I understand that websites are vulnerable—after all, they are public and have to interact with users. But what about a computer sitting in a basement, not publicising its IP address and just interacting with the blockchain?
Have I convinced you to change careers yet?
Contrary to your assumptions, I am not a bitcoin miner, just an interested layperson. Even if I was, I would simply move my coins into cold storage at regular intervals, and assume that the hackers know they can make more money insider trading and carding then going after a security-conscious bitcoin miner. And if I lost one hot wallet, its not the end of the world.
You have made me worry more about AI and BCI however, imagining a ‘Ghost in the shell’ future where people can hack into each other’s brains.
Incidentally, are you a computer security professional of any form?
Every computer getting info from the blockchain publicises its IP address. But you can use proxies which make it harder, or a pool which has its own servers. But pools have websites, and they make up the majority of mined coins, so there’s an attack vector.
I see I wasn’t clear again; my “Have I convinced you to change careers yet” was asking if you were planning to become a hacker (or the cleaner version, “security researcher” or “bounty hunter”).
You have made me worry more about AI and BCI however, imagining a ‘Ghost in the shell’ future where people can hack into each other’s brains.
I’ve done my good deed for the day, then.
Incidentally, are you a computer security professional of any form?
No, at least not formally. I have gotten paid for fixing people’s computers as a hobby. (I recently got the code for someone’s ransomware encrypted computer without having to pay by exploiting the attackers’ bitcoin setup. Not as cool as it sounds, they basically used the same address for multiple infections, which was a hole.) I’ve done a little freelance work in web design and SEO.
I read a lot of Hacker News stuff and elsewhere, use Linux for my own computer (plus Whonix for really sensitive things), but I’m not “officially there”. I do want to be someday.
Since there are a small number of mining pools there are presumable only a small number of avenues of attack which must be secured, which helps.
I see I wasn’t clear again; my “Have I convinced you to change careers yet” was asking if you were planning to become a hacker (or the cleaner version, “security researcher” or “bounty hunter”).
Well, I have hacked into an email account to prove it could be done (with consent), but in general I have no knowledge of any hacking anywhere near as advanced as finding zero-day exploits. Even disregarding interesting moral questions such as “is it ok to steal money if you give half of it to effective altruism?”, I think there are probably easier & safer legal ways to make large amounts of money.
Isn’t Hacker News mostly about startups are random stuff, not hacking in the sense of breaking into computers?
I use Linux too, plus I try to run anything which might be hostile within a virtual machine. Whonix looks interesting. Dare I ask what sort of really sensitive things you get up to, or would that be completely missing the point?
Here’s the kinds of things having to do with actual hacking I find on Hacker News (just going through my browser history now, so it may not catch everything; anything I didn’t see the comments on is missed):
That should give you an idea of the kinds of stuff I read. There are a lot of posts on HN detailing exactly how someone broke down a system. Not all of these are “breaking into computers”, but a lot are very similar.
Isn’t Hacker News mostly about startups [...] not hacking in the sense of breaking into computers?
Yes. And about “hacking” in the older sense of (very crudely) “doing clever things with computers” and the even older sense of (very crudely) “doing clever things”.
I understand that websites are vulnerable—after all, they are public and have to interact with users. But what about a computer sitting in a basement, not publicising its IP address and just interacting with the blockchain?
Contrary to your assumptions, I am not a bitcoin miner, just an interested layperson. Even if I was, I would simply move my coins into cold storage at regular intervals, and assume that the hackers know they can make more money insider trading and carding then going after a security-conscious bitcoin miner. And if I lost one hot wallet, its not the end of the world.
You have made me worry more about AI and BCI however, imagining a ‘Ghost in the shell’ future where people can hack into each other’s brains.
Incidentally, are you a computer security professional of any form?
Every computer getting info from the blockchain publicises its IP address. But you can use proxies which make it harder, or a pool which has its own servers. But pools have websites, and they make up the majority of mined coins, so there’s an attack vector.
I see I wasn’t clear again; my “Have I convinced you to change careers yet” was asking if you were planning to become a hacker (or the cleaner version, “security researcher” or “bounty hunter”).
I’ve done my good deed for the day, then.
No, at least not formally. I have gotten paid for fixing people’s computers as a hobby. (I recently got the code for someone’s ransomware encrypted computer without having to pay by exploiting the attackers’ bitcoin setup. Not as cool as it sounds, they basically used the same address for multiple infections, which was a hole.) I’ve done a little freelance work in web design and SEO.
I read a lot of Hacker News stuff and elsewhere, use Linux for my own computer (plus Whonix for really sensitive things), but I’m not “officially there”. I do want to be someday.
Since there are a small number of mining pools there are presumable only a small number of avenues of attack which must be secured, which helps.
Well, I have hacked into an email account to prove it could be done (with consent), but in general I have no knowledge of any hacking anywhere near as advanced as finding zero-day exploits. Even disregarding interesting moral questions such as “is it ok to steal money if you give half of it to effective altruism?”, I think there are probably easier & safer legal ways to make large amounts of money.
Isn’t Hacker News mostly about startups are random stuff, not hacking in the sense of breaking into computers?
I use Linux too, plus I try to run anything which might be hostile within a virtual machine. Whonix looks interesting. Dare I ask what sort of really sensitive things you get up to, or would that be completely missing the point?
Here’s the kinds of things having to do with actual hacking I find on Hacker News (just going through my browser history now, so it may not catch everything; anything I didn’t see the comments on is missed):
https://news.ycombinator.com/item?id=8876929 https://news.ycombinator.com/item?id=8608941 https://news.ycombinator.com/item?id=8854330 https://news.ycombinator.com/item?id=8839265 https://news.ycombinator.com/item?id=8834595 https://news.ycombinator.com/item?id=8834275 https://news.ycombinator.com/item?id=8814901 https://news.ycombinator.com/item?id=8651675 https://news.ycombinator.com/item?id=6148347 https://news.ycombinator.com/item?id=8758196 https://news.ycombinator.com/item?id=8693980 https://news.ycombinator.com/item?id=8712277 https://news.ycombinator.com/item?id=8808754
That should give you an idea of the kinds of stuff I read. There are a lot of posts on HN detailing exactly how someone broke down a system. Not all of these are “breaking into computers”, but a lot are very similar.
Yes. And about “hacking” in the older sense of (very crudely) “doing clever things with computers” and the even older sense of (very crudely) “doing clever things”.
Also see “hacker”.