Coinbase now storing 87% of customer funds offline

This is what you get when you have amateurs try and develop security systems. While I applaud them for at least trying, and I realize that hiring an actual security consultant is unlikely to happen, it pains me to see their security system as described.<p>A half-decent systems security architect (in the whole scheme of things) is not that expensive - I'm sure someone like @tptacek would provide a referral to someone charging less than $1000/hour who could, in a matter of two or three weeks, architect an actual secure solution, with HSMs, XofY authorization procedures and so on, that the good people at coinbase could (or not) go off and design/deploy.<p>[edit: Part of my pain at looking at this system, is seeing all the many, obvious flaws, that other industries that need security (military, banking, smart grids) have had to deal with and have solved in elegant, secure, reliable ways. I work in an industry where no one individual can be allowed to have excessive rights, privileges, or power over the system under their control. The many, many, many layers of security, audits, rights management, and AAA we have in place do so are impressive (though, ironically, one of the elements does involve acid-free 100 year paper in Safe Deposit boxes). Reading through the coinbase description though, is akin to reading about the encryption system created by someone who had never taken a cryptography course.<p>The outputs from both groups can be trivially shown to be completely flawed by those who've had the opportunity to see how it's properly done.<p>With that said, at least they are _trying_]

This is both awesome and hilarious at the same time.<p>The whole point of bitcoin was to decouple currency from institutions (banks/governments etc.).<p>Instead they're right back where they started - only they've replaced gold/currency with bits that can be easily copied and stolen.<p>&#62; "Oh but the government can't inflate us away!"<p>No, but they sure as hell can take away your "safety" deposit box.<p>&#62; "But private property rights! Rule of law!"<p>Ever heard of the quote: "The guy with the gun make the rules"?<p>Rights don't exist separate from external force (aka the government, corporations, military, mafia etc.). Neither do laws. They are merely useful abstractions - but don't mistake map for territory.<p>Rights/laws are, quite simply, power group sanctioned specific use of deadly force for the benefit of one or another specific group (dictator/oligopoly/the people etc.).<p>They don't actually exist. Like money, land titles, contracts and bitcoins.<p>Actually, now that I come to think of it a lot of things in society don't actually exist - honour, respect, gods, free markets, meritocracy, a just world and oh so much more - but let's not get ahead of ourselves shall we.<p>I'm limiting myself to shattering only one illusion per day.

FYI, the state of California has been known to escheat the contents of safe deposit boxes under certain circumstances. It has been known to happen by mistake or in cases where it obviously shouldn't have. If the box is escheated, the papers would be immediately shredded, and the USB keys auctioned off. You'd end up with a few cents from the state (for the USB keys, pennies to the dollar) and absolutely no recourse.<p>I would highly recommend getting a 2nd safe deposit box with a different bank and store the exact same contents in both (or better, get 3+ total and use m-of-n encryption... but in reality the effort involved would not be practical unless you rarely dip into offline funds).<p>PS: you're saying I only need to search banks in the bay area for one with that color scheme, floor tile, and banker, then drill/blast the box shown and make off with 90% of Coinbase's deposits in untraceable cash? Free tip #2: change boxes, soon.<p>[EDIT: that said, I appreciate spreading the word about offline storage. It would have been better to do a blog post (maybe a follow-up?) on how others can do the same thing with Armory running on a live-cd.]

Optar (linked in the comments) looks like an interesting way to archive small amounts of data. Up to 200kB per A4 page. <a href="http://ronja.twibright.com/optar/" rel="nofollow">http://ronja.twibright.com/optar/</a>

Pretty cool to think about designing a bank from the ground up without any pre-existing conceptions or regulations.

This is a little OT, but I am confused. I just opened an account at MtGox and it is asking me for a verification step, one which will include all my personal data, and a image of my face or scan of an ID card.<p>I thought the one aspect of bitcoins was anonymity?<p>They also have been the victim of at least one, probably more, hacking escapades. Why would anyone be inclined to give them this information?<p>What is a good recommended place to purchase a few coins just for fun? And then do most people xfer then to this CoinBase?

Worth noting is that the contents of a safety deposit box are not insured by FDIC. I hope they use two distinct banks for redundancy.

The private keys are still vulnerable when they existed on the servers. It would be possible for their servers to be unknowingly breached. Moving the private keys offline won't help if they've been maliciously copied. The thief could wait a while (months, year) before stealing the funds.

I can't believe that with 45 comments, no one has mentioned BlockChain.info or other "zero-trust" solutions like Electrum.<p>That way your "funds" are in the BitCoin block chain, and no person, website or service provider can steal them from you, as long as you're certain of the security of the environment you're entering your key in.<p>These solutions rely on you only ever using your private key to sign things OFFLINE, and then reconnecting to perform the action you signed for. BlockChain.info provides an implementation in Javascript; there are also other lightweight clients like Electrum.<p>The steps BlockChain has gone to to allow you to verify, (with the open-source Javascript Verifier Chrome/FF/etc plugin that checks the page js to the github page), that the client-side code is secure, is frankly kind of inspiring.

Could somebody suggest an easy to use tool that would allow them to encrypt the stored information so that it could be only decrypted when two out of three employees collaborate?

Interesting, but I suspect "real" banks have a long time ago devised a better solution: instead of storing money, they lend it out to other people. That is presumably how they make most of their money.<p>But perhaps the old school "let's store money in a vault" thing becomes viable again with BitCoin, will be interesting to see.