Bitcoin Forum

IS there any mechanism currently in place which would prevent someone from writing a worm or virus purpose is to seek out and steal, wallet.dat ?

Seems like if someone gets that file your completely F'd.

Just throwing that out there we might need some way to prevent this simple attack if there isn't one already.

There is not. That has been outside the scope of this project, but there are several projects for a future "secure wallet protocol".

Here are the best practices in the meantine: https://en.bitcoin.it/wiki/Securing_your_wallet

guess i'm going to have to store my wallet in a truecrypt container...

hey isn't that open source as well?

damn that sounds like a match made in heaven.

Sure is! Hopefully the devs have talked about more officially securing the wallet file, but it's nothing we can't do manually until then. Plus you can dump copies of the truecrypt volume on dropbox or wherever so if your PC goes kaput you don't lose the coins!

I got it set up.. it took all of 5 minutes

after you create your truecrypt volume, move your .bitcoin folder into it then make a symlink back to the folder

make sure and back that .bitcoin folder up before doing this incase you screw something up and overwrite the wrong data.

I guess it doesn't protect against hijacking my data when the program is running but at least if someone steals my computer they will not be getting the coins.

Is there any mechanism currently in place which would prevent someone from writing a worm or virus who's purpose is to seek out and steal your banking password?

Seems like if someone gets that password you're completely fucked...

No straightforward mechanism to prevent it.  Crimeware writers are definitely winning the arms race against the AV companies.

Growing opportunities to encourage it:  Zeus trojan source leaked - bitcoin wallet and mtgox pw stealing trojans coming soon (http://forum.bitcoin.org/index.php?topic=7982.msg116366#msg116366)

I was thinking earlier that it doesn't even have to be a widespread attack.

For example, I have seen threads here about specific users who claim to have a lot of coins. In some cases you can find enough out about a person to design an attack specifically for that person. Be it tricking them into visiting a web page with an exploit that gives you access to their computer, or even just finding out their address and stealing the whole computer.

In the meantime. I am looking forward to seeing what good solutions people come up with for making the wallet less vulnerable to being stolen or lost.

I was also very concerned about this. This is a major security flaw in the bitcoin client. As more non-tech people start using bitcoin, they are not going to know how to secure the wallet.

The bitcoin client should use a password to encrypt the wallet.dat file. This should be done ASAP.

Do not wait for such a virus program to come out before fixing this. Can you imagine what would happen to the reputation of bitcoin if this happened.

+1
fully agree

That will only help if the virus doesn't include a keylogger.

Yeah then we can make them steal the password to the encryption container and the key instead of the key. Encryption is not enough to solve this problem. It solves it is someone randomly steals your computer physically if the container isn't mounted, but if a worm gains access to your machine or you are targeted for an attack to steal your bitcoins in meatspace (keyloggers etc) putting it in a wallet like that wont help. Need to find a way to add air gaps so that the wallet is not on a machine with internet access, and you can still send coins from it. The only sure way to protect from hackers is to have no internet connection on a machine and nothing that has been on the internet ever going from the machine back to the internet.

It seems to me that loading a version of bitcoin on a computer, disconnecting it from the net, deleting the first wallet.dat file, then generating a new one which is then encrypted is fairly secure. If you then generate a list of addresses, and securely overwrite the wallet.dat file after making an encrypted copy, you can just mine or accept transactions on one wallet.dat file, then when you build up a decent sum deposit it in your secure address for saving. If you only open it to send payments out it seems reasonably secure to me. If some one was really determined of course they could still get it, but there are ways to mitigate that risk such as storing it on a USB drive, or spreading out your savings to several wallet.dat files.

Do you want BTC to be a currency for geeks or one for the masses?

If you want the latter you have keep in mind that most people like cheese...  :)

+1. It's great for us "in the know" types (although I can talk, typing this from Win 7 but whatever) but bitcoin is exploding in popularity. The easier and safer we can make this for Joe Public, the more people can be brought into the market. They don't necessarily want to discuss the minutiae of the blockchain, or have to worry about security all the time: they just need bitcoin to be a viable, low-fee based currency that is trivial to use.

This would at least raise the bar. Security is all about raising the bar. Don't take an all or nothing approach. Don't wait for the perfect solution before closing the holes. Having the wallet.dat file completely open is asking for trouble. It's an easy way for a critic to ruin the reputation of bitcoins.

The solution to a keylogger is to have the client present an image of the keyboard with the position of the keys jumbled differently each time and let the user enter the keys based on this layout.

It is impossible to fully secure anything involving computers. There are just different levels of it.

It is impossible to fully secure modern computers because they are too complex to fully understand (top-to-bottom) yet are not formally proven correct at each abstraction layer. In fact, since at least 1996, the trend has been to hide implementation details from the end-user. I personally think that the computer industry won't be mature enough to sustain a stable crypto-currency for another 150 years.

There are two competing security concerns when talking about the wallet.dat:

• Security from attackers who want to spend your wallet
• Security from data destruction

Encrypting the wallet.dat by default will help protect against the first security concern, while making the second one worse.

I plan on using full drive encryption, as well as an encrypted back-up. The passphrase would be written down in two locations. The back-up would be stored in a safety-deposit box and never move with the decryption key, though I may store it with the decryption key (in the safety deposit box).

BTW: for secure encryption, the term is passphrase, not password. Passwords are simply not long enough. A passwords made up of random ASCII numbers, letters, and symbols has about 6 bits of entropy per character. I have seen it reported that a 12 character password is "enough." That works out to about 72 bits of entropy. 64 bits of entropy can likely be cracked by a fast computer within a year. 72 bits increases the difficulty by a factor of 256. 128bits is believed to be computationally infeasible to even count during the lifetime of the universe (energy constraints). If your password was ever published at any time during human history, the entropy is probably less than 64 bits (I don't think more than 1.84x10^19 words/phrases have ever been published, even on the Internet).