Connect with us


Bitfi alleges attack by “army of trolls”, Trezor’s Rusnak fires back

Anirudh VK



Bitfi alleges attack by "army of trolls", Trezor's Rusnak fires back
Source: Unsplash

John McAfee, long famous in the cryptocurrency space for the “I’ll eat my d**k” bet made on the price of Bitcoin [BTC], has recently emerged as a strong advocate of Bitfi Wallet. The wallet is a so-called ‘brain wallet’ that allows users to keep their funds safe “in their own brains”, which basically means that they have to remember a passphrase.

The wallet is offering a $250,000 reward to whoever can hack it. This has led to a team of security researchers and ethical hackers to dive into it. They found that the device is nothing but a cheap Android phone, according to its hardware.

There is no hardware security at all to the wallet, and all the funds are stored off the device, like a hot wallet, which was the flaw mostly responsible for the Tokyo Coincheck hack that occurred earlier this year.  This is opposed to a traditional hardware wallet, which stores the funds on the device itself.

Moreover, there exist in built apps that are known to be malware such as Adups FOTA, which is a spyware platform that allows for the transmitting text, call, location, and app data to a server in China every 72 hours. Moreover, the Baidu app, which is a Chinese version of Google, is also present on the device. The app tracks Wi-Fi and GPS, offering no privacy to those that require it.

Reportedly, these apps are active and transmitting data. User OverSoft NL on Twitter found this and tweeted it out, stating:

“Most of the firmware looks just like a normal MTK phone, including: A Baidu GPS/WIFI tracker, The well-known Adups FOTA malware suite, The entire Mediatek library of example apps, A tracker, capable of logging all activity on the device. At least the Baidu and Adups apps are indeed actively running on the device, including calling home to Baidu and Adups. The rest of the system/vendor partitions include drivers for removed devices like the camera, tcpdump, adbd and several other debugging binaries.”

As more security researchers, such as Cybergibbons, began to add to the list of complaints against Bitfi, they spoke up against existing solutions such as Trezor and Ledger Wallet by quoting news that said that they were not secure. This prompted Pavol Rusnak, the Co-Founder and CTO of Satoshi Labs, the company behind Trezor, to speak up. He stated:

“TREZOR with passphrase is immune against private key extraction. Why? Because it uses the same concept as your brainwallet calculator. It adds a passphrase (stored in user’s brain) to the mix.”

He further stated:

“Educate yourself and go read BIP39 before you post any more of this shit 😀 You are using the concept we, at Trezor, invented 5 years ago.”

Bitfi then grew protective of their ‘copyrighted’ technology, stating:

“I hope it’s not too similar because we filed over two dozen patents on our tech and if you are infringing it could be a problem.”

Rusnak responded in kind, albeit with more colorful language. He said:

“You can stick your dirty software patents where they belong – into your hairy a**.”

Bitfi provided a statement to Hard Fork, wherein they alleged that Trezor and Ledger have “employed an army of trolls”. They said:

“Please understand that the Bitfi wallet is a major threat to Ledger and Trezor because it renders their technology obsolete. So they hired an army of trolls to try to ruin our reputation (which is ok because the truth always prevails).All these trolls can do is talk smack all day but they can’t hack the wallet if their life depended on it.”

On the bundling of Chinese software along with the product, they stated:

“There is absolutely no Chinese bloatware whatsoever. The device simply has Google and Bidu [sic] to be able to ping something to see if it is connected to the internet or not. Bidu [sic] is there because we have customers in China and Google is blocked in China. So for Chinese customers the device will simply ping Bidu [sic]. Thats all. None of this has anything to do with the security of the device. I mean we are offering a $250,000 bounty. Do you see any other wallet doing that?”

Subscribe to AMBCrypto’s Newsletter

Follow us on Telegram | Twitter | Facebook

Anirudh VK is a full-time journalist at AMBCrypto. He has a passion for writing and interest towards the future of blockchain technology and cryptocurrencies. He does not own any cryptocurrencies currently.


Montana State makes a move in favor of crypto-space as the law recognizes utility tokens as not securities





Montana state makes a move in favor of crypto-space as the law recognizes utility tokens as not securities
Source: Unsplash

The United States has always been the highlight of the cryptocurrency space in terms of its regulation, with some states introducing laws in its favor and others deciding to not make an official stance. In terms of laying crypto-friendly rules and regulation, Wyoming has always been one of the most recognized state, while the most hostile one is deemed to be New York.

Colorado made headlines earlier this year, with the Digital Token Act that exempts utility tokens from state securities law being signed by the governor in early March 2019. Notably, in the same month, Wyoming State Senate also passed House Bill 70, Utility Token Bill.

Now, another state has joined the bandwagon by making a similar move. Drew Hinkes, Attorney at Carlton Fields, stated that the State of Montana recognizes utility tokens and exempts it from state securities law. The initial announcement pertaining to this bill was made in February 2019, where Montana House Bill was introduced to “Generally revise laws relating to cryptocurrency”.

The Attorney stated on Twitter,

To this, Caitlin Long, the Co-Founder of Wyoming Blockchain Coalition stated,

“Congrats to #Montana for joining #Wyoming & #Colorado in recognizing that #utilitytokens are not securities under state law!”

Montana also made headlines because of news pertaining to cryptocurrency mining regulation. According to a local news portal, Missoula County commissioners had directed its staff to outline an interim law that regulates the cryptocurrency mining industry. The decision to introduce laws on crypto-mining was made due to concerns pertaining to electricity consumption, with the county prompting the use of renewable energy for mining.

Commissioner Cola Rowley had stated,

“This isn’t throwing ice on economic development or saying that industries aren’t welcome here because we’re an unfriendly environment that hates progress. Cryptocurrency and economic development – bringing businesses here – are two very different things.”

Subscribe to AMBCrypto’s Newsletter

Continue Reading