This was epic indeed, and so tense. Harrowing stuff.
posted by ambrosen at 10:39 AM on October 31, 2017 [2 favorites]

What an idiot. I hope he isn’t in charge of the retirement account. Buy a fucking safe deposit box and put the PIN in with it!
posted by Autumnheart at 10:44 AM on October 31, 2017 [1 favorite]

I'm not a huge fan of much of the author's other work so I admit I went into this thinking "oh man I can't wait to see the dumb thing THIS GUY did..." but I enjoyed reading this and really, the mistakes he made were mistakes that I could totally see myself making. "Oh, sure, I'll remember this." and "I will put this in a safe place later, but for now it's ok as is."

It's easy to say I wouldn't do it if money were involved but the number of times I have used the "forgot my password" link on my credit card's site says otherwise.

It's also kind of interesting that when any company claims their tech is unhackable they are almost certainly wrong. That should be another of Clarke's laws.
posted by bondcliff at 10:44 AM on October 31, 2017 [5 favorites]

For Epic Tale, read Mark Frauenfelder loses the passphrase and pin for a hardware bitcoin wallet, then gets mad that the hardware wallet works as intended.
posted by zamboni at 10:50 AM on October 31, 2017 [26 favorites]

Your tag game is strong, bondcliff
posted by Mayor West at 10:50 AM on October 31, 2017 [16 favorites]

The exponential time increase is hilarious and goddamn brutal. I was on the receiving end of that algorithm about a decade ago, in an upper-level CS class. Code submission had to happen through an automated submission script, which ran against a suite of unit tests, then reported back your error percentage and commensurate grade--but didn't tell you which tests had failed. Every submission doubled the sleep() interval at the top of the script, and overwrote all previous submissions. It was like the diabolical evil twin of a Skinner box. 86%? That's a solid grade, but hey, I bet I know what's failing, so I'll just make this one line fix, and resubmit, and... well, it's only 32 seconds to wait, I can handle that. Wait, 75%? How did this get worse?

[3 days later]

OK, the last attempt bombed completely, but it's not due until Sunday at midnight, so if I submit this now, and keep working on Plan B in case my other theory pans out, I'll have time for one submission if this one totally shits the bed, and I'll have... 43 minutes left over.
posted by Mayor West at 10:58 AM on October 31, 2017 [20 favorites]

Do you have to pay tax on the $30K even if you lose it?
posted by srboisvert at 10:59 AM on October 31, 2017 [1 favorite]

I like how he was all, I'm gonna engrave this on a sheet of aluminum so it never gets lost and destroyed, but first I think I'll put my single copy under my daughter's pillow without telling her

and then the housekeeper is all, hmm a note with cryptic letters and numbers that says "DEAR DAUGHTER, SHOW THIS TO MY TRUSTED FRIEND IN THE EVENT OF MY DEATH," probably not important into the trash it goes
posted by prize bull octorok at 11:03 AM on October 31, 2017 [43 favorites]

If I’d lost my debit card PIN, I could contact my bank and I’d eventually regain access to my funds. Bitcoin is different. No one owns the bitcoin transaction network. Instead, thousands of computers around the world run software that validates the system’s transactions. Anyone is allowed to install the bitcoin software on their computer and participate. This decentralized nature of the bitcoin network is not without consequences—the main one being that if you screw up, it’s your own damn problem

Thank God Bitcoin has freed us from the statist slavery of the banks.
posted by Sangermaine at 11:03 AM on October 31, 2017 [23 favorites]

paper + magnet = fridge
posted by Fizz at 11:04 AM on October 31, 2017

Do you have to pay tax on the $30K even if you lose it?

Probably not? Capital gains tax applies to realized gains, i.e. when you sell the asset.

(But could you claim it as a loss to offset other gains?)
posted by We had a deal, Kyle at 11:06 AM on October 31, 2017 [1 favorite]

It's also kind of interesting that when any company claims their tech is unhackable they are almost certainly wrong.

Let's assume that companies can be malicious or benign. A malicious company that claims their tech is unhackable is lying. A benign company run by smart people would almost certainly not make the claim. That leaves a benign company run by idiots…
posted by zamboni at 11:10 AM on October 31, 2017 [1 favorite]

For idiots, read fallible humans.
posted by zamboni at 11:12 AM on October 31, 2017 [3 favorites]

I mean, I don't know this person's reputation, but the article seems to convey that he was getting mad at himself (perfectly understandable) and not at the creators of the device (which would indeed have been silly).

Also, this definitely confirms the conviction that I developed at age... ten?... when my mother, in the course of helpfully cleaning my desk, destroyed the crystal garden that I had obtained from science class and was growing in a glass jar: never let other people clean your stuff.

Anyway, it seems to be that the key to safe password storage is probably weird convoluted nonsense that reasonable human beings wouldn't expect. E.g.:

a) Learn how to tattoo; tattoo password hints (ciphered in whatever way suits you best -- not a computery cryptographic thing, just enough not to trip people's pattern-recognition radar) in UV ink on some unexpected part of your body, such as the back of your ear, skin which is usually covered by facial hair, or the webbing between your ring and pinky fingers.

b) Learn and reconstruct-the-phonology-of a little-studied extinct language; write your password hints into a ballad in said extinct language; practice the ballad until you have it memorized by heart; tell everyone that it's just nonsense words you picked because they sounded pretty.

c) Directly encode your password in a row of trees; or, for an entomologist, in a display case of visually near-identical beetles.

etc.
posted by inconstant at 11:23 AM on October 31, 2017 [18 favorites]

I think we can use stronger terms than fallible here. If security is the domain of expertise that supposedly qualifies you to be earning an income at all, you should at least know the limits of what you can promise.
posted by idiopath at 11:24 AM on October 31, 2017

I wonder if anyone has ever estimated the amount of bitcoins lost in this manner. He's far from the only person this has happened to - people have thrown out hard drives, etc. And that guy who threw out the hard drive - he lost 7,500 bitcoin. $4.75M USD today. I suppose it's not that much out of the 16.6M btc in circulation and the eventual cap of 21M btc but still it's got to add up.
posted by GuyZero at 11:27 AM on October 31, 2017 [9 favorites]

(But could you claim it as a loss to offset other gains?)

I think you could write it off as a destroyed asset, similar to writing off shares in a worthless company. But you'll need hella documentation for the IRS.
posted by GuyZero at 11:30 AM on October 31, 2017

I loved this story because it just seemed so easy to imagine making a similar mistake myself. I mean sure it's dumb, but we all do dumb things sometimes. I love the tension of him thinking he remembers the PIN. A hypnotist, fer cryin-out-loud. Getting deep into hacking the secure device is pretty impressive.

I'll shelve this article next to Mat Honan's epic piece about when his digital identity was hacked. The Metafilter Mystery Gang hated that story too.

(Speaking of which, the ~1 million Bitcoin that Satoshi owns are still sitting idle. They are now worth a nominal $6B. Do you suppose he lost the file or the password for them? My guess is Satoshi is actually a government agency project, it's the only way I could imagine whoever inventing Bitcoin not being tempted to cash out.)
posted by Nelson at 11:35 AM on October 31, 2017 [6 favorites]

Anyway, it seems to be that the key to safe password storage is probably weird convoluted nonsense that reasonable human beings wouldn't expect. E.g.:
inconstant

What is the scenario you're imagining that would require all that elaborate nonsense as opposed to this suggestion from upthread:

Buy a fucking safe deposit box and put the PIN in with it!

There's something about cryptocurrency that causes people to launch into the craziest, most Rube Goldberg-esque flights of fancy.
posted by Sangermaine at 11:40 AM on October 31, 2017 [9 favorites]

(Speaking of which, the ~1 million Bitcoin that Satoshi owns are still sitting idle. They are now worth a nominal $6B. Do you suppose he lost the file or the password for them? My guess is Satoshi is actually a government agency project, it's the only way I could imagine whoever inventing Bitcoin not being tempted to cash out.)

And thus we reach the rub with Bitcoin. You are, of course, assuming that anyone COULD cash out any sizable quantity of BTC, not even factoring in the potential for scams. Make that 6 billion dollars? Yeah, no.
posted by Samizdata at 11:41 AM on October 31, 2017 [5 favorites]

Yes, exactly, I am definitely, in all seriousness and no humor at all, suggesting that people go out and learn a highly specific skilled trade for the sole purpose of securing their password.
posted by inconstant at 11:42 AM on October 31, 2017 [14 favorites]

And really, as he notes in the article: if he'd followed his normal security practices and saved the PIN and/or the recovery codes into his password manager he would have been fine. It was making an exception -- I'll surely remember this PIN even though I'll very rarely use it! I'll keep the codes on paper and eventually punch them into an aluminum bar because BoingBoing! Under someone's pillow is a good and safe place to leave irreplaceable security information! -- that got him into trouble.
posted by We had a deal, Kyle at 11:46 AM on October 31, 2017 [6 favorites]

Also, this just brings another truism of information security to the fore:

If you have physical access to the asset, it is hackable.
posted by Samizdata at 11:49 AM on October 31, 2017 [1 favorite]

I don't quite understand the idea of putting it on an aluminum bar. Then what? If your house burns down it will probably melt, won't it? Where do you keep the bar?

So, aside from planting a forest to spell out your PIN code or tattooing it on the shell of a sea turtle, what's a (nearly) fail-safe way of storing something like these passphrases so that it always exists, it's always accessible, and it's not going to fall into the wrong hands? Assume I don't want to rent a safe deposit box.

(I have no plans to get involved in bitcoin, I'm just curious)
posted by bondcliff at 11:52 AM on October 31, 2017 [3 favorites]

"Something I lost, something I forgot, something I was."

(I wish I were what I was when I wanted to be what I am now.)
posted by clew at 11:55 AM on October 31, 2017 [11 favorites]

I don't know this person's reputation

Mark Frauenfelder is one of the founders of Boing Boing, and not exactly a novice to tech.
posted by Halloween Jack at 11:57 AM on October 31, 2017 [1 favorite]

Every time I enter a PIN I have some doubt if I'm entering the right one. I couldn't imagine what it would be like to know if I got it wrong enough times I'd never be able to access my money again.
posted by any portmanteau in a storm at 11:57 AM on October 31, 2017 [2 favorites]

There's some fascinating psychological stuff going on here. There's the well-known effect that we have bigger reactions to losses than to gains; gaining $27,000 in free money as he watched the bitcoins go from $3,000 to $30,000 doesn't seem to have affected him nearly as much as the possibility of losing that unearned money. As the value went up, his reaction intensified, even though he could've considered the whole thing a $3,000 experiment gone wrong. And having the prize inside a cage where he could see it but couldn't quite get his fingers in far enough to reach it seems to have driven him crazy.

It's like he misplaced a winning lottery ticket.

I don't buy lottery tickets very often. But sometimes I'll buy one and then immediately throw it away. I'm not exactly sure why, but I think it has something to do with training myself against his state of mind. If I throw away a winning ticket, I'm still only a dollar poorer than I was. That is all that has changed.
posted by clawsoon at 11:59 AM on October 31, 2017 [9 favorites]

What he did with his credentials and the orange piece of paper was dumb, but it was negated by the other dumb thing he did which was to trust the hardware key's infallibility. He had to spend more than his initial investment to recover the 'investment', but i guess it all worked out (unless we account for the amount of years his life was shortened worrying about this).
posted by destructive cactus at 11:59 AM on October 31, 2017

Your tag game is strong, bondcliff

Every time he added one, the delay increased...
posted by Greg_Ace at 12:00 PM on October 31, 2017 [3 favorites]

I had a strong suspicion when I first read this that they were going to have done several idiotic things with the paper but that the final piece would involve forgetting the working class labor that goes into running their home. At least he didn't try to argue that the worker should be reading papers around the house to decide what to do with them, a thing that staff are probably super punctilious about not doing because OMG DON'T WANT TO KNOW.
posted by Frowner at 12:03 PM on October 31, 2017 [3 favorites]

bondcliff: So, aside from planting a forest to spell out your PIN code or tattooing it on the shell of a sea turtle, what's a (nearly) fail-safe way of storing something like these passphrases so that it always exists, it's always accessible, and it's not going to fall into the wrong hands? Assume I don't want to rent a safe deposit box.

An imperfect idea: There's probably a cryptographic function available that would allow you to give a random bit of numbers to a dozen or so of your closest trusted friends, which would allow you to regenerate the passphrase if you brought two-thirds of them together in a group. Ideally, the function would work with any 8 of the 12, but would give no clue if 7 or less showed up.

If they were people who were likely to to come to your funeral, you'd solve two problems at once.

As a bonus, it'd be just like the wizardry trope where all of the objects of power have to be gathered together to make the magic.
posted by clawsoon at 12:09 PM on October 31, 2017 [8 favorites]

Come to think of it, you could recast this whole story as wizardry. "I have forgotten the spell! My power is growing, but I have forgotten the spell!"
posted by clawsoon at 12:12 PM on October 31, 2017 [10 favorites]

what's a (nearly) fail-safe way of storing something like these passphrases so that it always exists

One way is to use a some reasonably lengthy text (book, poem, whatever) and develop a simple system of extracting the required passphrase from the text. Then just write down the necessary info to regenerate the passphrase. If no-one else knows your secret text, they won't know your passphrase.
posted by fimbulvetr at 12:15 PM on October 31, 2017 [1 favorite]

The nice thing about that sort of system is you can write down the info to regenerate the passphrase anywhere and have lots of copies, as it is useless information without the text. No need to lock it up or hide it. Just email it to yourself or post it on facebook or whatever. Doesn't matter as long as the text remains your secret.
posted by fimbulvetr at 12:18 PM on October 31, 2017

Then just write down the necessary info to regenerate the passphrase.

But what if your housekeeper throws away the paper on which you wrote that info because you put it under your daughter's pillow so she could give it to Cory in case you died in a plane crash?

I'm looking for a way that:

Is (almost) instantly accessable
Is fool proof
Would be safe if your house burned down
Doesn't rely on other people

Perhaps you could put that info in a jpg and upload it to a photo sharing site, knowing it was for a certain printing of a certain book. But what if you forget what book it was?

(on edit, basically what you just said)
posted by bondcliff at 12:19 PM on October 31, 2017

Perhaps you could put that info in a jpg and upload it to a photo sharing site

Let us share a moment of silence for those who have lost a loved gif in the great Imageshack and Photobucket website reshuffles of 20xx.
posted by inconstant at 12:23 PM on October 31, 2017 [10 favorites]

But what if you forget what book it was?

But what if I forget what a Bitcoin is? But what if I forget how to use a computer keyboard? But what if I forget who I am?
posted by RogerB at 12:34 PM on October 31, 2017 [9 favorites]

Yep, write down the key to your passphrase in more than one place. Use a text that is easy to find and doesn't tie you to a specific printing. All you have to do is remember the title of one book or poem. You could even just pick a text off Project Gutenberg. Once you set up your system, use it to generate passwords and passphrases for all sorts of things. Routine use means you won't forget how your system works.
posted by fimbulvetr at 12:36 PM on October 31, 2017

Yes, putting the paper under a pillow is weird. I probably don't even touch the underside of my pillow every day. If you must hide something, how about a note that tells your daughter where the orange paper is?

This is like the missing earrings episode of the Brady Bunch where Alice puts the towel in the laundry bag but then pulls it out because the kids are supposed to put their own towels in the laundry.
posted by soelo at 12:41 PM on October 31, 2017

You could just put your password and keyphrase in your notes on your dang phone. Sure, you can lose that and its hackable, but you know pretty quickly when you lose it. You don't go crazy with gifs and books and whatnot until you are an eccentric bitcoin billionaire.
posted by The_Vegetables at 12:41 PM on October 31, 2017 [3 favorites]

and then the housekeeper is all, hmm a note with cryptic letters and numbers that says "DEAR DAUGHTER, SHOW THIS TO MY TRUSTED FRIEND IN THE EVENT OF MY DEATH," probably not important into the trash it goes

Our housecleaner has a policy of not throwing any piece of paper away, because she can't know whether it's important for us. So every two weeks after she cleans, there's a little pile of useless paper on the table: junk mail that fell to the floor before it could be taken to the recycling bin; a piece of scrap paper we scrawled a takeout order on one night; a receipt for a dollar somebody spent for a coke at McDonald's.

I'm going to tell her this story. She'll appreciate it.
posted by Orlop at 12:42 PM on October 31, 2017 [11 favorites]

bondcliff: Perhaps you could put that info in a jpg and upload it to a photo sharing site

That also involves depending on other people - other people who may shut down the site, go broke, or accidentally overwrite their database. (On preview, what inconstant said.)

Since depending on other people is now out, convert my crypto function idea to one which involves carving the numbers into rocks. You'd have to remember where at least some of the rocks are, though, and you'd have to remember the function (or remember what the function was called, and have a way to retrieve it). Not much better than just remembering a password.

After reading about a couple of recent exploit styles - using someone's 2-factor security phone number to pretend to be them and convince the company to change their main password, for example - I've been tempted to go back to all in-person banking. If I don't show up at the bank in person, it's not me.

Of course for that to work really effectively, I'd have to move back to a small town where everybody knows everybody and the bank tellers are the same bank tellers for 40 years.
posted by clawsoon at 12:43 PM on October 31, 2017

This is like the missing earrings episode of the Brady Bunch where Alice puts the towel in the laundry bag but then pulls it out because the kids are supposed to put their own towels in the laundry.

He should have just used his shoes to knock the passkey off the hook and then reeled it in with a rope made of everyone's belts. He'd have been able to do that long before Mr. Howell came back with the station wagon.
posted by bondcliff at 12:44 PM on October 31, 2017 [4 favorites]

Wait, so in the end he *didn't* lose $30k in bitcoin? Or is my reading comprehension just shot?
posted by Grither at 12:47 PM on October 31, 2017 [1 favorite]

Another thought: I've had the most frustration with passwords when I've used variations on the same word. Did I capitalize one of the letters this time? Or add some numbers? Maybe this is the one where I added a special character? 554455? 5514555? 5544555?

I've had more luck with passwords when I've stuck with exactly the same password for the same class of things, and a completely different password for a different class of things. Luck is relative, though, since any password will be forgotten if it isn't used regularly.
posted by clawsoon at 12:48 PM on October 31, 2017

Use a text that is easy to find and doesn't tie you to a specific printing.

New plan to save the humanities: secure all Bitcoins with passphrases that inadvertently require the widespread teaching of textual criticism
posted by RogerB at 12:53 PM on October 31, 2017 [13 favorites]

I think we can use stronger terms than fallible here. If security is the domain of expertise that supposedly qualifies you to be earning an income at all, you should at least know the limits of what you can promise.

Omigod the stories I could tell as a QA Director/Manager (precise term depends on who defines it, but my employer and I consider me a director and anyway this is tangential so eh). Just today I once again requested user rights for a robot (RPA) on a test environment and the environment manager replied "wait a second!! if we give you rights then anyone could do anything!!" The manager across from me who had sent the request was like, "uhhhhh you do realize you, uh, gave those very same rights to contractors you don't know and didn't ask about without uttering a peep..."

Heck I can even give one of my most embarassing moments – while managing information system continuity tests, I sent the login and password for one of the production systems in an email. The same email. It was 9pm and I'd been in the office since 8 that morning. Before sending the email, I said to the developer next to me, "it's probably not a good idea to send a login-password combination in an unencrypted email, right? I mean, like, we should at least send them separately?" and he, having also been there for 13 hours, replied "eh they gave them to us over Skype" and so we both shrugged and I sent the email. Dear [deity] did my mentor have a field day with me. Rightfully.

Humans are human.
posted by fraula at 12:53 PM on October 31, 2017 [5 favorites]

So, aside from planting a forest to spell out your PIN code or tattooing it on the shell of a sea turtle, what's a (nearly) fail-safe way of storing something like these passphrases so that it always exists, it's always accessible, and it's not going to fall into the wrong hands? Assume I don't want to rent a safe deposit box.

Simple. Recode feline genetic material to evolve intelligence, remember your PIN, and obey you completely. Send it millions of years back in time. Immediately find yourself the long-prophesied god-king of a civilization of fiercely determined intelligent cats whose sole purpose in life is to bring the holy number to you, cats who have waited a thousand generations for this day to come, the day when they finally fulfill the hopes and dreams, the very destiny of themselves and all their deceased cat ancestors who have kept the faith, and finally merge their consciousness into the transcendence of their creator and know perfection.*

Or you could just get a safe deposit box.

*Also good for defense against klopts.
posted by Naberius at 12:59 PM on October 31, 2017 [6 favorites]

have you been talking to that guy in the drone thread?
posted by bondcliff at 1:00 PM on October 31, 2017 [3 favorites]

clawsoon: "
Of course for that to work really effectively, I'd have to move back to a small town where everybody knows everybody and the bank tellers are the same bank tellers for 40 years."

"Mr. Gower! This is George Bailey! Don't you know me?"
posted by Chrysostom at 1:14 PM on October 31, 2017 [4 favorites]

My buddy got on very early with the GPU mining and eventually sold them to buy a really nice computer... his 10,000 bitcoins would be worth $63.5 million now.
posted by starman at 1:24 PM on October 31, 2017 [1 favorite]

My buddy got on very early with the GPU mining and eventually sold them to buy a really nice computer... his 10,000 bitcoins would be worth $63.5 million now.

When I was young and inclined to shop a lot, I made it a matter of self-discipline not to worry about it if I bought a shirt at one store and then saw the same thing or something very similar at another store in another wing of the mall. I wasn't going to spend my life criss-crossing the mall doing returns so I could save a couple of bucks.

Thinking about what investments you've sold have done since you sold them is kind of like that. Best not to go there, in my mind.
posted by Orlop at 1:31 PM on October 31, 2017 [8 favorites]

Yeah, but with $63.5 million, you really wouldn't have to worry about shirts.
posted by limeonaire at 1:54 PM on October 31, 2017 [8 favorites]

and then the housekeeper is all, hmm a note with cryptic letters and numbers that says "DEAR DAUGHTER, SHOW THIS TO MY TRUSTED FRIEND IN THE EVENT OF MY DEATH," probably not important into the trash it goes

I wonder how good the housekeeper's written English comprehension was. Had she been fluent, she might be doing a better-paying job than cleaning, so it's possible that figuring out a handwritten sentence, addressed to someone else, on a piece of paper and evaluating its importance would have exceeded her time-budget for the job.
posted by acb at 2:03 PM on October 31, 2017

How feasible is it to turn large amounts of bitcoin into cash these days? Last I heard, admittedly a few years ago, someone trying to cash out a couple hundred bucks worth at once got pretty quickly diverted into a land of meeting dudes in parking lots with expired Target gift cards and similar because there were so few legitimate means to convert the ostensible value into hard currency.
posted by Copronymus at 2:03 PM on October 31, 2017 [2 favorites]

I don't buy lottery tickets very often. But sometimes I'll buy one and then immediately throw it away. I'm not exactly sure why, but I think it has something to do with training myself against his state of mind. If I throw away a winning ticket, I'm still only a dollar poorer than I was. That is all that has changed.

You could optimise that further by, instead of buying the lottery ticket you were going to destroy, throwing the dollar down a drain, giving it to a homeless person (if you're altruistic), or (if being personally a dollar poorer isn't the point) putting it into a savings account.
posted by acb at 2:07 PM on October 31, 2017 [1 favorite]

Is (almost) instantly accessable
Is fool proof
Would be safe if your house burned down
Doesn't rely on other people

Just buy a fireproof safe and put it in there. Bury the safe in your yard if you want to go the extra mile. If you forget where you buried it, buy a metal detector.
posted by Autumnheart at 2:30 PM on October 31, 2017 [1 favorite]

how will i remember where i put the metal detector
posted by bondcliff at 2:32 PM on October 31, 2017 [15 favorites]

Also, at least the guy who lost his million-dollar Bitcoin hard drive didn’t spend three grand to get it in the first place. $3K is a decent chunk of change to me. If I put down that kind of cash on something, I wouldn’t depend on “random post-it lying around” to secure it.
posted by Autumnheart at 2:35 PM on October 31, 2017 [3 favorites]

Bondcliff, you’d be a shitty pirate.
posted by Autumnheart at 2:35 PM on October 31, 2017 [5 favorites]

I wonder how good the housekeeper's written English comprehension was. Had she been fluent, she might be doing a better-paying job than cleaning
This is a weird assumption.
posted by soelo at 2:46 PM on October 31, 2017 [7 favorites]

I am very glad I do not go to these sorts of lengths to "secure" access to my cryptocurrency from everyone, including myself.
posted by egypturnash at 2:50 PM on October 31, 2017

he could've considered the whole thing a $3,000 experiment gone wrong.

This freelance database says that as of two years ago, Wired paid $2/word for print articles. Even if it's really only $1/word, that piece is 6000+ words long. If it did appear in the print version, he would have doubled (or quadrupled) his original cost just by writing the article.
posted by LeLiLo at 2:53 PM on October 31, 2017

paper + magnet = fridge

Dang. If only he knew how easy it was to manufacture major home appliances, he could have gone into business selling those instead of dicking around with newfangled computer number money.
posted by sexyrobot at 3:13 PM on October 31, 2017 [6 favorites]

I know I'm missing something with all of these convoluted suggestions, but why not just use a password manager that syncs across multiple devices. Seems to me that this is exactly what they were invented for. And the author mentions that as the smart move. Why look for something that is not technology dependent?
posted by bluejayway at 3:31 PM on October 31, 2017

soelo: "I wonder how good the housekeeper's written English comprehension was. Had she been fluent, she might be doing a better-paying job than cleaning
This is a weird assumption."

It's an unfortunate and uncharitable guess, but lord knows that in Los Angeles (where Frauenfelder lives) and in many other parts of this country lack of English proficiency is a barrier to "well-remunerated wage employment in the formal sector of the economy."
posted by crazy with stars at 4:06 PM on October 31, 2017

It's an unfortunate and uncharitable guess, but lord knows that in Los Angeles (where Frauenfelder lives) and in many other parts of this country lack of English proficiency is a barrier to "well-remunerated wage employment in the formal sector of the economy.".

That's not the weird assumption. The weird assumption is that someone doing low-wage work, in a sector often associated with Hispanic workers, is probably not fluent in English.

(I'm reminded of the scene in Maid in Manhattan where two hotel guests are having a conversation in front of Jennifer Lopez's character and assume that she doesn't speak English and doesn't understand them. Jennifer Lopez of course proves them wrong by giving them on-point fashion advice. If you want to know why that assumption was "weird", watching that scene might be a fun way to learn.)
posted by Kutsuwamushi at 4:13 PM on October 31, 2017

Hide it in plain sight with a little misdirection: in a list of phone numbers (Johnathan Coin 551-4454), in your address book (John Bitter, 55144545 Coin Ave.), a note in sharpie on your furnace (replacement filter part #55144545)...
posted by 445supermag at 4:19 PM on October 31, 2017 [4 favorites]

It's worth noting that the orange paper in question also had 24 random words and a number string written on it. It was meaningless by design. Burden of proof would be to demonstrate it wasn't trash, in my opinion.
posted by smokysunday at 4:23 PM on October 31, 2017 [3 favorites]

Anecdotally, in London, as well, most of the cleaners (in offices and homes) I've met have spoken ungrammatical English with a limited vocabulary. Presumably the majority of people who can work as cleaners and are reasonably fluent in English soon find better-paid jobs.

That and/or with rents and wages being what they are, they have no time or money to study English. (The government doesn't provide free courses here, as they do in, say, Germany or Scandinavia; we Anglocapitalists leave that to the Invisible Hand of the Market, and that usually decrees in favour of paying rent, feeding one's children and/or sending remittances to family back home rather than the bourgeois luxury of self-development.)
posted by acb at 4:27 PM on October 31, 2017 [2 favorites]

Isn't this the guy who shit all over the garbage man for accidentally clipping the power line to his house? (So I read the line about the housekeeper being a bit-more agenda-esque than maybe others do.)
posted by maxwelton at 4:30 PM on October 31, 2017 [1 favorite]

acb: You could optimise that further by, instead of buying the lottery ticket you were going to destroy, throwing the dollar down a drain, giving it to a homeless person (if you're altruistic), or (if being personally a dollar poorer isn't the point) putting it into a savings account.

Even better, I could give the lottery ticket to a homeless person. The other suggestions optimize the essence out of the exercise.
posted by clawsoon at 4:38 PM on October 31, 2017

Presumably the majority of people who can work as cleaners and are reasonably fluent in English soon find better-paid jobs.

Your limited personal experience in London does not justify making that assumption about the house cleaner in the story.

(Seriously, it's a good scene, worth watching. It could be educational too!)
posted by Kutsuwamushi at 4:38 PM on October 31, 2017

"My plan was to buy a length of flat aluminum stock and letterpunch the 24 words onto it, then store it somewhere safe. "

I took the paper into Jane’s bedroom, stuck it under her pillow, and we took a Lyft to LAX.

I...I...wha?

And then I remember being gobsmacked by the author's idea to sell everything and move to an island in the South Pacific with his 2 then-tiny girls. Their goal was to pursue true simplicity. It lasted until the baby got sick and -- shock! -- he realized tiny islands in the South Pacific don't have the medical care he was used to in Los Angeles.

He sure has ideas.
posted by kimberussell at 4:39 PM on October 31, 2017 [20 favorites]

how will i remember where i put the metal detector

Write it down, dear Henry, dear Henry, dear Henry
Write it down, dear Henry, dear Henry, write it down.
posted by Naberius at 4:48 PM on October 31, 2017 [5 favorites]

kiberussell: And then I remember being gobsmacked by the author's idea to sell everything and move to an island in the South Pacific with his 2 then-tiny girls. Their goal was to pursue true simplicity. It lasted until the baby got sick and -- shock! -- he realized tiny islands in the South Pacific don't have the medical care he was used to in Los Angeles.

One measure of wealth is how many stupid decisions you can make without facing serious consequences.
posted by clawsoon at 4:51 PM on October 31, 2017 [27 favorites]

Which is how we know that Donald Trump must be even wealthier than he claims to be. Quite likely the richest man in the world!
posted by Naberius at 4:57 PM on October 31, 2017 [3 favorites]

Kutsuwamushi: "The weird assumption is that someone doing low-wage work, in a sector often associated with Hispanic workers, is probably not fluent in English."

I think that's probably true -- especially for formal work outside the home, which is more likely to be higher paying and not under the table -- but I also think that house cleaners in particular are particularly likely to be poor English speakers. According to the 2012 ACS, in the industry of 'private households' (including cooks, maids, gardeners, etc.) the share of people with low English proficiency divided by the share of non-LEP people is greater than 5 (p. 13). That is, close to 85% of people who work in private homes have only low English proficiency. I'm not sure it's still a weird assumption at that point.
posted by crazy with stars at 6:19 PM on October 31, 2017

I cleverly avoided this very problem by cashing out when my $100 was worth $800, because I have the patience of a hummingbird.
posted by mecran01 at 6:24 PM on October 31, 2017 [2 favorites]

Presumably the majority of people who can work as cleaners and are reasonably fluent in English soon find better-paid jobs.

Maybe in a big city? Around here the cleaning people speak the same English as I do. Their jobs pay better than working at the gas station.

I like how this story turned into an interesting hackery story because up til the end it was basically a White Man's Anxiety After Cascading Bad Decisions article which, even if it's relatable, still gives me the shivers after watching this current administration fumble around in much the same way.
posted by jessamyn at 6:25 PM on October 31, 2017 [3 favorites]

Once upon a time there was a bitcoin fountain, and it gave out 5 bitcoins for free.
posted by MikeWarot at 6:50 PM on October 31, 2017 [2 favorites]

Wait, so in the end he *didn't* lose $30k in bitcoin? Or is my reading comprehension just shot?

He lost the monies... for a while, some of which permanently.
posted by Samizdata at 7:12 PM on October 31, 2017

He found them again, except for the ones he paid the kid who figured out how to crack his flash drive thingie.
posted by Naberius at 7:16 PM on October 31, 2017 [1 favorite]

his 10,000 bitcoins would be worth $63.5 million now.

Suppose I had 10,000 bitcoins, and I decided I'd rather have 63.5 million dollars. Could I actually sell them for that much? Are that many people buying bitcoins that dumping 10k of them on the market wouldn't make the price fall, for one thing.
posted by thelonius at 7:24 PM on October 31, 2017 [3 favorites]

tHe besT plACe to enCodE YoUR passWOrD is In a MetafIlTEr tHreaD ON forgETTinG passWorDS!
posted by thandal at 7:43 PM on October 31, 2017 [5 favorites]

I keep all my bitcoin stashed at Mt. Gox, where it is so safe it cannot be accessed by anybody ever.

Before that winning move, I managed to extract $1K as actual hu-mon monies but only via a painful process that involved going to the bank building and shaming the manager man for suggesting that my bitcoin might represent ill-gotten gain from nefarious activities, and his lame reluctance to okay the transaction on the basis that he didn’t want to get in trouble. I wagged my finger at him until he relented.

I was happy with my investment of $0 growing so markedly, but extracting the winnings was such a pain I wasn’t eager to play again.

P.S. Is it technically “nefarious” to install mining software on under-utilized workstations when you leave a company? If so, please don’t tell the bank manager. I really let him have it for questioning the upstanding nature of my noble character.
posted by Construction Concern at 7:56 PM on October 31, 2017 [2 favorites]

Eh, these days small dollar conversions are pretty painless if you have a Bitcoin ATM nearby. For larger amounts, assuming the sourcing is legitimate, there are reasonably legit exchanges where you can convert 5 figures fairly easily. More than that and it gets difficult, or if your coins are from illicit activities and not mining or speculation or sales of legit goods like some retailers now accept BTC for.
posted by wierdo at 8:15 PM on October 31, 2017

Clawsoon, you're looking for Shamir's Secret Sharing algorithm. It allows N of M shares to be combined to recover the secret. It does seem well suited for estate planning.
posted by autopilot at 8:39 PM on October 31, 2017 [4 favorites]

Just make your password a memorable English sentence with at least 100 bits of entropy and type it into a computer a few hundred times. Geez. And don't store 10s of thousands worth of any asset on any system designed for convenience.
posted by Coventry at 11:51 PM on October 31, 2017

And don't store 10s of thousands worth of any asset on any system designed for convenience.

So all those little jars I keep in my freezer is a bad idea?
posted by maxwelton at 2:17 AM on November 1, 2017

Is it technically “nefarious” to install mining software on under-utilized workstations when you leave a company?

yes?
posted by thelonius at 3:28 AM on November 1, 2017 [2 favorites]

I can't wait until the bitcoin crowd discovers a currency is only as good as the army behind it.

wonder how good the housekeeper's written English comprehension was.

I wonder what she spent her bitcoins on.
posted by spitbull at 4:21 AM on November 1, 2017 [5 favorites]

c) Directly encode your password in a row of trees; or, for an entomologist, in a display case of visually near-identical beetles.

By Jove, I believe you've solved the mystery of the Nazca Lines!
posted by Lunaloon at 5:51 AM on November 1, 2017 [2 favorites]

Suppose I had 10,000 bitcoins, and I decided I'd rather have 63.5 million dollars. Could I actually sell them for that much? Are that many people buying bitcoins that dumping 10k of them on the market wouldn't make the price fall, for one thing.

This is the point I like to push on with my Dunning-Kruggerand-obsessed associates. Let's say your 20 coins actually do continue to appreciate, in stark contrast to the laws of basic economics and every other weird pump-and-dump Dutch-tulip-scheme in the history of time, and they go to $50K. Woohoo, instant millionaire! Let's cash out!

Huh, that's funny, this isn't like selling 10 shares of IBM through my brokerage account. I have to find someone willing to actually pay me my fantastically inflated sum. Well, no worries, I'm sure the free market will make sure there's no shadiness afoot with this fly-by-night escrow account they're using.

But sure, let's handwave away the actual logistical difficulties of selling your bits. It's a done deal! Wait, what do you mean it's not trivial to drop a million dollars into my Bank of America savings account? Mandatory reporting on anything over $10K? No, I'm sure it's fine the money came from a bank transfer from a location geocoded to Stalingrad, it's not like there's anyone who's watching this sort of thing closely. And I'm sure that money came from a respectable hard-working American who just happened to have a seven-digit sum of liquid assets lying around--it's not the people who want to convert their liquid assets into untraceable digital currency are Kyrgyzstani weapons smugglers or something. Nope, I'll enjoy this free money with no logistical entanglements and with a clean conscience.
posted by Mayor West at 6:19 AM on November 1, 2017 [5 favorites]

I think Bitcoin is shit at 75% of the uses of a currency and that its valuation and volatility far outstrips anything reasonable for the remaining things it could be useful for, but that's a pretty unfair argument.

If a currency is bad because it is used to mediate illicit exchange then every currency in the history of the world is tainted.

The problem is that it's a novelty wooden nickel and people are treating it like a dollar or pound sterling.
posted by wierdo at 6:32 AM on November 1, 2017 [2 favorites]

I freely admit I'm an idiot. I don't thing many people would have made as many dumb mistakes as I did to end up in the predicament I created for myself. I wrote the story because it had a happy ending, thanks to a hardware wallet that wasn't as secure as advertised and an incredibly bright kid who recovered my private keys for me.
posted by ottomatik at 1:44 PM on November 1, 2017 [17 favorites]

FWIW, I don't think you're an idiot for this. This, or something like it, could happen to anyone, for any number of reasons. Anyone who claims otherwise is, well, an idiot.
posted by bondcliff at 1:55 PM on November 1, 2017 [3 favorites]

Thanks, Bondcliff. That's nice of you to say.
posted by ottomatik at 2:01 PM on November 1, 2017

It really drives home the point of the level of security/back up needed for a PIN that I can reset by taking some paperwork to my bank, and the ephemeral nature of digital currency where there is no authority...
posted by bystander at 2:15 PM on November 1, 2017

Huh, that's funny, this isn't like selling 10 shares of IBM through my brokerage account.

Coinbase makes this extremely easy. The 24-hour volume on their trading platform was 16,140 BTC, if I'm reading it correctly. Your 20 BTC won't even make a dent. And your counterparties are governed by US KYC and AML regulations.
posted by Coventry at 3:26 PM on November 1, 2017 [2 favorites]

Currency isn't dependent on an army behind it, but rather the expectation that it will be accepted as a form of payment. The US military can't make people take dollars, but they can force nations to think twice before selling oil for any other currency. This is the basis of the Petrodollar, set up by Nixon in the 1970s. The constant demand for dollars to use in buying oil, and inertia, are the only factors keeping the US dollar afloat these days.

Soon that will change, and it's possible that the PetroYuan will replace it, or maybe we'll revert to hard money (based on precious metals), but I doubt that bitcoins will be the currency of choice for most of the human race any time soon.
posted by MikeWarot at 4:22 PM on November 1, 2017

Oh frak, I'm halfway through trying to recover the Coinbase account that I created with an old email that I no longer have access to. Their test-charges to my CC got flagged as suspicious and their ID verification crapped out on me.

Luckily it's only the "free $10 of Bitcoin" for signing up way long ago and not real money, but it's worth like $149 now.

Guess I should get back on that.
posted by zengargoyle at 5:06 PM on November 1, 2017

In other cryptocurrency-related news, Statement on Potentially Unlawful Promotion of Initial Coin Offerings and Other Investments by Celebrities and Others -- SEC Division of Enforcement and SEC Office of Compliance Inspections and Examinations.
posted by Coventry at 6:07 PM on November 1, 2017

Actual fucking cash money in your pocket or bank or superannuation account is "crypto" enough since it isn't tied to or representative anything that is real or tangible, because if it was we wouldn't have lost a shit-ton of our retirement savings during the GFC. So...have fun with your Nvidia arrays, nerds!
posted by turbid dahlia at 9:34 PM on November 1, 2017

Not related to bitcoins, but my phone has a similar lock on it and one afternoon my daughter manager to lock me out for like an hour. No money involved, but it was a trying time.

Related to bitcoins, whenever I want to feel sorry for myself I think back to ten years ago when a friend and I used to joke about how stupid and worthless bitcoin was. Hindsight is 20/20 and all, and even if I had bought bitcoin then I'm sure I would have sold it long ago and still regretted it, so it really doesn't matter. Still, that nonexistent money is well spent in my imagination.
posted by Literaryhero at 4:24 AM on November 2, 2017

Oh, if you want kicking yourself, I can hang with that. Back when BTC was barely over $100 I figured I could make some money with those newfangled ASIC miners. At the then-current difficulty and given projected difficulty growth (which turned out to be too pessimistic!) I'd have made my money back in two weeks and I'd have made at least a couple hundred coins to hang onto after selling what was needed to pay for direct expenses and stopping once the cost of electricity exceeded its then-current value in BTC. In reality, I probably would have tacked on at least another 10-20 by letting them run for an extra month, which all by itself would be nothing to sniff at at today's prices.

Sadly, nearly everyone I knew called it a bad idea and I believed them. It's not that I think BTC is a good investment, just that at the time there was a nearly 100% chance of profit given the state of the market at that particular moment. Only needed a month, so long term viability was irrelevant.
posted by wierdo at 6:32 AM on November 2, 2017 [1 favorite]

Have fun with inflation I guess, dahlia.
posted by Coventry at 8:52 AM on November 2, 2017