It is no longer the banks that have to worry about heists. Between improved bank security, digitization, and many states adopting legislation permitting the concealed carry of firearms, stealing from the banks isn’t what it used to be. But Bitcoin? That’s a different story.
Digital coinage is a different story. Between Bitcoin (digital-only currency) and Ethereum (a platform that enables digital currencies), hackers have made off with a total of 14% of all of the available coinage. That’s quite a bit for a currency that’s only been around since 2009. One Bitcoin exchange lost $436 million of its customers’ coinage.
But isn’t Bitcoin supposed to be “secure”? If so, why does this sort of heist happen with such alarming frequency?
I have noticed that, while many people take very seriously the technical part of security, few take into account the human side. Security systems must be used, and used properly, to be effective. If a security system is overly burdensome to its user, then, instead of following the security procedures, the user is more likely to go around them.
I’ll give you a few examples to show what I mean.
A Church Security System
Many years ago, a friend of mine implemented a secure records system for a church. This system was fully secure—nobody was allowed to access any record that they didn’t have explicit permission for. Of course, this led to the problem that anytime someone needed to access records, they had to ask permission. The person in charge of security (probably not their main job!) had to stop what they were doing, go into the system, and give permission. Then, later, that person had to go in and revoke the permission.
The goal was laudable—to make sure that records about giving and financial transactions were secure. The problem, however, is that complying with the new system significantly burdened the staff.
Making security too onerous creates the need for workarounds.
Staff members all have jobs that need to get done. Playing with computers is not their primary task. In fact, computers are meant as an aid to getting things done. When systems get in the way of accomplishing tasks rather than assisting people in their jobs, users tend to find a way around the system.
In this case, the person tasked with giving people permission to consult the records got so tired of filling requests that he simply copied all of the church’s records to a CD and handed it out to each staff member. That way, they didn’t have to ask for permission anymore to look at them.
So, not only were the security measures no longer securing anything, an additional security problem had been introduced. All staff members had CDs with all of the church’s records just lying on their desks! Anyone who wanted to access the records could quite easily come into the church office and steal them from a desk.
So, by not taking into account the human side of security, the system caused the information to become less secure. One might argue that this is the fault of the staff—that the security system itself worked fine. However, computer systems are meant to be used. If users cannot use them successfully, there is a design flaw in the system.
Making security too onerous creates the need for workarounds.
A Network Login System
I once worked for a very large networking company. This company ran servers for many high-profile clients. Thousands of servers were operated and monitored 24/7. Several rules were in place to make sure that the servers were secure. One of them was that passwords had to be secure (you know, many letters, letters and numbers, etc.), and the password to each system had to be changed every 30 days.
Now, it is one thing to memorize a set of obscure passwords. It’s quite another thing to memorize hundreds of them. Even more problematic is having to change them every 30 days.
So, what is an employee to do? Well, you must be able to log in to your servers to maintain them and it’s impossible to memorize all of those passwords. So, to manage the passwords, the network monitoring team created a giant access database of all of the passwords and just shared it on the internal company network. Problem solved (ha, ha, ha).
In this case, the corporate policy aim of achieving high password security had the unintended effect of creating extremely low password security—it essentially caused all of the passwords to become easily available to (and obtainable by) anyone in the company.
Is Bitcoin secure for individual users of the currency? And, likewise, is it really anonymous? For the ordinary user, the answer to both of these questions is no.
Similarly, in the same company, there was a policy that system administrators could not maintain systems except when given permission by another group. The goal here was to make sure that, first of all, all maintenance events were recorded. However, it was also done as a security check to make sure that system administrators were not doing things on the servers when they shouldn’t be.
However, the system administrators got tired of having to go through another group to gain access to servers in an emergency. Therefore, many system administrators wound up building backdoors for themselves to the servers so they could access them quickly. So, in this case, the company policy was encouraging system administrators to put backdoors in their own servers just to be able to do their jobs well.
And now Bitcoin…
Bitcoin, as a technology, is similar to these other situations. It has a solution that is very effective, technically, for solving the problems that it tackles. The problem is that the human side is not similarly effective.
As for the technical side of Bitcoin, I think that any objective observer has to be impressed with the system the mysterious Satoshi Nakamoto implemented. It solves a lot of tough problems in very ingenious ways. Unfortunately, those benefits don’t tend to translate well for end users, who are not nearly as ingenious as the people developing the system.
One of Bitcoin’s touted features is its security and anonymity. Let us leave aside the question of whether or not the system is technically secure. The important questions are these: Is Bitcoin secure for individual users of the currency? And, likewise, is it really anonymous?
For the ordinary user, the answer to both of these questions is no. It may be technically anonymous (i.e., no one need give their name), but ferreting out who is involved in what transaction is fairly easy. In fact, it takes quite a bit of effort to actually conceal your identity on Bitcoin. You must do things that ordinary users wouldn’t do, such as use a new address for every transaction, add an anonymizing layer to your network, and avoid the easier-to-use Bitcoin software.
Alternatively, you could use a separate anonymizing service. But, if we have to use a service to anonymize our transactions, that is like anonymous transactions with regular money using money launderers. It might be technically true, but it doesn’t say much for the anonymity of the transactions themselves. Additionally, it has been shown that even with such anonymizers, most transactions can actually be traced anyway.
Then, what about security? Many exchanges have recently been the target of hacks, with millions of dollars worth of Bitcoin stolen.
How are secure Bitcoin stolen?
Well, it turns out that most users don’t actually use full Bitcoin wallets (roughly equivalent to a bank account) because they are typically hard to use (thin wallets are a little easier to use, but don’t offer many of the touted benefits of using Bitcoin). Therefore, they host their wallets on exchanges, which makes Bitcoin management a lot simpler. However, because the exchanges are holding the data, they hold all of the data needed to make transactions. Therefore, when the exchanges get breached, the infiltrators have all the information they need to make transactions on your behalf.
Additionally, even on your own computer, if hackers were to break in through some flaw in your operating system, they could easily install malware which would allow them to use your Bitcoin, representing themselves as you.
To make matters worse, here the highly touted security features of Bitcoin work against you. Because Bitcoin can be anonymized with sufficient effort and Bitcoin transactions can’t be revoked, the transactions that steal your Bitcoin are immediate, irreversible, and anonymous.
So, while many of the publicized features of Bitcoin may be technically true, most of the supposed security benefits of the platform wind up working against, not for, average users who are seeking to use Bitcoin in a way that makes sense to them.
Technology with People in Mind
The goal of technology is to facilitate human endeavors, not impede them. Technology exists, not for its own sake, but for the sake of its users. Technologists can often get so over-focused on the technological problems and solutions that they miss out on how they impact users. The technology may be impressive, but developers can’t forget who the end-users will be and what their actual needs are. Users have an impressive habit of getting their jobs done. If your system is impeding instead of empowering, my guess is that the users will find their way around it, perhaps making it even less secure than before the security system was implemented.
Jonathan Bartlett is the Research and Education Director of the Blyth Institute.