted party can do.
It’s also amazing how many smart people are completely ignorant of the common and routine failure modes of banks, and why hundreds of millions of people might want an alternative to that.
I just had to physically cross an ocean twice because my bank won’t send wires for more than $25k via their website, and that’s one of the gentler failure modes.
The benefits of the banking system I would propose to be self-explanatory, though your parent comment recaps them well.
It's the reason to do the crypto part at all that's more confusing. Unless of course we all just admit that gambling is unbelievably popular and fun and has been a continued hit throughout human history.
That's why you don't store money in your bank account, you keep it in investment vehicles which also appreciate in value over the long run (not the best inflation foil, but an OK one)
Investment vehicles like the stock market are being propped up by the money printing, so I don’t consider that a good alternative. That’s just a game of musical chairs that stops and usually the poor people and those furthest from the money printer are the ones without a chair.
Read more about Bitcoin and what fixed supply means. There will only be 21 million Bitcoin ever, but the dollars keep being printed en masse. This makes each Bitcoin continually worth more and each dollar continually worth less.
That is the logical conclusion of the institutions, since they are basically crypto banks. However the underlying coins are very different from the underlying asset in a bank, even if their use cases haven't come to fruition and the most common use case is speculation. The use cases that currently exist and are important, though probably not to users in this forum, are borderless transference and the ability to truly own your assets without a governing body or third party institution able to touch them. A significant portion of the world either: lacks institutional banking or is under an authoritarian / corrupt government that could seize their assets just because. Which means the current use cases are incredibly valuable to those individuals. For most users here coins are probably a novelty used for speculation or asset diversification.
I can write code that trades bitcoins without having to ask anyone for permission. Without getting into what Bitcoin will change about banking, I'd say that's pretty different from regular banking.
There are two spectacular use cases: gambling and illicit transactions
That's not snark, those are great use cases, both have thousands of years of popularity behind them and tons of demand.
Hence my parent comment, which points out that when you use the more heavily regulated centralized exchanges like coinbase the one remaining use case is gambling.
In all seriousness, in what way is defi interacting with the non-defi world right now to provide value? I'm not too informed about the space, but from a distance it seems like every defi innovation so far is just building on top of something else in the defi space.
Classic answers like "banking the unbanked in third world countries" don't seem to be shaking out yet.
To ask a different question of traditional banks - where can you do what you can do in DeFi today in traditional finance - without either being an investment bank or a HNW individual?
Does that help? You cannot walk into a bank and ask to put your money to work in the same way that they are already putting your money to work just by holding it in an account with them. At least, not for average people.
You can't act as an "automated market maker" in traditional finance, I'll give you that (to pick one example of something possible in DeFi).
What I really mean is what can do you in DeFi that is connected with the real world? In other words, what can you do other that doesn't fall into the category of using your money to make more money with no effect on the material world?
Examples of things that traditional finance enables that connect to the real world:
- Get a student loan (you get an education)
- Get a car loan (you get a car)
- Get a home loan (you get a house)
- Insure your car or home (perhaps including insurance in finance is a bit broad, but I think it's appropriate)
- Have some claim on the future cash flows of a company that makes real things (public equities)
Obviously traditional finance isn't some bastion of providing "real world" value and resistance to over-financialization. But DeFi seems like pure financialization so far. I suppose the first step is to enable payments (arguably the definition of money is a payment system), but it doesn't seem like that has caught on very much either.
> Examples of things that traditional finance enables that connect to the real world:
An end goal of crypto is to have all financial and ownership services exist on-chain. To conceptualize the real world as somehow forever separate is going to lead to the correct conclusion that DeFi doesn't seem to affect "the real world".
> - Get a student loan (you get an education)
Requires identification.
> - Get a car loan (you get a car)
Requires identification.
> - Get a home loan (you get a house)
Requires identification.
> - Insure your car or home (perhaps including insurance in finance is a bit broad, but I think it's appropriate)
Requires identification.
> - Have some claim on the future cash flows of a company that makes real things (public equities)
Doesn't necessarily require identification. There are cryptos looking to tokenize and fractionalize public/private equities. The equity would exist on chain, not on the private ledgers of banks/clearing houses/brokers/the NASDAQ. You would own your equity via a private key, and not by the say so of Fidelity (e.g.) and the government.
You've listed three types of loans that require you to have some form of identity which allows for the existence of credit/reputation. Until crypto has a functional decentralized identity ((which is being worked on by many)[1], and even has a (W3C draft)[2]) and government recognition, you will likely not see traditional lending products. Doesn't mean it isn't possible.
Insurance also requires identification for reputational purposes, but less for enforcing payments and more for measuring risk.
Crop insurance is a popular use case being investigated for poor rural areas to get insurance. Remember, traditional finance requires massive human capital infrastructure, general civil infrastructure, and minimized governmental corruption to ensure debt repayment occurs. It's may be easier bootstrap insurance from a decentralized network/blockchain + satellite internet, for certain communities.
> An end goal of crypto is to have all financial and ownership services exist on-chain. To conceptualize the real world as somehow forever separate is going to lead to the correct conclusion that DeFi doesn't seem to affect "the real world".
I get this, and I definitely am not suggesting the real world is forever separate. I am somewhat suggesting it currently is though.
> There are cryptos looking to tokenize and fractionalize public/private equities.
Yes, but the ones I'm aware of are entirely doing it on the backs of traditional finance equities.
> Requires identification.
This is a good point and I almost explicitly called it out myself - traditional finance is valuable much because it acknowledges the existence of the individual in society, not as an abstract entity with cash flows.
Solving the identification problem is a goldmine for society at large, not just DeFi. I just find it hard to imagine a suitable solution that doesn't involve trust in the government and other institutions.
I want to make it clear that I am not anti-crypto/DeFi. I think most payment will one day be distributed/trustless at its lowest layer. But I also think that true value (in the "real world") will come when all of the trust built into the rest of society is layered on top.
The cypherpunk crowd on HN seems to be all but gone. Overwhelmingly negative takes on anything crypto-related in favor of... big banks and media conglomerates.
If you know what DeFi is, I don't know how you can arrive at this conclusion. At this moment, you as an average person can not profit with your money in the same way that banks profit with your money. You know what the money in your checking and savings account is actually doing right now, right?
You can verify that one bitcoin you have today will not be diluted by more than a certain amount tomorrow. Value is based on people’s value of the object though, and I wouldn’t necessarily bet on Bitcoin keeping that over the long term.
Yes, but crypto has been a better investment compared to stocks for now about 10 years (if you keep crypto long enough, not day to day trading). Stocks gains are anemic in comparison.
that's like buying a lottery ticket, winning, and saying it was a good investment. Even if your super risky investment ended up paying this time, you still don't have the information needed to be able to pretend that you know that repeating that decision will lead to good returns
I just recently found out about a great cybersecurity podcast called Darknet Diaries (and having been binging it ever since). Episode 9 covers Mt Gox and it goes into detail of timeline of the developers and the numerous breaches. Highly recommended.
All that is to say that Coinbase and Mt Gox were operating in completely different leagues of sophistication.
Coinbase is reimbursing people because there was a flaw in Coinbase. If an individual's computer gets hacked and the hacker drains the user's account, I doubt Coinbase would reimburse.
I think this reflects very favorably on Coinbase. They're making everyone whole, and gosh - the attackers had the user's usernames, passwords and phone numbers. Hard not to be sympathetic to Coinbase in that scenario. How are they supposed to know those aren't the real users? Consider that if they are going to identify those cases as fraudulent actors, then they could easily lock-out legitimate users as well.
I'll guess the users had the same usernames and passwords that they've used for a hundred other sites, and one of those got breached at some point. Don't do that!
I'm skeptical of their breach notification for the following reasons...
If they were certain this was PURELY a phishing campaign against their users, then they had no need to disclose to the government.
Their wording in their disclosure is very very carefully crafted to not deny a breach of their data - pending "conclusive" evidence.
They made a choice to disclose so that the gov't could never claim that they failed to disclose should Coinbase data appear on a darknet website.
And While they make an allusion to social media data collection - I was a target in June, and I absolutely had ZERO social media talking about using coinbase. There is NO WAY hackers could have deduced on social media that I was Coinbase user, nor gotten my cell phone number.
I am 90% confident that Coinbase WAS breached directly, allowing hackers to gain access to email and phone number for my account.
This disclosure says that everyone who was hacked had their email inbox hacked. So you're saying that someone hacked Coinbase to find your email address, then once they found your address, hacked your email inbox some other way, then used that to hack Coinbase? That sounds very roundabout, although I guess not impossible. I guess it's possible Coinbase could have some info leak somewhere that would leak your email address.
Did you ever use any other cryptocurrency website? If so, one of those could have been hacked in order for the hackers to get a list of users to target.
The attackers also needed to know the user's phone number and have access to their email account. That is a sufficiently high bar that I can still be sympathetic to Coinbase here.
Not sure why you discount username and phone either. Each of these is an additional layer of security simply by being more information an attacker needs to collect and associate. Coinbase doesn't publish a list of usernames. And how would someone associate phone numbers back to them?
You can easily check databases on and off the darknet to find people's phone numbers and most people don't have multiple phone numbers and rarely change their number because of the associated hassle with moving accounts. The same goes for their email and even passwords if they reused them.
Coinbase
Coinbase <https://verify-customers.elastic-galileo.185-150-117-78.plesk.page/>
Verify your email address
In order to continue using your Coinbase account, you need to reconfirm
your email address. To avoid service interruptions verify your email.
Verify Email Address
<https://verify-customers.elastic-galileo.185-150-117-78.plesk.page/>
If you did not sign up for this account you can ignore this email and the
account will be deleted.
Get the latest Coinbase App for your phone
Coinbase iOS mobile bitcoin wallet
<https://verify-customers.elastic-galileo.185-150-117-78.plesk.page/>
Coinbase Android mobile bitcoin wallet
<https://verify-customers.elastic-galileo.185-150-117-78.plesk.page/>
Traceroute shows that site hosted by Hurricane Electric.
Anyone who lost money in this should sue Namecheap and Hurricane Electric. They will be stumbling all over themselves to tell your lawyers who their customer was, to avoid liability.
I must be missing something, but can someone explain what's the point of a hardware wallet? Why not just use a password manager?
Hardware wallets seem to have so many downsides, as far as I can understand.
You can keep multiple copies of your password manager's database (something like a kbdx file), but you won't have multiple copies of the hardware wallet. Therefore a single point of failure. If the wallet is stolen, damaged in a house fire, crushed by some accident etc. you're done. Also, can't the firmware of the hardware wallet possibly have some unknown bugs that might cause some failure in the future? Is the hardware failure-proof? No possibility of manufacturing defect etc.?
Secondly you've to buy a hardware wallet and whatever the cost, it's not free. Whereas an open source password manager like keepass is completely free (as in freedom as well as beer).
Hardware wallet protocol involves a key phrase and password you keep secure elsewhere. You need either wallet + password, or if the wallet breaks, you can buy a new one and initialize it with the seed phrase and then use the same password.
You could use a multi purpose computer, e.g. a phone or PC and software to do the same, but they are more complex devices with more avenues to exploit them, e.g. a keylogger plus something than can upload your keepass file means you're robbed.
> If the wallet is stolen, damaged in a house fire, crushed by some accident etc. you're done.
This is incorrect. Hardware wallets typically come with a recovery seed. Even if the original device gets destroyed, the seed helps you to get access to your addresses/crypto. This covers against all of the scenarios you mentioned.
For example, I just updated the firmware on my device this afternoon. Before I did it, I'm double-prompted to make sure I have my recovery seed in case the update fails.
As for storing in a password manager, you certainly could. I used to print my wallets out back in the day. The hardware just makes the process a bit easier and makes mistakes on my part less likely.
The point is that your keys never reside on a general-purpose, internet-connected computer. It greatly reduces the attack surface.
As for SPoF -- hardware wallets are initialized with a seed phrase. You can make as many copies of the seed phrase as you like. You don't even need to load them onto a new device if yours is lost or stolen; the phrase alone is sufficient to re-derive the keys on any computer (although you will sacrifice some security if you decide to recover that way).
Why would you put thousands of dollars in a wallet you need a physical device to access? Just put your private key in your password manager, problem solved
One thing that cryptocurrencies achieved is they introduced a private key authentication at scale. For a moment, there was a hope that we can move to private key authentication mechanism. But, unfortunately, it was quickly rolled back by introduction of custodial wallets and we got pulled back into world of passwords.
> users can not (and a tiny subset of users that actually know how to, will not) securely manage* key material.
True. And the is also true for password. Sure, generation is different and a way to authorizing a transaction is different, but otherwise form usage perspective password can be viewed as a primitive case of a private key. And industry made a huge progress in password authentications: password managers, OTP, biometric authentications, WebAuthn, etc. Specifically password managers and biometric authentication mechanisms can be re-used for private keys as well.
Having multiple wallets, multisig authentication and smart contracts allows to have recovery paths, while making sure that varios custodians can only perform certain transactions and in a transparent way.
I wonder how "We will be depositing funds into your account equal to the value of the currency improperly removed
from your account at the time of the incident" is to be read.
To me, that reads as "if you had 1 BTC stolen on May 20, we will deposit 40k USD into your account, because that was the value of 1 BTC as of May 20", not "if you had 1 BTC stolen, there is now 1 BTC back in your account".
The timeframe listed in the letter covers exactly the time of a massive price spike, so a USD payout would put most people in a better situation than a BTC payout in this specific case, but I'm still curious how this is handled, and whether there is a universally agreed standard for it.
Because next time "we'll reimburse you the USD value of your crypto as of the date of the attack 6 months ago" could mean that someone "made whole" like this has only 10% of what they would have if the attack didn't happen.
I also find that to be a weird stance. People can hold USD or stablecoin a on their Coinbase account if they wish. For people who choose to hold assets other than USD, it seems more logical to replace those assets. Coinbase already trades all of them. Or, since this was a Coinbase flaw, allow the user to choose whether they want the original assets restored or the dollar value at the time of theft (since in theory they could have sold). This way Coinbase feels more pain, but customers should be happy because they come out no worse and possibly better off.
High security services should send a pair of U2F keys to each and every customer when they sign up (or hit a retention/value threshold), with instructions on how to store them (that is, different buildings). Then they can use normal app-based 2FA day to day (NOT TOTP as that is phishable), and use the preenrolled U2F hardware tokens as recovery methods when the user inevitably loses their phone and needs to re-enroll their primary 2FA device (the service app on their new phone).
Falling back to SMS to reset 2FA, or Skype calls where you hold up your ID with a CSR or whatever is just asking for shit like this. In bulk the hardware is probably <$5/token, so well under $10/user (probably closer to $5/user even for a pair of tokens). If your CLTV for your high security financial service can’t afford that, go do something else.
This is a solved problem; the fact that financial institutions have not got on board with 10+ year old stable, cheap, widely available technology is a market failure caused by massive overregulation.
Nothing about this is hard, nothing about this is expensive, there’s just a pervasive attitude in financial technology circles of “this is the way we’ve always done it” or “this is the way everyone else does it”, even if those ways encapsulate a ton of waste and risk.
Even without the whole “n+1 tokens, used only as primary 2fa recovery” scheme, I don’t think there’s a single US retail bank that supports U2F even for normal 2FA login. It’s shameful.
This industry is so ridiculously ripe for disruption but it’s so heavily overregulated that nobody that doesn’t suck is allowed to enter the market. Simple was the first to try (and even they had to use a partner bank) and they got erased via acquisition (and I think subsequently shut down).
At this point I think the thing holding back U2F is just user experience. It is not "hard" but it is a pain in the ass and most people just find it annoying.
The other issue is that you ultimately need some sort of fallback mechanism if someone loses their keys. And it will happen. So you still end up with a process that can be socially engineered, which is generally the weak link in any authentication system.
The pain in the ass is why it should be used as an primary app-based 2FA recovery mechanism.
Doing 2FA via app is fine for most users. The failures happen when users lose their phone and need to reset 2FA. That's where the pain in the ass (but secure pain in the ass) of U2F would come in handy, to re-enroll primary 2FA.
Nobody presently has good ways of doing 2FA resets. U2F hardware is a near-perfect solution.
From what I understand, the SMS verification was bypassed but not the password validation.
I am probably not understanding this correctly, but if the attacker had to have knowledge of your password then why did they reimburse affected users. They could've called it a day and claimed it was the user's fault.
The irony in that breach document that the first credit monitoring agency mentioned at the bottom is Equifax, having the reputation for one of the worst data breaches in 2017 spanning nearly 150mil American citizens.
If you got hacked and don't get your funds deposited. Good luck getting in touch with anyone. I have sent multiple requests to another issue, was told I should expect a response shortly and that was months ago.
It's the easiest to use because of the prevalence of phone numbers and transferability between phones. These properties that give it the best user experience also make it the worst form of 2FA. TOTP and hardware keys are more secure but they are easier to lock yourself out of the account.
I'm done with anything crypto. Daily. Bug after bug, breach after breach. I just don't see how, at any point in the future, crypto gets any more secure than, say, Microsoft Windows. There'll always be a bug, there'll always be a fix needed. And this isn't, "oh, my software crashed for an afternoon", it's potentially a good chunk of your life savings.
I'll take my chances with the banks and Nigerian Princes.
Banks are basically all software too now. They can have the exact same issues. They're not just taking your bills and storing them in a physical vault for you to take out later.
I don't know if this is right. Traditional money transfer is not some absolute, irreversible thing. It is the product of software yes; but more importantly, it is the product of trust between institutions and individuals, backed by government and the legal system.
In traditional finance, there is _far more_ than just the correctness software ensuring the safekeeping and transfer of your assets.
I mean you’re aware USAA got a increasingly damming and public reprimand for their failure of IT security controls? By no means the only bank in that bucket either.
checkout rekt.news to follow attacks in crypto world.
It's wont stop, not just crypto but almost everything that involves software will have potential attacks. Crypto is just another area where attacks happen. IMO More the attacks, over the time crypto industry will become more robust.
I use to work with regulators on ACH and bank account fraud, in the legacy payment systems
It is so commonplace and high volume that it is not news
If incidents were listed alongside unexpected crypto seizures, crypto would look like the better option whether it was onchain, smart contracts or custodial institutions (like Coinbase) involved. And that has nothing to do with the size of the respective markets
Its not a contest, but anti-crypto people or skeptics are just falling for clickbait at this point and it’s pretty goofy to see.
Secure/not-secure is not a binary distinction. And SMS-based 2fa is still more secure than password alone.
One thing I've become painfully aware of recently is how all MFA is rendered pretty insecure by various "fallback" processes. I recently switch jobs and realized I had a few accounts using my old work phone as SMS 2fa number. In every case it was ridiculously easy to call a CSR and get 2fa disabled from their end.
Fallback processes are the way SMS can make things worse. Report a lost password, verify yourself with your SIM-swapped SMS, maybe apply a little social engineering. I'd rather have just a strong unique password than use SMS. (And of course I'd much rather have good 2FA.)
What I'm getting from this is that Coinbase was/is using SMS-based 2FA? Using anything short of mandatory U2F means the responsibility of this breach firmly falls on Coinbase's shoulders. It's like if you found out your bank uses single-bolt doors for its vault.
Is there any d2c business anywhere in the world right now that requires U2F on all accounts? I think you underestimate how confusing all of this is to non-technical users.
Plenty of banks require HOTP dongles. Those are, if not more confusing, than certainly on par with U2F dongles. Meaning if banks can do HOTP, they can do U2F, and using "confusing to consumers" is not an excuse.
Don't assume they don't. Most platforms not only enable multiple forms of security, you even get rewards if you choose better security. I use an exchange the uses double security, meaning you have 20 seconds to verify via email and 2FA, and on top of that the logins, withdrawals and transfers all have sperate passwords..and your able to rate limit them based on time periods.
Most of the knew jerk reactions in here really don't see to know very much about how this actually works and how it's actually the users responsibility at the end of the day.
> Unfortunately, between March and May 20, 2021, you were a victim of a third-party campaign to gain
> unauthorized access to the accounts of Coinbase customers and move customer funds off the Coinbase
> platform. At least 6,000 Coinbase customers had funds removed from their accounts, including you.
I see 2 conflicting claims here:
> While we are not able to determine conclusively how these third parties gained
> access to this information
"these" being username, pw, phone number etc. And then:
> We have not found any evidence that these third parties obtained this information from Coinbase itself.
You're technically correct but the first claim undermines the second one to me.
How? Those statements seem entirely consistent and reasonable to me. They have no evidence or reason to believe that the information was stolen from Coinbase, but beyond that they don't know how attackers got it.
Your car was stolen. I haven't been able to determine conclusively who did steal it or how, but I know it wasn't me.
How else would you even word it? They accurately described the situation. If people are leaping to "I know it wasn't us" then that's their own misinterpretation.
> If people are leaping to "I know it wasn't us" then that's their own misinterpretation.
Is that not what we just watched a HN reader do with that analogy?
It would be equally accurate to say "We have no evidence that it wasn't our fault," either statement is equally meaningless when they have no significant evidence.
They chose to phrase their ignorance the only way that it could be misinterpreted as mitigating their liability, and we just watched that misinterpretation play out here.
"We haven't found any evidence of who was at fault" would be more forthright than answering only the half of that question that sounds better for them.
I don't see the conflict with those statement. They're saying "we don't know where the information came from and we haven't found any evidence that it came from Coinbase itself".
It's difficult to prove a negative here until you find where the stolen credentials originated from. They're just saying that they have no evidence that it came from themselves thus far.
Not necessarily. You can collect information such as username, passwords, phone numbers from leaked databases and then attempt to login via Coinbase. Some might have 2FA, so they might even go as far as to sim swap them given that they know their phone number.
So it doesn’t necessarily mean they got it from Coinbase.
Phishing or malware would be obvious avenues for someone to gain this information not from Coinbase itself.
If people reused passwords, they also could potentially have cobbled together 6000 valid username/password/phone combinations from previous hacks of other services.
In order to access your Coinbase account, these third parties first needed prior knowledge of the email
address, password, and phone number associated with your Coinbase account, as well as access to your
personal email inbox. While we are not able to determine conclusively how these third parties gained
access to this information, this type of campaign typically involves phishing attacks ...
Even with the information described above, additional authentication is required in order to access your
Coinbase account. However, in this incident, for customers who use SMS texts for two-factor
authentication, the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in
order to receive an SMS two-factor authentication token and gain access to your account.
We will be depositing funds into your account equal to the value of the currency improperly removed
from your account at the time of the incident. Some customers have already been reimbursed -- we will
ensure all customers affected receive the full value of what you lost
Well, it's not like Coinbase should be blamed for all of it. It's a combination of their customer's poor hygiene + a flaw in Coinbase’s SMS Account Recovery process.
At least they will be reimbursed, and everyone should walk happy.
Anyone care to speculate what the flaw in their SMS recovery flow actually was? It's hard for me to think there's even a safe way to implement SMS based account recovery. They would be smarter to just turn it off.
I do not have specific answer for Coinbase. Typically, the flaw would be in modifying one of the form inputs to get the code delivered to a different phone number. That usually works out to either modifying the "destination number" client-side form value, or swapping in an edited/reused session token from a different login session's MFA challenge, to exploit missing ownership checks on the various underlying pkey object IDs.
I like this. They are basically making a call to self insure against these types of incidents and paying out of their own coffers. It makes sense since recovering the stolen crypto is near impossible (as designed).
It's funny how everything old is new again. We are just reinventing FDIC insurance for crypto.
Theoretically every bank was self-insured back in the pre FDIC era... the problem was that some banks didn't actually have the reserves (especially given fractional reserve banking)
FDIC insures your account against bank's overall business collapse. It doesn't insure your personal account against bank robbery of your sepcific account (deceptively named "identity theft").
I don't think you'd get FDIC money back if an attacker got into your account. The bank might cover you if they agree it was their fault, similar to Coinbase.
Not a bad thing, really. It'll be what's needed to win over skeptics.
I mean, they'll more likely just move the goalposts than be won over, but at least they're running out of things to complain about. Between this and the Coinbase card, Coinbase has already tackled the two biggest (valid) critiques of crypto that I hear.
There is a difference between self insured and government insured. At the end of the day I prefer self or market insured so the business itself is on the hook for a breach.
It's like people saying, "I don't like the bank with their ridiculous paperwork so I will use a loan shark instead, he doesn't need paperwork"
Then the loan shark disappears/beats you up/asks for loads of interest etc. and you still want to complain to the police.
Most people hate regulators but they are there for a reason. What certifications does coinbase have to hold your millions of dollars of virtual currency?
Edit: California, not Canada. My bad.