Cyber Security Threats: A Conversation with Cyber Security Expert Kim Crawley

In this video, I sit down with IT & Cyber Security expert Kim Crawley as we discuss IT, Cyber Security, Information Security (InfoSec) and Operational Security (OpSec), Malware, Cyber Attacks and how they intersect with Cryptocurrency and protecting ourselves online. Visit these sites for more Kim Crawley Content:…………

For the work of author Mark Russinovich:


Yes, Exchanges Are The Problem With Crypto

Last year I wrote a post on Steemit titled: Cryptocurrency Exchanges, the 800lbs Gorilla in the room, which you can read at the following link:

Originally my issue with cryptocurrency exchanges was in how long it took for transactions to go through or the fees (Gas) needed to send funds but the more time I spent in this space the more I’ve come to realize that the problem isn’t how long it takes for transactions to go though or how much is required to send or fees or anything like that.

The real problem with the exchanges is the amount of data they collect from users, the fact that for the most part we have no idea who runs them, what they are doing with the money we send them (in cases of fiat to crypto exchanges), and who they are sharing our information with.

Also, consider if a cyber criminal wanted to steal user data, they wouldn’t need to hack the user, they could hack the exchanges.

See: Cryptopia Hacked Again via Crypto Insider:

We forget that the whole point of cryptocurrency, especially Bitcoin, is a peer to peer cash system outside of the fiat markets, that was protected by encryption and backed by trust. Now what we have is a space with over 1500 different coins/tokens and an ever growing number of exchanges offering them, where Crypto was meant to be used without trusted third parties, exchanges have in essence become those third parties.

Exchanges wanting to be compliant with government regulations have begun requiring ever increasing KYC or Know Your Customer Policies. Where first KYC was as simple as name and email address, today KYC includes name, address, telephone number and in some cases social security number or drivers license number. Enough information to steal an identity.

We in this space spend a lot of time talking about public/private keys, proof of keys and if hot wallets are worse than cold. But we forget to talk about does the exchange asking for our data use HTTPS, does it operate out of a country under sanctions, are the owner/operators of these exchanges involved with criminals or war criminals? And more likely, will this exchange sale my information to the highest bidder or give it to the first government agency that ask?

As we progress on the path to mass adoption, the likelihood the exchanges still in existence are run by criminal organizations or war criminals will become increasingly less likely but what will increase is the amount of exchanges willing to sale our data or give it over to government.

CryptoCurrency is still a new and exciting place to be but we need to be vigilant in our dealings with the companies that intend to be its gatekeepers.

Take Care

Jason Nelson