Bitcoin Ops & Security Primer

Transcript

1. rainforest @rainforestqa
   Bitcoin + Ops Primer:!
   Understand your risk
   Manage attacks
   

   View Slide

2. @rainforestqa
   rainforest
   Rainforest
   Human powered QA SaaS
   Designed for ‘Continuous QA’
   Built for PMs and Developers
   

   View Slide

3. @rainforestqa
   rainforest
   Us
   Team of 6 in SoMa
   All developers
   YC S12
   

   View Slide

4. @rainforestqa
   rainforest
   Understanding risk
   

   View Slide

5. rainforest @rainforestqa
   Understand the trade off
   More secure generally means more effort
   

   View Slide

6. @rainforestqa
   rainforest
   Risk vs Exposure
   

   View Slide

7. @rainforestqa
   rainforest
   High Risks
   Hot wallets / key storage
   Outgoing payments
   Physically shipped items
   Reversible payments (e.g. chargebacks)
   

   View Slide

8. @rainforestqa
   rainforest
   …more risks
   Shared hosting / VPS / “physical” security
   Staff
   

   View Slide

9. @rainforestqa
   rainforest
   Limiting Exposure
   Storing keys
   Hot wallets -> Cold wallets, where poss
   Principle of least privilege
   

   View Slide

10. @rainforestqa
    rainforest
    What risks?
    

    View Slide

11. rainforest @rainforestqa
    Internet connected = hackable
    (Though, the NSA can spy on you, even if you're not connected to the Internet)
    

    View Slide

12. @rainforestqa
    rainforest
    Top 5 >1k BTC hacks
    46k / Linode (Bitcoinica): exploit in admin area / staff
    —> hotwallet
    11k / Bitcoin7: “hacked”
    4.5k / BTC-E: Insecure external API key
    4k / Kronos: self hack / backdoor
    2.6k / Gox 2011: exploit in admin area
    

    View Slide

13. @rainforestqa
    rainforest
    Top 3 reasons:
    

    View Slide

14. @rainforestqa
    rainforest
    Badly configured servers /
    services
    

    View Slide

15. @rainforestqa
    rainforest
    Poorly written software
    

    View Slide

16. @rainforestqa
    rainforest
    Exploits
    

    View Slide

17. @rainforestqa
    rainforest
    Attack vectors
    Your service
    Your customers
    You & your team
    

    View Slide

18. @rainforestqa
    rainforest
    Your service
    Domain
    Email
    Servers (app, db, etc)
    Network
    External services
    Backups
    

    View Slide

19. @rainforestqa
    rainforest
    Domain
    DNS hijacking
    MITM attacks
    Doppelganger domains / Typo-squatting
    Renewals
    

    View Slide

20. @rainforestqa
    rainforest
    HSTS
    Pinning / force-ssl
    Cloudflare, imho
    Firewall + IDS
    

    View Slide

21. @rainforestqa
    rainforest
    Email
    DKIM / SPF
    Account state
    Clear email policies
    Lockout policy
    

    View Slide

22. @rainforestqa
    rainforest
    Servers
    Shared / VPS / AWS
    Dedicated
    Co-lo
    >
    

    View Slide

23. @rainforestqa
    rainforest
    OS + software updates
    Automate provisioning
    Hire pen-testing
    Have a security program
    

    View Slide

24. @rainforestqa
    rainforest
    Transactions & locking
    (see Flexcoin / Poloniex)
    

    View Slide

25. @rainforestqa
    rainforest
    Network
    IDS / IDPS / HIDS
    Firewall (both ways)
    -complex-
    

    View Slide

26. @rainforestqa
    rainforest
    External services
    Verify SSL certs
    Limit IPs
    Work out what + who you can trust
    

    View Slide

27. @rainforestqa
    rainforest
    Backups
    Major security issue
    Encrypt them
    Test them
    

    View Slide

28. @rainforestqa
    rainforest
    Your customers
    Understand their behavior
    (Progressive) Account limits
    Policies
    KYC
    

    View Slide

29. @rainforestqa
    rainforest
    Primer
    

    View Slide

30. @rainforestqa
    rainforest
    Educate yourself
    

    View Slide

31. @rainforestqa
    rainforest
    Pick secure by default tech
    

    View Slide

32. @rainforestqa
    rainforest
    2FA
    

    View Slide

33. @rainforestqa
    rainforest
    Avoid shared servers
    

    View Slide

34. @rainforestqa
    rainforest
    Honey pots
    

    View Slide

35. @rainforestqa
    rainforest
    Automate deployment
    

    View Slide

36. @rainforestqa
    rainforest
    Use SSH keys, rotate them
    

    View Slide

37. @rainforestqa
    rainforest
    Use a Firewall
    

    View Slide

38. @rainforestqa
    rainforest
    Use an IDS
    

    View Slide

39. @rainforestqa
    rainforest
    Encrypt (and take!) backups
    

    View Slide

40. @rainforestqa
    rainforest
    Subscribe to security lists
    

    View Slide

41. @rainforestqa
    rainforest
    Do as little as possible
    

    View Slide

42. @rainforestqa
    rainforest
    Staff opsec
    

    View Slide

43. @rainforestqa
    rainforest
    Principle of least privilege
    

    View Slide

44. @rainforestqa
    rainforest
    Split your servers
    

    View Slide

45. @rainforestqa
    rainforest
    Or consider LXC / KVM
    

    View Slide

46. @rainforestqa
    rainforest
    Split your app
    

    View Slide

47. @rainforestqa
    rainforest
    Server:
    partitions + noexec + nosuid
    split running users
    disable root
    remove packages
    SELinux
    

    View Slide

48. @rainforestqa
    rainforest
    Starting points
    Figure out your risk + exposure
    Implement low hanging fruit
    Reduce surface
    Plan the rest
    

    View Slide

49. @rainforestqa
    rainforest
    Conclusions
    Simpler = better
    Understand your exposure and limit it
    

    View Slide

50. @rainforestqa
    rainforest
    Further reading
    Hacks: https://bitcointalk.org/index.php?topic=83794.0
    Flexcoin: http://hackingdistributed.com/2014/04/06/another-one-bites-the-dust-
    flexcoin/
    Docker: http://www.slideshare.net/jpetazzo/linux-containers-lxc-docker-and-
    security
    CVE: http://web.nvd.nist.gov/view/vuln/search?execution=e2s1
    

    View Slide

51. rainforest @rainforestqa
    Questions?
    @rainforestqa
    @rhs
    

    View Slide