this post was submitted on 02 Nov 2023
53 points (96.5% liked)
Monero
1662 readers
9 users here now
This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.
Wallets
Android (Cake Wallet) / (Monero.com)
iOS (Cake Wallet) / (Monero.com)
Instance tags for discoverability:
Monero, XMR, crypto, cryptocurrency
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
FUUUUCK! will be very interested to see what is found that caused the breach.
@shortwavesurfer @Rucknium
Seconded.
With only 2 known keyholders and likely 1 single person with physical access to the Qubes laptop, and where the whole key and wallet were probably stored in a standalone offline vault-vm, what the fuck happened?
@shortwavesurfer @Rucknium
I see. They held the hot wallet on Windows fucking 10.
Unbelievable. Opsec? What's Opsec?
@shortwavesurfer @Rucknium
As pointed out in the github thread by someone, the more useful opsec flow should have gone something like this.
And make the offline computer an offline vault-vm on a non-internet Qubes laptop .
How anyone that understands crypto is using windows in the year 2023 is beyond me. You cannot fix laziness with FOSS.
@tusker
It's worse than that.
Fiscal responsibility alone dictates that you have a duty to create a public Opsec Charter of sorts.
And that's nothing to say of an ideological-FOSS duty to create the same.
This reeks of more than incompetence.