$30 off During Our Annual Pro Sale. View Details »

Bitcoin Ops & Security Primer

Bitcoin Ops & Security Primer

Russell Smith

April 07, 2014
Tweet

More Decks by Russell Smith

Other Decks in Technology

Transcript

  1. @rainforestqa rainforest High Risks Hot wallets / key storage Outgoing

    payments Physically shipped items Reversible payments (e.g. chargebacks)
  2. @rainforestqa rainforest Limiting Exposure Storing keys Hot wallets -> Cold

    wallets, where poss Principle of least privilege
  3. rainforest @rainforestqa Internet connected = hackable (Though, the NSA can

    spy on you, even if you're not connected to the Internet)
  4. @rainforestqa rainforest Top 5 >1k BTC hacks 46k / Linode

    (Bitcoinica): exploit in admin area / staff —> hotwallet 11k / Bitcoin7: “hacked” 4.5k / BTC-E: Insecure external API key 4k / Kronos: self hack / backdoor 2.6k / Gox 2011: exploit in admin area
  5. @rainforestqa rainforest Starting points Figure out your risk + exposure

    Implement low hanging fruit Reduce surface Plan the rest
  6. @rainforestqa rainforest Further reading Hacks: https://bitcointalk.org/index.php?topic=83794.0 Flexcoin: http://hackingdistributed.com/2014/04/06/another-one-bites-the-dust- flexcoin/ Docker:

    http://www.slideshare.net/jpetazzo/linux-containers-lxc-docker-and- security CVE: http://web.nvd.nist.gov/view/vuln/search?execution=e2s1