Title: Vulnerability Detector Post by: Steve on June 17, 2011, 07:01:00 PM I had an idea for a way that vulnerabilities associated with peoples wallets could be discovered and reported to users...write a virus or trojan that attempts to recover someone's private keys, but doesn't actually remove them from the machine...instead, have it use one of the private keys in the wallet (or all of them) to sign a report of the vulnerability. Then post that report in a well known location along with the bitcoin addresses that are potentially exposed. The report should be encrypted such that only the exposed private keys can be used to decrypt the report (so as not to let the world know about someone's vulnerability). A utility could be used to monitor such reports coming in and alert a user if one of their addresses has been exposed. A person, having had the vulnerability discovered and warned would then be expected to send a tip to an address included in the report (not sure what an appropriate tip would be, but perhaps a social convention for an amount could be established and noted in the report). People could earn bitcoins off tips and even gain some recognition for being the one that helped prevent the theft of the most bitcoins.
Title: Re: Vulnerability Detector Post by: DamienBlack on June 17, 2011, 07:03:31 PM If you are into white hat hacking, you might as well take their bitcoins and give them back in a week. It would drive the point home better. Most people with vulnerabilities aren't going to be browsing security websites. Hell, that a 1% "tip" yourself. I kid.
|