Security vs Complexity in Cryptocurrency Space

"Be your own bank."

That used to be the slogan for one of the most prominent companies in the space.

I remember when I first heard that slogan, and thought, 'Yeah! Be your own bank. Awesome!'

In hindsight, it was ridiculous in so many ways.

It represents the aspiration, the sheer audacity of wanting to replace institutions that have existed for centuries with protocols.

I like that, the sheer audacity of it. I like the idea.

Like the old UNIX t-shirt that said, "Be nice or I'll replace you with a small script."

But that audacity, that vision, contains within it a far dose of hubris.

I have worked in security for more than 25 years now.

It was one of the first things I fell in love with in computers. It has always had this draw.

As part of my career, I've worked with a lot of banks, financial services institutions.

I've done a lot of work around datacenters, firewalls, risk policies, all of that, over the past 20 years.

When I hear "Be your own bank," it appeals to me among other things because I know what a bank does.

I understand what that means, what it involves.

Of course, that's a bit of a problem: most people have no clue what a bank does.

Most people think, 'Why would I want to be a bank, if I don't even know what a bank does?'

'It sounds complicated.' It is complicated.

At the same time, there is a reason why we are coming out the door with that kind of slogan.
Banks, as institutions, represent a centralization of power that is toxic to democracies.
They form some of the most powerful monopolies and cartels we have ever seen.

Funny how we never use the word 'cartel' to talk about the banking system.

There's the oil cartel, the drug cartel, but nobody really says anything about the banking cartel.

Yet it's the biggest damn cartel out there!

What does it mean to be a cartel?

It means to have exorbitant monopoly power that you can use to influence politics, close down competition and stifle dissent.

Banking as an institution was something that liberated humanity at first. Think about it.

In the 16th century, the only person who could write a check was a prince or a king.

Now, the person writing a check is the octogenarian standing in front of you in the supermarket line, causing 20 people behind him to groan audibly.

The United States is one of the few countries in which people actually still write checks.

If you try to explain that concept in Europe, people will give you a funny look.

A great liberating institution, at first. Gradually through centralisation, it amasses power and creates monopoly conditions, shuts down competition, and then becomes the very thing it disrupted.

They are the new kings. They are the new royalty. They are as toxic to democracy as royalty was.

So it is important to start with that audacity that aspirational idea that we can replace banks with open protocols, with open systems.

But don't ask users to be their own banks because they don't know how to.

We're facing this really difficult conundrum with security in this space, the linchpin of everything we do.

How do we want open blockchains and cryptocurrencies to be used?

I don't know what the specific applications will be, but I do know what the killer app is:

People ask me, "Will Bitcoin find its killer app?"
It has already found its killer app: money.
Money that is neutral, open, borderless, censorship-
resistant, and not controlled by governments.
That is the killer app. You don't need another killer app.

What you need is, to make that killer app usable by the billions of people who need it.

The fact that you prefer to make most of your purchases by waving a piece of plastic over a card reader...

does not immediately in your minds translate to "I'm killing democracy slowly."

In countries where they are playing the end stage of that game, it's very obvious how money is failing and has collapsed as a system of technology.

They need this, so how do we take this audacious idea and deliver it to everyone?

With "Be your own bank," that promise is fraught with difficulty.

A fundamental premise of this system is controlling your own money, decentralisation.

It is about not using intermediaries. That means enormous power.

You get to not just own an account, but be a banker;

Not because you want to be a banker but because
banking isn't an institution anymore. Banking is an app.

If you can use that app, you are a banker, just like if you can use a publishing app, you are a publisher.

That was unthinkable a 100 years ago.
Today, we can do that. In 20 years from now,

we will be able to use a banking app in such a way that all of us are bankers and banks no longer exists.

Or at least not in the form we have today.

We will use these open protocols; between now and then, we have to address some fundamental problems.

These fundamental problems have to do with security.

There are 2 different sides to the security industry:
the insiders and then everybody else.

When you go to these conferences, you will hear a lot of conversations about quantum computing,

how people might one day reverse elliptic curve cryptography.

We talk about vulnerabilities in hardware wallets, the difficulty of generating good entropy in a system,

the challenges of operating system security, and creating trusted boot stacks that we can verify.

What does that mean to the average cryptocurrency end-user? 

Blah-blah-blah. It doesn't mean anything.

It's a foreign language. It's completely irrelevant.

This is the fundamental challenge.

If you listen to these talks, you might think that the vast majority of theft or loss of cryptocurrencies happens because of some mad scientist's lab where quantum computers are crunching away to break 128-bit encryption and to reverse elliptic curve cryptography.

Usually, it is because there is someone running Windows, or downloaded 17 apps, one of which is a trojan, and then decides to use that machine to run a bitcoin wallet.

Or someone putting their money on a custodial exchange they found through a Google search they did yesterday.

Of course it offered them "great trading opportunities" and is missing only one feature: the ability to withdraw.

Then one day, it's not there anymore.

The vast majority of loss in this industry happens because of very simple problems.

Phishing of your SIM card. Why would an attacker try to build a quantum computer and reverse elliptic curve when they can hack or pay off a minimum wage Verizon call center employee, into porting SIM cards?

If you are even using SMS two-factor authentication, compared to the vast majority of people out there...

you are already on the cutting edge of OPSEC!

"Two factors?" That is a whole other factor on top of the one I already had, which was 'password1234.'"

You are cruising out there in OPSEC wonderland; then suddenly all your money is gone and you have no idea what you did wrong.

What could you do better?
For the average user, we have this incredible conundrum.

One of my hobbies is flying. I pilot small planes.

One of the things I love is reading about accidents, trying to understand the risk factors in aviation.

You have to know what causes dead pilots in order to not become one of them.

I read all of these obscure reports about failures in maintenance and complex systems.

The majority of accidents are caused by: decision fatigue, lack of situational awareness, and cascade problems.

Here is what happens if you put a stack of these reports in front of the average person:

they will decide not to fly; instead they will rent a car and drive from Pensacola to New Jersey.

Forget the fact that driving is approximately 10 thousand times more dangerous than flying.

Forget the fact that over a 100 thousand people die on the streets every year from car accidents.

Deciding not to fly because of accident reports that is the naive risk assessment.

'I understand how to drive a car. I have no idea how a plane remains airborne or how they maintain it.'

'I don't understand any of the risk factors, but after reading these reports, it sounds like a death trap.'

'I will jump into my Camry and drive to New Jersey.'

Even that sense of control, 'I'm in control. I'm behind the wheel. Sure, I have to dodge three texting teenagers, two drunks, a sleepy truck driver, and dead animals all over the road per mile, but at least I'm in conrol.'

That fundamental risk miscalculation kills people.

The death rate on roads in the U.S. quadrupled in the few weeks after 9/11 because people stopped flying.I got on a plane the week after.

People are doing the equivalent of that every day with cryptocurrencies.

People read about an obscure vulnerability in the bootloader of a Trezor hardware wallet, say, "Well, that's it! I'm not using any of that shit. I will build my own solution."

"A BIP-38 paper wallet that I load on a Raspberry Pi. I have never used any of those things before, but..."

"Step one: download a secure operating system. Install it in complete isolation from the internet."

"How the hell would I do that? I've already failed at the first step!"

"I have no idea how to securely verify what I just downloaded. I don't know how to use a Pi."

Not knowing how to use it is like driving from Pensacola to New Jersey, in order to avoid the risk of a flight.

This is the exact kind of risk calculation that happens.

The greatest enemy to security, on the front-ends where users are operating, is complexity.

It's not the obscure vulnerabilities in a system or the possibility of Russian agents with quantum computers.

It will be forgetting the complex password that you put on your system, and losing all of your coins.

It will be you installing a wallet to take control of your money, then uploading a screenshot of the seed to Dropbox  because why wouldn't you? That seems
kind of secure... Dropbox has a password.

We laugh at this, but security experts will look at that and say, "Dunning-Kruger effect."

Idiots don't know what they don't know. That is the uncharitable way of putting it.

If you read on the internet, 'Dunning-Kruger effect' comes up when people are mocking others for not knowing the extent of their own ignorance.

If you actually read the study, you realise that we all have Dunning-Kruger. It is just sectional, right?

I know security and I'm fairly confident about that; on the dance floor, I think I'm a great dancer because there are no mirrors for me to see what it looks like from the other side.

That is the Dunning-Kruger effect in action. I don't know how bad it is, I am spared that knowledge fortunately.

We all have domains in which we think we know, but don't.

Our ignorance of what we don't know makes us cocky, we take risks we don't even understand, because we don't have enough knowledge to evaluate the risks.

We all suffer from Dunning-Kruger. In security, however, it can be fatal.

In security, it will cost you your funds. You don't know the risks that you can't evaluate.

Then you make poor risk management choices. You watch something on YouTube and miscalculate.

Let me give you a classic example that I have been trying to debunk for probably 2 years.

People create a mnemonic seed and are so worried someone in a cat burglar suit will break into their house, steal their seed in the middle of the night and swipe their money that they ignore the prescribed solution of a secondary passphrase on that seed.

Instead, they improvise. They take the 12 or 24 word seed, cut it into 4 pieces and store the pieces in 4 different locations.

They feel secure, except they have just taken 256 bits and reduced it to 64 bits per piece.

If you think 64 bits is one quarter of the strength of 256 bits, that is Dunning-Kruger right there.

It is not one quarter of the strength, it's 10 ^ 50? 
That is 10 with 50 zeros after it.

Less secure than if you had to crack the whole thing.

If I managed to get 3 of those pieces, cracking the last one is doable.

In fact, the 64 bits of that last piece I need to break your seed is less than a good passphrase, that you could have put on if you had followed the prescribed solution.

There's also no password stretching, so it will be a lot easier for me to crack it.

But that's not the real problem. The real problem isn't that you don't understand exponents or complexity that you thought cutting it in 4 pieces makes it 4 times more secure.

The problem is, you created a solution that isn't resilient. That is a 4-of-4 system. You need all four pieces reconstructed in perfect order to use your seed effectively.

If you lose a word on one of those pieces, you're in trouble and may need help if you can't brute-force it.

If you lose one whole piece, good luck finding someone to help you crack it, without stealing it.

If you lose two pieces, you're done.

You don't realise the risk you have actually exposed yourself to loss but you are protecting against...

a risk you weren't facing, the mystical cat burglar who figures out that you are a bitcoin fulfillionaire and comes to steal your seed.

You can solve that problem a hell of a lot easier by renting a safe deposit box.

The average user is not good at doing that risk assessment, understanding which risks matter and which risks don't at balancing safety with resilience.

Most of them don't make sure that their elaborate DIY crypto scheme, can be deciphered by their heirs.

If something happens to them, those heirs might not be able to get some of that inheritance.

Your crypto may go to the moon, but your chances of actually making it there in the next 20 years... can be rudely interrupted by a bus.

Then what? Your relatives try to decipher whatever kind of mystical cryptography scheme you devised in order to protect your funds?

Even if you don't do that and all they have to do is figure out what a BIP-39 seed is, the greatest crypto-expert they knew just died.

What are they going do now?

You were the expert. They will go on Reddit and look for a 'sherpa.' God help them.

Bad people will line up to defraud them. That is one problem with users and complexity.

Security in this space is complex. It's very difficult to understand what the risks are and how to balance them.

Worse, the user interfaces are so complex.

A user interface needs to be intuitive; not just intuitive, but intuitively secure, meaning that you better make sure the obvious thing to do is also the secure thing.

If we design interfaces where the obvious thing is also the most secure thing, then users can operate securely.

If you leave them hanging and they have to figure it out themselves, then we have failed our users.

This isn't just a problem of 'how do I be my own bank and control my own crypto'?

The vast majority of people faced with this choice... what do they do?

They find a custodial service and put all of their cryptocurrency in a bank.
A crypto-bank, but still a bank.
A custodial service that has far fewer standards for security than a bank; no auditing or transparency, very few or no controls.

There are some "good" ones now, but how long does that last?

The saying goes, there are 2 types of exchanges: those that have been hacked, and those that will be.

There is no unhackable exchange. If you understand how financial services work,

then you know there is no more difficult task today than securing a centralised honeypot of digital bearer assets, that can be transmitted irreversibly and effectively disappear.

This is a hugely difficult problem. You need many security experts to make sure no one within your exchange can steal it, that it can't be seized or accidentally lost.

How to balance resilience and security, access for your users, and all of those things, is monstrously hard.

If a bank has its money unintentionally transferred out by wire transfer, they can just reverse the wire transfer.

If a cryptocurrency exchange gets hacked, and the money is gone, then it is gone.

Digital assets are very difficult to hold. The only way they can be secure is if we decentralise control.

If thousands, then hundreds of thousands, then millions of people each hold their own keys that is more secure because a thief would have to compromise millions of individual people.

If you instead take these keys and concentrate those holdings in one custodial institution, that institution by simple math has to be a million times more secure than each of the individuals,

because they have a much bigger pot of money, of transferable and irreversible digital bearer assets.

Here's the problem we have: there is no "million times better" security like that. It doesn't exist.

You can't do that effectively when you concentrate these many holdings. The level of security decreases.

It doesn't decrease a bit, it decreases by orders of magnitude. But that is not the real problem.

The real problem is, what the hell is the point if people who use this decentralised system store their money in custodial wallets and exchanges?

What the hell are we doing this for?

A lot of these custodial service people will smile and say, "We want to offer security to our users."

"We will give them ease-of-use and peace of mind."

What they mean is, "We hear your anarchist ideas about disrupting the banking system but rather than doing that, how about we replace the old bankers with me?"

Same business as usual; new faces on the letterhead.
"The banking cartel sucks, but my new banking cartel
will be awesome  because it has blockchain in it!"
That doesn't change anything.

We are doing this because decentralisation matters, as a fundamental principle and architecture that our society needs in order to scale without losing all of our freedoms.

We understand that decentralization is the only thing that will allow us to scale governance, trust, society without descending into some kind of totalitarian surveillance nightmare.

Either that or we didn't really believe in any of it and this is just about being the new rich people in charge, replacing the old rich people in charge.

We have to solve these security problems. For our users, the two choices are both terrible right now.

"Be your own bank" without understanding the responsibility and complexity it brings, on immature user interfaces with underdeveloped processes and no support, in a Wild West kind of way.

I love that. I'm a geek. I want to take all of the control. I enjoy trying to figure stuff out but that is not what everybody else will do or feel.

Right now, it is either that choice or "I can't do this, I will just give my money to someone else to handle," and we're back to business as usual.

We must solve this problem.

We must provide user interfaces and systems that are intuitively secure, allow people to manage their own money, to empower themselves without risking loss after one silly mistake.

In order to do that, we must understand that users are not concerned about obscure vulnerabilities.

Their password is 'password1234,' they don't know what a second factor is. They probably don't care to learn any of that.

They will make one stupid mistake like typing their password into some weird pop-up website because it offered them a $10 gift card and that is all it takes.

You read about these people all the time who say, "I just lost ten bitcoin. A website promised me 5% daily return."

"So I invested." You didn't "invest," you threw your money away. You believed in something too good to be true.

We have to make security more intuitive for users who are will make these basic mistakes.

We all have the Dunning-Kruger effect, but in security it can be deadly.

It is our responsibility to help users understand what matters and what doesn't matter,

which vulnerabilities are important, require action, and which ones don't.

Eventually, gradually.

Make the complexity disappear into the background, so that users have options that are intuitively secure from the beginning.

Thank you!

Comments

  1. Finally, I saw a good article for a long time. thanks for sharing this updated information with us. as a software development company, we have to assist our clients with an updated blog like yours. I hope my clients will happy to read your articles.
    https://www.mlmdevelopers.com/invest-in-top-5-cryptocurrency-2020/

    ReplyDelete

Post a comment