Comment on Proton Now Has a Bitcoin Wallet
corbin@infosec.pub 4 months agoIf you want to beat inflation, dump the money in a high-yield savings account, or a 401k, or a stock index, or any of the other options that have something resembling banking protection/regulation. There are so many better options than a speculative investment that you lose entirely with a social engineering attack or a SIM swap.
jarfil@beehaw.org 4 months ago
Lower risk, lower reward. Keep in mind that 401k is not 100% guaranteed either.
SIM swap? You mean like SMS 2FA? (don’t use SMS 2FA, BTW).
Anyway, if your risk scenario includes a “wallet inspector”, you definitely shouldn’t buy Bitcoin, or carry money around.
prole@beehaw.org 4 months ago
Nobody is going to SIM swap you unless you have a shitload of crypto and let everyone know about it. It’s not an easy attack, so it would have to be targeted. Pretty easy to not be a target (not having millions of dollars of crypto on a wallet helps).
jarfil@beehaw.org 4 months ago
I want to have a shitload of crypto and let everyone know about it… where do I post my receiving address…? 😅
Anyway, my point was more about not using a SIM as a security mechanism, ever. It wasn’t designed as one, and still isn’t.
As for being a target… something like 2 years ago, I had a chance to get a glimpse at a C&C panel for some malware. It didn’t bother checking your balance, just vacuumed all and every password from every app on an infected phone, along with all sorts of data about the phone, SIM, SIM2, etc. Cloning a SIM is so easy, they’ll do it just to get your $50 worth of NFTs.