Risks of Bitcoins - Don't Get Virtually Mugged

Terry WoodsWeb Developer, specialising in WordPress
CERTIFIED EXPERT
IT consultant and specialist in WordPress website management
Published:
Updated:
Need helpful information on avoiding losing your Bitcoins to scammers, hackers, or data loss?

This article discusses risks of working with Bitcoins and is a follow up to my previous article which introduced Bitcoins at a higher level.

Since the software and retailers supporting Bitcoins are still in their growth phase, there are some teething problems you should be aware of. To start on a positive note, I should mention that Bitcoins have the potential to save consumers around the world enormous sums of money by avoiding use of credit cards for online transactions. It is also a powerful tool for avoiding foreign exchange conversion fees. However, because the tools for making use of the currency haven't fully matured, there are risks that need to be understood.

It's easiest to give an idea of the severity of some of the risks of Bitcoins by summarising the highest profile losses that have occurred so far. Remember that over the last month or so, 1 Bitcoin has been worth between US$7 and $30 at an exchange.

Examples of Major Losses & Failures so far


31st July 2011, 27,000BTC stolen from mybitcoin.com: This was a website that worked like an online wallet. After the website disappeared for several days, the owner reappeared claiming the site was hacked and is closing the site down, with a plan to refund 49% of each user's previous balance.
13th June 2011, 25,000BTC stolen from an early adopter "allinvain": A single user claims they were hacked and lost an enormous quantity of Bitcoins.
1st August 2011, 17,000BTC lost from Bitomat exchange: A surprisingly large Polish exchange was mistakenly (due to a technical misunderstanding) set up in an unstable hosting environment and lost its wallet file when the server crashed. The MtGox exchange is taking over Bitomat's business with an agreement to try to restore users Bitcoins.
15th June 2011, 650BTC stolen from MtGox exchange: This attack probably made the news more than any other but withdrawal limits actually prevented a major loss. There was however substantial downtime and confusion amongst users while security issues were resolved. MtGox remains the largest exchange despite the issues.

-= The Nitty Gritty =-


Risks That Should Be Resolved, Given Time


Security of your Bitcoin wallet. Currently, the predominant Bitcoin client application stores the wallet data unencrypted - you wallet can be stolen physically (e.g. your computer is stolen) or electronically (i.e. you get hacked). There is already at least one Trojan that steals Bitcoin wallet data, effectively stealing the Bitcoins from it. In the meantime, there are instructions available on how to keep your Bitcoins safe.
Loss of your wallet. If you lose your wallet file (such as through hardware failure, or physical loss) and you don't have a backup, then you've lost your Bitcoins stored in it. This problem is reasonably quick to avoid - you can simply download 7-Zip, create an encrypted zip file (with a long, non-dictionary-word password that you won't lose/forget even if your house burns down), and store a copy in more than one physical location (e.g. your Gmail, or your friend's PC). Public/private key pairs used for sending and receiving Bitcoins are generated in advance of when you need them, so backups shouldn't need to be particularly frequent but there is a lack of clarity as to the mechanism that manages unused pairs. I will add a comment later when I understand the key generation process better. It would certainly be nice if a backup function was automated, e.g. if the client automatically sent an encrypted copy of your wallet to one or more ftp sites of your choice whenever it needed to...maybe we'll see that someday? In the meantime, be very careful with your wallet!
Failing to scale. This has been given extensive thought by the Bitcoin developers and community, and it is currently an issue - to bring a fresh installation of the Bitcoin client up to date with the historic transactions requires a download of around 500MB or more. However, the problem is likely to be resolved sooner rather than later. Optimistically, it appears possible that Bitcoins could provide greater processing power than Visa with only reasonably standard server-level hardware. In my view, this is pretty amazing.
Trusting the other party to the transaction. Bitcoin transactions are irreversible. This becomes a problem when you want to buy an item from a person or organisation whose reputation is unproven, and sometimes even when they appear to have been trustworthy so far. I've heard stories from friends who have ordered goods from a sizeable, popular US Company just before it ran into financial trouble. Even if you manage to contact their customer service staff in this situation, you may miss out on getting either your order or your money. Credit cards do give you some protection for this scenario, whereas Bitcoins do not unless you use an escrow service. As a general rule though, larger businesses are going to be a reasonably safe bet as long as they have a good reputation for customer service. Over time, consumers will favour the better retailers at the expense of those who fail to satisfy, which is a good thing.
Volatility. If you're a retailer accepting Bitcoins and converting them to another currency, presenting prices as a fixed amount of Bitcoins means you are exposed to the exchange rate. The exchange rate at the moment is highly volatile, but this should resolve itself naturally as long as the currency continues to increase in popularity.
Politics. In a similar way to how Wikileaks lost its accounts with Paypal, Visa and Mastercard, there could be political pressure against Bitcoin exchanges (or the people who operate them) to close or be subject to regulation, should governments decide Bitcoins are a threat in some way. It seems unlikely that this would be very effective with Bitcoins, but the exchanges do need to send and receive payments through banks or other organisations so they may be a weak point in the system.

Where Education Is Needed


Lack of anonymity. The Bitcoin transaction history (or "block chain") is publicly viewable, and it is easy enough to track the movement of Bitcoins between wallets. If you receive or spend your Bitcoins without hiding your online identity (such as through the Tor browser), or if you provide a shipping address for a physical product to be sent to, then it is probably possible to track you down. A website called "Silk Road" has become notorious for providing a mechanism to buy & sell drugs online, but it's probably not as anonymous as many people think. There's a good explanation on that aspect of Bitcoins here.
Scamming. Some have wondered whether the collapses of mybitcoin.com and bitomat.pl (see Major Losses & Failures above) were faked in order to generate a massive profit. Even if they weren't, there is certainly no shortage of other scams around. A website called bitcoinplus provides a tool that mines Bitcoins within your browser - what they fail to explain is that because of the inefficient technique used, you'll spend around 100 times more money on power running your CPU than the value of the Bitcoins you generate, and then at the last moment before you withdraw your Bitcoins they sting you with a "transaction fee" of 0.01BTC (20 or more times the norm for such a transaction) which they likely keep for themselves rather than actually contributing it as a transaction fee. Disturbingly, they provide tools for their users to embed the application in websites and start the mining process by default, which of course increases the users' power bills without them even being aware of it. To avoid scams, don't trust anyone with your Bitcoins or your wallet until they've proven themselves trustworthy, and don't put all your eggs in one basket.
Market manipulation. It's hard to tell how much effort is put into spreading FUD or hype with the intention to manipulate the market, but there's a lot of profit to be made by it. Take everything you read with a grain of salt, especially in forums, as it's very easy to use multiple user accounts to make things appear more or less of a good idea than what people really think.

Not A Risk


Running out of bitcoins. There will never be more than 21 million bitcoins (BTC) in existence, however bitcoins can be split into 0.00000001 BTC (known as 1 Satoshi) so it will probably just become normal to deal in milli-bitcoins or micro-bitcoins and the currency conversion rates with the market. By my calculations, this is a granularity equivalent to 21 trillion dollars (allowing for dollars being divisible by 100). If necessary, it appears to be technically possible to split them further.
Cryptographic failure. Bitcoin transactions rely on a particular cryptographic technique remaining unbroken. The technology required to break it is most likely many decades away, and we'd have many other technologies to worry about too should that become a problem.

Bitcoin Mining Risks


The risks for Bitcoin miners differ vastly depending on the type of setup, but definitely include (to summarise briefly):

Financial loss - this could be caused by hacking, data loss, hardware failure, scamming, or simply overspending on computer hardware. Many Bitcoin miners are overclocking their graphics cards which probably invalidates their warranty, if it was even valid in the first place for performing such a task.
Heatstroke - It might be difficult to confirm this story is true, but graphics cards do generate a lot of heat so it's by no means unbelievable.
Electrocution (see the incident here for July 28th) - the photos of Bitcoin miners setting up homemade ungrounded metal racks are probably enough to make most electricians shudder.
Fire - as with the previous item, homemade mounting equipment (made of wood, cardboard or plastic) may increase the risk of fire in the case of a hardware failure. Don't forget to have a smoke alarm installed with a fresh battery.
Police raids for abnormally high electricity usage - Ok, this might be a joke, but it may still be a very real risk. I hope the police in your part of the world knock first before they enter.
Addiction - mining Bitcoins can be a bit like gambling, especially if you opt to mine solo. Even though the expected return for your efforts might be in your favour if you're sensible, don't spend all your time lingering in your basement forgetting about the other things in life!

Thanks for reading my article! It would be great if you could please answer "Was this article helpful?" in the top right of the page.

All feedback is welcome, so feel free to comment below.
3
5,016 Views
Terry WoodsWeb Developer, specialising in WordPress
CERTIFIED EXPERT
IT consultant and specialist in WordPress website management

Comments (2)

Kevin CrossChief Technology Officer
CERTIFIED EXPERT
Most Valuable Expert 2011

Commented:
TerryAtOpus,

Thank you for writing this Article, as well as the previous one. You definitely have my Yes vote above. I found this to be an interesting read, especially in combination with DrDamnit's "5 Steps to Protecting Your BitCoins from Internet Thieves and Wallet Stealing Viruses" Article. Hopefully, with this knowledge, I can keep my tiny bits of coin. *smile*

Best regards,
Kevin
CERTIFIED EXPERT
Expert of the Year 2014
Top Expert 2014

Commented:
Great article again Terry.
Would love an updated one now that Bitcoins are becoming more widespread in mainstream online retailers and I'm just now looking at it (and just asked a question about it)

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.