Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Bitcoin Ops & Security Primer

Bitcoin Ops & Security Primer

Russell Smith

April 07, 2014
Tweet

More Decks by Russell Smith

Other Decks in Technology

Transcript

  1. rainforest @rainforestqa
    Bitcoin + Ops Primer:!
    Understand your risk
    Manage attacks

    View full-size slide

  2. @rainforestqa
    rainforest
    Rainforest
    Human powered QA SaaS
    Designed for ‘Continuous QA’
    Built for PMs and Developers

    View full-size slide

  3. @rainforestqa
    rainforest
    Us
    Team of 6 in SoMa
    All developers
    YC S12

    View full-size slide

  4. @rainforestqa
    rainforest
    Understanding risk

    View full-size slide

  5. rainforest @rainforestqa
    Understand the trade off
    More secure generally means more effort

    View full-size slide

  6. @rainforestqa
    rainforest
    Risk vs Exposure

    View full-size slide

  7. @rainforestqa
    rainforest
    High Risks
    Hot wallets / key storage
    Outgoing payments
    Physically shipped items
    Reversible payments (e.g. chargebacks)

    View full-size slide

  8. @rainforestqa
    rainforest
    …more risks
    Shared hosting / VPS / “physical” security
    Staff

    View full-size slide

  9. @rainforestqa
    rainforest
    Limiting Exposure
    Storing keys
    Hot wallets -> Cold wallets, where poss
    Principle of least privilege

    View full-size slide

  10. @rainforestqa
    rainforest
    What risks?

    View full-size slide

  11. rainforest @rainforestqa
    Internet connected = hackable
    (Though, the NSA can spy on you, even if you're not connected to the Internet)

    View full-size slide

  12. @rainforestqa
    rainforest
    Top 5 >1k BTC hacks
    46k / Linode (Bitcoinica): exploit in admin area / staff
    —> hotwallet
    11k / Bitcoin7: “hacked”
    4.5k / BTC-E: Insecure external API key
    4k / Kronos: self hack / backdoor
    2.6k / Gox 2011: exploit in admin area

    View full-size slide

  13. @rainforestqa
    rainforest
    Top 3 reasons:

    View full-size slide

  14. @rainforestqa
    rainforest
    Badly configured servers /
    services

    View full-size slide

  15. @rainforestqa
    rainforest
    Poorly written software

    View full-size slide

  16. @rainforestqa
    rainforest
    Exploits

    View full-size slide

  17. @rainforestqa
    rainforest
    Attack vectors
    Your service
    Your customers
    You & your team

    View full-size slide

  18. @rainforestqa
    rainforest
    Your service
    Domain
    Email
    Servers (app, db, etc)
    Network
    External services
    Backups

    View full-size slide

  19. @rainforestqa
    rainforest
    Domain
    DNS hijacking
    MITM attacks
    Doppelganger domains / Typo-squatting
    Renewals

    View full-size slide

  20. @rainforestqa
    rainforest
    HSTS
    Pinning / force-ssl
    Cloudflare, imho
    Firewall + IDS

    View full-size slide

  21. @rainforestqa
    rainforest
    Email
    DKIM / SPF
    Account state
    Clear email policies
    Lockout policy

    View full-size slide

  22. @rainforestqa
    rainforest
    Servers
    Shared / VPS / AWS
    Dedicated
    Co-lo
    >

    View full-size slide

  23. @rainforestqa
    rainforest
    OS + software updates
    Automate provisioning
    Hire pen-testing
    Have a security program

    View full-size slide

  24. @rainforestqa
    rainforest
    Transactions & locking
    (see Flexcoin / Poloniex)

    View full-size slide

  25. @rainforestqa
    rainforest
    Network
    IDS / IDPS / HIDS
    Firewall (both ways)
    -complex-

    View full-size slide

  26. @rainforestqa
    rainforest
    External services
    Verify SSL certs
    Limit IPs
    Work out what + who you can trust

    View full-size slide

  27. @rainforestqa
    rainforest
    Backups
    Major security issue
    Encrypt them
    Test them

    View full-size slide

  28. @rainforestqa
    rainforest
    Your customers
    Understand their behavior
    (Progressive) Account limits
    Policies
    KYC

    View full-size slide

  29. @rainforestqa
    rainforest
    Primer

    View full-size slide

  30. @rainforestqa
    rainforest
    Educate yourself

    View full-size slide

  31. @rainforestqa
    rainforest
    Pick secure by default tech

    View full-size slide

  32. @rainforestqa
    rainforest
    2FA

    View full-size slide

  33. @rainforestqa
    rainforest
    Avoid shared servers

    View full-size slide

  34. @rainforestqa
    rainforest
    Honey pots

    View full-size slide

  35. @rainforestqa
    rainforest
    Automate deployment

    View full-size slide

  36. @rainforestqa
    rainforest
    Use SSH keys, rotate them

    View full-size slide

  37. @rainforestqa
    rainforest
    Use a Firewall

    View full-size slide

  38. @rainforestqa
    rainforest
    Use an IDS

    View full-size slide

  39. @rainforestqa
    rainforest
    Encrypt (and take!) backups

    View full-size slide

  40. @rainforestqa
    rainforest
    Subscribe to security lists

    View full-size slide

  41. @rainforestqa
    rainforest
    Do as little as possible

    View full-size slide

  42. @rainforestqa
    rainforest
    Staff opsec

    View full-size slide

  43. @rainforestqa
    rainforest
    Principle of least privilege

    View full-size slide

  44. @rainforestqa
    rainforest
    Split your servers

    View full-size slide

  45. @rainforestqa
    rainforest
    Or consider LXC / KVM

    View full-size slide

  46. @rainforestqa
    rainforest
    Split your app

    View full-size slide

  47. @rainforestqa
    rainforest
    Server:
    partitions + noexec + nosuid
    split running users
    disable root
    remove packages
    SELinux

    View full-size slide

  48. @rainforestqa
    rainforest
    Starting points
    Figure out your risk + exposure
    Implement low hanging fruit
    Reduce surface
    Plan the rest

    View full-size slide

  49. @rainforestqa
    rainforest
    Conclusions
    Simpler = better
    Understand your exposure and limit it

    View full-size slide

  50. @rainforestqa
    rainforest
    Further reading
    Hacks: https://bitcointalk.org/index.php?topic=83794.0
    Flexcoin: http://hackingdistributed.com/2014/04/06/another-one-bites-the-dust-
    flexcoin/
    Docker: http://www.slideshare.net/jpetazzo/linux-containers-lxc-docker-and-
    security
    CVE: http://web.nvd.nist.gov/view/vuln/search?execution=e2s1

    View full-size slide

  51. rainforest @rainforestqa
    Questions?
    @rainforestqa
    @rhs

    View full-size slide