Hacker News new | ask | show | jobs
by memorymappings 3129 days ago
Question as I'm not a "hacker" and don't claim to be, but what are the worst possible case scenarios with hacakable 2FA outside of individuals getting screwed over as opposed to the platform itaelf becoming unstable? Secondly 2FA has never claimed to be 100% secure by any company unless coinbase is promising to be the first company to do so? That is my understanding but if there is something particularly vulnerable about coinbase or gdaxes implementation of 2FA what is it? I know you can set up multiple forms of backup but I use Google authentiactor which becomes just about as vulnerable as who can get into my phone depending on where I leave it if I lock my phone if I lock the app etc etc just like any other form of 2FA? I'm genuinely curious as I am just learning about encryption in my spare time but by no means an expert.

Regardless about coinbase being insecure in general I was looking/curious about the bug bounties coinbase has been offering (and for gdax too as they are under the same company umbrella) and the highest bounty bid range that has been claimed is $5k but they offer up to $50k in bug bounties up to remote exectuable code for gdax.

As far as the $140milliom, coinbase/gdax are hiring multiple positions for backend gdax senior engineers and other support. The recent infusion of $140million is only from a few months ago so I'm pretending the money wisely and hiring high quality people doesn't happen overnight.

Secondly, alot of the funding has been spent on fees for liscensing in NY as coinbase continued to pull through as multiple other platforms pulled out of NY when it became nightmarishly expensive and overly complicated to deal with relative to every other state.

Finally, as coinbase is one of the few maybe the only besides one or two others that is liscensed in NY that means wallstreet is trading on it, so the spikes are definitely subject to be exposed or show other latency issues on the platforms that are legal for people to use, now that multiple banks have come out and acknowledged they are trading with BTC.