He then proceeds to say that he backed up his unencrypted wallet to "dropbox, wuala, and spideroak", which doesn't strike me as extremely clever when you're talking about something in the half a million price range.
On the other end it's a good cautionary tale. I'm quite curious about this bitcoin thing, but this reminds me I definitely don't want to secure all my money myself without any insurance or guarantees. A stupid mistake and shazam you lost all your money.
Regarding the issue of whether the application should encrypt the wallet by default, it'd probably be a good thing to have but I'm not sure it would have helped in this case. The wallet would have to be decrypted in order to mine or execute any transaction and the attacker was obviously targeting the bitcoin wallet specifically, so it could just have installed a keylogger or whatever to catch the passphrase, like they do with banking sites (or wait until the walled is decrypted and dump it then, or install a backdoored version of the bitcoin client...).
On the other end it's a good cautionary tale. I'm quite curious about this bitcoin thing, but this reminds me I definitely don't want to secure all my money myself without any insurance or guarantees. A stupid mistake and shazam you lost all your money.
Regarding the issue of whether the application should encrypt the wallet by default, it'd probably be a good thing to have but I'm not sure it would have helped in this case. The wallet would have to be decrypted in order to mine or execute any transaction and the attacker was obviously targeting the bitcoin wallet specifically, so it could just have installed a keylogger or whatever to catch the passphrase, like they do with banking sites (or wait until the walled is decrypted and dump it then, or install a backdoored version of the bitcoin client...).