By now most everyone has heard about the demise of Mt. Gox, the granddaddy of bitcoin exchanges. I am finding their tale of “hackers” stealing bitcoins nominally valued at half a billion dollars rather hard to believe. Let me explain why.
According to the alleged leaked document, it looks like hackers had been exploiting that bug for two years, and even removing bitcoins from supposedly secure “cold” wallets that the company had stored offline. Offline wallets are disconnected from the internet and cannot be emptied by online attackers. However, supposedly “cold storage has been wiped out due to a leak in the hot wallet.”
I’m sorry. That is gobbledegook. I was a top end software engineer for 20 years. I’ve worked inside everything from banking to factory automation. I’ve written code from device drivers and math routines to computer integrated manufacturing, simulation and CASE. Flatly, there is no such thing as “a leak in the hot wallet” unless software specifically is written that accesses the “offline” wallet. But if it can be accessed “hot” then it’s online, not offline. If it’s offline, it’s offline. If it’s online it’s online. There isn’t something in between. Bitcoins are data. That’s all they are. The files are either accessible or they are not.