Mirco Bauer

Initially I thought it was a clever boating accident but as went nuts after and still seems so, he probably really lost them. From working in cyber security for decades, I can say it is pretty hard to gain security but easy to lose. One tiny opsec failure and you are screwed. I still can’t digest how a skilled engineer would ever store 200+ on a network connected computer and think they are safe…

Very accurate representation. A control got strengthened but all the ways around it remain as you can't prevent embeddeding arbitrary information into a blockchain transaction as long as 1 data fields remains. If anyone really wants to block information, maybe you should not use a public blockchain in the first place. Just a thought.

Very accurate representation. A control got strengthened but all the ways around it remain as you can't prevent embeddeding arbitrary information into a blockchain transaction as long as 1 data fields remains. If anyone really wants to block information, maybe you should not use a public blockchain in the first place. Just a thought.

I fully agree that one single seed backup plate in a single location is a classic example of single-point-of-failure. I never understood why people feel comfortable with that. A layer of encryption as you mentioned can be a solution but it comes with a new downside as you are creating a new secret, the encryption key, that also need to be stored and protected. Another simpler remediation is to use 2 seeds in 2 different locations and only a combination of both seeds gives you the actual seed through a simple (low tech, can be done by hand) process called SeedXor. More information about SeedXor see https://t.co/DLXYVfplGs

My first attempt at Linux was the Linux Router Project which ran directly from a floppy disk. That was a kind of a precursor to live CDs before they got invented. Eventually I moved on to Debian to run Internet services and it also became my daily driver in 2001. I made really bad experience with my 2024 Dell XPS laptop which was unusable with Linux and I gave up after a few months to make it work well, so a MacBook with macOS became my daily driver. On my servers I am running NixOS which is more powerful than Debian.

When will people understand that data is a liability. Government should know this better by consulting experts. First principle in strong information security must be: information frugality: less information collected means less information is at risk. More data -> more data at risk -> more data owner victims

A crime ring out of Tennessee was just busted for running wrench attacks on bitcoin holders across California, San Francisco, Sunnyvale, San Jose, and Los Angeles. They hacked into victims' DoorDash and UberEats accounts to figure out where they lived, then showed up posing as delivery drivers. Once inside, they zip-tied and duct-taped victims at gunpoint while a remote operator, using a voice modulator, directed them through draining the wallets. In one case they stole $13 million. In another, when the victim's wallet didn't show the amount the attackers expected, the voice on the phone ordered them to cut off the victim's fingers until he revealed the "real" account. A duress wallet won't necessarily save you. These attackers came in with specific intel about how much their targets held. If the number they see doesn't match the number they expect, the situation escalates. Physical attacks on bitcoin holders jumped 75% in 2025, with confirmed losses topping $40 million. A few things worth thinking about if you hold any meaningful amount of bitcoin. Don't talk about how much you hold. Not online, not at meetups, not to friends of friends. Operational security starts with not making yourself a target in the first place. Be skeptical of unexpected deliveries. This ring used real food delivery apps to build trust before showing up at the door. Multisig and time-locked transactions are worth looking into, not just for security against hackers, but because they make it physically impossible to hand over funds under duress. If the coins literally can't move for 48 hours, there's no point in holding someone at gunpoint. Self-custody is a responsibility. The tradeoff for being your own bank is that you're also your own security team.