Beginning in 2007, every year at the Black Hat Security Conference, Pwnies are awarded to recognize the best and the worst in the field of information security. The award plays on the gaming term “pwn” which started as a misspelled version of the word “own” and grew to meme status.
The tongue in cheek name of the award lends its humor to much of the production’s overall presentation. Sometimes the winners are really losers and are being roasted.
This year, John McAfee’s “unhackable” wallet that he created with Bitfi was one of the roasting targets. Bitfi was the recipient of the “Lamest Vendor Response” award. The “Lamest Vendor Response” award is given to the company that handles security vulnerabilities in the worst possible way in a given year.
Bitfi and McAfee took the award home this year for all of the controversy surrounding the “unhackable” wallet they rolled out early this summer.
McAfee declared the Bitfi product to be unhackable on Twitter several times and offered hackers a $100,000 bounty to breach the wallets security mechanisms. He even upped the bounty to $250,000 to any hacker who could take the wallets pre-loaded Bitcoins.
Several hackers claimed to gain root access to the wallet shortly after its release. Noted hacker and influential member of the cyber security community Ryan Castelluci derided the wallet on Twitter.
“Bitfi appears to be exactly what it looks like from the photos – a cheap stripped down Android phone. There’s some screenshots of it demanding to be connected to WiFi in order to function elsewhere in @cybergibbons’s feed. Someone will probably have Doom running on it by Friday.”
Shortly after Castelluci jokingly tweeted this, the famous 15 year old hacker Saleem Rashid, completed Castelluci’s challenge by installing and playing Doom on the wallet.
McAfee and Bitfi remain adamant that these breaches do not count to collect the bounty because the Bitcoins were not moved.
While the Bitcoins were not moved, the Pwnie was awarded perhaps for McAfee’s grandstanding and Bitfi’s deflecting of the security issues by accusing competing companies of “trolling” them to hurt their business.
“Please understand that the Bitfi wallet is a major threat to Ledger and Trezor because it renders their technology obsolete. So they hired an army of trolls to try to ruin our reputation (which is ok because the truth always prevails).”
John McAfee always seems to be wrapped in controversy, so Bitfi May have been prepared for instances like this.