Chat_117 - Bitcoin Threat Vectors on Final Settlement

November 08, 2024 01:22:18
Chat_117 - Bitcoin Threat Vectors on Final Settlement
Bitcoin Audible
Chat_117 - Bitcoin Threat Vectors on Final Settlement

Nov 08 2024 | 01:22:18

/

Hosted By

Guy Swann

Show Notes

In this previous episode of Final Settlement, I joined the show to tackle custodial threat vectors and the security challenges unique to Bitcoin. We discussed Bitcoin as apolitical money and its role as a digital bearer instrument, which brings with it the complex issue of secure custody. I shared insights from a recent personal security incident when my room was broken into at a Bitcoin conference in Lugano, underscoring the very real risks we face.

We explored the evolution of Bitcoin custody, the importance of multisig setups, and the approach of Onramp’s Multi-Institution Custody in mitigating custodial threats. Raising awareness about these risks is essential, and this conversation offered important takeaways for anyone looking to secure their Bitcoin. It’s a crucial discussion worth revisiting as the industry continues to grow.

Link to original episode: Final Settlement E016: Assessing Custodial Threat Vectors with Guy Swann (Link: https://tinyurl.com/3be22hjw)

Guest Links:

Host Links

Check out our awesome sponsors!

 

Trying to BUY BITCOIN?

Bitcoin Games!

Bitcoin Custodial Multisig

Education & HomeSchooling

View Full Transcript

Episode Transcript

[00:00:00] Speaker A: The 201314 era with conferences and stuff. Like, people like, everybody's like wearing masks. Everybody. Nobody's bringing. Nobody's connecting to WI Fi. They're like, you set up WI Fi. You just trying to. You're just trying to get in everybody's devices. Like, it was like everybody was crazy paranoid, like satoshi level paranoid back then. And all that went away. Everybody just got complacent. It's just a fun nerdy thing. And I think it's really important to remember what level of attack and what level of. This is cash, man. Yeah, like this is literal cash. [00:00:53] Speaker B: What is up, guys? Welcome back to Bitcoin Audible. I am Guy Swan, the guy who has read more about bitcoin than anybody else. You know, we are getting into a chat episode today. This one is with Cam and Brian from Bitcoin on Ramp or from the. [00:01:11] Speaker A: From final. [00:01:12] Speaker B: The Final Settlement show from the guys at Bitcoin on Ramp. And I have an affiliate link actually with Bitcoin on Ramp because I. I know those guys, I trust them and they run a really cool service, especially for people who aren't quite ready to dig into like fully sovereign multisig, but want to get the benefit that multisig gives you and extremely strict and distributed keys. So you don't have to trust one counterparty or one company or even one jurisdiction. They have specifically cross jurisdictional multisig now just as a service. That's actually what this episode is about. It's not about bitcoin on Ramp at all, but it's about how to protect your bitcoin, how to think about multisig protecting your keys against different scenarios and in different environments. And because of that, we end up talking a lot about the guy who broke into the room and kind of the situation and the. What exactly happened there and how to protect yourself going forward. And one of the big things, which I pretty sure I talked about this in the episode, I can't remember because we talked, we continued to talk after about a number of these things. We stayed on and just kept chatting about this. And one of the things that I want to say and make sure that I reiterate this and you may hear me say this in the show, is that my camera was the biggest weapon that I had that I didn't use and how powerful it is. Just being able to find him on the security footage so that we could begin to get an idea of what he did and what had been going on was huge because that answered so many questions. There's still plenty of Questions left. But having that camera on and recording the situation is unbelievably valuable. And I should have had his face when we couldn't find him in any other security camera. We could not place him or did not have a camera that was close enough to see his face. I was standing right in front of him and I could have gotten out my camera and I knew something weird was going on. And that should have been my reaction. [00:03:25] Speaker A: It should have been. [00:03:25] Speaker B: My motion memory should have been like, what's going on? Turn on the camera. So we do talk about that sort of stuff, too. And just like, very practical security on top of multisig and then all of the different dynamics and the variances of multisig that you can do and how you can make this easy versus overcomplicating it, the risks, like all of this stuff. Because not only is it far more relevant right now in my situation and how I want to think about things going forward, but I think everybody just, we're back into a bull market. The price is up. [00:03:59] Speaker A: This. [00:03:59] Speaker B: The whole space is about to go crazy. It's running into the political and financial world at a crazy pace right now. We need to be thinking about security. We need to be thinking about attack vectors, and it's time for us to be paranoid again. We need to be paranoid crypto anarchists protecting our Bitcoin. And we need to think about that. And we need to utilize the tools that have been made easy so that they're. So that we can use them. And that's basically what this show is about. So I hope this is really valuable. I thought this was a really important discussion and they hit me up and like, we should talk about this. And I was like, oh, absolutely. This will be great. And of course also, like I said, I like the company, if you're interested, if their service is something that's relevant. [00:04:41] Speaker A: I have an affiliate link right down. [00:04:43] Speaker B: And I think there's a discount code. I think it's like 10% discount or something. I could be wrong. I don't remember. But I have an affiliate code for them. So if you want to help out the show and you want to try out their service, which we don't really talk about that much in the show, but you'll get some details if you want to try that out. That link is right down there in Description, as well as a bunch of other trusted services and tools and products that I use in the space. And that's a great way to help out the show, aside from just sharing it out, telling Everybody and you know, posting it on social. [00:05:11] Speaker A: Big help. [00:05:12] Speaker B: Thank you guys. For everyone who does a shout out to everybody who boost me on Fountain. By the way, I've been reading some really great comments. Thank you. Good to hear some of you guys were super supportive about basically everything that's been going on. [00:05:24] Speaker A: It's awesome. [00:05:24] Speaker B: So shout out to all you guys who stream sats and boost on Fountain. With that, let's go ahead and get into today's chat on bitcoin threat vectors with the team at Bitcoin Onramp. [00:05:41] Speaker C: Welcome back to Final Settlement, everyone. This is episode 16. Great show for you guys. Today we have the great guy Swan, prolific bitcoin educator and host of Bitcoin Audible, which I'm sure many of you are familiar with. We have lots to get to today, but it is somewhat of an important day. It's election day here in the United States. [00:06:07] Speaker A: Twitter social is going to be so unfun today. [00:06:11] Speaker C: A lot of doom scrolling today. I imagine. [00:06:14] Speaker A: All the numbers are so good. We're totally winning. There's no fucking charts. Too many of these people have voted. [00:06:21] Speaker C: I mean, it's been a crazy. Just few weeks, a few weeks. You can't look at anything objectively and say like this means anything. So, yeah, it's been a whirlwind of a few weeks leading up to this. But yeah, welcome to the show, guy. Yeah, man, happy to have you. [00:06:41] Speaker A: Thank you. [00:06:42] Speaker C: This will be a great conversation. But on the topic of the election, I mentioned before we hit record, I wrote a piece for Onramp about a year ago today, and it was called Apolitical Money. And it was really looking at bitcoin, you know, from its foundational level. The core protocol itself is, in my mind, apolitical in many ways. Just in terms of, you know, at the core of it, you know, you're trusting math instead of fallible humans. Right. And part of what I also wrote about is looking at the trajectory of traditional assets, you know, most importantly, the dollar, that have become increasingly politicized over the past several decades. And bitcoin stands in contrast to that in that at its core, it's harder to politicize. But the interesting paradox that I called out was that, and I wrote this about 12 months ago, but it was really the past 12 to 24 months where I started to see bitcoin become politicized in the sense of certain politicians understanding what it represented to a certain cohort of voters. And that being really freedom money at its core. And so those politicians latching onto it as a talking point, something that they would be willing to vouch for if they think that they could win those votes. So, Guy, I'm very curious to get your thoughts on this concept of bitcoin being apolitical. But then the very clear trajectory that we've seen of, you know, the past year or two, where it's really, you know, bitcoin has, has shifted the Overton window in some sense where politicians are talking about this regularly now. Like, I think if we just rewind four years, like that seems kind of insane that that's where we're at today. Sure. But yeah, we'd love your thoughts on any of that. [00:08:33] Speaker A: Yeah. So I've, I think I've probably had posts and maybe even episodes on the show where I talked about like bitcoin as apolitical money. Because like, from a purely like, practical sense, or I, I guess technical sense from just like pure, like, what is bitcoin? There's no politics. Right, Right. Like it is, it is genuinely a political money. It does not and cannot care about anything. Whereas you talk about like the dollar being politicized. I think it's a great example because you can see, like the dollar is literally being used as a political weapon against people because it is permissioned and because it is controlled, it can be selectively manipulated for a certain cohort, like, so that someone who has the wrong political opinion or lives in the wrong direct jurisdiction literally does not use the same money. It doesn't work the same. And in that sense, like, bitcoin is pure apolitical money. But the thing that gets me about this, and I kind of go back and forth between whether or not it's an accurate description because a lot of politics is about controlling other people. A lot of political ideology is about everyone should do this and if they don't, the state should force them. And in that sense, bitcoin can't be apolitical in that environment. It's like saying a gun is apolitical. Sure. From a technical sense, there is no politics in a gun. But between a socialist and an individualist, somebody who actually believes in freedom, a gun is a very political tool. You know, like, so when it's kind of boots on the ground, which political ideology does it actually defend or enforce? Like, from an individual perspective, it's totally apolitical. Like whether you are a socialist or whether you are a, you know, freedom loving, whatever, you're a crazy right wing white supremacist or a Nazi or a Russian or kid in China, doesn't matter. It is perfectly apolitical according to the individual, but according to the group. There are very different ideologies that can be either defended. Like a socialist can defend themselves and do everything, like apolitically with Bitcoin, but the socialist ideology cannot sustain itself using Bitcoin because it literally negates one of their fundamental tools of collective control and one of the most important tools of collective control. So it's weird because, like an. At an individual technical. Like just purely what is it level. Of course it's apolitical. It doesn't do anything. It doesn't have a notion of who is using it. That's why we say bitcoin is for everyone. Right. Can't persecute you for your religion or your sexual orientation or anything like that. But from a collective sense, when many people are using Bitcoin, there are certain political ideologies that just won't work. And that's a really interesting dynamic. And it makes it hard for me to say, like, I completely understand the argument on both sides, you know, like, whether it is apolitical money or very, very political money in a certain regard. So I guess maybe it's like the scale or where in kind of like the layers of politics you're talking about and how. Because yeah. [00:12:12] Speaker C: Is sort of what you're getting at and correct me if I'm wrong, but for the individual, like, you're saying bitcoin as a tool is apolitical. But if you fast forward, I guess Bitcoin adoption to it being more of a ubiquitous tool and an entire community or say, country is using Bitcoin, then there are some parameters within which it may. It's not that it's political, the tool, but there's certain political realms where that could go in a fully bitcoinized world. Is that kind of what you're getting at? [00:12:47] Speaker A: Yes. And what's a better way to say it? Maybe the way to say it is from the individual perspective, Bitcoin is completely, completely apolitical. But the. And that's like bitcoin the thing or the money. But bitcoin as a network is actually a set, is actually a political structure. It's actually a set of rules. You know, all politics is, is a set of rules. Bitcoin is the network is a set of rules that is inherently political because it is in that environment. It's rules about who owns what, how you determine ownership, and who has the rights to do what in the network. That's a political institution. It's just one that doesn't have ownership. [00:13:34] Speaker D: Ideology, then that bitcoin represents is a meritocracy. Right guys? It's not a system which if your system that you're supporting is one based on socialism or communism or the fifth pillar of the Communist Manifesto is central banking. So if those are some of the core tenants of your group or like what you spouse at the individual level, this bitcoin system and network is not going to work for you and doesn't align with the way that you want to try to better the world or whatever your aims are, whether they're nefarious or in your mind. Good. Because you can't do things such as redistribute wealth at wealth. You don't have that centralization of control that allows you to redistribute resources in whatever way you see fit. Again, whether you perceive that to be for better or for worse, Bitcoin doesn't allow that for better or for worse, and we would say for far better. But the playing field is equal in level and the rules are fixed and the money is fixed. [00:14:34] Speaker A: Yeah, yeah. It's kind of like a. Everyone is equal before the network or everyone is equal before the cryptography. Like outside of that, you know, it's your obligation, it's your responsibility to deal with that. But in the context of Bitcoin, it doesn't matter if you can sign for it, it's yours because the rules are independent of the like we. It's, it is, it is a completely unique and completely independent set of property rights. A system of property rights in the digital realm, in my opinion. And I think that inherently can't be apolitical from that top down view, but from a personal perspective, like from the individual using Bitcoin. There is no politics in Bitcoin. It's a very, very interesting thread to pull on. I've done it for many times, many times. A long time. [00:15:32] Speaker C: Yeah. And it's also been interesting that I think something that supports everything that we just walked through is that there's, you know, it's hard to estimate the size of this cohort, but there's a cohort now in America where bitcoin support for bitcoin is. You know, these people are single issue voters. And so is that political? Like if, you know, if this is the only thing a certain co, a growing cohort of the country cares about, then it's entered the political realm in the sense of the existing parties. The existing political infrastructure needs to now consider this thing. And so that's just been a fascinating. [00:16:18] Speaker A: Thing to watch play out certainly makes it politically important. [00:16:21] Speaker C: Yes. [00:16:22] Speaker A: It certainly puts it on the political playing field. It's a ball in play, that's for sure. [00:16:28] Speaker C: And it's funny to me, I was thinking about this morning, I would say over the summer after Nashville, I think there was sort of the expectation that the game theory we all like to talk about would play out and ensue. And I don't think we really saw that to the extent that maybe people expected to back then. In terms of the Democrats trying to match Trump's favor and excitement about the bitcoin community and reaching that, that now single issue voting block. [00:17:04] Speaker A: I would say there was a couple comments. I would say the game theory did play out, but it played out with them shutting down their attacks of it. Like, they're just like, shut up. Stop talking about it. [00:17:16] Speaker C: Right. [00:17:16] Speaker A: Because we look like the opposite of this. It is the game theory playing out, but it's not the game theory that, you know, many assumed of them, like, oh, well, we're just going to try to go harder. They're not trying to outcompete Trump. They're just trying to not look like the thing that makes Trump look good. [00:17:34] Speaker C: Yes. So that's fair. [00:17:36] Speaker A: They don't like it and they don't want to like it, but they can't say anything bad about it because now they know what that means and what that's going to look like when you're holding it up. You know, which, which one of these pictures, you know. [00:17:48] Speaker C: Right. [00:17:49] Speaker A: You know, when you're making that comparison. [00:17:50] Speaker C: No, that's, that's a great point. But another sort of a transition to, you know, you mentioned this. There are very, you know, there are many very unique attributes of bitcoin. I think one of them that is worth talking about is, you know, it's, this is a digital bearer instrument. And that just really hasn't existed ever in human history. And so I think as a species, we are still grappling with and learning to understand what we do with that type of asset. Right. It's been 15, 16 years. We have hardware devices, we have third party custodians. Oh, wow. [00:18:29] Speaker A: We did 16 years, didn't we? Yeah, yeah. Well, since the white paper. 16 on January. [00:18:37] Speaker C: But that's a relatively short period of time in terms of bitcoin learning to drive technological adoption. Like, that's a, that's a blip in terms of monetary history and absolute blip. Right. So I guess where I'm going with this is what are your thoughts on Bitcoin's unique Nature in this way of how it needs to be secured and stored and how you've thought about that over the years and maybe how your thinking has evolved from when you first got into bitcoin to now, and how you think about securing your bitcoin well into the future, handing it off to your kids, their kids. How do you think about that generally and really compare and contrast it to anything else anyone could ever hold? It's very different and I think that there's a learning curve obviously associated with it, but I think it's on us as bitcoiners and as the bitcoin community to not only educate on best practices, but also think of new ways and innovate to make it easier to store this asset in a secured way. [00:19:46] Speaker A: Yeah, so my feelings have been in the same direction, but they have gotten far. The conviction on it has gotten much, much deeper the more time has gone on. I don't do anything that's not multisig anymore. Almost like anything on chain. Like the only thing that's not multi sig, which is actually funny, it is multisig is lightning. Multi lightning is multisig too. So I don't do anything that's not multi sig basically, except for like my hottest of hot wallets. It's just like a single key for, you know, little day to day stuff, but for the things that I am doing, spending out of that, I move from a multi sig in chunks when I need it and then back, back and forth from it. And having, you know, a lot of people like it's so easy to do the mantra of not your keys, not your coins. And I think it's important to remember that those taglines and the, the kind of mottos of the space are guidelines. Like you have to consider the situation, you have to consider the person you're talking to. And I have onboarded a lot of people into bitcoin over the years, a lot. And it is not easy. It is not easy. So many people are confused. So many people need help. And that journey from like knowing nothing and never having any bitcoin to genuinely holding your keys in a way that matters is not sit down with them for 10 minutes, you know, like that's a typically very long journey. To the point that, like, to the point that like I worry about some people that I've gotten into bitcoin, like, I don't like it stresses me out that I feel like I could have, I've put them at risk. And I mean, of course it's not like you know, my obligation to fix their whole setup and do everything for them and, you know, keep their seed, because that defeats the whole purpose of the seed. But it does feel that way, you know, it doesn't. It doesn't help that, like, I know the risk and I know what they could do and what they're likely to do. Like my contractor or whatever, I've been slowly working my way towards getting him in a real setup. He's more of a buy on Coinbase and then accidentally buy some shitcoin that Coinbase told him to and then lose it all because they delisted the shitcoin. And just like, real true story. I was so mad at Coinbase, but God, what a shitty service. Anyway, so I've been trying to figure out how to assist and how to set up somebody's multi sig to negate lost keys, because I think since we've started this, this whole thing, he's lost his phone twice, just, like in construction stuff. Dropped it somewhere, crushed it with a board, you know, like that sort of thing. So having a key on the phone as the only thing that secures this, you know, mobile key is not going to work. Got to have a backup. And also, you know, if I know people who are extremely messy, totally unorganized, they're going to write it down a piece of paper, that piece of paper is gone. You know, like, they don't have a. I know people who live out of their car, basically, like when they're working, you know, for weeks at a time. And that person is not going to have a safe place to store a seed. And multisig is literally the best possible thing for splitting that up for salt. Getting around all of those limitations. Bust your phone, okay? Get the new phone, set up a new. Just start up a new key. You don't have to put down the seed, put it. Do a one out of a three of five or something. And your phone is just the key. And if you lose it, okay, swap it to a new one and you have just enough help to get someone over that hump to be able to recover the key, to be able to, like, just. How do I move this again? How do I, how do I do this? Like, oh, don't worry, it's just this click, click, click and move it to this new key, send. And. And I've also, because of that, have gotten really dependent. That's not the word. Jessica Alibaba. I really, really like the tap signer. And I know it's not the most secure key device in the world, you can't see what you're signing, you know, so if like your software is malicious, but I mean if you know what you're doing with your software, you check the signature and you install it, you know, the idea that it's been edited later or something is just extremely unlikely. Um, but, so you don't see the address with a tap signer like you do with a cold card or Trezor or Bitbox or anything like that. That's, that's the beauty of the ones with the screen. I think you should always have one with a screen in your setup and try to use it whenever you can for that security reason. But tab signer is just something you can stick in your pocket. Like you should have it in your wallet. And people are used to the process. They're used to the mind frame of keeping up with some cards. [00:25:18] Speaker C: Right? [00:25:19] Speaker A: You know, everybody treats their wallet like people who have bad habits in every other regard know where their wallet is, you know, like, and that's hard to beat if you can get a hardware wallet in that wallet. You don't have to change their habits. You don't have to make them understand. They know this is the thing that lets me pay. They know all of the setups, they have all of the right mental frame, all of the habits that are important to keep up with that. And if you do that with multisig, keep this one in the one spot at home where you keep something important. Keep this one in your wallet. This one's on your phone. You can negate so many problems, you can negate so many possibilities of theft, of losing a device, of having your house burned down and not having your stuff, losing those keys. Like it's extremely useful. And the really crazy thing about it is that it's something that you can't do with anything else. There is nothing. There is no financial instrument or tool of any sort that actually has that property except for Bitcoin, which is mind boggling. And it is one of the most underutilized tools in the toolbox. And increasingly I think it's one of the most important. [00:26:46] Speaker C: We totally agree. [00:26:47] Speaker A: Go figure. I would have assumed you guys did not an unintentional advertisement for onramp or. [00:26:54] Speaker C: Anything, but no, you said a few really important things in there. The first being there's not like a one size fits all for bitcoin custody, right? Like there are different use cases, there's different risk tolerances and you know, you can, there's a. There's merit to saying I'm Going to diversify my custody setups. You know, I have a different wallet for different use cases, different setup for different use cases. And much of what we're trying to do at onramp is say to another one of your points, like, multisig is the best. So let's open up the accessibility of this thing called multisig in a way that hasn't been done previously, in the sense that, yes, Coinbase may use multisig for their cold storage, but they hold all the keys, so it's kind of irrelevant in terms of the actual risk mitigation of reducing that counterpart. And so our whole idea is let's distribute the keys to multiple institutions and reduce that barrier to entry to someone, to an individual or an institution getting the best form of custody that is multisig. Let's reduce that barrier to entry meaningfully. And Cam, I'm curious your thoughts on this, because another thing Guy said in there was that sometimes he worries about the people that he's onboarded. And I know I've heard that from you in the past because you've onboarded billions of dollars to multisig, in particular, other flavors of multisig. But curious your thoughts on any of that in terms of the evolution of custody, different models, different use cases, all that. [00:28:34] Speaker D: It's certainly still a difficult problem that we're grappling with, right, Guy? Because I've been using multisig actually, since I met you in 2019. And I got some great advice from Matt and Marty when I was listening to TFTC and started using CASA at the time, and then later worked for Unchained and now with Onramp. [00:28:51] Speaker A: Of course. [00:28:51] Speaker D: I've been focused on it for a long time, and like you, I'm fascinated by it because it's never existed before. It is so powerful. You can have multiple keys that secure this asset. You can sign asynchronously different parts of the planet with different people signing. It's so cool. It's like a James Bond technology that Q developed in the lab that's in the real world and we get to use it now. But then. So one thing you touched on, Guy, that I've been struggling with too, a little bit, is your. When someone either is starting to hold a material amount of Bitcoin, you want them in multisig, and you started to call it some of the reasons. But what I think you're driving at is redundancy, right? Like having eliminating that single point of failure that's a core tenant of bitcoin security. But then the right would see the crossroads is what you're asking someone to do is then just use new technology and use multiple devices and form factors, whatever those might be, whether it's a mobile key in conjunction with hardware, wallets or a tab sign or like there's multiple new piece of technology and you're asking people to change their pattern of behavior or like change the way that they normally go about their day to day life, as you were referencing. So that's where sometimes like then that cause for concern starts to creep in because you know, I'd go back and talk to my clients and like, okay, did you separate the devices? No, they're in the desk. Did you. When was the last time you did a key check? Remember what the wall configuration file is? You know, essentially the backup for your multisig? [00:30:24] Speaker A: Right. [00:30:25] Speaker D: So how do you think about that in terms of like trying to help people in the best practices? We couldn't believe more strongly in multisig because when you have a digital finite bare asset, you have to have redundancy because if you don't have redundancy and it's lost and it's gone forever. So multisig is just the tool that provides a redundancy. But how do you kind of square the idea of the increased complexity that multisig can bring with how human nature, almost more of a philosophical thing or the way that humans kind of manage their daily lives? [00:30:58] Speaker A: Yeah, well, the multisig backup is the big thing for the wallet configuration because you use the exact same keys you can technically, I mean not going to like if depending on like what wallet you're using, a lot of times it will just generate the exact same one because it's got like a default configuration. But you can technically create an infinite number of wallets and you can lose it just by losing your wallet configuration. So it is essentially a. At least in certain regards it has the risk of being another single point of failure because that can be lost. But the big thing is that that is not, is also not a major security risk. So it's easier to distribute. And anybody that I onboard or whatever, I have a couple of different wallets or Excuse me, big fan of ProtonMail. I use ProtonMail all the time and I have multiple different email accounts and stuff. And one of the things I often do, I explain to them what the potential risk is, is that, you know, like I could technically pull this information and I could see what was in your wallet if I wanted to. I don't want to and I don't care. But if you want me to have a backup, you can email it to me. And you should email it to yourself or to your wife or to anybody that you know. Just have this and label it in all big letters. Backup of whatever your app is so that if you ever search whatever you think first, when you think about this wallet, what's. And you wanted to search that. If you wanted to search that in your email, what would you find? Make sure that that comes up in that search result and then just have multiple copies of it. It's easy to mitigate, and it's not a huge. It's not a massive security risk. And if you know who you're giving it to, it's easy to just trust a friend or a family member or something. With a backup of the wallet in the context of keys is I specifically try to be sure. One thing that I actually do for a number of people, especially family members and distant family members that I've gotten into Bitcoin is I just kind of make a habit of like every month, like, shooting out a text. It's like, you know where your keys are? Are they safe? I just kind of do it regularly. And everyone's like, oh, it's so good to hear from you. Yeah, everything's great, you know, so just keep the conversation fresh, you know, because I think it's important just to remind people. And you do that once a month for six months. It's hard for people to forget. You know, it's all. It's always about just a little bit of repetition. Like, that's not hard to do. That is not hard to keep up with. Set yourself a freaking reminder on the Calendar. Text these 10 people or whatever to make sure that they know where their keys are. They will never forget where they are. If you do that for half a year, you know, like, they'll. [00:34:14] Speaker D: You're a good man guy. [00:34:14] Speaker A: It will be in their mind. [00:34:16] Speaker D: Have trouble sending birthday cards on the right date? [00:34:19] Speaker A: I don't. I won't send a birthday card. I also. I can send a text about where your keys are. But then in addition to is, I'll always like to do a setup that kind of forces me to have keys in multiple places. Like, so just as an example is if I'm using. So I always try to use a wallet with a hardware wallet with a screen at some point in my setup. So it Cold card, Bitbox, Trezor. I don't use my Trezor as much as I do. Is typically. Typically a cold card these days. But One that I can verify and I can see, you know what, I can look at that address on the screen. But then I almost universally have a tap signer in my setup now because that one goes in my wallet and that one travels with me. My cold card isn't going to be in my wallet. It's never going to be in the same place. A tap signer is always going to be in my wallet. And then I typically like to have a mobile key and I can actually keep a backup of that in my secure non online password manager or something. So I can treat that key a little bit looser and more easily recover that. And I can put that in an encrypted blob on a storage service or something just as a backup drive for those things. And I can recover that if I lose my computer or my phone or something like that. And again it's one of three. So like if I think that's been compromised, easy to swap out. And I also don't have to keep up with paper backup for that one if I don't want to. One thing I really wish was more standard though because I would love this option is for minuscript to be like far more ubiquitous or easy to work with I guess. And I think there's a. It's not. I keep thinking, always think it's Poseidon. There's a wallet that anchor. Wallet anchor I think is one of the few that has started to implement this. But I love the idea of cascading keys. I would love to have a six month time lock where if I don't have any of the keys my cold card can just sign. But I have to wait six months for the transaction to go through so that I can always just boot up the wallet look and if somehow one of those keys got compromised and somebody sent a transaction and in that time I can still use two keys and be like do somebody hacked my phone or whatever and I can react to it. But in the case where I do lose my tap signer and my phone and compute, I don't know, I lose a whole bunch of things at once. The way the setup is for like my. I mean this is like my day to day wallet that I do like a setup like this so I feel pretty secure in it. But if I did lose it, I would love to have that. I only need the cold card. It's just going to take me six months to get my funds as a backup. That would be a wonderful setup. Another thing that specifically bitcoin can do that you cannot do with any other asset in the world, and I would love to be able to take more advantage of that. The only problem with doing that for other people, I mean, I guess unless you just keep it as dirt simple as possible, like, one key will unlock this in six months, you know, um, is it becomes a little bit difficult to intuitively understand, you know, the. The risk and what to look for. And if they saw a transaction, oh, my God, what's happening? You know, like, if one of their keys got stolen, Granted, they have six months to sort it out, so they would probably just call me, but I might not be there. You know, I might not be accessible, might not be around. Who knows? [00:38:23] Speaker C: So not every. Not. Not everybody has a guy. [00:38:25] Speaker A: Yeah, not everybody has a guy. [00:38:30] Speaker C: But part of the reason we wanted to have this conversation is you put out a tweet a few days ago. You're in Lugano for the plan B conference, and you said, we face the truth. Many bitcoiners overlook being a target is real. A man broke into our hotel room, likely seeking valuable assets bitcoiners often carry. This is more than a story of vigilance. It's a call for every bitcoiner to recognize the stakes. So in as few or as many details as you are willing to share. Would love to hear what happened in Lugano and what were some learnings and takeaways and things that the audience should recognize about what occurred. [00:39:07] Speaker A: Yeah, well, if you want the really long version, I did a guy's take on it. [00:39:13] Speaker C: We'll link to that in the show notes. [00:39:14] Speaker A: Yeah, that'd be great. Thank you. And I tried to do it while I was fresh, right when I got home to just try to get out as many details as possible. I was thinking about it like a police report or something, because I didn't file one yet. Yet. I probably should, but we couldn't figure. We couldn't find the. We were so rushed to get to the train station. Like, I mean, we were like back to. Back to back that. That morning getting out of there. And honestly, I don't feel like it's going to do any good, but I don't know if it's important to have that record. I. I can't convince myself why it's, like, super important to have a police record right now, but I feel like it would be stupid to run into a situation where I needed it and not have it. But anyway, that's. That's beside the point. So it was the night of the first day of the conference, so we'd been there for two nights and did the first day conference and we were supposed to have a speaker's dinner that night. So my brother and I were supposed to be there and it was supposed to be like from, I think it was like 9 to 10:30 or something like that at night. And we went with Mechanic and, I don't know, somebody else. We were hanging out with friends and got there and then we were like, ah. And they were still doing the drone show. And we're like, you know, we're going to skip this. We're just going to do the drone show and then call it for tonight. I'm a dad, I'm lazy. I just, I just want to kick it easy and like go back and like watch some bullshit for a little while and go to sleep, right? And especially I was emceeing the next day. So I was going to be on my feet all day and go over, watch the drone show. It was great. We come back and as we come up, it takes about two minutes to get from the front door up to our room. We're at the very, very end of the hall on the second floor and as we come up we're just walking, solving all the world's problems as we're strolling down the hall and we get about maybe 10, 15ft away from the door. And at the end of the hall there's like three doors right close. There's door right in front of you, door just to the right, and then a door right beside that. And so there was reasonable, reasonable excuse to say that maybe I misremembered, maybe I wasn't sure which door he came out of. But I've gone over in my head, there's no way he came out of our door. And so we're like 10 to 15ft away and he just comes barreling out. And the thing that stood out in my mind that like when the manager was like, are you sure? Like we don't have any record of this, like somebody, you know, went in this door because there's no log. There's a log on the door. Like when you scan a card and it stays on the door, like it's stored inside the little mechanism. There was no log at all that anybody entered the room between the last time that we did at 7 when we left and at 9:07 when we got back. So whatever he did, it should just be a completely mechanical way of opening the door. But I've specifically remembered the way the door closed, like the fact that it closed behind. I mean I. I remember seeing him walking out of the door. But regardless, I knew because I was looking through at the wall in the room and the door closed this direction and every other door was the opposite, like in the. In the area. And. But it was totally took me off guard because, like, it took me like half a second to be like, wait a second. What the f. What is he doing in our room? And then he basically just comes barreling like. Like power walking past me. And I kind of like half stop him. I was like, dude, what are you doing? And he's in plain clothes, he's in all black with a jacket. I didn't remember this, but when we saw it on the footage, both when he was coming in and going out, he had a small shoulder bag. And so he had that with him. I don't know what. I assume maybe it's the device to get into the door. I'm not 100 sure. I still could not find anything that was missing. But he came up, said, what are you doing? He's just. Is good, it's good. And I was like, what. What are you doing in my room? That does. What are you talking about? This. Like, you gotta speak some English here, right? Like, what are you doing in my room? And he's like, water, water. It's fine, it's fine, it's fine. He's like, just pushing past me. And we turn around and start walking. My brother didn't see him exit the room, but he's like, why is this guy so weird? Like. And I'm saying, you know, why did you enter our room? And so we walk him, behind him down the hall about halfway, and he turns around, he's just like, dismissive, trying to pretend he doesn't speak English or maybe he didn't speak English, I don't know. But I assume it's just a defensive mechanism. And he's sweating bullets. He's so awkward. He's weird. He's a little bit shorter than me, and he's just. Just trying so hard to get out of there. And everything about it was so weird and uncomfortable. Like, it was so clear that he was not supposed to be there or that he was scared to death that he was there for some reason. And he just kept saying, the water, the water, the water. And then our immediate. So stupid. I still just can't believe that I didn't just follow him down, but it was still registering that someone had broke into our room, you know? And like, when you're. I really wish I had prepared, you know, there Was there was this era and I talked to Giacomo about this. There's this kind of era of bitcoin at the very beginning where everybody was like crazy paranoid and everybody was going overboard. And then we've just kind of gotten complacent because like not much has happened, you know, during the year, the years and like two hype cycles since the 2013, but like the 201314 era with conferences and stuff. Like people like everybody's like wearing masks. Everybody. Nobody's bringing, nobody's connecting to WI fi. They're like, you set up WI fi, you're just trying to. You're just trying to get in everybody's devices. Like it was like everybody was crazy paranoid, like satoshi level paranoid back then. And all that went away. Everybody just got complacent. It's just a fun nerdy thing. And I think it's really important to remember what level of attack and what level of like this is cash, man. Yeah, like this is literal cash. And one of the, one of the things that's gotten me super rethinking my security and everything. Like I just recently got my concealed carry and I've been doing like a pistol class every month and stuff because I feel like I've really let that not be. Not get the attention that it deserves for just like personal protection and stuff at home. And I've done like some low hanging fruit, you know, security system sort of stuff. We got dogs, loud dogs, you probably already heard them. And. But there was Lop talks about this a lot. And he was actually very conveniently there. And we had a long conversation a couple times about this, but talks about there was a mafia, literally a gang out of Florida that was traveling around the country finding people who had large amounts of just any crypto on that exchange. One elderly couple got hit twice, twice by the same group. And I was regularly reading the reports of this and they straight up, there's one of them kidnapping a guy and beating him and torturing him and sending messages to his family members to, you know, text messages and phone photos. Tell them to send, you know, bitcoin or crypto to the address. There's one of the more common one because it basically time sensitive. You know, you don't, you don't want exposure and you want as few people to know about it as possible. But the most common is home invasion. Beat up family members, threaten to kill kids, threaten to rape wives until you give us your keys. And that happened in the town I read, the town that I live in twice in these articles and I was like, now, you know, there's, there's a lot of things that you can do to protect yourself. Not using KYC is a huge benefit. But also not having stuff sitting in balances is really important because when that information leaks, you know, it's hard for them to know. Like they're always going to go for low hanging fruit. You know, like somebody who does that is a coward. Like, like they're not, they are looking for easy money. That's the whole point of it. If they, if they wanted hard money, they just work, you know, going back to the situation because like this is, this has slowly been my framing and this event was kind of like the wake up call. Um, but I still had not gotten into that mentality of like thinking about my hotel room as a strictly adversarial scenario and that I should be basically on the war path for setting up and how I, like, I always have backups, you know, like I keep another phone just in case. But I had not been thinking about this. Like I'm kind of entering a, I'm entering a bit of a battlefield, you know, like, and I need to be thinking about this as my remote castle, so to speak. And so we followed him about halfway down the hall and then for some reason my thought was check to make sure he didn't take anything. And we turned back around and went back to the room and we looked over everything. Is my laptop still there? Is, does it look like anything has been touched? Is the cash still there? Like, like I just, we just went and looked through everything and we let him leave. And he left the building during that, you know, minute span. And when we, when you see it on the security footage, he came in at 8:54 and he left at 9:10. So the entirety of the time that he was there was 16 minutes. We came in at 9:07. So basically the largest span of time possible if he went beeline up to my room because he saw Guy Swan on the list or got information from an employee or something like that. So if I was specifically targeted, which doesn't, still doesn't make a lot of sense to me, like I have a hard time and I don't want to think that I'm just excusing it and being like, oh, he wouldn't target me, I'm safe. He was in my freaking room, you know. But that hotel room had a lot more important people than the guy who does the audiobooks, you know. And like Marty Malmy was there. I mean like basically three of the Top seven. Four of the top seven of who might Satoshi be were in the hotel, you know, so I suspect it was just a opportunistic attack, like, just random. [00:51:22] Speaker C: He knew that he was just multiple. [00:51:24] Speaker A: Coins for the conference because this was the bitcoiner conference, right? And specifically they're all at the speaker's dinner, and this is the hotel where they stay. So I highly. That seems like the most logical explanation. And if I was specifically targeted, I also just don't know. That's a little harder to deal with too. Like, I don't. I don't know what that means, you know, going forward or what they think they have on me for how many bitcoin guy has or whatever the. I don't know. But anyway, so after a couple of minutes, realizing that nothing was gone, nothing appeared, moved. Like maybe he was only in the room for a couple of minutes. I don't know. We realized that, or it just like kind of popped in our heads, and we're like, wait a second. He said the water. And we had actually had the. The spigot on the bottom was super hard to cut off. And while it was wet, it was actually hard to get completely off. And it would start leaking. And we know the maids had come in and cleaned the place or whatever, and twice we had come back and the spigot was leaking. And so we're like, well, hold on a second. Maybe the maid saw this and this was like a maintenance guy just checking before he left at night or something. And so we kind of had this like, real dumb, not very good excuse for it and shrugged it off for much. For a lot too long. We shrugged it off for too long and we sat and just kind of pretended nothing happened. And just. We're going about our normal night. And then my brother took a shower, and I was sitting there, and apparently both of us were separately thinking about it and being like, man, that shit don't make sense. None of that makes sense. It was 9, 10. He is in plain clothes. This hotel would fire somebody for going into plain clothes in somebody's room, you know, like, this is a nice hotel. This is the nicest hotel I've ever been in. And then he got out and he's like, dude, I think we should. We should go tell somebody. I was like, yeah, we totally should go tell somebody. I don't know what the fuck we're doing. Like, why. Why this took us this long to figure this out? And so we go downstairs, report, talked to the manager, and we ended up meeting them again. The next morning, they looked at maintenance records. Nobody was on. Everybody left at 6:00. Definitely not a maintenance guy. And then that's when they checked the log for the door. And there's no indication that anybody opened the door. And he was like, you sure it wasn't the right, you know, the wrong door you misremembered or whatever was like, no, no, that's not that. That's. That's not what it is. I. I get that you're confident about your doors, but that's. That's just not what happened. And I ended up talking to somebody randomly in the bathroom. There's two guys talking about DEFCON and, like, all these, like, crazy security things. And I can't remember exactly what was said. You know, you hear somebody talking about something in the bathroom, you know, you don't know if they don't know what they're talking about. But I do know enough to know whether. To be able to spot whether or not somebody else is full of crap most of the time. I've read a few things and something about something that one of the guys said. I was like, oh, okay, yeah, so he knows what he's talking about. And I actually stopped them coming out of the bathroom. And I was like, let me give you a scenario. And I gave him the rundown. And he was like, well, it all depends on your actor. Like, who is the threat? Is this a state? Is this CIA? Is this just a opportunistic thief? But I would consider. I would be rolling every key that I have, every single one of them. I would just be assuming, no matter what, that you're screwed and you just need to change everything. And. And then I was like, well, he was in a hurry, and there was no indication that he touched my laptop. And then he was like, wait, this was real? Like, he thought. I literally thought I was just coming up with a scenario. And so the conversation got more interesting after. [00:56:04] Speaker C: Right. [00:56:06] Speaker A: And. And, you know, that's. That's what I've been doing, but, oh, my God, that's a job. I had to do this recently with the LastPass hack, which I know, like a really secure password, but if that's out there, I have to assume at some point, at some point somebody's going to break it. That took like two months to swap out all this stupid crap. Yeah, you know, I guess there's like 50 that are important, like, that are really critical, but I don't. I don't like it leaving anything exposed because there's a lot of roundabout ways that somebody can get back to something. But yeah, so we got him on video coming up at 8:54. Got him on video leaving. I could not. I really. The only thing, you know, I was talking to a couple people and they were like, well, I'm not gonna. That's unacceptable. I'm not gonna stay at that hotel again. And I'm like, you know, there's. It's a hotel, it's a hotel. Like, it was really nice. And as far as like basic security goes, there's not a lot you can do. Hotel room doors are just not cryptographic lockboxes. You know. Like, the guy I was, the guy from defcon, was like, man, I actually like. Hotel room doors are just crap and doesn't matter what, what they have. Like, you can just get into them. Like you just can if you know what you're doing. He even said that he usually takes a device to DEFCON or whatever just to show it off that can just get into doors. And then we also looked and we tested a bunch of things. One of the things that we did and which I will do because somebody actually had an interesting point is maybe he was picking something up. Maybe he had a WI FI device in there and he was getting it because that was his opportunity to see, you know, who connected to it. Because, you know, he had a small bag. But we looked for something that was planted. You know, we looked like, okay, like, and we tore that whole place apart, looked under mattresses, looked in the weird little cubbies behind drawers and the little desk thing, looked behind the wall piece that TV was hanging on. Because my thinking is, you know, low hanging fruit, easy to imp, like, very easy to implement because like, I know how to do it and high likelihood of just a lot of optionality is drop a man in the middle WI fi, like get a signal there and see if you can get anybody's info and hope they're not on a vpn, because that'll foil most of those plans. Like, like a VPNs basically a set protection or a default protection against the majority of man in the middle attacks. If you trust your vpn but could not find anything, again, could not. There was no visual indication that he had touched my laptop. And it was over in the corner on the floor next to the bed. So it makes more sense that he was probably going through all of my brother's stuff first. If he was making his way around the room and in the context of how long he had been in the room, maybe he was just on the second floor. And he went to the end of the hall because that was the one that nobody was going to have traffic. You know, like, literally just go to the end of the hall and start. You know, maybe we were the second door because we're the second world on the hall. Maybe he had just gotten into our room. Clearly caught him in the middle. You know, the other thing that stood out to me is that he didn't have a lookout. He wasn't working. Like, as far as sophistication goes, sure, it could have been Mossad or CIA or whatever, but then they just hired a dummy on Fiverr, you know, to. To break into the room. And they certainly weren't helping him because they would have known way before we would have just passed him on the stairs. You know, like I said, it's like a two minute trip to get up to the end of that hall. He left the room because he heard us. Like, either that or he was doing something that took two minutes to clean up and, you know, be done with which that seems less likely. You wouldn't even want to get into something that involved. I feel like at this sort of an attack, it just makes a lot more sense that he was just working alone. He came up by himself on the security tapes going back to the hotel, though. I don't. I don't really fault the hotel that much. The one thing that I really wish they had done is think about their security camera positioning. Everything was super far away. And they did not have a single, like, on the door. Just point one at the door. Just point one right at the door. [01:00:55] Speaker C: So you could see the hall. [01:00:56] Speaker A: So we can see if the door specifically, there was nothing inside. Like, for the sake of privacy, they don't have anything on the hallways, but they have the entries and exits and lobby and reception and that sort of thing. Gotcha. So. And they were pointing at both the. The sidewalks and stuff outside. Really big, high cameras pointing down so you can see him. And I recognized him because the manager was like, we didn't see anybody who fit the description or whatever. I was like, can I look at it, Please can I look at it? And. And he was like, he fought with me a little bit, but he was like, yeah, you can see it. And we found him really quickly. Like, I was immediately like, that is the guy. And he specifically was running away when he left. Like, he was like, he was like, like, he's doing this like, little hop thing. So he was not. He was running away. He got caught, you know, um, and. But we looked through everything and then I started doing tests on my computer, like looking up kernel logs, like just like system logs. And so my computer was not off, it was not powered off, but it was closed and asleep. So it was like the basic lock, like you had to have a password to get back into it. But my question is, you know, do logs, do logs take when it's asleep? How does that work? I honestly didn't know. So I started doing tests like, can I plug something into this computer without triggering system logs? And while it was asleep, while it's asleep and closed, it produces nothing like no logs whatsoever. I did it for like 10 minutes on the train. And for the entire 10 minute span, there's zero, zero entries. I plugged in a, did it again, put it to sleep, plugged in a USB extension like adapter thing with a bunch of ports on it hub and like 18,000 system logs. Like just a crap ton of system logs while it was asleep. And then I was like, okay, what's the dumbest thing I have? And I have a very, very crappy USB cable. Like so one that doesn't have like a full computer in. I'm sure it's got like little chips and stuff in the head or whatever. But it's a very, very basic charge cable. Plug that in. Like, like that. There's like a thousand logs, like port IO, boot logs, kernel logs, like you name it, even like a notifications log. Like you plug anything even slightly into this computer while it's asleep and it is doing a million things. So check the log for the 16 minutes between him on the camera entering and leaving nothing. Nothing at all. And I also specifically went around like spent a long time trying to figure out how to delete logs and you cannot do it without a root password, at least in a very naive sense, on the computer. So it seems unlikely unless I got Pegasus and you know, like the freaking CIA is after my bitcoin or my computer or everybody. You're probably all infected. You're all screwed now. But unless I got hit with that, there is just no indication that he got to my computer. I am still treating it as if he did because I don't know deeply enough about the topic to really say confidently, but there's at least no evidence that I can find in the basic knowledge that I have of that level of communication. But then I think, you know, if it was Pegasus or something, why do you have to send a guy to my room? You know, all you need is my phone number and my Apple id, You know, like if you've got a back door to the Apple servers. You got all my crap, you know, you don't need my hotel room. Why do you need to go to Switzerland or pay somebody to do it? You know, so. But yeah, it was basically two days of just trying to like explain the situation. I wish so bad. And I will never, I will have this forever every time I am in a hotel room, especially at a bitcoin conference. I may very well have a travel computer now with me. I probably won't bring this thing. And I'm still even considering just buying a new one and trading this in and just wiping it just for the hell of it. I literally took, I bought a kit kit. And the first thing I did when I got home was I took it apart, open it up, make sure there wasn't anything planted in like he's in a simple little microphone, could do a key logger, just listen to the keys. Nothing. No indication there either. And he could have opened it. It only actually took me about like a minute and a half after I knew exactly what I was doing. Because you have to like do like a funny thing to get the base off. But if you had practiced, if I had practiced it, I easily could have gotten in like a minute, minute and a half tops. But I'm gonna have a camera in my hotel room. One that is inconspicuous and remotely accessible. Saving information somewhere. In fact, I may, I may develop my own app that runs on pair, the pair stack or whatever. So it will just record back home or something by default and just like cycle it over for like the last five minutes worth of footage until there's motion or something. And there's a couple of simple little open source things for motion detection on a camera that you can do with a smartphone these days. I think even Edward Snowden, they built a app called like or OS maybe, I don't remember. I think maybe it's an app, but it's like, called like Haven or something. I could be wrong on that. It's been a long time since I thought about it until very recently. But it's basically Snowden talked about, you know, this device is a crazy spying device. They use it to. They can record you, they can turn on the camera. They have. This has a proximity sensor. I mean this thing's got like 20 sensors on it. It's battery powered. You can turn it off and it's still technically not off. It's still doing stuff. And he's like, you know, this is a powerful weapon that the government has and the intelligence agencies has against us. We can use it, too. Why wouldn't we use it? You know, like, we can use this as a security device. We can use this as a watch your room. And this is the best security camera you're ever going to be able to. Ever going to be able to buy, you know, so that's kind of the idea of that app. But I'll probably use something like that. But for the next time I travel, I'm going to have something I'm going to be absolutely thinking about a lot more seriously about my devices and keys. And, man, there was ever a day that I felt like better having everything set up on multisig. [01:08:43] Speaker C: Right. [01:08:44] Speaker A: Because, like, I at least knew that even with total access to my computer, they'd have to be playing the long game. Nothing is immediately vulnerable, you know, But I just wish. I just wish I could know what the hell he did in my room. [01:09:05] Speaker C: Yeah, that's a tough. That's tough to. Tough to stomach that you don't have, like, full closure on it in some sense. [01:09:13] Speaker A: Yeah, I was legit sick on my stomach for a little while. [01:09:16] Speaker C: Oh, I'm sure. But I appreciate you walking through all of that because I think it's very helpful context for folks who you mentioned. You think there's an element of complacency that sort of has occurred over the past few years. I would argue the scarier or more concerning aspect to me is less the complacency. It's more the attackers are only going to become more sophisticated and advanced over time because five, 10 years ago, Bitcoin was this play thing. Well, now it's more broadly recognized as an asset where people store material wealth. And we think knowledge about bitcoin is not widely dispersed. Right. So if that is to be true, most people don't understand bitcoin as an investment asset. The same number, if not less, understand that people store material wealth in this thing. And, oh yeah, it's a bear instrument that they might have on their person. So I think we would be remiss not to assume that these attacks are only going to become more sophisticated and more prevalent as people more deeply understand what bitcoin is and how it's stored. And so I think it's just important to highlight stories like this because to be clear, it's certainly not to fearmonger in any sense. It's to give people context and have them thinking critically about how they store their bitcoin, particularly when they're traveling or on the road, particularly at bitcoin conferences. But also just recognizing that there's different models and there's different use cases and threat vectors to consider. And so, yeah, we just really appreciate you walking through all of that because I think it's something that people do need to think more critically about. [01:11:16] Speaker A: I feel like it doesn't do any good. Yeah, I guess I'm, I'm an extrovert too, so I'm more likely to just blab about it anyway. But it also seems like it's of no value for that to happen and then not tell people about it because, like, what do you, what do you learn from it? Like, and in the context of, you know, oh, is he fear mongering? It's like, no, just like that 100% happened. You know, like, it's not a fear monger. I'm just telling you what happened. Like, you can be afraid or not based on how likely you feel like you're going to be attacked. I'm. I'm a very prominent person in the space or like, outward person in the space. Like, you know, people could listen to my show and probably be like, all right, well, his house has a, doesn't have a garage and it's got this and this. And this is how many hardware wallets he has. That's actually so many. Somebody was posting that on. Oh, it's utxo. UTXO posted on Noster. It said the, the burglar listening, listening to Kai Swan's episode as he lists all of his hardware wallets. And it's the picture of Mark Cuban. Like, oh, okay, let me write that down. But I was like, ah, yeah, yeah, good luck. If he wants to, wants to break in and find all my hardware wallets, I have. There's, there's a security through obscurity, but then there's also security through sheer number, you know, like, that's less. The cryptography trick, right? Is that if your number's too big to guess. Well, if they come in and get all of my hardware wallets, it will take them six months to figure out what combination of what hardware wallets actually make something that might have some bitcoin on it. Because I have way too many hardware wallets. Like, I have a lot of hardware wallets. I have drawers with hardware wallets and people have sent me hardware wallets that I've used just to test and play around with and stuff. I do not envy the person who has to just look at. I do not envy myself having to go back through and clear things out and just make sure that I can Take note of the setups that I have, but Jesus Christ, somebody just, like, getting all of my hardware wallets and then being like, all right, let's get into all these things and get some bitcoin off of this. That Guy's got a job. [01:13:43] Speaker C: Yeah, that would be an unenviable task. Well, we're a little over an hour here. I want to be respectful of your time, Guy. This was super helpful, Cam. Did you have any other thoughts you wanted to get out or any other questions for Guy before we wrap? [01:13:59] Speaker D: No, just a general thanks, Guy. I appreciate you sharing that story, as uncomfortable as that is, because it is a good call to us all to reevaluate how we're securing our own bitcoin. And I agree that multisig should be the premises. There's multiple different forms that can take. But when you think about defending your own bitcoin, your own castle, so to speak, in the place you are most of the time, whether it's at home or traveling, think about how you can use multisig to keep yourself and your family and your wealth safe in those scenarios. So, um, appreciate you highlighting that. [01:14:33] Speaker A: Yeah, a hundred percent, especially when you're traveling. It's too easy to set it up these days. It's too. There's services that make it easy on ramp, you know, obviously, but, like, nunchuck is super easy, too, if you just want to do it yourself. You know, like, you have so many options now, and two years ago, that was not the case. Yeah, you know, none of this two years ago, it was awful, confusing, risky. Two years ago today. Not at all. Not at all. Have multisig setup just in case your bag gets stolen at the airport. Like, have a multisig so that you can go home, break out your hardware wallet or, you know, whatever it is that you're using, and recover your funds. That is. That is the easiest as. As I specifically said a little bit ago is the most comforting thing through this entire process was just knowing that my bitcoin was not behind a single key that was potentially at risk because of my computer. That was the only thing I was never really concerned about. Like, it even took me a day or two to open up my multisig wallet just to look, you know, because I just wasn't concerned. I just knew that there was no feasible way that that was being. That was at risk because of my setup. You know, the only tap signer that was even involved with it was on my person the whole time it came with me. It did not stay in the hotel. So, yeah, that's. That's just something to think about. And if there is any simple mitigation, I feel like that's. That's definitely. It's one that's easy to do, and it. It is a massive, massively valuable tool, in my opinion, so. [01:16:16] Speaker C: Absolutely. Well said. Well, thanks again, guy. This has been great and good to meet you, Brian. Yeah, great to meet you as well. Been a fan for a long time, and you provide an immense amount of important bitcoin education, which is something that at onramp, we're very focused on as well. Since day one, you can't run a bitcoin company without. [01:16:40] Speaker B: I was going to say, you all. [01:16:41] Speaker A: Got a really good bitcoin intro thing that I've been through. Don't you all? Where is that one? [01:16:46] Speaker C: Yeah, we have a fundamental series which goes through some basic core concepts in a. In a pretty concise manner. [01:16:53] Speaker A: I should. I should link to that one. [01:16:56] Speaker C: Yeah, please do. And we will. We will link to all of your stuff as well in the show notes. But thanks again. And, Cam, thanks for subbing in for Michael today. Much appreciated. [01:17:06] Speaker A: What up, Cam? How you doing, boss? Guy. [01:17:09] Speaker D: So this has been a pleasure so far. [01:17:12] Speaker A: Oh, man, we need to catch up. What's. When's the next conference you're going to? [01:17:17] Speaker D: I'm going to the one here in Dallas coming up in a couple of weeks. That Lee Bratcher in the Texas blockchain? [01:17:22] Speaker C: Yeah. [01:17:23] Speaker A: No, I'm not going to that one. [01:17:24] Speaker D: Blockchain summit. [01:17:25] Speaker A: Well, hit me up. We'll coordinate. We didn't hang out again. It's been too long. Hell, yeah. [01:17:30] Speaker C: All right. [01:17:31] Speaker D: All right, guys. [01:17:31] Speaker C: Thanks, boys. [01:17:32] Speaker D: Thank you, guys. [01:17:34] Speaker C: Appreciate it. Later. [01:17:38] Speaker A: All right. [01:17:38] Speaker B: I hope you enjoyed that show. I think there's a lot of valuable information in there. And really, I cannot stress enough separating. Separating your keys and getting a camera have having some sort of defensive recording of every situation. Even if you are just recording, it has such a tendency, like, especially with, like, the police, just inform them that that's what's happening. It's not just a way to be like, oh, I'm filming you. Don't do anything. It literally puts everyone in a position of, like, someone else is going to look at this. I need to make sure I am behaving. It is literally for both of your safety. And that is something that I think we're always talking about a lot of different things in threat vectors and how to protect bitcoin and stuff. But remember, protecting bitcoin is really about protecting yourself. It's about protecting your home, your family, yourself, your money. It is all encompassing. You know, if you are at risk, your bitcoin are at risk as well. So think about that. Don't. As I said before, there was, there was a quote that I don't remember where it was from, but it stuck with me because I thought it was a really interesting way to put it or an interesting perspective to think about was it's not as hard as a lot of people think to get a lot of wealth or to make a lot of money at some point in their life. Usually what happens is that they then make bad decisions or don't know how to protect it or keep it. The larger problem is to sustain wealth and that is where most people go wrong. And when we're moving into a bitcoin world, when we're moving into a sound money world where you can't just indebt yourself into ownership of everything and capital is real and it has real prices, it's going to make a whole lot more sense to make sure that you have insurance, insurance on your home, safety insurance. And I don't mean this like you purchase an insurance policy, I mean a security camera, you know how to use a gun, you know how to protect yourself and your family, you are trained with it, you have a dog, you have multisig with your keys that you do all of the easy and first steps needed in order to protect yourself and your situation. So I hope this is a help and this will be something that we will increasingly talk about on the show because this has been a focus of mine for probably about the last six months to a year more and more. So I'll be sharing more like what I'm doing and I hope this is valuable to you guys and hope it's a little bit of a wake up call that we can learn from my mistake and also from something that I really got really lucky I feel like. Or at least so far. Knock on wood. So we'll see. I'll keep you up to date. Don't forget to subscribe. Don't forget to share the show out. Anything you want to do to support please check out our affiliate links. Like I said share the show Stream sats boost on fountains Shout out to all the guys who do. Thank you so so much. It really does mean a lot and like now that like so much of this stuff is like straight up into my alby it has been so cool to see just be able to open up my main lightning wallet and I'm just like looking through my zaps and the comments and I got a couple about the one small catch for mankind video of the launch of the heavy booster and Starship with SpaceX. [01:21:16] Speaker A: It's just really cool. [01:21:17] Speaker B: It's really cool. So check out those. And in fact I should probably do a video on that. So keep keep an eye out for YouTube. I'll do a video on Albi Hub how it works and how just freaking awesome it is to have a non custodial wallet with a lightning address through albyhub that you can plug into all your services into nostr and you can get SAP straight to it. It's awesome. So stay tuned, stay subscribed, and I'll catch you on the next episode of Bitcoin Audible. Till then, everybody take it easy. [01:21:47] Speaker A: Guys.

Other Episodes

Episode

September 22, 2022 00:58:01
Episode Cover

Read_655 - The Legendary Treasure of Satoshi Nakamoto [Tomer Strolight]

"Everyone loves a good origin story. Some are true, some made-up, and some a mix of the two. The true origin story of Bitcoin’s...

Listen

Episode

February 20, 2020 01:07:28
Episode Cover

CryptoQuikRead_355 - How Decentralization Dies [Brandon Arvanaghi]

"Decentralization has [...] been a vessel for achieving a concession from a centralized body it is protesting. Every decentralization play has followed a simple...

Listen

Episode

July 26, 2023 01:17:35
Episode Cover

Read_752 - Bitcoin Becomes the Flag of Technology [Balaji S. Srinivasan]

"Bitcoin represents the explicit encoding of previously implicit values of the tech community. It's not just software — it is a Schelling point and...

Listen