Question and Answer about hardware hacks

Published: 2018-12-06


Q: How secure is Google Authenticator? Can they hack your wallet as a middleman?

A: Google Authenticator is a one-time password, two-factor authentication system... that has a security key installed on your phone. How secure that is, depends on how secure the phone is. If you put Google Authenticator on an Android 5.0 phone that doesn't have a hardware security module, or as it is called in Apple terms the Secure Element, then that key is floating around in memory. Other applications that you may have downloaded and allowed far too wide permissions... can reach into the memory, pull that private key, and then they have your second factor. You hear all of that and... this is exactly the problem with the point at which a regular user says, "Well, screw that! I'm not using 2fa then. I will just use one factor because clearly, this Google Authenticator could be compromised." The truth is, using 2fa will make you thousands of times more secure than not using it. The alternative is doing something else like SMS two-factor, which is far more vulnerable. Most people have devices that are quite secure. Smartphones nowadays are quite robust devices, they're not as easy to hack. Your smartphone is probably the most secure device you have to store keys for small amounts. Having 2fa versus not having 2fa is the choice. Yes, there are obscure vulnerabilities. Better yet, use a hardware one-time password 2fa device, like YubiKey. Google is making one. These are hardware devices that store signing keys. My laptop has a dongle on the edge, I just have to tap it when I want to login. That is better than Authenticator, but both of those solutions are thousands of times better than not using 2fa. That is really the calculation you need to think about.

Q: Some of the places we work at are tough. One of the things we are running up against is the complete lack of affordable hardware security. We know of people in the space who are working on this, but sub-$10 cards don't currently exist. Even they do, on-boarding merchants who are fairly sophisticated, that use feature phones with SIM cards for online banking, but they still can't access credit. This is the kind of security things that I deal with, day-in and day-out.

A: You're going to have to wait for the tech. We're not ready for that yet. That doesn't mean it's not coming. Judging the technology or the market by what is available today, misses the evolution of this technology. We're talking about a technology that, like many others, is affected by Moore's Law; affected by exponential trends in development, interaction between multiple different projects, that all push together in lowering the cost of electronics and consumer devices.

If you miss that point, you will judge it the wrong way. In the early '90s, if you looked at who owned cellphones, when they were the size of a suitcase. I had a cell phone in 1991, it was big with an antenna, and the battery lasted for an awesome fifteen minutes. I had it because my job paid for it, otherwise I can guarantee you I couldn't afford it. The only people I knew who had cellphones at the time were millionaires. What's ironic is, if you had cellphones at that time, you would think, 'This tool isn't helping the people who need help!' But this tool will cost ten dollars in twenty years. In fact, it goes from being a status symbol of the rich to being the exact opposite: the status symbol today, if you're rich enough, is that you don't have a cellphone. You have a secretary carrying a cellphone next to you. Rich people don't wear Bluetooth headsets. That is the transition of technology, from ultra-exclusive to ultra-available for everyone, with a drop in price. The first hardware wallet I bought? I paid a bitcoin for it.

As far as crypto wallets, there are some hardware wallets that are dropping in price, to $20 or $30. I hope we'll see more of those.

Q: Earlier this year in January, the Meltdown and Spectre vulnerabilities came up. Computer researchers and scientists found flaws in processors and the ability to secure the enclave. If we look at the price of crypto-coins, at that time they plunged into a 'Dotcom'-like crisis. My question is, do you believe that we need to solve computing insecurity with trusted entities... and shared environments, before we will come out with architecture for B2B?

A: Trusted execution environments allow us to trust that our own computer is not being hacked while we are using it. I don't trust my own computer. Fortunately, the most effective solutions with cryptocurrencies are low-tech and offline, such as storing back-up seeds with English words. Before we had mnemonic seeds, we used paper wallets. Now we have hardware wallets. While the hardware wallets may have problems with the trusted execution environment, they interact with the outside word through a very narrow, well-defined channel. Usually a USB-Serial channel, which has a very specific protocol. It is difficult, without access to the hardware, to compromise it remotely. Really, we don't need a fully trusted execution environment to deliver high levels of security and privacy on peer-to-peer networks.


Filed Under: Wallets