10 scary facts about Bitcoin

Bitcoin's trajectory over the past few years is nothing short of impressive. A peer-to-peer alternative currency whose creator remains anonymous five years later, Bitcoin sounds like something out of a science fiction novel.

However, Bitcoin has paid off for many of its early adopters, and is moving too quickly to be ignored.

[BITCOIN:7 reasons to be wary]

While many in the Bitcoin community discredit much of the subjective criticism against the currency, no interested party should dive into a Bitcoin engagement without knowing the facts.

10. Digital Bitcoin wallets are stored unencrypted by default.

Many in the current Bitcoin community are well-versed in technology, and would opt in to encrypt their wallets as soon as they register. However, Bitcoin in the past six months has turned the corner into the mainstream, and will only continue to attract more attention from those who may not be as tech-savvy as its early adopters, and may be less likely to even consider encrypting their wallets.

Consider Florida, where high rates of retirees and senior citizens who are unfamiliar with safe online behavior have made the state the national leader in identity theft, at a rate of 361 cases per 100,000 residents. That's almost twice the No. 2 state, neighboring Georgia, which has 194 reported cases per 100,000 residents.

As more people begin to invest in Bitcoin, default encryption will become more important. Whether that becomes a reality remains to be seen.

9. Bitcoin thefts have occurred, sometimes in large quantities.

In June 2011, one user in the Bitcoin forum claimed that 25,000 Bitcoins, the equivalent of $375,000, was stolen from his wallet.Although that was difficult to confirm, it wasn't an isolated incident. Just a few days after that reported theft, Mt. Gox, the exchange where users can buy and sell Bitcoins for U.S. dollars, leaked 60,000 user names, password hashes and email addresses. Mt. Gox later reversed the trades and fixed the problem, but the leak led to the theft of Bitcoins from about 600 users who used the same user names and passwords for their MyBitcoin accounts. One user reported losing more than 2,000 Bitcoins.

In March 2012, a security breach at a web hosting company would lead to the theft of 50,000 Bitcoins, the largest in the currency's history.

8. Old wallets, and their contents, can be retrieved pretty easily.

Another potential issue for those who are less educated on technology is what "changing the password" means for an eWallet. From the Bitcoin Wiki on "weaknesses":

"An old copy of a wallet with its old password is often easily retrievable via an existing backup facility (particularly Apple Time-Machine): draining that old wallet, with its old password, drains the current wallet with the current password -- this is contrary to most non-technical users' expectation of what 'change the password on your wallet' should mean following password compromise."

Essentially, users who want to create a new wallet must know that they need to send their existing sums to new accounts with new passwords. It's not as easy as many would assume.

7. DoS is possible on Bitcoin, just like any other site.

Just like banking websites, which have been the target of denial-of-service attacks in the past, Bitcoin services are susceptible to DoS attacks.

"Bitcoin has some denial-of-service prevention built-in, but is likely still vulnerable to more sophisticated denial-of-service attacks," the Bitcoin Weaknesses Wiki explains, along with more detail on the DoS protection built into the system.

6. "There are no guarantees that any eWallet service won't one day take all your bitcoins and disappear."

That quote is taken directly from the Bitcoin's Wiki on anonymity, alongside a warning to "use at your own risk." Very little information about this possibility is available online, but considering that one of Bitcoin's most highly touted attributes is its independence from a governing body, the legal side of Bitcoin is a bit murky.

5. Speaking of legal issues, it is a bit murky.

The Electronic Frontier Foundation, an early adopter of Bitcoin for its donations page, stopped accepting the currency in June 2011, citing the "complex legal issues involved with a currency system" as its top reason.

The EFF did, however, reverse that decision just a couple of weeks ago, after spending two years researching Bitcoin and how it relates to the complex regulation of currency on a global scale. Some may consider that decision a good sign for Bitcoin. But it also means that it took the EFF, a conglomerate of experts in technology and law, two years to decide whether it was comfortable accepting it. That decision was also perhaps made easier when the U.S. Treasury Department's Financial Crimes Enforcement Network informed the EFF that it, specifically, "is likely not subject to regulation." In other words, the EFF didn't decide to accept Bitcoin until it was told explicitly that it will not be regulated for it.

Then there's this excerpt, from the Bitcoin Wiki on "weaknesses":

"It is illegal in some countries to possess/distribute certain kinds of data. Since arbitrary data can be included in Bitcoin transactions, and clients must normally have a copy of all unspent transactions, this could cause legal problems."

All of this suggests that if you're concerned about the legal issues of Bitcoin, be prepared to do a lot of reading.

4. Bitcoin is not really all that anonymous.

Sure, Bitcoin transactions are conducted anonymously, without any names or a bank tracking your move. But that doesn't mean they can't be tracked.

The Bitcoin Wiki for Anonymity isn't very reassuring, starting off admitting that "while the Bitcoin technology can support strong anonymity, the current implementation is usually not very anonymous."

The Block Chain logs and displays every Bitcoin transaction in real time, and makes that data available to anyone. Last year, Adi Shamir and Ron Dorit used the available data on Bitcoin transactions to try to get a lead on the mysterious Satoshi Nakamoto, the person or persons behind Bitcoin who has remained anonymous since publishing the whitepaper explaining the system in 2008.

Shamir and Dorit were able to trace all Bitcoin activity back to a handful of massive transactions made in November 2010, in which large amounts of Bitcoins were stashed away in several accounts that have yet to make another outgoing transaction.

Zach Harvey, co-founder of Bitcoin ATM developer Lamassu, says a theory is that these accounts belong to Bitcoin's creator, and haven't been used because another transaction could spoil Satoshi Nakamoto's anonymity.

"Finally, we noted that the subgraph which contains these large transactions along with their neighborhood has many strange looking structures which could be an attempt to conceal the existence and relationship between these transactions, but such an attempt can be foiled by following the money trail in a sufficiently persistent way," Shamir and Dorit concluded in their report.

3. Hoarding could pop Bitcoin's bubble.

Hoarding, or saving, in the Bitcoin community is a highly debatable issue. Harvey, when asked about hoarding and the fact that many Bitcoin users have stashed the currency away, says it's good for a community looking to establish savings rather than rely on credit.

However, others disagree. Vanity Fair contributing editor and long-time Wall Street-focused journalist Kurt Eichenwald touched on the hoarding issue in an April column on the issues with Bitcion. Citing Shamir and Ron's research, which found that 78% of all Bitcoin were not being used in circulation, Eichenwald warned that if a large amount of these hoarding Bitcoin users started to unload and exchange their stash for U.S. dollars, the value could plummet and may have difficulty rising again. Especially considering that Bitcoin is only valuable as long as people are willing to accept it, this could cause a potential issue for those looking to maintain value in their investment.

"In essence, the market is a fantasy," Eichenwald wrote. "Once the hoarders stop buying, what buyers will step up to the plate to take their place? My bet? No one. There will be, at some point, a time when some hoarder decides to unload. Prices will drop. Other hoarders will get scared and start to sell. Prices will drop further. Before long, there will be a mass rush to the exits. And at that point, the illiquidity of the Bitcoin market will be apparent."

2. If Bitcoin fails, it has no safety net.

Another much-discussed attribute of Bitcoin is that it doesn't rely on a governing body, like the U.S. dollar. That prevents it from being subjected to inflation and transfer fees for international purchases.

However, as Eichenwald discussed, the support of a governing body comes in handy when someone needs to bear the brunt of a drop in value.

"Bitcoin fans admit that the currency has value only because the users in the Bitcoin market think it does but say that that is no different than in the markets for dollars, yen, and other national currencies. And that is absurd," Eichenwald wrote. "There is no country, no national bank, nothing standing behind the Bitcoin valuations other than other Bitcoin investors. If the dollar falls, the Fed will jump in. And if the Bitcoin falls? Well, personal bankruptcies will probably go up. "

He's not the only one who has warned of this. Economist Paul Krugman tackled Bitcoin in relation to the larger global economy in April, warning that many Bitcoin supporters may be driven by misconceptions about the value of a new currency in the context of an already-massive economy.

"Paper currencies have value because they're backed by the power of the state, which defines them as legal tender and accepts them as payment for taxes," Krugman wrote. "Bitcoins, however, derive their value, if any, purely from self-fulfilling prophecy, the belief that other people will accept them as payment."

1. Leaders in the Bitcoin community call it risky.

In 2011, after the data leak at Mt. Gox wreaked havoc on Bitcoin's value, Gavin Andresen, a lead developer on the Bitcoin Project, issued a stern warning to those caught up in the hype of the currency.

"I've said it before, and I'll say it again: Bitcoin is an experiment. Treat it like you would a promising Internet start-up company: maybe it will change the world, but realize that investing your money or time in new ideas is always risky," Andresen wrote in his personal blog.

The Bitcoin community is nothing but forthcoming in regards to the risk involved with investing in Bitcoin. The main takeaway from this warning, and all the other troubling facts about it, is that Bitcoin is not an infallible system, similarly to other currencies.

Colin Neagle covers emerging technologies and the startup scene for Network World. Follow him on Twitter and keep up with the Microsoft, Cisco and Open Source community blogs. Colin's email address is cneagle@nww.com.

Read more about software in Network World's Software section.

Join the CSO newsletter!

Error: Please check your email address.

Tags ITCsoftware

More about AppleCiscoEFFElectronic Frontier FoundationMicrosoftWall Street

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Colin Neagle

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts