Whether to buy cryptocurrency as a long-term holding may be the biggest decision an investor interested in digital assets has to make, but where to store crypto like bitcoin can become the most consequential.
Following the wildfires earlier this year in California, social media posts began to appear with claims of bitcoin losses, with some users showing metal plates intended to protect seed phrases burnt up and illegible or describing the complexity of recovering crypto keys stored in a safety deposit box in a bank impacted by the fires. While impossible to verify individual claims about fires consuming hard drives, laptops and other storage devices containing so-called hard and cold storage crypto wallets and seed phrases, what is certain is that bitcoin self-custody presents a unique set of security issues. And those risks are growing.
Holders of crypto typically use some form of what can be called a “wallet,” and there are a few main features – whether that wallet is connected to the internet, and how much control is directly embedded in the wallet for trades and transfers. There is also the underlying issue of whether a crypto investor uses a third party for custody at all, or maintains total custody and trading control over their holdings.
The standard third-party platform “hot wallet” – think of an offering from a Coinbase or Blockchain.com – is constantly connected to the internet. Cold storage and “cold wallets,” on the other hand, include hardware devices (like a USB stick) that holds private keys offline, or even just a seed phrase (a master recovery code, a collection of 12 to 24 words used to recover access to a crypto wallet) on paper/metal. Hardware wallets or offline backups of seed phrases can be used to access crypto when connected to the internet through another device.
With third-party custodial options, there are steps to help owners remain vigilant against the threat posed by cybercriminals who can gain access to an internet-connected platform, including the use of two-factor authentication, and strong passwords. The U.S. Marshals Service within the Department of Justice, which is responsible for asset forfeiture from U.S. law enforcement, uses Coinbase Prime to provide custody for its seized digital assets.
Many crypto bulls prefer to self-custody digital assets like bitcoin for some of the same reasons they are interested in cryptocurrencies to begin with: lack of faith in some forms of institutional control. Custodial wallets from crypto brokers trade convenience for the risk of exchange hacks, shutdowns, or fraud, as in the case of the high-profile implosion of FTX. And the wildfires are just one example in a recent string of global events that raise more questions about shifts in the crypto custody debate. There is the ongoing conflict in the Middle East and Russia-Ukraine war, which has led crypto bulls from overseas to re-think their approach to self-custody.
Nick Neuman, co-founder and CEO of self-custody company Casa, said physical risks in the world like a natural disaster are an opportunity to revisit how bitcoin security works, and the common security lapses folded into most peoples’ practices. “Most people secure their bitcoin with one private key. If that key is on a single device or written down on paper as a seed phrase, it’s a single point of failure. If you lose that key, your bitcoin is gone,” he said.
It should be obvious that keeping seed phrases on paper offers the lowest level of protection against fire, yet it is common practice, Neuman said. Slipping these pieces of paper into fireproof bags or safes offer some protection, but not much, and even going the extra steps to have the seed phrases on “indestructible” metal storage plates presents a few failure points. For one, they might prove to be not so indestructible, and second, they may be impossible to locate amid the rubble.
“Logically, given the location of the fires in California and the stories being shared on X, it’s highly likely bitcoin was lost,” said Neuman. “Some of them are pretty convincing,” he said.
Some self-custody services, like Casa, offer multi-signature setups that reduce the risks of single-point failure. A multi-key crypto “vault” can include mobile phone keys, multiple hardware keys, and a recovery key that a company likes Casa holds on an owner’s behalf.
The multi-sig custody approach allows an owner to hold a majority of keys while a trusted partner holds a minority of keys. John Haar, managing director at Swan Bitcoin, says that in such a setup, the owner would need to lose all the physical devices and all copies of the seed phrases at the same time. As long as the owner can access at least one device or one seed phrase, they would be able to recover their bitcoin. This approach should significantly limit the potential for all of the devices to be lost in an event like a natural disaster, Haar said.
“You can spread these keys across multiple regions or even countries, and you need any three of the five keys to approve a bitcoin transaction,” Neuman said of Casa’s five-key approach.
Jordan Baltazor, chief administrative officer at Fortress Trust, a regulated crypto custodian, says best practices that we use in other areas of personal life should apply to cryptocurrency. For one, diversification of storage approach and weighing of risks. Digital assets are no different, he says, when it comes to backing up personal and sensitive data on the cloud to ensure data against loss or corruption.
Companies including Coinbase and Jack Dorsey’s Block offer products that try to merge some of these ideas, creating a more secure version of a crypto wallet that remains convenient to use. There is Coinbase Vault, which includes enhanced security steps before a user can access crypto holdings for trading. And there is Coinbase Wallet and Block’s Bitkey, which have mobile apps that work like a traditional wallet making moving bitcoin around easy, but with the ability to pair with hardware wallets and added security more commonly associated with cold storage.
Bitkey hardware requires multiple authorizations for transactions for added security, similar to “multi-sig wallets.” Bitkey also offers recovery tools so one of the biggest risks of self-custody — losing codes or phrases needed to recover a cold wallet — is less of an issue.
Solutions like Dorsey’s may help to solve the tension between convenience and security; at minimum, they underline that this tension exists and will likely be something of a roadblock to more widespread crypto adoption. Beyond the risks out there in the form of wildfires, all kinds of natural disasters, and wars, bitcoin self-custody can be vulnerable to the biggest personal risk of all: unexpected death of the bitcoin owner. There is arguably nothing more complicated than inheritance when it comes to unlocking the crypto chain of custody.
Coinbase requires probate court documents and specific will designations before releasing funds from custody, while physical wallets offer little to no support, potentially leaving all that digital value stuck on a private key. Bitkey rolled out its inheritance solution in February for what a Bitkey executive called, “kind of a multibillion-dollar problem waiting to happen.”
“People who have a material investment in bitcoin absolutely need to be thinking differently about how to protect it,” Neuman said. He says that after disasters like the California wildfires, or when exchanges go bust like FTX, the industry does see more crypto holders taking action to move to more secure storage setups. “I suppose it’s human nature to wait until ‘bad things happen’ to spur action to improve your own personal situation,” he said. “But I think people would be better off if they were more proactive. Otherwise, they risk having that ‘bad thing’ happen to them, and then it’s too late,” he said.
Packages with the logo of Amazon are transported at a packing station of a redistribution center of Amazon in Horn-Bad Meinberg, western Germany, on Dec. 9, 2024.
Ina Fassbender | Afp | Getty Images
Amazon is considering showing a tariff surcharge on items sold via its site for ultra-low-price items, called Haul, the company confirmed to CNBC.
“The team that runs our ultra low cost Amazon Haul store has considered listing import charges on certain products,” an Amazon spokesperson said in a statement. “This was never a consideration for the main Amazon site and nothing has been implemented on any Amazon properties.”
Punchbowl News reported earlier on Tuesday that Amazon would “soon” begin displaying the cost of tariffs alongside the price of each product, citing a source familiar with the company’s plans.
The report drew the ire of the White House, which called Amazon’s reported plans a “hostile and political act.”
This is breaking news. Please refresh for updates.
Qwen3 is Alibaba’s debut into so-called “hybrid reasoning models,” which it says combines traditional LLM capabilities with “advanced, dynamic reasoning.”
Sopa Images | Lightrocket | Getty Images
Alibaba released the next generation of its open-sourced large language models, Qwen3, on Tuesday — and experts are calling it yet another breakthrough in China’s booming open-source artificial intelligence space.
In a blog post, the Chinese tech giant said Qwen3 promises improvements in reasoning, instruction following, tool usage and multilingual tasks, rivaling other top-tier models such as DeepSeek’s R1 in several industry benchmarks.
The LLM series includes eight variations that span a range of architectures and sizes, offering developers flexibility when using Qwen to build AI applications for edge devices like mobile phones.
Qwen3 is also Alibaba’s debut into so-called “hybrid reasoning models,” which it says combines traditional LLM capabilities with “advanced, dynamic reasoning.”
According to Alibaba, such models can seamlessly transition between a “thinking mode” for complex tasks such as coding and a “non-thinking mode” for faster, general-purpose responses.
“Notably, the Qwen3-235B-A22B MoE model significantly lowers deployment costs compared to other state-of-the-art models, reinforcing Alibaba’s commitment to accessible, high-performance AI,” Alibaba said.
The new models are already freely available for individual users on platforms like Hugging Face and GitHub, as well as Alibaba Cloud’s web interface. Qwen3 is also being used to power Alibaba’s AI assistant, Quark.
China’s AI advancement
AI analysts told CNBC that the Qwen3 represents a serious challenge to Alibaba’s counterparts in China, as well as industry leaders in the U.S.
In a statement to CNBC, Wei Sun, principal analyst of artificial intelligence at Counterpoint Research, said the Qwen3 series is a “significant breakthrough—not just for its best-in-class performance” but also for several features that point to the “application potential of the models.”
Those features include Qwen3’s hybrid thinking mode, its multilingual support covering 119 languages and dialects and its open-source availability, Sun added.
Open-source software generally refers to software in which the source code is made freely available on the web for possible modification and redistribution. At the start of this year, DeepSeek’s open-sourced R1 model rocked the AI world and quickly became a catalyst for China’s AI space and open-source model adoption.
“Alibaba’s release of the Qwen 3 series further underscores the strong capabilities of Chinese labs to develop highly competitive, innovative, and open-source models, despite mounting pressure from tightened U.S. export controls,” said Ray Wang, a Washington-based analyst focusing on U.S.-China economic and technology competition.
According to Alibaba, Qwen has already become one of the world’s most widely adopted open-source AI model series, attracting over 300 million downloads worldwide and more than 100,000 derivative models on Hugging Face.
Wang said that this adoption could continue with Qwen3, adding that its performance claims may make it the best open-source model globally — though still behind the world’s most cutting-edge models like OpenAI’s o3 and o4-mini.
Chinese competitors like Baidu have also rushed to release new AI models after the emergence of DeepSeek, including making plans to shift toward a more open-source business model.
Meanwhile, Reuters reported in February that DeepSeek is accelerating the launch of its successor to its R1, citing anonymous sources.
“In the broader context of the U.S.-China AI race, the gap between American and Chinese labs has narrowed—likely to a few months, and some might argue, even to just weeks,” Wang said.
“With the latest release of Qwen 3 and the upcoming launch of DeepSeek’s R2, this gap is unlikely to widen—and may even continue to shrink.”
Uber on Monday informed employees, including some who had been previously approved for remote work, that it will require them to come to the office three days a week, CNBC has learned.
“Even as the external environment remains dynamic, we’re on solid footing, with a clear strategy and big plans,” CEO Dara Khosrowshahi told employees in the memo, which was viewed by CNBC. “As we head into this next chapter, I want to emphasize that ‘good’ is not going to be good enough — we need to be great.”
Khosrowshahi goes on to say employees need to push themselves so the company “can move faster and take smarter risks” and outlined several changes to Uber’s work policy.
Uber in 2022 established Tuesdays and Thursdays as “anchor days” where most employees must spend at least half of their work time in the company’s office. Starting in June, employees will be required in the office Tuesday through Thursday, according to the memo.
That includes some employees who were previously approved to work remotely. The company said it had already informed impacted remote employees.
“After a thorough review of our existing remote approvals, we’re asking many remote employees to come into an office,” Khosrowshahi wrote. “In addition, we’ll hire new remote roles only very sparingly.”
The company also changed its one-month paid sabbatical program, according to the memo. Previously, employees were eligible for the sabbatical after five years at the company. That’s now been raised to eight years, according to the memo.
“This program was created when Uber was a much younger company, and when reaching 5 years of tenure was a rare feat,” Khosrowshahi wrote. “Back then, we were in the office five (sometimes more!) days of a week and hadn’t instituted our Work from Anywhere benefit.”
Khosrowshahi said the changes will help Uber move faster.
“Our collective view as a leadership team is that while remote work has some benefits, being in the office fuels collaboration, sparks creativity, and increases velocity,” Khosrowshahi wrote.
The changes come as more companies in the tech industry cut costs to appease investors after over-hiring during the Covid-19 pandemic. Google recently began demanding that employees who were previously-approved for remote work also return to the office if they want to keep their jobs, CNBC reported last week.
Last year, Khosrowshahi blamed remote work for the loss of its most loyal customers, who would take ride-sharing as their commute to work.
“Going forward, we’re further raising this bar,” Khosrowshahi’s Monday memo said. “After a thorough review of our existing remote approvals, we’re asking many remote employees to come into an office. In addition, we’ll hire new remote roles only very sparingly.”
Uber’s leadership team will monitor attendance “at both team and individual levels to ensure expectations are being met,” Khosrowshahi wrote.
Following the memo, Uber employees immediately swarmed the company’s internal question-and-answer forum, according to correspondence viewed by CNBC. Khosrowshahi said he and Nikki Krishnamurthy, the company’schief people officer, will hold an all-hands meeting on Tuesday to discuss the changes.
Many employees asked leadership to reconsider the sabbatical change, arguing that the company should honor the original eligibility policy.
“This isn’t ‘doing the right thing’ for your employees,” one employee commented.
Uber did not immediately respond to a request for comment.
