http://blogs.wsj.com/moneybeat/2014/...n-opportunity/

Getty Images
Welcome to BitBeat, your daily dose of crypto-current events, written by Paul Vigna and Michael J. Casey.
Bitcoin Latest Price: $489.47, up 3.15% (via CoinDesk)
Crossing Our Desk:

- Data breaches, identity theft, having your nude selfies swiped from the cloud and published online, these have become normal occurrences in the modern age. Okay, maybe the last applies only to celebrities. But in a digital age, you’re at risk of online theft, whether you’re Kate Upton or just some average Joe buying mums at Home Depot.
Can a better mousetrap be built with bitcoin? The answer is a definite maybe, but it means the entire nascent industry will have to not only build more secure systems, it will have to build more secure systems that can withstand widespread public use, malicious attacks, and overcome the distrust of a skeptical public. That’s a tall order.
The irony is that even after the massive Target data breach, even with Home Depot now in the news amid stories about breaches, the existing payments system is so ingrained in people’s daily lives that most people just accept these risks. On the other hand, when it comes to bitcoin, what most people think about is the Mt. Gox scandal.
The number of hacks, theft, and cons from bitcoin’s early days are a stain on its reputation. The Mt. Gox scandal may have been about a specific company’s shoddy product but the fact that somebody was able to stroll into Mt. Gox’s servers and stroll out with 850,000 bitcoins left a lasting impression upon the public.
The problem, in both the bitcoin and real world, starts with what could be called “single signature” accounts, where all that’s need to gain access is a password. Passwords are hackable, no matter whether the password is “1 2 3 4 5″ or some long combination of numbers and upper- and lowercase letters. Indeed, it appears that this was the crux of the celebrity-hack scandal (at least, that’s Apple’s take). “ It’s time we start outright blocking passwords common enough that they can be online brute forced, and it’s time we admit we know what they are,” Dan Kaminsky, a well-known hacker and co-founder of a firm called WhiteOps, wrote in a blog post this week.
It’s a problem in the bitcoin world, too. The single point of access is what allowed the Mt. Gox scandal to happen, and every individual who falls for a phishing scam understands this as well. It’s not unusual for some bitcoiners to simply print out their wallet account number and keys and store them offline to completely remove the risk of having them stolen.
What’s needed is at least a dual-key system, where two points of access are required for an account, and this is what bitcoin is moving toward. It’s not a guaranteed win, this article from Bitcoin Magazine lays out some pros and cons, but it is a move toward a better system.
“Mt. Gox will never happen again,” said Will O’Brien, CEO of BitGo, a wallet-security firm that counts among its clients the Bitcoin Foundation, Gyft, ZipZap, CoinTerra, and as of today Bitfury. The kinds of more-secure features being developed by his company and others he hopes will eventually form much-needed industry standards. In bitcoin circles, this is called “multi-sig,” short for multiple signatures, meaning more than one key, i.e., a password, is needed for access, and it’s a key feature of BitGo’s service.
Coinbase released a new kind of account it calls “the vault” that features multi-sig. Jeremy Allaire’s Circle Internet Financial’s accounts make use of multi-sig as well. BitPay developed a wallet it calls Copay that makes use of multi-sig as well.
One challenge for bitcoin will be maintaining a high level of security as its universe expands. Assuming bitcoin keeps finding new converts, it will become a more tempting target for hackers. There’s no guarantee that it can “scale,” as the techies like to call it, and still provide the level of security its backers promise. Mike Hearn, one of bitcoin’s lead developers, back in January warned “some people think bitcoin is indestructible, when it is not. In fact, is is very fragile.”
In the end, whichever industry can convince the general public that it has both the most secure and convenient system is going to have a huge advantage in our so very hackable world. (Paul Vigna)