1143 sats \ 7 replies \ @petertodd 1 Jan 2023 \ on: Luke Dash jr's PGP key compromised and bitcoin stolen bitcoin
My comments: https://twitter.com/peterktodd/status/1609655629903265795
tl;dr: I've confirmed that this is real and not a Twitter hack. Unfortunately Luke's setup was pretty standard. But that's not good enough; there's a good chance that Luke wasn't even specifically targeted, and non-govt actors could have definitely done the hack.
Complacency is a big threat to security, and we're all vulnerable to it.
Peter, can you expand on why/how Qubes would help?
reply
Qubes OS would provide substantial separation between each application (e.g. so that Firefox can't touch Bitcoin Core). This is the only good option when you can only have one computer.
The other option would be to have multiple computers -- each being used for one major purpose (e.g. a Bitcoin computer, a software development computer, a gaming/browsing computer).
reply
Unfortunately Luke's setup was pretty standard
Luke has been around for a while. Many of his wallets didn't have a seed:
Seeds didn't exist back then
That means that most people today would not have his setup at all, and instead they would create a seed on an air-gapped computer.
reply
Could you ask him to provide as much detail of his set up? He keeps saying he doesn't know how the bitcoin was stolen, but we know his full setup we may able to find a weakness.
reply
As if it was about complacency rather than personal indolence...
reply
I bet he looks at websites with too much visible skin.
Bitcoin crypto is secure and unbroken. It must be his own fault.
reply
Why do you feel the need to specify "non-govt actors"?
reply