Peter Todd Comments On Luke Dash Jr Getting Hackedtwitter.com/peterktodd/status/1609655629903265795
1173 sats \ 23 comments \ @slatheredloss 1 Jan 2023 bitcoin
write
preview
related posts
439 sats \ 1 reply \ @timechain 2 Jan 2023
There is a possibility that this is a public "boating accident." To attempt this would be logical, all you have to do is move some, coinjoin some, "show other signs of a hack" and there ya go.
Or not. Luke, although brilliant, I'm sure has developed blind spots due to his talent, thought of his server as secure, where keys to those coins probably have lived since they were worth a fraction of their current value. I'm not sure he has anyone in his life that he would trust with letting critique his system, and he doesn't seem like the kind of guy to accept the criticism. Peter pointed out the irony of how many plebs have a more secure system than this Core dev.
reply
1 sat \ 0 replies \ @tomlaies 2 Jan 2023
Peter pointed out the irony of how many plebs have a more secure system than this Core dev.
Especially Coldstorage has stupid easy almost perfect opsec if you want. Personal indolence.
reply
226 sats \ 5 replies \ @Hermit 2 Jan 2023
I see a lot of very complicated theories out there. Here is the response I left in another post:
The answer could be more simple than all these hacks theories. You are a PUBLIC, core developer working in Bitcoin for years, you obviously hold a bunch of BTC. In that case you are a target for professionals, not only in cyberspace, but also in the physical world.
His Twitter profile says a lot about him, where he lives, what he's doing. This happening during the holidays... Is it possible someone breaking in his house and find the seed written down? The Twitter profile says this guy is a devote catholic. You don't need to be Sherlock Holmes to try look for the seed "kept by God" inside a bible or behind a cross. Definitely easier than robing a bank.
If you hold $10M in BTC, you have 2 options: or nobody knows who you are, or you have your house secured at ScarFace level.
I'm probably wrong, but definitely a possibility.
reply
5 sats \ 4 replies \ @kristapsk 2 Jan 2023
Is it possible someone breaking in his house and find the seed written down?
AFAIK Luke uses Bitcoin Knots (fork of Bitcoin Core) as a wallet, it doesn't have seed phrases.
reply
0 sats \ 3 replies \ @Hermit 2 Jan 2023
Then looks like he Forked Off.
reply
0 sats \ 2 replies \ @kristapsk 3 Jan 2023
It's the same with Bitcoin Core. Knots is just Core with bunch of patches applied on top of it.
reply
0 sats \ 1 reply \ @Hermit 3 Jan 2023
But for my very little understanding about it. Knots doesn't keep a tradicional seed where you have to write it down. Even if encrypted is online? And is not cold storage. 200 Bitcoin in a hot wallet, is that what we are doing here?
reply
10 sats \ 0 replies \ @kristapsk 4 Jan 2023
Bitcoin Core also does not implement BIP39, Knots is not different here. Normally your wallet is encrypted using AES, you decrypt it temporary to sign transactions. But it is hot wallet, yes. If your wallet file is stolen and pasphrase is weak or your machine is hacked, you will have bad time.
reply
2 sats \ 7 replies \ @scampy 2 Jan 2023
Does anyone here use QubesOS, and if so what are your impressions of it?
What advantages are there to using QubesOS over a more common Linux distro such as Ubuntu? Assume the system is dedicated to Bitcoin usage and not used for other activities such as browsing, torrenting, etc.
reply
330 sats \ 1 reply \ @hades 2 Jan 2023
The most secure OS to date. Everything on it is another virtual mission practically sandboxes from everything else. Open a browser in one VM, a text editor in another and you have to do quite a bit to cut and paste to the other. Hacker gains control of browser but can’t access any other part of machine. If any portion is compromised you just close it and spin up another. Requires significant time to get spun up on using it but then you are a pro after reading all their materials.
reply
20 sats \ 0 replies \ @scampy 2 Jan 2023
Thanks. It seems interesting, I'll do some reading on it.
reply
0 sats \ 3 replies \ @00 2 Jan 2023
It actually has a large attack surface and few developers. Better to use a second cheap secure offline computer.
reply
1 sat \ 1 reply \ @petertodd 2 Jan 2023
Don't let perfect be the enemy of good.
I've used separate computers on occasion too. But using Qubes routinely is much more important than intending to setup something more secure and never really following through. Because that's what so many people do in reality.
reply
10 sats \ 0 replies \ @Rock 3 Jan 2023
Don't let perfect be the enemy of good.
This is such good personal security advice. I know some people get so paranoid that they end up hurting themselves far more by trying to roll their own security protocols.
reply
0 sats \ 0 replies \ @scampy 2 Jan 2023
That is my impression too. I was curious to learn what users of Qubes thought though, especially from a Bitcoin lens, as it's the first time I've heard of it and it seems like an interesting project (albeit one I doubt I'll ever use).
reply
0 sats \ 0 replies \ @ln123 2 Jan 2023
It's a great OS, just be sure to purchase the right hardware (it won't work on every machine due to the secure virtualisation requirements)
reply
0 sats \ 0 replies \ @Valley_D0g 2 Jan 2023
sus af if u ask me
reply
0 sats \ 0 replies \ @nym 2 Jan 2023
Luke may have reused the computer he created his original private keys on. He says his offspring is using the computer he created the private keys with.
https://twitter.com/LukeDashjr/status/1609871378416549889?s=20
reply
0 sats \ 0 replies \ @jgbtc 2 Jan 2023
Peter also thinks bitcoin should be inflationary.
reply
0 sats \ 0 replies \ @TheBTCManual 2 Jan 2023
I don't know what to make of it, if its real then man it just shows how no one can become complacent with their security and should constantly be striving to improve their set up and minimise risk
On the other hand it could just be a sweet attempt at a boating accident and accessing some of that bitcoin since you must be so way up at this point the taxes would be too gross to pay
reply
0 sats \ 1 reply \ @fred 2 Jan 2023
I feel core Bitcoin developers should stay anonymous the same way the founder Satoshi Nakamoto became a mystery. This will take the attention of you being hacked by any entity.
reply
0 sats \ 0 replies \ @tomlaies 2 Jan 2023
I feel the very existence of Bitcoin Core Maintainers/Developers is too much if you consider how much of the world is on auto-update.
Development like Linux back in the day would be the way
reply
0 sats \ 0 replies \ @cryptocoin 2 Jan 2023
For additional comments on this topic, see another post found here on SN:
Luke Dash jr's PGP key compromised and bitcoin stolen #115980 https://twitter.com/LukeDashjr/status/1609613748364509184 [Nitter]
reply