Saturday, March 18, 2023

New blog

I have finally moved my blog over to my own domain. Head over there for the latest updates and subscribe to the RSS feed if you want to get notifications.

Wednesday, March 01, 2023

Sunday, February 19, 2023

ESRI Shape data

I've added ESRI Shape data for several of the KML/GeoJSON downloads. Let me know where else you would find them useful

Saturday, December 31, 2022

Sunday, December 18, 2022

What happens to your Bitcoin when you die?

When someone dies, to access their bank account, the executor goes to the bank, shows them the relevant documentation and gets access to the account. Bitcoin works differently because there is no central authority. The owner of the Bitcoins is responsible for the security of their wallet. There are two identifiers associated with a wallet, the public part which anyone can have access to and lets you send and receive bitcoins. It also means anyone can see the transactions in and out of that wallet. Then there is a private key, that only the owner of the wallet should have access to. If anyone else gets access to it, they can steal your Bitcoins.

Which is where things get tricky. When you're alive, you want to keep the private key as secret as possible, so you may decide not to share it with anyone and store it somewhere only you know about. But if you get hit by the proverbial bus tomorrow, those bitcoins are essentially gone if your family have no idea how to access them. 

Let me illustrate with a story. My brother Andy was an early adopter of Bitcoin. In March 2013, he invested a small amount for a few Bitcoins. Then in December 2014, he moved them to another wallet, printed out the details to access that wallet and gave the hard copy to my other brother Simon for safe keeping. All good so far. In June 2014, he moved some Bitcoins back to the original wallet. I'm not sure what he did with those Bitcoins but the original wallet seems to be what he was using for everyday transactions. I'm not sure how much of them he spent, but he mostly seemed to purchase other cryptocurrencies with them.

Jump forward to November 2020. We are in the middle of a pandemic, lots of people locked in their houses have started dabbling in cryptocurrencies, the Bitcoin price has started to take off and Andy moves his remaining Bitcoins to another wallet. I'm not sure why he moved them but in December he moved them again into another wallet. This time it's a bit clearer why. About $17,000 in cryptocurrencies were stolen from his Guarda account, so I think he was spooked by that and moved the Bitcoins in case that wallet had been compromised*.

On to November 2021 and Andy's collection of Bitcoins is now worth about 1,000 times what he originally paid for them. By any reckoning, that is a phenomenal investment. But Andy continues to hold them (or hodl them as the true believers say). 

Onto June 2022. At the start of the month, Bitcoin suffers a big fall in its price and Andy gets a letter from HMRC suggesting he may owe them some tax. Andy had been out of the country for most of the last ten years, but there were some years he would be considered a UK resident. We'll never know which of these, if any, were the cause but on 19th June Andy killed himself. 

After we dealt with the immediate stuff that needed handling (thanks to the British Embassy in Belgrade), we had to sort out Andy's estate. We had the hard copy for what we thought was his Bitcoin holding but when I opened up the wallet, I found it was empty. I could follow the transactions to where the Bitcoins ended up but had no means to access them**. We had his laptop and I was able to get into that***. I looked around there but couldn't find anything. We were able to access some of his email accounts (he had several) since we could reset his password but we weren't able to get into ProtonMail since no recovery option had been set up. 

His Gmail account included a cryptic email sent in January 2021 titled 'KP2' that contained something that looked like a private key. But it wasn't...

Eventually I got lucky and discovered a text file of passwords in his GMail account. Except they weren't full passwords, parts of them were replaced with asterisks and underscores and it was several years old. But now I knew how he stored his passwords, I'd previously been looking for some kind of password manager on his laptop. 

After staring at those partial passwords I realised that they were all kind of similar, a word followed by a number and ending with the service name. And some of those asterisked words looked familiar, they were all places he'd visited. I tried this theory out with a few of the passwords and was able to access a few accounts. I still couldn't access ProtonMail, which was the one I was keen to look at because that seemed to be the email account he was using for important stuff and there was no way to get into it other than knowing the correct password.

I went back to the laptop. This time I found what I was looking for almost immediately. It was the password file, but this was a much more recent version. There were two email passwords suffixed with (PKP1) and two email passwords suffixed with (PKP2). I guessed that meant he'd emailed the private key to himself in two separate emails. Fortunately the latest password file meant I was able to access ProtonMail and find the other part of the private key there. Doubly fortunate because the other email account he had sent it to no longer existed (CTemplar). I tried the two parts together and I had access to his wallet.

But the point is I got lucky. And I'm an IT professional so have some clue what I'm doing. It could have been very different. We could have quite easily ended up in a situation knowing there was a big chunk of money in a wallet that we'd never be able to access. Andy made an incredible investment that he never benefitted from and it could have meant that no-one benefitted from it, because he didn't tell anyone how to access it. Personally I think cryptocurrencies are a complete scam, but if you think they are the future and own them, make sure the people who will inherit them know how to access them.

* This seems to be a recurring problem on cryptocurrency exchanges, people seem to regularly lose their money due to security breaches or the exchange going bust.

** I do find it odd that wallets are anonymous but the transactions between them are visible to anyone.

*** It's not particularly difficult to hack into a Linux machine, just Google it