pull down to refresh
10 sats \ 11 replies \ @nullcount 17 Jun \ on: My project got hacked and user funds were stolen devs
If you leave an envelope full of cash in the middle of the street, and someone takes it, it was not stolen. Change my mind.
The internet is the public square, if your app is publicly accessible, and someone is able to make the app pay them, then they earned every sat.
You were not a victim of theft. Only a victim of loss. No different than losing your cash in the street.
Your metaphor breaks down a bit, when you realize the hacker knew the rightful owner.
So, in your metaphor, its more like leaving an envelope in the street, with all your contact information on it, as well as the owner being physically nearby and ready to answer thr phone.
If you find a wallet full of cash, and the ID in it, and you take the money but return the wallet, you are taking somebody else's property.
reply
Did they know the owner? was the owner the maintainer of the app or the user of the app who connected their wallet to it?
reply
They knew the host of the service via the domain they would have been hitting, (presumably?) they knew the maintainer's handle as the code was open source, and the OP said that they knew the victim, as the hacker had some kind of identifier used in the attack. They had enough to triangulate the owner and/via the maintainer.
If someone uses weak entropy and their wallet gets drained, was that theft? Whats the difference between using weak entropy and trusting insecure software?
reply
Weak entropy is closer to the anonymous envelop. There is no way to contact the owner of a wallet created with weak entropy.
But, put it this way: if your mother created a wallet with weak entropy, and you serendipitously found the weak entropy wallet and then took the funds, but you honestly didn't know they were hers until months later when she complained about an anonymous "hacker".
Would you give her, her funds back? Would you tell her you 'just found an anonymous wallet' and so you wouldn't give it back? Would you just stay quiet, lie by omission?
Does this change, if its a stranger?
You asked to have somebody change your mind. I have tried. I have my own answers to the above. I wish you the best, in figuring out your own answers.
reply
I'm not interested in changing your mind, but I am genuinely curious.
If I break into your home when you aren't home, is anything I "take" not stolen because your lock was weak enough to break? Your home is connected to "public" like his server is connected to the public internet, isn't it?
Do you believe in physical property rights, but not digital ones? I suspect you either view digital property rights differently than physical ones, or don't believe in property rights of any kind. If the former, how do you explain the difference?
reply
Thanks for being curious! Sometimes it takes a good question to make me solidify my thinking.
If I break into your home when you aren't home, is anything I "take" not stolen because your lock was weak enough to break?
I believe that to own property is to have the ability to control the destiny of that property. The surest way to own something is to destroy it -- to realize the destiny of the property by eliminating its value as property. If someone else was able to control "my" property, then it is no longer my property, exclusively.
However, we have a legal system that would assert that I am still the "owner" of the property. That legal system can attempt to "clawback" the property and return it to my control. So, in a way, even after the property has left my direct control, I still have some control over the destiny of that property -- insofar as the property could potentially be returned to me by the legal system that enforces my "property rights".
Government is instituted for the common good; for the protection, safety, prosperity, and happiness of the people; and not for profit, honor, or private interest of any one man, family, or class of men; ~ John Adams
Property rights are great! Enforcing property rights encourages investment, discourages the destruction of property and is key to a prosperous society. But property rights can also be abused to weaponize "legalized violence" to the advantage of a particular class. Communism isn't the solution, but the communists are really good at pointing out the downsides of private property rights in practice. They tend to increase class inequality, for example. Don't get me started on "intellectual property".
Do you believe in physical property rights, but not digital ones?
I believe property rights do not exist in nature. They are constructs of states/governments/societies/communities and they exist insofar as they can be enforced.
In nature, one's ownership of property would be mostly a function of their ability to conquer and defend exclusive control over property (Ghengis Khan warlord-style).
Since Bitcoin cannot be so easily "clawed back" by a legal system using violence, I argue that BTC is somewhat immune to any external property rights. It has it's own system of enforcing ownership that relies on entropy and fundamental truths about nature/physicality.
Having "ownership" of some sats is to have the knowledge of a private key (such that you have the ability to control those sats). A private key is just a large number that is difficult to guess. Is it possible to own a number?
In the same way, do you anything (physical) fully? Couldn't the state use enough force to take or destroy everything you own? Could some random person take or destroy your property? I don't see "ownership" as a binary outcome as the legal system does. Ownership, naturally, is more like a vector.
The more power the individual wields, the more likely their ownership of a piece of property is to be exclusive. Bitcoin gives anyone access to immense power. It does it by weaponizing entropy instead of violence. Namely, the entropy required to create a secure private key and the entropy created by consuming tremendous energy.
reply
You're wrong.
This is an oversimplification and frankly the type of logic that would excuse all sorts of heinous crimes including pedophilia.
Read some Dostoevsky. Go with christ @nullcount.
reply
Let me see if I can paraphrase your argument:
I'm wrong because you said so! And the logic of my metaphor is a slippery slope.
Read some Max Stirner. https://en.wikipedia.org/wiki/Illegalism
reply
There's no slippery slope it's just an entirely wrong way of looking at ethics not only in this case but in general. Usually when people have these severe and obvious shortcomings it's because they're lying to themselves in much the same fashion that Dostoevsky masterfully illustrates in his writings.
The closest physical analog to this hack would be that someone picks the lock on your house and ransacks it. I'm sure you'd agree that it is not morally justified just because your lock sucks or because the thief had skill.
@bitcoinplebdev 100% bears the responsibility of protecting himself from predators which he failed to do and took accountability for it.
The hacker is still a piece of shit for this. There was a responsible way to demonstrate the hack, report it and receive fair (possibly even the same!) compensation as what he took. It's malice pure and simple. There's a very small pool of people that could have done it and I suspect this isn't over.