John McAfee’s Bitfi Wallet – The “Unhackable” “Hardware” Wallet – An Honest Review
Posted On August 10, 2018
For the past year, I have wanted to buy a cryptocurrency hardware wallet . I haven’t bought a Ledger or a Tresor wallet yet because when I looked into buying one or either of them, I found a lot of stories about how they were arriving to purchasers already compromised. There was a lot of FUD going around about them and I opted to look for something better.
First, I ordered a HooFoo which has still not arrived or possibly even been produced yet. I bought it more than six months ago. The crowdfunding campaign wouldn’t give me a refund and HooFoo recently contacted me to say that it will be shipped…someday. When it does, I will review it. I hope that day comes.
In late June of 2018, I started seeing John McAfee shilling Bitfi an unhackable hardware wallet. “The most unhackable hardware wallet ever made”. For those who don’t know, John McAfee is the guy who invented McAfee software and who was accused of murdering his neighbor in central America and who ran for President as a Libertarian in 2016 and who has become a sort of unwanted step-child poster boy for cryptocurrency and is now a master shiller of all things related to cryptocurrency. McAfee is the William Shatner of crypto, he’ll sell his soul if the price is right – so it wasn’t that I trusted him, it was more that I figured it like this. McAfee is known for hacking. He’s known for crypto. He’s putting his name right on this. Chances were it was a good and possibly a great product. So I ordered one.
Now, just so you know, I did ask for a free one to review and McAfee told me there were none available.So, I had to pay full price for it. This is a legitimate review with nothing given to me to influence what I would write. Which is kind of too bad for Bitfi. I think it would have worked in their favor to have me obligated. Two days after I ordered it (and ten days before mine arrived in my mailbox), the Bitfi got destroyed by motivated hackers and deconstructed by engineers and then it got hacked..in several different ways.
Ryan Castellucci, a security researcher from WhiteOps, described it as “a cheap stripped down Android phone” and strongly advises against using it.
Another set of researchers pointed out that from a secure point of view, the use of Baidu as a search engine, and the inclusion of the Adups ‘spyware’ make for an even less wholesome environment.
Bitfi has gone a bit Trumpy in its response, denying all the accusations and accusing OverSoftNL of actively working for competitors.
By the time it got to Hawai’i, I had read so many scary reviews about this thing that there was no way I would ever use it to store anything larger than what I would carry in my wallet. I feel more comfortable leaving cryptocurrency on Coinbase and Binance – because Coinbase is insured and Binance has promised they will reimburse if they ever get hacked. This thing…well…
I like technology but I’m not a hard core coder or hacker. I’m an early adopter of platforms and new technology and an innovator in the uses of tech but I’m not a security expert or a hacker – so you can find other reviews that will go into that stuff.
I’m a user of technology and part of the reason I ordered Bitfi was so I could have fun using it. Even after all the bad things I had heard, I was ready to have fun. The box was fun. It had a quote from Satoshi Nakamoto on it. It even said there was a six-sided die inside. That sounded like fun too.
The problem is – it’s not fun. It’s not fun at all. There’s nothing fun about Bitfi.
I opened the box and found what looked like the same Samsung phone I bought in Morocco back in 2012 for $50. It was in a nice blue monogram wallet. The outer box was taped with clear strapping tape. The inner box had been taped with scotch tape. In the box were a charger cord, adapter, the six-sided die, and some instruction cards. And the wallet of course.
Seriously, this thing is almost identical to my old $50 Samsung but when I turned it on, I found the touch screen to not be as responsive. It felt like garage sale technology – the kind you find at G-sales on Saturday mornings. But, I didn’t want to judge, I dove into the instructions.
The first thing I had to do was connect to wifi and then to set up an account on their website using my iphone or a computer. Then I had to sync the old phone..I mean wallet…with the website. The numbers and letters were tiny – actually hard to see with my 46 year old eyes and my fingers must be getting fat because they kept hitting the keys next to the ones I was trying to hit. There were cute instructions about how to use the six-sided die to create an unhackable pass phrase using the cyper on their website. I followed all the instructions, I got it set up, and then I went to transfer a little cryptocurrency in.
It doesn’t do Stellar, Cardano, Tron, Ripple, Eos, Iota, Ethereum Classic, or Bitcoin Cash. It does do Bitcoin, Litecoin, Ethereum, Monero, Neo and a bunch of other coins that McAfee has promoted in the past like Golem, Docademic,Bezop, etc.
So, honestly, I should have read all this before. Most of the currencies I wanted this for are safe because they aren’t supported by the Bitfi. My bad.
I was surprised at how little the wallet does. It’s basically a confirmation device for transactions which are all ran from the Bitfi website on a different device. I pretty much think that sucks. It might be great for security but my thought is this – how is this more secure than just using another website and enabling an authenticator app? Or even going further and getting a hardware authenticator like I used to use on my paypal account back a decade ago. The answer is, it’s not. I’m sure the website is all unhackable and secure, but I bought a hardware device to store my crypto on…not so I could store them on someone’s website. There’s no interface on the device so if the Bitfi site is gone, there is no way to get your funds. I know I’m a simple caveman but this seems like bullshit to me…
Look at that handsome wallet though! And, it’s got a great box. But, when it comes time to punch in your salt and your phrase, be prepared with your magnifier glasses and also make sure that you don’t pick any of the letters or numbers near the sides because this old phone doesn’t have a nimble modern keyboard that pops up – it’s like trying to use the first touch enabled devices in the late 1990s. Remember those video trivia games in all the beer joints back when people didn’t have phones to stare at? It’s like that. Expect to hit the same button a few times and make some mistakes.
On the positive side, it was only $120 including shipping and it arrived within two weeks. It has a great box, nice case, and ships with a die.
On the negative side – I pretty much hate this thing and never plan on using it for anything unless I have to. Maybe someday I can put it in the Cryptocurrency Museum if I keep it preserved good enough. I don’t like the website or interface. I don’t really want to carry this thing around with me or have it take up space in my safe deposit box. It’s already a relic.
Don’t buy the Bitfi. I’d tell you this even if they’d given it to me for free but maybe I would say it in a nicer way like “I see a really good future for the Bitfi when they solve a few early quirks that keep popping up” – and that’s true. I really like the idea of shipping an old phone with a die, but personally, I would have probably been more impressed with an eight-sided or a 12-sided die.