I had some excellent meat in Lugano.
How would you describe the multiple attack factors to which all of our data is exposed?
The internet is wonderful and a terrible thing.
Like many tools, it can be used for both good and evil, but the really tricky thing from
a security perspective with the internet is that as soon as you put yourself online, as
soon as you connect to this network, you're actually, you're creating a door, and this
door can be opened and walked through by potentially billions of people if you don't have really
good locks on it.
So it's something that is, I think, out of reach for most people to fully understand
all of the implications of how to secure the doors from all of these bad actors, whether
it's just a teenage hacker in their mother's basement or a nation-state agent working out
of a bunker in North Korea.
It's a very wide range of threats, really too many to even try to talk about to get
people to understand.
So we have to build our software and our hardware to protect people from these threats without
them really even having to understand all the implications.
And in Bitcoin terms, is it the same thing or are there other things to worry about?
Yeah, I mean, from working in Bitcoin for nearly a decade now, what I found, the easiest
way to put people in a very good position, a strong security posture for their own Bitcoin
holdings, is to actually take those keys, take the access to your Bitcoin off of the
Internet and pull it into the physical world.
And this is for several reasons, one of which is, of course, as soon as you take it off
the Internet, you no longer have billions of people who can knock on your door, try
to walk through and try to steal your keys and all of your money.
The other is that, just due to the complexity of cybersecurity, it's much easier for the
average person to understand physical security.
You have something physical that you can hold in your hand, that you can put in a safe,
that you can hide somewhere that nobody else knows about, and it's easier for people
to control access to something that's physical.
Can you give us three pieces of advice to be safe in this context?
Thankfully, the amount of physical attacks that have happened are relatively small in
the context of all of the digital attacks that happen.
It is a lot riskier for an attacker to have to go somewhere physically, put their own
life in danger to attack someone in the real world, but it's very easy to protect yourself
from these, and it basically comes down to privacy.
If you are not going around broadcasting that you have a lot of Bitcoin, or broadcasting
that you're buying Lamborghinis or $100,000 watches, basically not flashing luxury items
on the Internet where a lot of people can see them, those are the things that will make
you a target for someone who might come to your house or otherwise track you down and
coerce you into handing over a lot of your valuables.
What have you learned so far about all the elements you've been tested?
It's a large industry now, right?
For any given wallet or backup or whatever, there are probably hundreds of options to
choose from, and this can be overwhelming for the average person who doesn't want to
spend hours, days, weeks doing a lot of in-depth research.
I do have a few projects where I have tried to test as many of these products as possible,
give them some really high-level scores and grades, just so that people can, I think,
have an understanding of whether or not they actually hold up to the promises that they
make in their marketing materials.
The short version for most everything is to keep it simple.
When it comes to something like a backup, then usually having only one piece of metal,
for example, is better than something where you're actually taking dozens of pieces of
metal and putting them together in different configurations.
Why is it important to avoid complexity?
Complexity can often be marketed to you as having a lot of features, as being able to
do many things, or in some cases, we have this saying of security through obscurity.
Sometimes there will be products and services out there that put a lot of complex instructions
up front of how you can access or use the product, and it may seem like that would make
it very difficult for an attacker to get through all of those hurdles.
But in most of those cases, there are workarounds where an attacker would bypass most of that,
or in fact, some of those extra steps create vulnerabilities.
I often say that complexity is the enemy of security, and that is because it's more difficult
to fully understand all of the security attributes of a system if it is more complicated.
The more pieces there are to a system, the more interactions there are, the more possible
vulnerabilities there are, and the more time it takes to actually analyze the whole system
and be more confident in it.
Let's pretend you're a hacker.
What's the main thing you do to steal my Bitcoin?
Most of it just has to do with reusing vulnerabilities in other systems.
We know that people are lazy.
A lot of people don't even use password managers.
They probably use the same one or two or three passwords in all of the different services
that they use.
The other thing that we know is that over a long enough amount of time, almost every
third-party service out there will get attacked, will get breached, and their database will
probably get leaked and sold on the darknet.
One of the most common things that we see happen, actually, is just people buying up
stolen credentials, essentially using this to impersonate someone.
If you run an online service like I have for many years, then what you see happen in your
logs is basically people come to you and they just go through a whole list of usernames
and passwords and try every possible username and password that has been leaked that they've
been able to get their hands on, because they know that some of them will probably have
been reused on many different services.
The best thing that anyone can do, just for general cyber security, is to use a password
manager and have that password manager generate your passwords for you.
If you know your own passwords off the top of your head, you're doing it wrong.
What should I do when I get my very first sets?
When it comes to actually securing your Bitcoin, it's going to be different for everyone.
One of the things that I think comes into play first is, how much are we talking about?
I usually categorize it into three different tiers.
You have your pocket money, basically, an amount that you probably walk around with
in your wallet, maybe a couple hundred dollars, euros, francs worth of Bitcoin.
Then you have small investments, somewhere from a hundred to a few thousand dollars.
This will vary from person to person.
Then you have life-changing, substantial amount of your net worth that you have in this system.
Each of these different tiers, I think, requires different trade-offs.
Most of the time, the trade-offs that we talk about are between convenience of using and
accessing it versus securing it, which is literally making it inconvenient to access,
both for yourself and for attackers.
For really small amounts, it's actually not terrible if you keep that with a trusted third
party because even if that trusted third party gets hacked or takes your money, it's probably
not going to meaningfully affect the rest of your life.
You'll get over it just like you would if you dropped your wallet on the street and
had to start over.
For a non-trivial investment, you probably at least want to take self-custody of it,
withdraw that money to a wallet you control yourself, and I would say probably take it
offline.
This means you're going to be making an investment of somewhere between $50 and $100 for a hardware
device, Trezor, Ledger, cold card, there's a lot of good ones out there.
This will protect you from really 99% of the possible attacks out there because you're
no longer exposed to any of the hackers online, it's really only physical attacks and loss
that you have to worry about.
And then finally, at the extreme end, if you have such a substantial amount of your net
worth that's in this system, then your primary goal should be to eliminate single points
of failure.
Basically, you want a setup that is so robust that you can make a mistake.
You can be human, you can have something go wrong and not result in that being a catastrophic
loss that you'll regret for the rest of your life.
And that's really what I've focused on for the entirety of my career in this space, is
using aspects of the protocol, best practices that we've learned over the years from seeing
many people lose their money, and employing hardware and software in such a way that it
can protect people.
So this generally comes down to putting your money into an architecture that has multiple
keys, we often use the term multi-sig or multi-signature, and having those keys on offline devices and
distributing those keys geographically, and it's this distribution across different devices
from different companies and different supply chains and putting them in different physical
places, which means that if something goes wrong with any one of those keys, then it's
fine.
You just go buy a new key and you can rotate your key material to reconstitute your keyset.
But this can be overwhelming for the average person, they're probably hearing terms like
multi-sig and multi-keys and stuff, and they're like "I don't know how to do all this."
So that's why I started a company that specifically is for a consulting service to help people
do that.
If there is one question you could ask Satoshi, what would it be?
I would ask Satoshi what they moved on to after Bitcoin, what was so interesting to
them that they thought it was better to work on than Bitcoin.
What do you like the most about Lugano so far?
Lugano is a great walkable city, very clean, with many Bitcoin merchants so that I can
walk around and not even have to exchange any of my dollars for francs, which is very
convenient.
What do you think about Lugano becoming a Bitcoin adoption hub?
It's interesting to see because I've been to a few other places around the world that
have done that, but I think Lugano is the first where it's already a very wealthy city.
It's a first world nation, already had great access to banking, and it's something that
has been done not necessarily out of necessity of the merchants, but rather because I think
that they understand some of the complexities and intricacies of the financial system and
that it's great to have alternatives even if you may not feel like you need them.
Did you have the opportunity to buy something with Bitcoin in Lugano?
Yes, I've been to some restaurants and had some excellent meat in Lugano.
If you have to convince someone to go to Lugano, what will you tell them?
Switzerland is an excellent nation with a very long history of neutrality and also banking
privacy and freedom.
If you're interested in freedom and privacy and living well, I think Switzerland provides
a nice little pocket in the middle of Europe for people to do that.