2026-02-16 –, Auditorium
Home invasions and physical attacks to get crypto transfers are all too common, and have led to grim situations. With all the factors, passphrase and biometrics in the world, people remain susceptible to the rubber hose. This panel will discuss theories and practices for defending against a rubber hose attack, through deterrence, defenses and mitigations. We will start with the assumption that the goal is to preserve life and limb, and preventing or reversing token transfer is secondary, but how to get there, and be reasonably confident that it will not backfire, is hard.
The panel will provide their hot takes and deep wisdom on these questions:
How do we increase the attackers costs and risks, and reduce the odds of profit?
What methods can prevent/slow/reduce fund transfer can be done safely, without undue risk?
Would you rather a remote multisig that would never sign if your under duress, or would sign to pay the ransom?
What methods to bring help (police/private security) can help with safety, with undue risk
How can we establish norms and widely held understandings to create a disincentive for the attacker to try?
How can one hide their holdings from the public in a transparent blockchain world?
What can we learn from the history with fiat, where home invasion and the rubber hose is not as frequent
Not common in CashApp/Venmo/Wires etc.
Kidnapping for fiat ransom is an analogy, usually target very wealthy
Shorter term kidnapping for a ride to ATMs
Can you tech your way out of the problem by being super clever?
Dummy accounts, honey pots, tainted transfers
Most recently, Stef spent 3.5 years as Head of Technical Programs at the Filecoin Foundation, with responsibility for security, UX, and funding initiatives across the Filecoin ecosystem, including supporting SEAL.
Prior to joining Filecoin Foundation, Stefan Magdalinski spent 30 years building internet companies and non-profits, as a CEO, COO and CTO, across multiple sectors in the UK, USA, Africa and Asia.
He is a founder of the Open Rights Group (https://openrightsgroup.org), and a veteran of the OG Crypto Wars in the UK. He is passionate about making the web work for the benefit of everybody, and worries about harms to consumers, above all.
Kurt Opsahl is the Associate General Counsel for Cybersecurity and Civil Liberties Policy for the Filecoin Foundation. Opsahl has been working for close to 30 years on technology law and policy, representing Internet startups in the dot-com boom, protecting digital rights at the Electronic Frontier Foundation, and now focusing on protecting the decentralized web. Opsahl volunteers as the President of the Security Research Legal Defense Fund, Special Counsel for EFF, and on the board of the Financial Privacy Foundation. Formerly, Opsahl was the Deputy Executive Director and General Counsel of the EFF, and litigated key cases, protecting civil liberties online. Opsahl was also the lead attorney defending security researchers at EFF;s Coders' Rights Project, and continues to assist EFF with that work as Special Counsel. From 2014 -22, Opsahl served on the USENIX Board of Directors, and a member of the CISA Cybersecurity Advisory Committee’s Technical Advisory Council from 2023-24.
Elliot Friedman is a smart contract engineer focused on security and keeping users safe. He previously ran Solidity Labs, a boutique consulting firm that wrote smart contracts for leading DeFi protocols. He's spoken at the DeFi Security Summit on emerging threat vectors and is currently building Kleidi, a wallet system designed to protect high-value holders from the attacks that multisigs can't stop.