considering that the crypto investor was a man and assuming that the man acquired the wallet he was tortured for by investing in crypto.
Source: https://www.wlwt.com/article/john-woeltz-arrested-for-kidnap...
You mean the overhyped extremely niche technologies?
- Centralised ledgers are multiple orders of magnitude more expensive (2.5% to 6%, a typical blue and white square checkout is 3.5%) versus something like $0.000025 on the most active blockchain)
- At their best (2-3 second confirmation) as fast as current gen blockchain networks and an order of magnitude slower than next generation (150 milliseconds block time so expected subsecond confirmations).
- Tokens have techniques like permanent delegate for OFAC compliance.
This isn’t meant to be a personal attack, it’s just that this view of crypto is akin to saying that ‘AI is customer service chatbots that don’t work’ - correct ten years ago but not anymore.
Axiom, YC W25 is the fastest growing company in YC history hitting 100 million in revenue in five months.
> Centralised ledgers are multiple orders of magnitude more expensive (2.5% to 6%, a typical blue and white square checkout is 3.5%) versus something like $0.000025 on the most active blockchain)
I was comparing cost of recording the transaction. Think for 2 seconds. Obviously, a centralized ledger is going to be cheaper. You are comparing the cost for completing a transaction on one side with the cost of completing a transaction plus fraud fraud mitigation, chargebacks, etc. on the other.
> At their best (2-3 second confirmation) as fast as current gen blockchain networks and an order of magnitude slower than next generation (150 milliseconds block time so expected subsecond confirmations).
Same mistake. Think for two seconds. Obviously, the speed of recording a transaction on a centralized ledger is going to be faster.
Whatever you build on a blockchain ledger you can build faster and cheaper on a centralized ledger.
People fooled by crypto grifters don't have enough economics education to understand "ceteris paribus" let alone everything that comes after in an introductory course.
Do I need fraud mitigation and insurance to buy a coffee or groceries?
Regardless of the capabilities of centralised networks when you last bought something using a Visa card was it hundreds of milliseconds or was it two or three seconds to confirm?
> People fooled by crypto grifters don't have enough economics education
That’s a very broad statement about a lot of people highly regarded in traditional finance.
No. But nobody did that.
I'm assuming the readers here have enough technological sophistication to understand the problem in two seconds. This is not the case among general YouTube audiences being fooled by crypto grifters.
> Do I need fraud mitigation and insurance to buy a coffee or groceries?
Do you want to be on the hook for somebody else buying coffee and groceries on your dime? Most people don't. Thus, fraud mitigation.
> That’s a very broad statement about a lot of people highly regarded in traditional finance.
That's assuming that those "highly regarded" people are fooled by crypto grifters instead of profiting off the fools.
Personal and physical security for founders, operators, and investors
[0] https://a16zcrypto.com/posts/article/personal-physical-secur...
Maybe there should be a version for investors to stay safe from a16z also
Because of crypto, the incentive to kidnap people with crypto wealth has surfaced as a real problem. These are kidnappings that, obviously, wouldn't exist if the crypto hadn't existed at all.
My larger point is; although crypto has made some people quite wealthy, it's mostly disenfranchised a larger part of the broader society. It's essentially been a wealth transfer from stupid people to opportunistic people. Has wealth been created? I'd argue that although some has been generated, it's a pittance in comparison to the amount of press crypto gets, and the amount of wealth that has been unfairly distributed from the stupid to the opportunistic.
>These are kidnappings that, obviously, wouldn't exist if the crypto hadn't existed at all.
And would Frank Sinatra, Jr. never have been kidnapped if money didn't exist?
>It's essentially been a wealth transfer from stupid people to opportunistic people.
This is not entirely wrong. But it also describes the stock market. We allow the stock market because of it's obvious usefulness. The same is true for a non-centralized currency like bitcoin in a fractured world where nationstates keep going rogue and breaking down.
The real problem is that developed countries that used to be safe enough are becoming as unsafe a mexico.
The comment you were responding to was from the tarsnap creator where he was saying he doesn't have access to those keys so cannot be coerced to give them (and thus has no way to decrypt the data of all the clients).
My understanding: the rubberhose crypto-analysis, even if unsuccessful, will result in some major damage done. Determined attacker might try to apply it regardless of any online statements on the off chance that the statements are wrong.
The reality is, in the xkcd Rubberhose cryptanalysis scenario, being actually unable to give up the information is a MUCH WORSE situation to be be in than having a key to give up before they permanently maim/kill you. It might be better for a third party who benefits from the information remaining secret, but not for the person unable to divulge it.
But thinking you're safe because the attackers will read, understand, and believe your claims of uncompromisable cryptographic security is dangerously naive.
I still believe, which might indeed be naive, that this is the best way. It results in a failed mission lowering the risks for others and if applied for all theses services (again naive), in a general understanding.
One time long ago someone did try to get money by forcing a bank owner to open a vault, and it didn't work, and since then everyone knows it's fruitless.
It just needs to actually be fruitless. It sounds like for crypto custodians, it's not fruitless and they know that.
In other words I think you have hanwaved and imagined 2 different required things which probably simply don't exist. Or at least, may exist but could easily not exist.
There may be no such thing as a software change that will give a back door to the data. It depends hpw the system is designed, which I do not know.
And there may be no such thing as a way to get such software change onto customers machines without passing through review by multiple someone else's. Even if one, as owner of a business has the power to change the review policy itself, it's still physically impossible to do that without everyone else knowing it happened.
tarsnap would have to be a sole developer sole propriator business (or a multi employee business run as badly as crypto custodians aparently all are) for that to even be physically possible. Which maybe it is but it's not the impression I've formed of that company over the many years. Not a customer, and know nothing of either the software or the company's internal workings.
You'll just have to use a sock fulla nickels now I guess ... :shrug:
Of course it's material to the story. It'd be conpletely artificial to pretend otherwise.
Because of course. These people live in a world where nothing can touch them, least of all the law, so why wouldn’t you literally make your own evidence of your crime and leave it lying around.
This level of negligence should be illegal, but it isn't. Negligence is the default in crypto custody. There are no useful security regulations in this space.
Even the ones that think they have a good split custody solution or claim to use HSMs always let an IT manager have remote access to all workstations involved or a release engineer build the software that is used shifting the centralized power and risk to them.
Kidnappings and torture are becoming common as people realize this
https://github.com/jlopp/physical-bitcoin-attacks
If you directly or indirectly control secret keys of any significant financial value on your own, you are endangering yourself and your family.
Even if you only maintain an open source library used by crypto custodians that do not review the code you write, someone has good reason to coerce you into sneaking in malicious code.
To engineers working at custodians: Make your employers manage keys with a quorum of geographically distributed individuals with HSMs, immutable time delayed access controls, and a software supply chain that is full source bootstrapped, reviewed, compiled deterministically, and signed by multiple people so no single person can manipulate the flow.
My team and I open sourced a lot of tooling to do this safely. Please use it, or use it for reference to ensure your internal tooling meets the same bar.
Combine with remotely attestable enclaves running open source deterministic code and your adversaries can easily verify attacking any one person will be unsuccessful.
... Why on earth would you document this?
> Two butlers who worked at the home were also present and agreed on Friday to be interviewed by the police, the official said.
... Why on earth would you do this in a place where you weren't the only person present?! (Also, butlers, wtf?)
I suppose, much like the crypto people are slowly rediscovering why the modern financial system is as it is, maybe they're also figuring out how to do crimes by trial and error.
Wrench Attacks: Physical attacks targeting cryptocurrency users (2024) [pdf] - https://news.ycombinator.com/item?id=44087183 - May 2025 (50 comments)
Most likely this is not your typical kidnapping, I would bet that they knew each other and that there's something else at play. Also the apartment he was staying at is $75k/month rent, that's insane...
frontfor•8mo ago
fallinditch•8mo ago
You could store passphrases in a hardware wallet in a bank vault in a small European country.
fortran77•8mo ago
lazide•8mo ago
thebruce87m•8mo ago
A little bit of irony here having to store your crypto related stuff at a bank to keep it safe.
defrost•8mo ago
Physical security for digital credentials is the main point here, that doesn't always imply a regular bank, many modern banks lack the bank vaults of yore in any case.
Tangentially, avoid showing up unannounced at grandparents house: https://www.youtube.com/watch?v=oZZmFG07OVs
grues-dinner•8mo ago
I would have thought one of those libertarian seasteads or enclaves would be axiomatically the best place for such things?
xhkkffbf•8mo ago