SatoshiLabs’ ‘Champion’ Alena Vranova on Security, Reputation and BitPay
The BitPay debacle has demonstrated one thing above everything else: We aren’t a mature, professional industry just yet. While most of us have known that for a long time, the recent events underline the fact that even at the upper echelons of the industry, we still have amateurish security practices and behavior.
The silver lining to the Mt. Gox failure was supposed to be that it acted as a cleansing event, an event that caused industry as a whole put on their big boy pants and started making Bitcoin live up to its promise of a secure digital currency.
Of course, Bitcoin is a secure digital currency, but with continual hacks to third party services, it doesn’t look like that from the outside. Furthermore, it simply isn’t secure for the average consumer. It is one thing to tell the relatively tech savvy early adopters of bitcoin (which includes most CoinJournal readers) to secure their bitcoin using offline wallets and multisig wallets, it is another thing entirely to get the average American, whose main exposure to “geek culture” is the Big Bang Theory, to follow those practices. People are used to banks and Paypal and Apple handling their security. They don’t have any understanding on how to do it themselves and there is scant evidence that they are interested in learning.
Bitcoin needs exchanges, and it needs simple web wallets where the average user can hold their cash. Perhaps with an extensive education campaign, and a service that makes it simple, we could convince a number of of the mainstream users to keep their Bitcoin savings in paper wallets, but if we want them to spend bitcoin and contribute to the economy, asking them to download their own copy of the blockchain and hold their own private keys and do everything they need to do to keep their hot wallet both safe and accessible, is unrealistic.
There are plenty of services that make Bitcoin simple. Coinbase, Circle, BitPay, BitReserve, Bitstamp, they are all relatively simple to use and could be figured out by anyone with a minimum understanding of technology. The problem is that every event like the BitPay debacle lessens the trust for all those other services. It is harder for me to recommend any Bitcoin exchange or webwallet to new comers after the hack than it was before the hack.
We shouldn’t forget that BitPay took the hack on the chin and didn’t pass the loss onto their customers (though, it could be argued that their recent price hike might be a round-about way to do just that). But when they sued their insurance company, their lax security practices came out in the discovery process and that hurt their reputation as much or more than the hack itself did. It is one thing to think they lost a few thousand bitcoins to the internet’s most sophisticated hacker, it’s another thing when the hacker simply asked for it from a hacked email address.
Hardware wallets, like Satoshi Lab’s Trezor and several others, do offer a relatively simple and absolutely secure way to hold your own bitcoins. It hasn’t been a perfect solution, the cost of entry is relatively high (especially when considering third world markets) but it has been a definite step in the right direction. Advocates can at least tell newbies that if they are going to invest heavily into bitcoin, they are best off with a hardware wallet.
I spoke to Alena Vranova, listed as the “Champion” of SatoshiLabs, SatoshiLabs is no stranger to security, their Trezor hardware wallet is among the most secure and popular hardware wallets in the industry and its usability, according to reviews I’ve read, goes a long way towards pushing the industry towards that sweet spot of security and usability.
Vranova in particular has experience in the traditional finance world and the insurance industry, making her uniquely qualified to speak on the recent events. We talk about the security in the Bitcoin industry and what kind of effect they have on the reputation of the industry as a whole, and the need for decentralized exchanges. Of course, while we had her attention, we couldn’t help but ask about SatoshiLabs and what is next for one of Bitcoin’s oldest companies.
Ian DeMartino: Bitcoin is supposed to be at the forefront of technology. It is hard to imagine that many other industries have as many technically savvy people as the Bitcoin industry does, but these embarrassing hacks keep occurring to high profile companies in the space. Do you think it is because Bitcoin is more of a target than a lot of other industries, or do you think it is that a large portion of the industry is as incompetent as they look at times?
Alena Vranova: I don’t think it is a bitcoin specific thing, have you heard about the biggest bank heist ever in history, they estimate something like 900 million dollars were stolen from over 100 banks over the course of two or three years. The banks don’t even know where [these hacks] come from or how to stop them. Basically the hackers social engineer access to a crucial point and then they sit there, mimicking the behavior of employees. They estimate $900 million is gone and the banks don’t know what happened.
I don’t think it’s a bitcoin specific thing, but I think bitcoin has better properties built-in, that allow us to prevent that kind of stuff. It comes down to using multisig. What I want to say about multisignature technology is this: the way it is used today, I don’t think that is the real purpose of multisig. Today, people usually use it as a second factor of authentication.
But this is a great technology to manage mutual funds. People just don’t use it. I was really hoping that [BitPay’s Multisig service] CoPay would be used by a lot of people, because it looks really good and is easy to use, but obviously, [people and companies] haven’t been using it.
With multisig and decentralization of the risk, you could basically have a service that hackers wouldn’t target because they know there isn’t that much money in there. When you distribute the risk and have actual bitcoin owners hold their coins and just use the service and then move them out of the service, we are looking at a different scenario.
What I am really scared of seeing in Bitcoin, is all these bitcoin “banks”. [I say] give us the bitcoin, just give them to us and we’ll take of them, but that is not happening. [These public failures are] not happening in [fiat] banks, because they don’t make them public and cover the losses with [the fees on] the payments we are doing with them.
So it’s not as visible as it is with Bitcoin, where you can track everything that’s happening. I would go back to decentralization. There was a good excuse to centralized when there were no real useful tools for end users to protect their own money. Now, we have hardware wallets, so people can secure most of their money themselves.
DeMartino: At least since the Mt. Gox failure, decentralized exchanges have been presented as a solution, but while there have been a few attempts, they have issues with volume and usability. What do you think needs to happen for these kind of services to exist and be successful?
Vranova: It depends on what kind of information these services store, but all the big VC money goes into services that collect data. They collect a lot of personal information through user accounts.
So, of course, this VC money comes with a marketing budget letting all the people know “come here, use this service because it is wonderful.”
Maybe with some activities that some people do, they don’t have this killer argument for the venture capitalists to get people there. It is all about communication and explaining why [decentralized systems] are better than say, Coinbase. So it is staying a niche market because I don’t think they have the [funds] to do massive marketing. Also, in general, the adoption rate isn’t skyrocketing, so that doesn’t help.
DeMartino: Besides multisig, what do you think bitcoin companies should do to avoid social engineering hacks? Since centralized bitcoin companies don’t seem like they are going away anytime soon. So what can they do to limit the damage of a social engineering hack or avoid it all together?
Vranova: They can definitely limit a lot. But, in the end, it is all about personal responsibility. If my partner wrote me an email asking for 1000 bitcoin to be sent to this address, the first thing I would do is just pick up the phone and ask him. This is something that you cannot really enforce, but you can lead your people to this system. You can try to prevent [these kind of hacks] with education.
What we did with myTrezor, when you want to send more than two bitcoins it says “hey, that is quite a lot of money, please verify your payment address with your counter party with another communication channel, either a phone call or SMS” So you can educate people and make them aware that there isn’t much risk left. If you have, for an example, a hardware wallet, you are basically protected against almost every digital theft, except for phishing.
That is one of the only things you still have to be aware of, hackers trying to put in a different address. So if every wallet put in a notification saying “go verify” that would get us one step closer and it wouldn’t require a huge investment.
DeMartino: Do you think these hacks have an affect on Bitcoin’s reputation in the general tech world?
Vranova: Yes, so imagine you are a newbie, you go to Coinbase or Circle and you get your first wallet with blockchain.info and it’s all free and easy to use, but then your first experience, before you even send your first bitcoin, is that they are gone.
So, yeah, Bitcoin needs easy to use and intuitive security instruments. I’m talking about newbies, I’m not talking about professionals that should lead the standards. They should lead in building the tools we need, not having [the kind of] disasters we have been seeing.
DeMartino: Are there any tell-tale signs of an insecure bitcoin company that customers should look out for, or do they have to depend on faith on some level?
Vranova: I’m a little bit bias, because I’m behind the Trezor project, but I would recommend to everyone to make sure these companies aren’t holding on to your bitcoin. Or at least do some research on reddit or ask friends who are more experienced, and then, if it is an exchange, just buy your bitcoins and then transfer them away to some hardware wallet or something that you yourself can manage and then you don’t have to ask anyone.
The most important thing about bitcoin is to explain to people that this is your private money and you don’t have to keep your money with Mt. Gox or whatever bitcoin bank. But, it is really convenient [to put your money in a bank], we are used to being babysit by the banks and authority. So it is convenient and I understand why people do that.
But it is also up to the media to explain to people that people don’t need to do that at all, because it is their private money. I am quite terrified of the impact of cases like BitPay, not just because of the reputation, but because it attracts the regulators who will say “lets make another nice law that will prevent these things and yeah, it will make things a little bit slower and a little bit more expensive and we will collect all the data” and this is a spiral leading back to the same old system we had before.
Some auditor is collecting that data on people and when you look at the history of big companies collecting data, they have been unable to protect it.
I hope the BitPay case won’t have the aftermath of regulators going crazy. Events like this in general, is the threat to bitcoin. I’d like to see it evolve without that burden of regulation.
DeMartino: Do you think Bitcoiners that want to avoid regulation, have a moral obligation to avoid companies that might invite regulation through these kind of failures?
Vranova: I don’t think it is something that most people are aware that this is something important. The core bitcoiners do but a lot of newbies are unaware of the impact they create.
I wouldn’t really say moral obligation. I would say it is in their advantage to behave responsibly and to understand that this is private money and they are free with bitcoin, to behave as they want and use their bitcoins as they see fit and not to have to go back to the old system, because that’s contradictory. I think bitcoin is quite opposed to the banking system we have right now.
DeMartino: One thing I found interesting about the BitPay case was that they had insurance at all. Do you think the traditional insurance model works with bitcoin or do you think that is something that needs to come from the bitcoin community?
Vranova: Look, I’ve been working in banking and insurance for like 12 years, and what I can say is you can definitely have some insurance coverage that covers internal fraud and cases like that. I’m not familiar with the terms and conditions that BitPay had, but in general I think that [insurance is the] wrong concept.
In Bitcoin, you have ways to ensure [these thefts] won’t happen and you can do it on the technological basis. Just for an example, two of five multisig. You just need two people to have a look at the transaction and to use common sense.
How could you expect people to to use common sense if there’s a regulation you have to use common sense? No, true education, that is the best regulation. Not through limits and and collecting data. I would prefer that the state, if they want to influence the well-being of people, invest money into education instead of regulation.
DeMartino: So what you are saying is that technology should be your insurance, rather than a centralized insurance company?
Vranova: Definitely, I mean, I totally understand why they got the insurance. It looks good and it’s a good marketing claim, but then they totally failed in their internal processing, and well, it is no wonder the insurance company is like “sorry it was a wallet voluntary transaction.”
As I said, I cannot judge because I haven’t seen the terms and conditions for their coverage, but generally speaking insurance usually covers something that have events where [the thief] has to use some kind of force to overcome obstacles. It is questionable if things like voluntary payments authorized through confusion were covered. But yeah, as I said, in Bitcoin, you don’t need institutions like insurance companies.
DeMartino: Moving onto SatoshiLabs, do you guys have anything coming up? Like maybe a Trezor 2.0 or something like that?
Vranova: [Laughs] Trezor 2.0 is currently being discussed and designed so yes, but I don’t want to make any announcements, because it’s not ready yet.
We have a lot of other ideas that I’m not allowed to speak about. It is terrible, because I know we’re cooking something but I have to be patient and just give more information when it is time. This is something that is a little bit different between the US and Europe. I think US guys, when they have an idea, they go on a bit about it and then they they need some investors, so they hype the entire thing. And then you have some European start ups that prove a concept works and [laughs] here we are.
DeMartino: Yeah, you see a lot of that in Silicone Valley especially.
Vranova: Yeah, yes [laughs] I think a month ago, I visited San Francisco, LA and New York and that was the biggest difference I noticed between how we do things and how you guys do things. It’s different.
DeMartino: I read that your share of the hashing power of Slushpool increased significantly. Do you have any idea why? I know a few competitors dropped out of the market and you guys had some new incentives, do you want to talk about that a little?
Vranova: The hashhrate went up when we started the voting for BIP101 and I think a lot of people joined out pool because of that and we also invest quite a lot into designing everything. I don’t know if you are miner or you tried the website, but it’s one of the best interfaces ever. I haven’t seen a pool that provides so much data and statistics, it looks good, the infrastructure is very solid.
The voting definitely helped in increasing the hashrate, but then the people stayed because they they realized it’s a good place to to mine. We are one of the very few remaining real pools. By that, I mean that we don’t operate our own mining farms. We don’t rent out our hashrate, we just provide a service to people and all the hashrate that is there is organic from other miners. Miners join Slushpool because they like it, as opposed to a lot of the other pools, that basically operate their own mining farms and then rent out some hashing power and that’s it.
DeMartino: Last question: You mentioned to me that you feel multisig is being used wrong. How do you think multisig should be used as opposed to how it is generally used today?
Vranova: Well, having more parties cosigning transactions, so you can have one guy using the CoPay the other guy using the Trezor and then another guy using another wallet and require it be signed by two of five. At least then, two people have to cosign the mutual funds. [It shouldn’t be that] I’m using multisig because one of the signature is coming out of my wallet and another is coming from the service provider. But it’s a shame because multisig is a beautiful tool and companies like BitPay don’t use it in that way, even though they invested in it.
We would like to thank Alena Vranova for taking the time to talk to us. You can find out more on SatoshiLabs and their products by visiting their website.