Attack of the cryptidiots: One wants Bitcoin-flush hard drive he threw out in 2013 back, the other lost USB stick password A couple of news items about what we'll call "cryptidiots" wriggled into the mainstream media this week, momentarily shedding light on the important topics of e-waste and password hygiene for the masses. James Howells from Newport, Wales, must have been living a tortured existence these last seven years or so, first popping up …
When you go out into my back yard to shoot the birds out of my trees, could you please stop bathing in the bird bath? The soap residue is making it difficult for me to read the passwords I've left in the bottom of the basin. Use the dog's water dish, she never uses it anymore. Thanks.
*Wanders off happily whistling a jaunty song about cryptidiots*
I don't write passwords down because people know that written passwords are passwords, instead I have posters on the wall that have phrases - looking up now, if I need a new password I could use InFlandersfieldsthepoppiesblow, or TheMilitaryAlphabet, I've always had those pinned to the wall.
I actually did that for a card with a PIN that I *very* seldom used. Ok, it was the pin old school encrypted by adding a number (not "1234" or "13"... :-) to it. Sure, not hard crypto, but you only get a few attempts before the ATM keeps the card....
just last night I mistakenly spent 40 power crystals in game on a tablet because I fat fingered. It will take a couple weeks to earn them back.
Just get the password tattooed in reverse and upside down on the inside of your lower lip... Genius! Then kill the tattoo artist. Just joking!
You COULD have the data encoded as a nucleic acid sequence and inserted into your genome using a retrovirus.
Would a hard drive that had been living under several feet of rotting waste for 7 years would not now just be a rusty mess even if they could find it? And that is assuming its not be crushed by the compactor in the back of the refuse truck or those bulldozer with spiky metal wheels they use to flatten down the landfill.
A landfill site full of rotting garbage is a low-oxygen environment. Soft Iron doesn't rust in landfill. Neither does Copper/Chrome/Stainless Steel.
And since I've found it impossible to adequately compress garbage or recycling by any means, and, as I've read, you can walk away after getting compressed in a garbage compactor truck that you've been tipped into (while sheltering in a skip), I'm not inclined to think that a disk drive is likely to be damaged by that method either.
#12:25 15 Jan 2021# UTC
You think those "reporters" could look up from reading other newscorp's newsfeeds long enough to watch a TV show about nerds?
Troll, cos even at room temperature, Detritus makes the average UK media "specialist" look stupid. Actually no, I take that back - they do it themselves, they don't need Detritus!
Depends if they dump it straight to landfill or run it through a grinder / sorter with a linear electromagnetic pick up belt hovering overhead to pick out the metal fragments,, and a blower stage to lift out lightweight plastics and a wash stage to flush out soluble materials etc. That'll all make a nice mess of a hard drive.
... is usually in vehicles with compactors, otherwise they'd have to do several more trips. I believe that the
average garbage truck hydraulic compactor is capable of delivering some serious squeezage, I seem to remember a dustbin man friend telling me it was around 10-20MPa - approx 100x to 200x atmospheric pressure.
I suspect a mechanical HDD is unrecoverable after a single compaction cycle.
I suspect a mechanical HDD is unrecoverable after a single compaction cycle.
I once had the opportunity to test the resilience of a 600MB Seagate 3.5" hard drive by putting it under a levelling jack of a JLG 330LRT scissor lift. With a bit of jockeying you can put half the unit's weight on that one jack, so 2.6 ton.
Flat - area would have been about 150cm^2, 200N/cm^2, 200kPa - no deformation
Long edge down - 40cm^2, 650N/cm^2, 650kPa - no deformation
Short edge down - 25cm^2, 1000N/cm^2, 1MPa - a bit of a gap between the case and the lid, platters still spun freely. I've seen drives way worse off still recovered.
Now 20 times that might well be quite damaging, especially if it gets caught the wrong way between the squeezer and something solid. However, the specs for this garbage truck state a press-plate pressure of 35 tons, and eyeballing the plate dimensions I'd say its area is 0.75m^2 (1.5m wide, 0.5m high), so that works out to 48 tons/m^2 or 480kPa, even less than the lift jack pressure with the drive long edge down. If the garbage load is not compacted again after it's unloaded from the truck but going straight into the landfill, the drive will likely be still fully intact. And water, mould and even the chemical residues you could encounter in standard household garbage (discounting aggressive chemicals that should have been disposed of appropriately) are unlikely to sufficiently damage a modern hard drive platter to make it unrecoverable.
The main problem though would be actually finding the drive.
Icon: full chemical hazmat suit with breathing apparatus.
I dunno what they mean by ”35 tons" of pressure but your calculations yield a paltry 5 atmosphere pressure ... It just doesn't sound strong enough to me.
The R16 data in your link specifies the hydraulic system operating pressure as 200Kgf/cm² ... Near enough 20MPa. Why so much pressure to generate 0.5MPa?
Near enough 20MPa. Why so much pressure to generate 0.5MPa?
Because that hydraulic pressure is pushing against a piston, which moves the piston rod, which is attached to the pressure plate via a hinged joint. The plate pressure can be calculated if you know the piston area, the angle (which varies during the stroke) between piston rod and pressure plate, and a few other dimensions. Some of which can be estimated, and others you just can't know unless you have the relevant construction drawings.
Fortunately the manufacturer already lists that plate pressure so you can skip the calculations.
.. of lamenting throwing out or not keeping intact that original Furby or Tamagotchi?
I sold my single Bitcoin some years ago for $100 profit and was pretty pleased. They’re so slow and actually hard to sell that I’d probably be losing sleep how to offload the damn thing before it dropped $10K in value. I actually ended up buying Amazon vouchers because any other way of offloading was too convoluted. I’m sure most people making money in this market are leveraged trading rather than ever owning a coin.
"More like using a complex betting site than “real” trading"
<pedantry>
"Real" trading is just betting.
You're betting that your take on the market is better than everyone else's.
Hence the rise of financial spread betting as a hedge for any position you may be taking.
</pedantry>
We sold 20 - generated as an experiment when Bitcoin just came out. Profit- - near infinity percentage wise. Very content at the time, and frankly despite the rises (and falls) I am, still very happy. (as are the kids who got 6 each). I must say, I was very very grateful that I have been religious on backups in the last 15 years.
I bought a miner with a voucher I got when I left a job way back. I pool-mined a proportion of a Bitcoin and watch the value go up, when there was enough to buy a rather nice bass guitar I took the money to cash but left a small amount to cover fees and round down.
Now that bit I left behind is enough to buy another bass. I don’t know whether to pull it out or leave it to grow more. When I look at the activity history, the current value of the amount I took out would buy a new Tesla.
Am I mis-understanding Bitcoin or should these people have kept a backup (or several) of data that they believed was worth many thousands of pounds?
I realise that the clever blockchain crap means you can't just print money by copying the data, but you can at least protect the money you've got, no?
You can. The thing is, back when they got the Bitcoins they weren't worth thousands of pounds, so they didn't bother to back them up. Now they wish they had
I feel somewhat better knowing someone lost more than I did. I think around the time my disk was cremated, they weren't even worth tens of pounds, and I'd probably have sold them waay before the recent peak. Apparently a lot of the original coins are out of circulation like this.
The ironkey is NOT like a traditional USB drive. Imaging the drive would yield nothing since traditional brute-forcing the encryption used would take a very long time even with plentiful computing resources. The actual decryption key is generated and stored inside the chip, and is based on locally-generated entropy as well as the user-supplied password.
If the user supplies a bad password too many times, all that the drive does is delete its own internal key, rendering the contents encrypted. Optionally it can also wipe the drive or even destroy it.
Therefore, if it was even possible to copy the image from one Ironkey to another new, not locked drive, it wouldn't work since the internal "random key" would be different.
The drive is also designed to be tamper-resistant making attempts of removing the chip for further analysis on external equipment quite risky.
I used to work in the Civil Service and we routinely used IronKeys for storing stuff. Non-IT admin staff ordered them for themselves and distributed a ton of them prior to consulting IT. The inevitable happened and users didn't realise that if they forgot their password (this is the default which you can override and set an sysadmin password which can still get in or set it not to wipe the drive after x wrong attempts) and zapped their data. There was a drawer full of expensive zapped IronKeys as a result.
Keep paying your taxes UK taxpayers.
Fortunately these days I've moved on from the dumpster fire that is Civil Service IT
"take an image of the entire drive"
I'm not certain that will work. IronKey USB drives may not only encrypt their content, they will not allow you to read the secure partition without entering the correct pass code. Add to that some hardware security (can't pry it open without irretrievable damage) and the problem becomes trickier.
There are reports of IronKey hacks. But I'm certain that anyone capable of performing such a feat probably has already contacted the owner.
Yeah. About that:
I have been the recipient of numerous old microwave ovens over the years. The transformers are great for various projects. The magnetrons, however, must be handled with kid gloves. The beryllium oxide insulators (pink ceramic doo-dad sticking out the top) must not be shattered. Inhaling the dust can be hazardous.
So after a while, I take my collection down to a local approved e-waste recycler and enquire as to the possibility of them working my parts through their existing microwave oven recycling stream. "No problem. Just toss them in the pile of old ovens there." I ask how they will be handled (assuming they have someone who removes the hazardous bits). "Nope. We just take the whole tub-skid of ovens down to the metal recycler and they grind them up."
Remind me not to inhale when driving through that part of town.
First, re the cryptidiots, LOL.
Second, never throw out a drive without physically breaking the platters unless you want a dumpster diver (or whatever you call them in the UK) to pull it out and resell it on eBay. And if you have an e-waste facility please use it.
Third, keep your passwords (and any other data like credit cards) on KeePass, FOSS with 256 bit encryption, or similar security software and set a reminder to open it often enough so that you don't forget the password.
Fourth, another LOL for good measure.
Oh gosh. What a shame you didn't put your money in a bank. You know, that government-backed, legally-defended infrastructure that would have guaranteed your money ?
Sticking it to The Man comes with risks. You failed. You lose.
As an interesting side note, I wonder what the BitCoin ledger does with lost bits of coin.
The ledger does nothing at all, because there is no way to prove that the coins are in fact lost. They were mined a one point, perhaps changed hands a few times. They are now owned by a particular account. Which hasn't seen any activity recently, but who knows? They might be waiting for the claw-back of a bankruptcy to expire...
... what the BitCoin ledger does with lost bits of coin
A curious thought: AFAIK the lost bits are not replaced, and there is a global limit on the number of coins. So if there are fewer bits in circulation, does this make BTC more expensive? Checks current rates... Damn...
This is Bootnotes. The one with a few spare coins in the left pocket, please...
"A curious thought: AFAIK the lost bits are not replaced, and there is a global limit on the number of coins."
Which lead to the further thought - for now, stories about idiots losing a few bitcoins are just good for a laugh. But there aren't even that many bitcoin; supply tops out at only 21 million, and they don't all exist yet (Wiki claims ~18 million currently). In just this one story about two people who have actually made the news, over 0.06% of all bitcoin that can ever exist have been lost. How many more have been lost that we never hear about, or that no-one even knows have been lost because they haven't tried remembering their password recently? It's almost impossible that the amount lost would be less than at least 1-2%, and I wouldn't be at all surprised if it were actually well over 10%.
That's quite a significant amount of a "currency" to be deleted forever in the span of just 12 years. Perhaps the rate of loss will slow with bitcoin being worth more and people being more careful about it, but given how competent people tend to be with passwords and tech in general, probably not. Yet another problem real currencies don't have - whatever you might say about their pros and cons, you don't need to worry that someone might accidentally send a signficant portion of the world's sterling reserves to a landfill while tidying their desk.
The supply is very predictable as 900 more are mined everyday at the current rate and is now about 18.6 million. The last will be mined in 2140.
No one knows how many are lost. The original 'genesis' block of Satoshi has over 900K and has never been touched. There may be a further 3-4 million 'lost'.
As the blockchain is public you can see all transactions, largest wallets (usually exchanges and not individuals) and those that have not been used in 10+ years.
https://bitinfocharts.com/top-100-richest-bitcoin-addresses.html
The supply is very predictable as 900 more are mined everyday at the current rate and is now about 18.6 million. The last will be mined in 2140.
The last million or so will be mined in the twenty minutes following the construction of a suitable quantum computer to do the job. That is probably going to be well before 2140.
There must be a large number of banknotes and coins that have been lost. As far as the BoE is concerned, those lost notes & coins are still in circulation. Bitcoin could deal with the situation in the same way as the BoE does - issue a completely new design of cryptocurrency that can be exchanged with Bitcoin, and then make the old design worthless after a suitable period of time.
Not quite - it wouldn't have been guaranteed by the government if it had been that much. The point though is what would you rather trust?
a) a crappy consumer-grade piece of spinning rust which is just as likely to fail as not in any given year, which kept in a secure 'drawer' in someone's spare room at home
or
b) a bank
Or in the case of the memory stick
a) a fragile piece of plastic which is electrically sensitive and has a reasonable chance of having the electronics fried by a faulty USB port, protected with a password written down on a piece of paper somewhere
or
b) a bank
?
You need to realise that the bitcoins are not actually kept in the "wallet". A bitcoin wallet is more analogous to the number of a numbered bank account than a wallet. If you have a numbered account but forget the account number, your money is just as lost as if you lose your bitcoin wallet (or it becomes inaccessible for some reason - e.g. forgetting a password). But just as you would be stupid to open a numbered bank account and then fail to record the number in one or more secure places, you would be stupid to create a bitcoin wallet and then fail to make adequate secure backups of both the wallet and any passwords needed to access it. If you have significant funds in bitcoin, it would also be wise to provide a way for it to be accessed by your heirs in the event of your unexpected death. It is no different to investing in diamonds, cash or gold which you then hide - but then forget where you hid it.
And can provide a few hours entertainment for a curious nipper (or bored Dad) to dismantle them down to component parts for recycling. With the platters attacked with a wire brush and then put in the recycling bin over a number of weeks if you really want to be sure.
That's what I use mine for. Non-geeks go "oooh, lovely coasters, where did you get them, I bet they're a nightmare to keep fingerprints off"
Bottom of a landfill is an impressive method of keeping a hard drive "secure" though.
This article is very reminiscent of an episode of The Big Bang Theory.
Yes the chap is in idiot but in more ways than just losing is hard drive.
From what I understand Bitcoin is pretty much impossible to use and get the money out into the real world. Therefore it appears to be just yet another virtual thing with no actual value. It is not as though you can go and buy your shopping with Bitcoin so it is a a niche thing that just happens to have an unrealistic theoretical value.
The Council (or operator of the tip) is right to refuse access to dig. Firstly, once you have taken the crap out of your car at the site it is no longer your property. The same with a wheelie bin, once it has been emptied the contents are no longer your property. Secondly by permitting this every knob jockey with a metal detector will be scrambling to get on the site regardless of permission. Thirdly, this far on the area will have been capped with clay so digging holes in to will cause issues with gas.
Just accept it has gone and move on. It is the same as shares, let say I owned some in company X and bought them at £1. I then sold then at £4 a few years later but now, a few more years on it is now at £100. It is irrelevant, I got rid of them.
"
From what I understand Bitcoin is pretty much impossible to use and get the money out into the real world.
"
Might be true if you are talking many £millions. But exchanging a few tens of thousand £ of bitcoin to fiat currency is pretty easy by opening an account with a reputable online site. And exchanging a few hundred £ is even easier - there are ATMs where you can do that to get cash notes with only a short delay for the BTC to be processed - and I even saw a bitcoin exchange booth in a small town in Nepal.
Maybe enough people will loose their passwords, get hacked, etc. to get rid of this BitCoin madness. Burning an ever-increasing amount of trees trees (figuratively, and also literally) to generate a virtual currency is just plain idiocy. The value of a currency is based on the market's trust and mining for bitcoins is no better than mining for gold when it comes to energy burned per value earned.
Can't we agree on a better virtual currency that uses less energy? How about virtual dollars, backed by our favorite US government nd tracked by some distributed blockchain? Tie them to Government bonds, I heard that those are quite trustworthy.
The value of a currency is based on the market's trust and mining for bitcoins is no better than mining for gold when it comes to energy burned per value earned.Can't we agree on a better virtual currency that uses less energy? How about virtual dollars, backed by our favorite US government nd tracked by some distributed blockchain? Tie them to Government bonds, I heard that those are quite trustworthy.
Value of a currency is often based on boring stuff like M1 money supply. So how much money is in the system. Which then gets used for policy stuff, like 'managing' inflation. Especially when that policy relies on 'quantative easing', or simply printing more money, so an existing dollar becomes worth less, and thus inflation rises, stuff becomes more expensive etc.
Then there can be fun trade related impacts on M1 and currency value. If you have popular commodities like oil traded in dollars, then you need dollars to buy oil/gas. Or wheat, or iGadgets. If those trades start transacting in other currencies, then there's less demand for dollars. But if M1 is still large, the value of those dollars falls due to oversupply.
Which is kinda where bitcoin came in. It has a finite M1 based on it's algorithims. It's not reliant on any central bank policy, ie the Fed or BoE can't just magic up more bitcoins. Then because of that, investors started to see it as a convenient value store. Plus originally, bitcoins were pretty much a novelty, then became a bit of a shadow-currency for buying crack on dark webs.. To today, where respectable investors are coin collecting & you can exchange bits for useful property.
Which is also a bit like gold. It has some intrinsic value, ie useful for making stuff, but also physical gold has long been a store of wealth. Plus financial alchemists created all sorts of casino tokens where paper derivatives were theoretically backed by physical. And like bitcoin, supply is also limited because it's relatively scarce, and expensive to extract. But gold is seen as a safe investment, as long as there's demand. Sometimes that doesn't always work out though, eg the famous Tulip Bulb mania.
It's kinda fascinating though, and I thoroughly recommend visting the Bank of England's museum to get a history of money. There's a great etching from when fiat money became a thing showing a chubby chap eating coins and crapping out paper, which could just as easily be bits. But as long as the market thinks bitcoins are worth $30k +, that's what they're worth.
They're not idiots - backing up something of no value is a waste of time. And at the time, the bitcoins had no value.
Regardless, criticising others for what virtually everyone has been burnt by (no backups) is pretty hypocritical. It's likely most of the commentards would be in exactly the same position if they'd had bitcoin wallets at the time. And if they hadn't obtain lots of bitcoins back in the day, should they be now called cryptidiots themselves for not doing so?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
