3. Quiz time: Name a bitcoin brokerage that will never have a headline ending with ...

Quiz time: Name a bitcoin brokerage that will never have a headline ending with "... unable to repay customers following alleged heist"?

Nice try. That just makes it so a fraction of your team (those who can commit to production) can perform the attack I mentioned... it's still trusty even in the best case and I'm sure many other web wallets where you don't control your keys have the same release procedures.

Yes, it is a web service with multiple layers of security including mandatory 2FA, a local client security component, and other risk services.

I am not meaning to start an argument, but I do not like using words like "trusty". I think you will agree that any complex security system with externalities has risks, and all security systems have externalities. Either quantify the risks, expose new risks and quantify them, or you aren't making a case and are in effect spreading FUD. I don't think you are intentionally spreading FUD about Novauri, but that's the effect of using words like "trusty", and why I don't like using similar terms.

I have quantified the risks you describe, they affect any web service, and I feel we've done a good job mitigating them better than others.

Nice try. Such an attack doesn't have to immediately steal money, it could just slowly collect private keys. You using a very dumb attacker as an example for your security assumptions doesn't give me much confidence in your company.

Doesn't give you much confidence in my company? Now I know you are spreading FUD. You either work for a competitor, are trolling me, or are just here to pick a fight. Well fine, you've got a fight and you've picked it with the wrong person.

Answer this, how would that be possible to happen for any period of time when:

1) We will be inspecting the files and traffic as an audit process on a regular basis, including after every release when a developer would introduce this issue for deployment, specifically looking for changes to this code.

2) Power users WILL inspect their local code and traffic (you can verify that a mysterious evil Novauri developer hasn't implanted malicious code for you to download by inspecting the file and looking at the traffic it sends),

3) The risk vs. reward doesn't add up. What you describe would require the same amount of internal collusion as stealing the entire cold wallet balance of a competitor.

So again I ask, why go through all of that trouble to introduce malicious code past a QA team, code review, and deployment team in order to do onesie twosie theft that would quickly be uncovered when you could collude with multiple insiders somewhere else and get cold wallet private keys and make off with hundreds of millions of dollars in bitcoin instantly?

Stop spreading FUD about my company.

So is this you claiming that you will match 50% of all customer funds in a reserve? You, representing your company, are claiming that it wouldn't be a failure unless 100% of the customers funds are stolen, so surely you could pay us back if 50% log in since 50% < 100%, which would require 50% of all customer funds be matched by you, right?

Claiming 50%? When did I claim 50%? Your numbers are punch drunk.

Coinbase is probably safest right now, and they insure 3% based on carefully reading their online materials. Just their online wallets - 3%. Now, keep in mind that they actually take custody of most funds and SHOULD insure everything to be on the same standards as USD deposits with FDIC insurance.

Others don't seem to insure anything at all, and Circle's policy is.. mysterious. At Novauri we are NOT taking custody. Short of your mission impossible developer hacks that steal private keys as people send or sell bitcoin only, there's no conceivable way for our systems to control your wallet. Bottom line, we're not insuring 3%, we're building a fundamentally safer system that doesn't require insurance.

We aren't addressing the symptoms, we are curing the disease.

I can't get over this 50% thing. Why would my service that has zero access to your wallet insure 15 times more of your balance than a similar brokerage when we don't have any custody? Have you been drinking?

Look, in the end, if you really don't like our wallet for some reason, then add an address from your hardware or paper wallet. You can still buy and have the bitcoin sent to your own address and bring your own security. We don't mind and encourage this behavior.

I don't recommend storing massive quantities of bitcoin on any web wallet, although I do feel ours is much better than many alternatives when you consider how most bitcoin has been stolen.

If you have very large balances, use offline storage. That's the best way to go.

/r/Bitcoin Thread
Previous
Next

Recently removed from /r/Bitcoin

1.5 year had passed. I'm still thinking about my "net worth" at November 2021 ATH and regret for not selling back then. How do you get over with the feeling? How can 21,000,000 BTC be enough for Earth? This is exciting U.S. will hit its debt limit Thursday, start taking steps to avoid default, Yellen warns Congress Only 69,420 blocks left until the next Halving, nice Fix the Money Fix the World Sending Bitcoin over radio after The Fall What happens if Ledger shuts down as a company? It is safe to assume we will be seeing Twitter accept Bitcoin payments for account verification very soon. Thoughts? Will btc cause deflation? Give me one good reason why I should not use legacy (1xxx) uncompressed addresses. In a deflationary world, whoever born earlier will have a massive advantage over those who come after. With the same amount of work, he will accumulate "value" over time. Those who come after will get paid less for the same amount of work. How do we solve this problem? Politics vs Science El Salvador bought today 80 #BTC at $19,000 each! how much have you profited or lost from bitcoin

More Random Comments

My fiance broke up with me. Very sad :( The Royal Navy of the future! [6432 x 2688] Troops deployed to U.S.-Mexico border lack hot food, electricity The Lost Battalion - Sabaton [metal] Jesus was in Hell once upon a time Four people arrested and linked to the French extreme right were on Saturday charged over a suspected plot to attack President Emmanuel Macron during World War I remembrance ceremonies. Why don't you talk to your once "best friend" anymore? Rachel deserved better than Ross: a Twitter rant in 100 parts I am unhappy with my life Vaccination not covered? Just get a more expensive one that is... Strange Leelazero Behavior You can literally join now and invest in real estate development project or raise capital. Working product, multi billion partnerships, UN partner organization. 0 hype? Why don't you talk to your once "best friend" anymore? Is Hooters an actual, real restaurant in the US? Amazon HRT