I have audited or done security due diligence on a -lot- of fintech companies and the status quo should terrify most people.
In fact, I challenge anyone to show me a single crypto-asset custodian tha...
"But but MY favorite custodian has multiple people use multiple keys. They can't all be hacked at once!"
Yeah, they do that shit on macbooks controlled by JAMF that the IT team can control at any time. Also they do it with unsigned packages from Brew that any of 500+ internet randos can also change at any time without accountability.
Yeah, they do that shit on macbooks controlled by JAMF that the IT team can control at any time. Also they do it with unsigned packages from Brew that any of 500+ internet randos can also change at any time without accountability.