McAfee: Calling Bitfi unhackable may have been 'unwise' but it was great marketing

Updated: The "unhackable" wallet saga may have been little more than salesmanship designed to provoke controversy.
Written by Charlie Osborne, Contributing Writer

A claim made by John McAfee that the Bitfi cryptocurrency wallet was "unhackable" sparked controversy and derision, leading to a queue of researchers eager to prove otherwise.

The $120 Bitfi wallet, backed by McAfee, is advertised as a hardware solution for accessing cryptocurrency. The wallet is said to have "fortress-like" security which cannot "be hacked or penetrated by outside attacks."

See also: 'Unhackable' Bitfi wallet circus delights security researchers with hacking challenge

Researchers quickly proved that it was hackable, penetrating the system to gain root access, dump vendor partition listings online, and even hack the firmware to play Doom.

In an interview with Eth News, McAfee said that "maybe calling it unhackable was unwise," but he has staunchly stood by the claim that the wallet has not been hacked -- a definition based on an exploit which leads to the theft of coins.

TechRepublic: The top 5 security threats posed by ICO projects

"Hackers are very detail oriented," McAfee said. "I'm defining hacking as taking the coins. Why would you hack a wallet other than to get the coins? And users are concerned with, "Can hackers get my coins?" No. That's the answer."

A $250,000 bug bounty has been offered for this kind of attack alone, which a collective of security researchers called THCMKACGASSCO dubbed a "sham," due to its focus not on hacking at large; but rather, simply the theft of coins from a system without a key.

"Claiming your front door has an unpickable lock does not make your house secure," the group says. "No more does offering a reward only for defeating that front door lock, and repeatedly saying no one has claimed the reward, prove your house is secure, especially when you've left the windows open."

That's without mentioning that bug bounty hunters have to fork out $120 for a test device to participate.

It does seem, however, that the phrase used, the 'unusual' bug bounty, and the constant sniping to and from between Bitfi as a company and hackers was all simply in the aim of the pitch and marketing.

McAfee, who also offers Initial Coin Offering (ICO) marketing and pitches for a fee, told the publication:

"Well you know, everything I do is marketing. [...] My technological prowess, I think, is unmatched. But I define my work as marketing. I think marketing is way more important than technology.
Because what is marketing? Marketing is making sure that innovation actually sees the light of day. So much innovation does not because there's no marketing. Or the marketing is imperfect. You know if I market something, it sees the light of day."

CNET: Initial coin offerings, explained

During the interview, McAfee also said that his company was coming out with a cryptocurrency exchange of its own and said it would be "nothing like" existing exchanges.

Update 16.44 BST: Clarification added that research conducted into Bitfi has been conducted by THCMKACGASSCO, rather than PTP. Statement included.

How Blockchain technologies are transforming our societies

Previous and related coverage

Editorial standards