Categories
Cryptocurrency Hardware Review Wallet

John McAfee’s Bitfi Wallet – The “Unhackable” “Hardware” Wallet – An Honest Review

For the past year, I have wanted to buy a cryptocurrency hardware wallet . I haven’t bought a Ledger or a Tresor wallet yet because when I looked into buying one or either of them, I found a lot of stories about how they were arriving to purchasers already compromised. There was a lot of FUD going around about them and I opted to look for something better.

First, I ordered a HooFoo which has still not arrived or possibly even been produced yet. I bought it more than six months ago. The crowdfunding campaign wouldn’t give me a refund and HooFoo recently contacted me to say that it will be shipped…someday. When it does, I will review it. I hope that day comes.

In late June of 2018, I started seeing John McAfee shilling Bitfi an unhackable hardware wallet. “The most unhackable hardware wallet ever made”. For those who don’t know, John McAfee is the guy who invented McAfee software and who was accused of murdering his neighbor in central America and who ran for President as a Libertarian in 2016 and who has become a sort of unwanted step-child poster boy for cryptocurrency and is now a master shiller of all things related to cryptocurrency. McAfee is the William Shatner of crypto, he’ll sell his soul if the price is right – so it wasn’t that I trusted him, it was more that I figured it like this. McAfee is known for hacking. He’s known for crypto. He’s putting his name right on this. Chances were it was a good and possibly a great product. So I ordered one.

Here’s the first announcement I saw: https://bitcoinprice.media/bitfi-and-mcafee-announce-unhackable-crypto-wallet.html

Looks pretty good? Right? Sounds pretty good.

Now, just so you know, I did ask for a free one to review and McAfee told me there were none available.So, I had to pay full price for it. This is a legitimate review with nothing given to me to influence what I would write. Which is kind of too bad for Bitfi. I think it would have worked in their favor to have me obligated. Two days after I ordered it (and ten days before mine arrived in my mailbox), the Bitfi got destroyed by motivated hackers and deconstructed by engineers and then it got hacked..in several different ways.

https://www.theinquirer.net/inquirer/news/3037057/mcafees-bitfi-crypto-wallet-has-been-hacked-inside-a-week

Here’s a snippet from that:

Ryan Castellucci, a security researcher from WhiteOps, described it as “a cheap stripped down Android phone” and strongly advises against using it.

Another set of researchers pointed out that from a secure point of view, the use of Baidu as a search engine, and the inclusion of the Adups ‘spyware’ make for an even less wholesome environment.

Bitfi has gone a bit Trumpy in its response, denying all the accusations and accusing OverSoftNL of actively working for competitors.

My Review

By the time it got to Hawai’i, I had read so many scary reviews about this thing that there was no way I would ever use it to store anything larger than what I would carry in my wallet. I feel more comfortable leaving cryptocurrency on Coinbase and Binance – because Coinbase is insured and Binance has promised they will reimburse if they ever get hacked. This thing…well…

I like technology but I’m not a hard core coder or hacker. I’m an early adopter of platforms and new technology and an innovator in the uses of tech but I’m not a security expert or a hacker – so you can find other reviews that will go into that stuff.

I’m a user of technology and part of the reason I ordered Bitfi was so I could have fun using it. Even after all the bad things I had heard, I was ready to have fun. The box was fun. It had a quote from Satoshi Nakamoto on it. It even said there was a six-sided die inside. That sounded like fun too.

The problem is – it’s not fun. It’s not fun at all. There’s nothing fun about Bitfi.

I opened the box and found what looked like the same Samsung phone I bought in Morocco back in 2012 for $50. It was in a nice blue monogram wallet. The outer box was taped with clear strapping tape. The inner box had been taped with scotch tape. In the box were a charger cord, adapter, the six-sided die, and some instruction cards. And the wallet of course.

Seriously, this thing is almost identical to my old $50 Samsung but when I turned it on, I found the touch screen to not be as responsive. It felt like garage sale technology – the kind you find at G-sales on Saturday mornings. But, I didn’t want to judge, I dove into the instructions.

The first thing I had to do was connect to wifi and then to set up an account on their website using my iphone or a computer. Then I had to sync the old phone..I mean wallet…with the website. The numbers and letters were tiny – actually hard to see with my 46 year old eyes and my fingers must be getting fat because they kept hitting the keys next to the ones I was trying to hit. There were cute instructions about how to use the six-sided die to create an unhackable pass phrase using the cyper on their website. I followed all the instructions, I got it set up, and then I went to transfer a little cryptocurrency in.

It doesn’t do Stellar, Cardano, Tron, Ripple, Eos, Iota, Ethereum Classic, or Bitcoin Cash. It does do Bitcoin, Litecoin, Ethereum, Monero, Neo and a bunch of other coins that McAfee has promoted in the past like Golem, Docademic,Bezop, etc.

So, honestly, I should have read all this before. Most of the currencies I wanted this for are safe because they aren’t supported by the Bitfi. My bad.

I was surprised at how little the wallet does. It’s basically a confirmation device for transactions which are all ran from the Bitfi website on a different device. I pretty much think that sucks. It might be great for security but my thought is this – how is this more secure than just using another website and enabling an authenticator app? Or even going further and getting a hardware authenticator like I used to use on my paypal account back a decade ago. The answer is, it’s not. I’m sure the website is all unhackable and secure, but I bought a hardware device to store my crypto on…not so I could store them on someone’s website. There’s no interface on the device so if the Bitfi site is gone, there is no way to get your funds. I know I’m a simple caveman but this seems like bullshit to me…

Look at that handsome wallet though! And, it’s got a great box. But, when it comes time to punch in your salt and your phrase, be prepared with your magnifier glasses and also make sure that you don’t pick any of the letters or numbers near the sides because this old phone doesn’t have a nimble modern keyboard that pops up – it’s like trying to use the first touch enabled devices in the late 1990s. Remember those video trivia games in all the beer joints back when people didn’t have phones to stare at? It’s like that. Expect to hit the same button a few times and make some mistakes.

On the positive side, it was only $120 including shipping and it arrived within two weeks. It has a great box, nice case, and ships with a die.

On the negative side – I pretty much hate this thing and never plan on using it for anything unless I have to. Maybe someday I can put it in the Cryptocurrency Museum if I keep it preserved good enough. I don’t like the website or interface. I don’t really want to carry this thing around with me or have it take up space in my safe deposit box. It’s already a relic.

Don’t buy the Bitfi. I’d tell you this even if they’d given it to me for free but maybe I would say it in a nicer way like “I see a really good future for the Bitfi when they solve a few early quirks that keep popping up” – and that’s true. I really like the idea of shipping an old phone with a die, but personally, I would have probably been more impressed with an eight-sided or a 12-sided die.

 

Categories
Cryptocurrency

Keeping Your Bitcoin and Cryptocurrency Safe – An Introduction to Crypto Wallets

Congratulations! You’ve bought some crypto! Maybe you bought a piece of a bitcoin, a whole bitcoin, a litecoin, some XRP, a Lumen, some Ethereum, or Digibyte…it doesn’t really matter. The good news is that you bought some crypto and you are asserting your currency independence.

Or are you?

Here’s something a lot of people don’t think about. When you buy cryptocurrency, what you are doing is claiming a piece of the blockchain. Your public key allows anyone to see that your crypto belongs to the address that you have parked it at. Your private key allows you to move it to a different address if you want to. Remember, blockchain is a permanent (immutable) ledger of transactions. Which brings up a good point – the only way your transaction is private is if you are using a privacy coin like Monero which tears up the transaction records or if there is no way to associate you with your public address. When people buy crypto – most people buy it on an exchange. Exchanges like Coinbase handle all of this for you and because of anti-money laundering laws (AML) and know your customer (KYC) rules…there is no such thing as privacy AND – and this is important, while you are the legal holder of your crypto – the private keys are actually held by the exchange – so you can request them to move your crypto to somewhere else (another wallet, a friend, etc) but they have the custody and if something happens (a big hack like Mt. Gox for instance) your coins and tokens can be lost and never recovered.

And that, my friends, is why the old timers in crypto advise you to never keep your cryptocurrency on the exchanges. You need to have control of your own keys and to do that, you have to have a way to account, move, track, send, and recieve. Welcome to the world of crypto-wallets. This will be a brief guide and in time, I will be adding individual reviews of the various solutions presented here.

There are many different wallets.

Exchange Wallets

There are the aforementioned exchange wallets which allow the exchanges to control your currency. This is important if you are actively trading. Some exchanges guarantee that your holdings are protected. Binance is one of these. Advantages of exchange wallets are that you can buy, sell, and trade. Exchange wallets usually take care of airdrops, forks, and mainnet swaps for you. The disadvantage is that your every move is being monitored, your accounts are clearly tied to you, and you do not actually control your keys. So, if currency independence or privacy are one of your reasons for investing in crypto – keep your crypto somewhere else.

Browser Wallets

Browser wallets aka Web Wallets use an online interface to keep track of your crypto. Again, if privacy is an issue, you have to take some extra steps because your computers IP address and other factors are showing the world who has control of that wallet. Probably the most popular browser wallet is MEW aka MyEtherWallet.com

Since Ethereum has been used to build thousands of ERC-20 compliant tokens – a browser wallet like MEW is very useful because it can hold them all. Also, since the contents of the wallet are visible to anyone on the blockchain – if you hold your Ethereum in a MEW or similar wallet, you will get air drops of new ERC-20 tokens from time to time if you are holding any Ethereum.

Software Wallets

Similar to MEW but downloaded onto your machine or device are software wallets. Software wallets are also known as desktop or mobile wallets. The main advantage to using a software wallet is that they are more secure because they are on your machine or device. Some examples are JAXX, Mycelium, Electrum, and Green Wallet. Generally, when you set these up, your private key is given to you and encrypted using a series of words which are also given to you. This means you can recover your wallet even if your computer or phone is stolen or broken. A similar system is used with browser wallets. The difference is that a browser wallet can be logged into from anywhere as long as you have your keys, the software wallet is only on your device.

Hardware Wallets

There are a growing number of hardware wallets. Ledger, Trezor, Bitific, and more. I will offer reviews of some of these in the future. One wallet which I ordered and was excited to demo was the HooFoo wallet. The company has unfortunately proven to be a fly by night scam and has not shipped wallets to any of their backers or offered refunds. It’s a shame because it looked like a very good solution. In any event, hardware wallets are not dependent on your computer, the web, or exchanges. By storing your cryptocurrency on a hardware wallet, you are retaining full control of your crypto and retaining the maximum amount of currency independence.

Paper Wallets, Wallet Cards, etc

A paper wallet is little more than a bitcoin or crypto private key printed on a piece of paper. Nothing complex about it. Wallet cards are a way of digitally managing private keys offline but still loading and spending online. Paper wallets are as secure as you keep them – think of them as almost the same thing as dollar bills. If you leave them lying around, they will probably disappear.

So, in summary: cryptocurrency is moved around with numbers and math. The math is complex and for all intents and purposes impossible to counterfeit unless you have two sets of numbers – the public key and the private key. Wallets are a way of managing and keeping those keys safe. Many people call any wallet with an online component a soft or hot wallet and any wallet that is offline a cold or hard wallet. Cold wallets are safer than hot wallets.