[pejrich]

I agree with McAfee here. Just because they accessed something they weren't supposed to, doesn't mean it was hacked. The system fails when someone gets access to the coins, because that's what the system was designed to protect. I'm not claiming McAfee is correct about anything else, or that the system really is secure, but the point stands that a system designed to secure coins, can only be considered a failure if you manage to extract coins.

[cybergibbon]

It's a hardware wallet. It doesn't have any coins in it. It has private keys.

As the article says, the keys have been recovered from a Bitfi, allowing access to the funds.

I am not sure what else you require for it to be called hacked.

[pejrich]

Then perhaps I'm naive about how all this works. But to me there's a difference between accessing keys, and accessing funds. Are these the exact keys, in the exact format, that someone could use to access the coins? For example, if someone were to "hack" my site, and get access to hashed passwords, this would be seen as a breach, and my system would be described as insecure (which is fair), and it could cause issues for people, but getting a hashed password is not the same as getting a plain text password. Are the keys they recovered from the device the equivalent of a plain text password, or a hashed password? Let's say I create a hardware wallet that stores 2 keys (123 and 456), and it uses those two keys to create a private key by doing stuff to it. So 123 and 456 create the pk 132435. Of course this is a terrible system, and not safe at all, but my point is, accessing 123 and 456, is not the same as accessing the actual pk (132435).

[ryan-c]

I reversed the algorithm for going from salt and passphrase to private keys a month ago.

https://rya.nc/bitfi-wallet.html

That particular version of the code doesn't print the private key, but it can be trivially modified to do so.

We demonstrated using the salt and passphrase to extract coins from wallets without the hardware several weeks ago.