Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Bitcoin IT

Lost Passwords Lock Millionaires Out of Their Bitcoin Fortunes (nytimes.com) 194

Stefan Thomas, a German-born programmer living in San Francisco, has two guesses left to figure out a password that is worth, as of this week, about $220 million. From a report: The password will let him unlock a small hard drive, known as an IronKey, which contains the private keys to a digital wallet that holds 7,002 Bitcoin. While the price of Bitcoin dropped sharply on Monday, it is still up more than 50 percent from just a month ago when it passed its previous all-time high around $20,000. The problem is that Mr. Thomas years ago lost the paper where he wrote down the password for his IronKey, which gives users 10 guesses before it seizes up and encrypts its contents forever. He has since tried eight of his most commonly used password formulations -- to no avail. "I would just lay in bed and think about it," Mr. Thomas said. "Then I would go to the computer with some new strategy, and it wouldn't work, and I would be desperate again."

Bitcoin, which has been on an extraordinary and volatile eight-month run, has made a lot of its holders very rich in a short period of time, even as the coronavirus pandemic has ravaged the world economy. But the cryptocurrency's unusual nature has also meant that there are many people who are locked out of their Bitcoin fortunes as a result of lost or forgotten keys. They have been forced to watch, helpless, as the price has risen and fallen dramatically, unable to cash in on their digital wealth. Of the existing 18.5 million Bitcoin, around 20 percent -- currently worth around $140 billion -- appear to be in lost or otherwise stranded wallets, according to the cryptocurrency data firm Chainalysis. Wallet Recovery Services, a business that helps find lost digital keys, said it has gotten 70 requests a day from people who want help recovering their riches, three times the number of a month ago. Bitcoin owners who are locked out of their wallets speak of endless days and nights of frustration as they have tried to access their fortunes. Many have owned the coins since Bitcoin's early days a decade ago, when no one had confidence that the tokens would be worth anything.

This discussion has been archived. No new comments can be posted.

Lost Passwords Lock Millionaires Out of Their Bitcoin Fortunes

Comments Filter:
  • by Anonymous Coward

    That is why you make copies. You store them in sort a way that does not identify what they are for, but you know what it is for. In other words, be responsible for your stuff, take it's importance seriously, and be a god damn adult

    • by SirSlud ( 67381 ) on Tuesday January 12, 2021 @09:42AM (#60932512) Homepage

      Man, I'm no bitcoin proponent, but a lot of people are responding as if people should have known how important these passwords would end up being. Anything can increase exponentially in value - are all the parents who let their kids play with or lose their Joe DiMaggio rookie cards morons?

      Bitcoin was a toy and near worthless for quite awhile, and lots of critics are just sniping from the safe vantagepoint of hindsight being 20/20. Obviously being more careful would have been prudent, but the amount of care and security afforded to the passwords were a function of how important they were (or were likely to be at some point) and if everyone kenw they'd be worth millions, then you'd be the idiot for not having acquired any when they were cheap or easy to mine.

      • Man, I'm no bitcoin proponent, but a lot of people are responding as if people should have known how important these passwords would end up being.

        The problem with so many people is that they are computer stupid. If they didn't have a password manager, and if they assumed that forgetting their password on their bitcoin accounts was unimportant, well, then they made a bet, and should not be upset they can't access their money now.

        Bummer, but such is life in the world of pretend money.

        • Why not write it down with some gobblety goo and put it in a book somewhere?

          • Why not write it down with some gobblety goo and put it in a book somewhere?

            That could work. I've found that for most people, they need something automatic, because they would forget to take the first step. As an example, I helped a woman take care of her computer, and she wouldn't write down passwords, and refused to use icloud despite being warned. Paranoia sucks. So I kinda snuck her on to icloud and got her passwords for her bimonthly forgetting sessions. When she found out she was pissed at me, and I just told her I was finished helping her. A week later I got a frantic phone

          • Just print it and put the paper in a book on your bookshelf.

            • Then you or someone in your household forgets its there and loses, destroys or gives away the book at a book sale.

        • by SirSlud ( 67381 )

          Sure, I'm not saying he shouldn't be upset. Anyone rightly would be. I'm just taking issue with the characterization of such a person as proof of idiocy. Life is full of regrets - having made choices that are poor only with benefit of hindsight doesn't implicitly make oneself an idiot. Life is full of things we wish we could go back and redo, but the judgement calls we made at the time may have been correct (or at least not unreasonable) with the information we had at the time.

      • by aitikin ( 909209 )

        Man, I'm no bitcoin proponent, but a lot of people are responding as if people should have known how important these passwords would end up being. Anything can increase exponentially in value - are all the parents who let their kids play with or lose their Joe DiMaggio rookie cards morons?

        Bitcoin was a toy and near worthless for quite awhile, and lots of critics are just sniping from the safe vantagepoint of hindsight being 20/20. Obviously being more careful would have been prudent, but the amount of care and security afforded to the passwords were a function of how important they were (or were likely to be at some point) and if everyone kenw they'd be worth millions, then you'd be the idiot for not having acquired any when they were cheap or easy to mine.

        I'd agree with you if this were someone who had treated it like a toy. Going out of your way to purchase a Ledger or an IronKey or any of the other hardware "crypto wallets" (yes, I hate that term, thus the quotations) tells me you were taking it more seriously than, say, leaving it on an exchange like Coinbase or Binance or any of the other exchanges out there. Sure, after Mt.Gox and any number of other exchange hacks there was understandable desire to move bits off of the exchanges, but, by that point,

      • by DaveV1.0 ( 203135 ) on Tuesday January 12, 2021 @10:05AM (#60932666) Journal
        If it weren't important then he wouldn't have put it on an ironkey. The simple fact he put it on an ironkey indicates he thought it was very important to keep safe.
        • by SirSlud ( 67381 )

          I mean, maybe? Maybe the ironkey was also a toy. All I'm saying is that his level of care would've been a function of how much he predicted he might lose out on in the future should he lose the password. Hundreds? Thousands? Millions? Like I said, people who assert that they would have behaved as if bitcoin could have risen to anything approaching the valuation it has today might as well be subject to the same kind of criticism for not having bought in back then.

      • > lots of critics are just sniping from the safe vantagepoint of hindsight being 20/20

        Some of us actually think Bitcoin is a lot like beanie babies. I didn't get into beanie babies either, but if I did lock some beanie babies in a safe just for fun I'd probably keep track of the password. Sure I've lost passwords over the years, but not to something that I thought had monetary value. If you were into Bitcoin but didn't think it had monetary value then you were just playing and shouldn't be sad that yo

  • Hahah sucker, was the first thing I thought.

    And then: what happens to the virtual money he has if he uses up all his tries?

    • by Joce640k ( 829181 ) on Tuesday January 12, 2021 @09:29AM (#60932416) Homepage

      It's gone forever. :-)

      • Supply and demand -- everyone else's is a little more valuable.

        • Supply and demand -- everyone else's is a little more valuable.

          Most of the so-called trillion dollar value is bitcoins held by people hoarding them when they were cheap to create. Whether the supply is "5,000 times more than demand' or "4,999 times more than demand" makes no difference.

          And since there is no registry where lost bitcoins are registered, the so-called value of bitcoin will stay unchanged.

        • Re:Write it down (Score:4, Insightful)

          by Joce640k ( 829181 ) on Tuesday January 12, 2021 @10:04AM (#60932648) Homepage

          Supply and demand -- everyone else's is a little more valuable.

          Nope. The market already adjusted for them. Bitcoin supply is no greater than it was yesterday.

          • by aitikin ( 909209 )

            Supply and demand -- everyone else's is a little more valuable.

            Nope. The market already adjusted for them. Bitcoin supply is no greater than it was yesterday.

            Kinda...

            Every 10 minutes a new block gets mined (on average) and every new block has a number of coins associated with it (dropping every four years or so in amount per block) until 21 million BTC have been mined and put into the system. So, technically, there's not more BTC today than yesterday as the finite maximum is 21 million, but there's more BTC accessible today than yesterday.

            </pedantic>

        • Supply and demand -- everyone else's is a little more valuable.

          Except the price of bitcoin is weakly related to supply and demand. It goes up and down for no apparently reason 90% of the time.

          • No, the price must go or down because of supply and demand. Someone is willing to pay the price at that instant otherwise it wouldn't be that price. The reasons for that change in supply and demand, are, however, unknowable.
    • by PPH ( 736903 )

      TFS says he did that. And then lost the slip of paper.

  • by e3m4n ( 947977 ) on Tuesday January 12, 2021 @09:23AM (#60932376)

    But if it is a physical device can you not just use dd to clone the device onto a new drive to increase the number of attempts?? dd does a zero for zero and one for one copy.

    • It's almost as if you believe nobody ever thought of that...

      • It's almost as if he was asking someone to explain why a dd copy wouldn't work and most people got it and replied to that query, but YOU...

    • The attempt is on the password of the security chip itself, not on the block device underneath. They could DD the underlying flash hardware presumably and then brute force that (assuming there aren't additional shenanigans going on when the encryption device reads and writes to it) but if that is even remotely sanely encrypted then you've got little chance at brute forcing that either.

    • by AmiMoJo ( 196126 )

      The drive controller won't allow you to read the contents of the drive without providing the correct password first. It keeps a count of bad password attempts in a specially protected area of memory inside a secure chip that is physically protected from being tampered with.

      That doesn't mean it's impossible. You could remove the flash chips and copy them, but then you would need to guess the AES key. Assuming the password has been salted and the salt is stored in the same secure memory that might be impracti

      • by Junta ( 36770 )

        Further, Generally speaking on this class of device, the key storage is embedded in an ASIC and not available to read through any external pins of any chip.

        They also generally have two keys, a data encryption key that is used for encrypting the disk sectors that is randomly generated and stored in that space encrypted and a key encryption key that is generally the one derived from the password and is used to encrypt the data encryption key. So trying to brute force a password through trying the password der

      • For 100 million dollars there might be some takers

      • by nbvb ( 32836 )

        For $220,000,000 sitting behind that chip? I'm absolutely certain someone will offer a service that - at a minimum - can desolder the flash chip and extract its encrypted contents as they sit. At least be able to reset the 10-fail counter if nothing else.

        • by ceoyoyo ( 59147 )

          And that tells you how much bitcoin is actually worth. All these people who lost millions! hundreds of millions! BILLIONS! just end up shrugging and moving on. Or maybe go down to the dump and poke around for a bit.

          • by nbvb ( 32836 )

            I agree fundamentally ... but if someone is willing to trade whatever is on this USB key for $220,000,000 right now - well hell, hurry up, let's unlock this thing and get it done before someone figures out it's essentially meaningless!

            • by ceoyoyo ( 59147 )

              Yeah, absolutely. Except here's where it gets tricky: how much are you willing to invest to decrypt that key? If it was a vault with $220 million in it, it would be well worth spending most of that breaking in. Since it's bitcoin, you can't actually sell it all and get the 220 mil, and by the time you *could* sell it all it might not be worth anything. So the question is, do ya feel lucky?

          • by DarkOx ( 621550 )

            Well what else can you do? Iron key is not some rando's toy software based password safe from github. Its a pretty designed tested security targeted product. Does that mean that it does not have serious exploitable flaws - no because if it did there would be no CVEs associated with security products and we all know that isn't true.

            However what is true its probably been tested already and is robust enough even a team of talented hackers isn't like to find a away in without investing a lot of man hours. Thin

        • The encryption keys are in the crypto chip. You'd need to buy a whole bunch, decap them and reverse engineer them enough you can design an attack for an operating chip, probably involving FIB/microprobing.

          Might already have been done.

        • by AmiMoJo ( 196126 )

          The attempt count is not stored in the flash memory, it's kept in a special area of a secure chip. There is no way to read it out of that chip via its normal interface (usually SPI or I2C) and it has physical shielding that both blocks attempts to probe its die and causes the key to be erased if it is tampered with.

          These things are sometimes flawed, e.g. many older microcontrollers with protection features can be unlocked using UV light, but they seem to have fixed anything easy like that.

          I doubt the $220m

      • by cusco ( 717999 )

        Finally! A practical use for quantum computers!

      • Brute forcing AES is still impossible in any reasonable timeframe.

        All is not lost.

        Still impossible = not impossible someday. At some point AES will be brute forceable, so the key has future value, maybe, so he could sell the key for something. Bitcoin, USD, Pounds, are all based on trust. So the value of the key is based entirely on trust that it contains what he says it contains.

        • by AmiMoJo ( 196126 )

          Thing is if a quantum computer is able to break the AES encryption then Bitcoin will be worthless anyway as quantum computers will be able to break that too.

      • SOUNDS LIKE A JOB FOR QUANTUM COMPUTING!

        amirite or amirite ?

        -It has to be useful for something.
    • by Registered Coward v2 ( 447531 ) on Tuesday January 12, 2021 @09:40AM (#60932492)

      But if it is a physical device can you not just use dd to clone the device onto a new drive to increase the number of attempts?? dd does a zero for zero and one for one copy.

      No, you cannot access the files because of the way an Ironkey is constructed. After 10 tries it physically destroys the disk. I deployed some and required each person with one to provide me with the password so if they forgot it I could send them their password or when the device was returned I could wipe it clean and reset the password. I kept them in a spreadsheet as well as hardcopy.

      Ironkey also has the ability to backup the password to the web to recover it, but I'm guessing most users won't and that also requires a password to access it; so what is the chance they remember it if they forget the Ironkey PW that they use frequently? Some versions of Ironkey also has an administrator capability that can recover passwords but needs to be setup in advance.

      They are neat devices but you are SOL if you forget the password in most cases. Can they be broken and files accessed? I'd guess yes simply because if an administrator can reset a password without knowing the original then there must be a way in; just not an easy one.

      • No, you cannot access the files because of the way an Ironkey is constructed. After 10 tries it physically destroys the disk.

        For a portion of the $200 million as a reward, I would think that the manufacturer of the drive can find some way around this. Reset the counter or something like that. Change the branch instruction in the firmware from "branch if greater or equal" to "branch if overflow".

        • No, you cannot access the files because of the way an Ironkey is constructed. After 10 tries it physically destroys the disk.

          For a portion of the $200 million as a reward, I would think that the manufacturer of the drive can find some way around this. Reset the counter or something like that. Change the branch instruction in the firmware from "branch if greater or equal" to "branch if overflow".

          I would doubt it - what is more valuable, say $50 million or protecting a much more lucrative secure drive market? Once someone got the manufacturer to break in and word gets out their is a backdoor your secure drive is now essentially worthless to people who need to keep data secure. In some ways having someone say "I lost $200 million in BitCoin because I can't access my Ironkey since I forgot my PW and there is no way to defeat the PW protection" a good thing because it highlights the security and make

      • by v1 ( 525388 ) on Tuesday January 12, 2021 @10:02AM (#60932628) Homepage Journal

        Physical access always wins. But if it's done right, it can be made extremely inconvenient

        First off, a correction. If you miss your 10th attempt, it DOES NOT "physically destroy" anything. Your password is stored, hashed, and the actual encryption key is also stored. On your 10th failure, the device simply zeros out the encryption key. It's instant and 100% effective. Most ASIC work this way. Your password is severely lacking in its ability to generate enough bits to make a strong key, so your password protects the actual key.

        To break this, you have to decap the asic and take one of a few different approaches. You can "disarm" the counter by laser cutting the signal line that activates the clearing of the key, which will give you unliminted attempts to guess the password. (or alternately, block the device from incrementing its attempt counter)

        Or you can get in with probes and read the hashed key. Then you plug that into some big iron and try to brute force it or simulate the hash to again give you unlimited attempts to guess it. (once you find what passes the hash, you use it on the key normally)

        I'm sure there are other attacks, some of which are device-specifc, but those are the big two.

        Decapping hardware is readily available but is expensive and purchases are monitored. You don't do that yourself anyway, you take it to someone that's already set up to do this. (it's expensive, and there's always a possibility of damaging the device and permanently bricking it) You need to find an organization that has experience with the piece of hardware you need into, because there's significant research required before you go drilling into a die like that If they've never done one of those before, they'll buy a handful and hack on them one at a time until they develop a reliable strategy of attack.

        Considering all that though, if there really is that much bitcoin on the key, it sounds like it's worth it to take it to a professional outfit to dig it out. You might be able to negotiate with them to work on contingency, where they get say 25% of the bitcoin if they get it out, otherwise no charge?

        • First off, a correction. If you miss your 10th attempt, it DOES NOT "physically destroy" anything. Your password is stored, hashed, and the actual encryption key is also stored. On your 10th failure, the device simply zeros out the encryption key. It's instant and 100% effective. Most ASIC work this way. Your password is severely lacking in its ability to generate enough bits to make a strong key, so your password protects the actual key.

          Thanks, I should have been more careful in my wording on /.; I just told users it destroys the data so they understood why I needed the passwords. In our case, if the pasword was ever lost we'd just erase the disk since the data was not crituical but contained personal identifying information we wanted to protect if the drive was lost.

  • Different Approach (Score:5, Insightful)

    by CastrTroy ( 595695 ) on Tuesday January 12, 2021 @09:24AM (#60932392)

    I'm sure if it's worth so much, there must be some kind of data recovery firm out there that could make a raw copy of the data and then proceed to brute force the result. When you have millions of dollars on the line surely there's a better way to go about this.

    • I'm sure if it's worth so much, there must be some kind of data recovery firm out there that could make a raw copy of the data and then proceed to brute force the result. When you have millions of dollars on the line surely there's a better way to go about this.

      While I'm sure there are companies out there which can extract the RAW data, if it was encrypted by someone even remotely competent then all that will result in is wasted CPU cycles that could better be spent mining new bitcoins (though that isn't a good idea).

      The best option would probably be an attack on the encryption asic itself and hope that somehow it can be bypassed or divulge the encryption key.

      • by cusco ( 717999 )

        For $200 million they could build their own quantum computer to break the password, and still have $20 million left over (and have a quantum computer!)

    • I'm sure if it's worth so much, there must be some kind of data recovery firm out there that could make a raw copy of the data and then proceed to brute force the result. When you have millions of dollars on the line surely there's a better way to go about this.

      https://www.kingston.com/spain... [kingston.com]

      "The drive detects and responds to physical tampering"

      • by tragedy ( 27079 )

        Wonderful how it describes these features as giving the owner "peace of mind". I'm sure the guy who is now out hundreds of millions of dollars does not exactly have peace of mind right now. Frankly, I've always been disturbed by these X attempts to log in, followed by self destruction systems. Or rather, I'm disturbed by their use for anything other than sending data by courier from one secure location to another.

        All that said, what are the odds that Kingston doesn't have a backdoor master key to decrypt th

        • by ceoyoyo ( 59147 ) on Tuesday January 12, 2021 @10:02AM (#60932626)

          I don't know why you'd put your bitcoin on one of these things. That's just asking for trouble. The stuff you put in a booby trapped box is the stuff you'd rather have destroyed than revealed to the wrong person. Your texting history with your secret wife and kids. The records for your meth business. Your collection of midget donkey porn. Your Parler posting history.

    • by ThePyro ( 645161 )

      Yes, I've seen those kinds of services offered before. It can work if you have some idea of what the passphrase might have been. If it was totally random, though, you ain't getting those coins back.

  • by WoodstockJeff ( 568111 ) on Tuesday January 12, 2021 @09:30AM (#60932420) Homepage

    These people lost what they spent to buy the bits.

    By losing the private keys, they are missing out on the opportunity to sell the bits to someone else, but their only true loss is in the original "purchase".

    • This is a perfect example of why the bitcoin "market cap" calculation (multiply the number of bitcoin in existence by the current sale price) is stupid. A decent fraction of all bitcoins are literally unsaleable because the wallet is lost. Those bitcoins are therefore worthless precisely because they cannot be sold.

      I'm still suspicious that bitcoin is an NSA social engineering experiment to get criminals to use a payment system with a public ledger -- i.e. the opposite of "untraceable". Everything else

  • by Mr_Blank ( 172031 ) on Tuesday January 12, 2021 @09:43AM (#60932522) Journal

    Why is Bitcoin worth anything? What can I buy with it? Explain it to me like I am new here.

    If I have cash I know what I can buy: anything that is for sale. If I have stocks, bonds, or gold then I know I can easily convert it to cash and buy anything. Is Bitcoin another form of gold, a store of value, that can be converted easily to cash?

    • Why is Bitcoin worth anything? Explain it to me like I am new here.

      OK.

      If I offered to sell you a Bitcoin for $100 right now, would you buy it?

    • Why is Bitcoin worth anything? What can I buy with it? Explain it to me like I am new here.

      It is worth something because someone is willing to buy it. It has zero intrinsic value and is backed by nothing. Essentially, when you buy a bitcoin, you buy nothing but a digital number.

      Is Bitcoin another form of gold, a store of value, that can be converted easily to cash?

      It can be converted to cash but easy is a relative term. It is taking longer and longer to do it because the underlying operations are taking longer and longer. It is a horrible store of value because it has no intrinsic value and is backed by nothing. It is the modern equivalent of tulips in the Netherlands of 1636/1637.

  • Seems like if you offered to split the Bitcoin 50-50 that $100 million would be enough incentive to bring forth an army of hackers who'd put the Ironkey security to the most intense scrutiny possible. You'd of course require that they first demonstrate their prowess on a device that isn't the one holding the precious Bitcoin private keys. Best of all, it would cost you nothing.
    • If I were you I'd offer to buy it from him for $20 million. I bet he'd accept.

      Then you can follow through on your plan and make a huge profit.

      • If I were you I'd offer to buy it from him for $20 million. I bet he'd accept.

        And I'm betting you'd be a sucker for doing so.

        Every so often we hear a story like this. It just seems fishy. I'm betting the truth is the guy has maybe two or three bitcoin on there, but knows no one will offer him any substantive help for a fraction of that. And he knows it's not long before bitcoin crashes again, so he wants to cash out now.

        His plan is - by lying about the amount, he gets a lot of publicity and eventually some serious offer of help "for a percentage". When they crack it, then he'll "reme

  • Post-its with the pre-printed header Write down your bitcoin password here for safekeeping

    And for 1.95 more, it will say Write down your bitcoin password here for safekeeping, Einstein!

  • ... if he's tried 'password1234'. That always seem to work here at work.
  • Maybe it'll highlight why I and many like me don't trust anything but cash.

  • by Joe2020 ( 6760092 ) on Tuesday January 12, 2021 @10:03AM (#60932644)

    This is great news for the future of numismatics. Instead of running across acres, fields and old paths in search for lost coins with metal detectors can future generations now also look forward to digging up digital crypto currencies!

    It's a bright future for all those people who love to collect stamps, dried-up butterflies, baseball cards, comic books and shiny ancient coins.

    • by pjt33 ( 739471 ) on Tuesday January 12, 2021 @10:12AM (#60932720)

      Shiny ancient coins are generally worth less than non-shiny ones, because cleaning them usually damages them. Gold coins might remain shiny without cleaning, but if you want to sell some silver and bronze coins you're better off leaving them tarnished.

  • by BubbaDave ( 1352535 ) on Tuesday January 12, 2021 @10:07AM (#60932676)

    I lost a youtube password, bugs me to this day.

  • ...of this Ponzi scheme when it inevitably crumbles - leaving those who've been hoodwinked into buying this $40k vapor footing the bill for these folks who got in on the scam early.

    Remember, those $$ are (every red cent) the investments of those who came after you. Bitcoin is a zero-sum game. All of these early adopters will be sitting around patting themselves on the back for parting fools and their money... Can't you see that you're complicit in this whole debacle?

    • > Bitcoin is a zero-sum game. All of these early adopters will be sitting around patting themselves on the back for parting fools and their money...

      Surely you can come up with a better analysis than that. Remember: money is not wealth, its a communications network. Imagine money being like the shadow of valuable goods and services cast onto a wall. You cannot accurately measure wealth in bitcoin anymore than you can measure it in dollars, though you can give a rough estimate of wealth using either. The

  • by trailerparkcassanova ( 469342 ) on Tuesday January 12, 2021 @10:15AM (#60932750)
    ...$220M was lost.
  • swordfish
  • by Malifescent ( 7411208 ) on Tuesday January 12, 2021 @10:33AM (#60932862)
    The security of these hard drives are usually fake and easily cracked. No need for him to lose his millions. There are some people on the internet who research the security of these drives and they've been able to crack ALL of them so far.
  • by BeerMilkshake ( 699747 ) on Tuesday January 12, 2021 @10:51AM (#60932984)

    Ask yourself and confirm, swear on your heart and soul that:

    • you have all your private keys in your own posession (e.g. not on a website),
    • you have an encrypted backup of all your keys,
    • your backup would be safe in the event of a house-fire, burglary etc,
    • you have tested and confirmed you can decrypt your backup and restore your wallet(s), and
    • if you died suddenly, your inheritors could retrieve your coins.
  • Bitcoin is "probably rat poison squared."

    âoeItâ(TM)s a gambling device... thereâ(TM)s been a lot of frauds connected with it. Thereâ(TM)s been disappearances, so thereâ(TM)s a lot lost on it. Bitcoin hasnâ(TM)t produced anything.â

    100% agree, have known about it for a very long time and keep as far away as possible.

  • Offer half of his bitcoin horde to the IronKey developers for the "backdoor-key-that-doesn't exist".
  • If you aren't smart enough to use a Password Manager where you memorize ONE password to get access to ALL your other passwords then I guess experience is a hard lesson.

    • A password manager is child's play compared to the power of hindsight.

    • Your access to a password manager can be lost. You might be tricked into revealing that one password thinking you are logging into the password manager. It's a single point of catastrophic failure and security breeching.

  • by dnaumov ( 453672 ) on Tuesday January 12, 2021 @12:04PM (#60933348)

    Why can't he just copy the entire thing and do further attempts on the copies or in case there actually is some sort of protection against this, at the point where the thing is worth hundreds of millions, why doesn't he hire some company to literally remove the relevant nand chips and then work on copies of that?

  • How's YOUR backup situation these days?

  • Might have to get a job

  • by sentiblue ( 3535839 ) on Tuesday January 12, 2021 @01:32PM (#60933878)
    How do you not know the password to your own $200M?
  • by ZiggyZiggyZig ( 5490070 ) on Tuesday January 12, 2021 @01:54PM (#60934012)

    If I had $220M stuck on an IronKey I am pretty sure the company making the IronKey would help me to get my money back... For a small fee.

  • by Bert64 ( 520050 ) <.moc.eeznerif.todhsals. .ta. .treb.> on Tuesday January 12, 2021 @02:43PM (#60934298) Homepage

    Why would you store something important on a device that self destructs after 10 incorrect attempts?
    Someone malicious could intentionally make 10 false attempts for the sole purpose of destroying your data.

Beware of all enterprises that require new clothes, and not rather a new wearer of clothes. -- Henry David Thoreau

Working...