"a series of epic vulnerabilities" in the #EOS platform

5 Likes

That’s why the diversity is very important, I am saying it now when ADA has just reached ~48% of my crypto portfolio. But, that’s fine, as I can lose all of them, as my crypto investments are only ~15% of my total investments. ADA was only about 10%, but I could not help buying some when it went down and it’s playing roller-coaster, so I just kept buying.

4 Likes

This, right here, is the best advertising for formal methods.

1 Like

network will not be officially launched until these issues are fixed

12 Likes

That doesn’t seem promising. If only there was a way to short #EOS.

2 Likes

Haha, watched that on Sunday, it was broadcast yet again by BBC, maybe the best of all their films…

3 Likes

Should’ve got it peer reviewed

5 Likes

Another Hack unrelated to those other ones:

It’s so sad that so many people seem not to understand that security is the single most important thing when it comes to money. Sadly I have figured this out in a painful way, after robbery of over 50k USD worth of cryptocurrency. For that reason I’d be happy for IOHK to make a hardware wallet support for ADA. Right now I don’t trust my computer anymore - all of my funds are either in Ledger Nano either on exchanges. ADA is on Bittrex and I don’t like that. Does anybody know anything about Ledger support?

You can create a paper wallet in the latest version of Daedalus. Those are “cold storage” and keys are not stored on your computer

~ July\August

Ledger roadmap: https://trello.com/c/rEK3saDK/71-cardano-support

Or look for “Ledger wallet” here: https://cardanoroadmap.com/

1 Like

Do you know if integrating 2FA is technically possible with blockchains? Approving transactions from your phone might add another layer of security.

Not on the BC level, that would be impossible. That’s usually done on the software level. It is possible, for example, to require 2FA in order to execute a transaction in Daedalus. But if your secret keys are compromised - no 2FA will save you )

Wisdom you are full of:

6 Likes

But you still have to show recovery phase on the screen. How to be sure? Also… can you really compare with a convenience of the Ledger? It seems to me that such a support would be minimum for IOHK could (and should) enable.

Run antivirus and make sure no one is watching :slight_smile:

Of course not. It’s just an alternative cold-solution available now.

~ July\August

Ledger roadmap: https://trello.com/c/rEK3saDK/71-cardano-support

Or look for “Ledger wallet” here: https://cardanoroadmap.com/

Also this interesting thread on the naive EOS “constitution”

3 Likes

It’s well known there is no perfect AV software. Even HW wallets aren’t bulletproof protection, but they are as close as possible. Maybe I’m a little paranoid now, I’ve ran several AV software after the incident with no result. Since thief has stolen me bunch of ETH and Ethereum tokens, there are some additional possibilities; I’ve accessed to MEW by using my private key - maybe MEW was hacked? Also, I used Metamask and Chrome but this combination is (was) vulnerable to Spectre attack (I learnt that afterward).

@bkonjevi Ever thought about using an encrypted VM? And did you have the password enabled on your wallet?

1 Like

My brother and I are going to start selling these pretty soon:

Probably will also sell it as a software only solution for people who want to put together their own air gapped pi. Right now only works with Ethereum. Also does encrypted messaging using public/private keys and has full encryption for the micro SD card.

Air gapped is the way to go in my mind.

2 Likes

I know of Cardano support by Ledger. But they can do it themselves. Or - at least - pay enough for Ledger to be incentivised.