The most telling or disturbing thing I learned from a recent article posted here about the Crypto-related kidnappings was how criminals found some of their victims’ addresses and personal information in marketing data that companies kept on their customers.
Pretty rich coming from a16z, someone who famously rug pulled Solana investors.
Maybe there should be a version for investors to stay safe from a16z also
nailer · 1h ago
What’s the back story behind this?
cperciva · 2h ago
This is part of why I designed Tarsnap to keep data as secure as possible, even from me. If someone stores their crypto keys -- or world domination^W optimization plans -- on Tarsnap, I don't want to get kidnapped and tortured by anyone trying to steal that data.
episteme · 6m ago
If torturing and kidnap are on the table, how does this help? They can torture you to give them the keys just like a password.
chistev · 2h ago
Who can access it?
ta988 · 2h ago
the person who uploaded it only (or whomever they shared keys with)
lazide · 2m ago
Okay, so kidnap them, right?
brazzy · 1h ago
You really think the kind of people who do such things will read your website and just give up? "Aw shucks, he's using e2e encryption, no point trying anything"?
razemio · 56m ago
You missunderstood the comment. He can not access the data. You need to find the person who uploaded it, despite him hosting said data.
VTimofeenko · 50m ago
I think you misunderstood the comment. Or maybe I did.
My understanding: the rubberhose crypto-analysis, even if unsuccessful, will result in some major damage done. Determined attacker might try to apply it regardless of any online statements on the off chance that the statements are wrong.
frontfor · 3h ago
When the weakest link between the criminal and the cryptocurrency is a single person (the holder himself in this instance), that person alone would need to withstand all attacks and “rubber hose cryptanalysis”.
fallinditch · 2h ago
The most effective protection is a combination of discretion, strong security practices, and advanced wallet configurations like multisig and passphrase protection.
You could store passphrases in a hardware wallet in a bank vault in a small European country.
fortran77 · 1h ago
That won’t stop you from being tortured. You need to make sure nobody knows you have cryptocurrency
web3aj · 47m ago
This story is unreal.
add-sub-mul-div · 3h ago
Technology isn't even a cool field anymore, the major innovations (crypto, blockchain, AI) have such a film of sliminess around them. You have to ignore or be ignorant of the fact that they're going to be used for scams and bullshit more than for good.
stephenr · 1h ago
> the major innovations
You mean the overhyped extremely niche technologies?
nailer · 1h ago
The idea that a technology that challenges Google search, and digital money are ‘niche’ is… odd.
Personal and physical security for founders, operators, and investors
[0] https://a16zcrypto.com/posts/article/personal-physical-secur...
Maybe there should be a version for investors to stay safe from a16z also
My understanding: the rubberhose crypto-analysis, even if unsuccessful, will result in some major damage done. Determined attacker might try to apply it regardless of any online statements on the off chance that the statements are wrong.
You could store passphrases in a hardware wallet in a bank vault in a small European country.
You mean the overhyped extremely niche technologies?
considering that the crypto investor was a man and assuming that the man acquired the wallet he was tortured for by investing in crypto.