Bitcoin Forum

If you use OSX, Windows, or any Linux with 'auto-update' then the government has a ready-made backdoor through which they could delete all traces of Bitcoin and their wallets from most computers.

They could send a 'stealth' update through normal channels, most computers would install it.  Then on some specified date all bitcoin related files would be deleted including the client.  

It would probably be an 'unpopular' move, but the government would probably find a way to make it look like a security breach by hackers rather than an intentional attack by government.    They may even 'frame' someone and lock them up so people don't keep looking for the real attacker.

Even if you were smart enough to have an off-line backup the vast majority would not.   All 'trust' in the safety of bitcoin wallets would be destroyed taking the value of bitcoin with it.

What we need is an innovative and effective means at protecting our computers from backdoors through 'official' and 'trusted' channels and to make sure that everyone is aware of this backdoor through which the government can 'tap' all of our computers.

Sure the blockchain would survive, and many users would still have their wallets.   But if the true 'source' of the hack was not revealed then it could occur over and over again and each time the government would blame some anonymous hacker that exploited a buffer overflow to spread the virus far and wide and completely ignore the fact that the 'buffer overflow' as intentionally put in place to allow such an attack.

I am not sure how we solve this except by making paper wallet backups 'mandatory' best practices and really bring to light the nature of this threat so that people take it seriously.  

When you consider the shear number of vendors we trust with 'auto-updates', each and every one of these vendors could be coerced into providing a backdoor. (MS, Apple, Adobe,Office,Parallels,Skype,...) Only one needs to be compromised.    

Conclusion:  we need a system for vetting software updates from any source and a means to protect our wallets from malicious deletion.  

Protecting wallets from malicious deletion could be achieved by 'storing' the private keys encrypted in the blockchain or some DHT.   Alternatively we could make 'brain walets' the norm.   The other strategy is to 'hide' the wallet data in some manner than a virus could not readily identify the wallet files.  

Note this attack vector need not be 'global' but instead could be targeted toward individuals known to have large balances or anti-government.

Even brain wallets can be attacked if the virus simply patches the bitcoin software to redirect funds the next time the password is entered.  Is there anything we can do to protect ourselves from this without making the software 'unusable'?

I imagined it in more straightforward way - grab some pool owners by the balls, find where majority of asics are located, seize them and make 51% attack.

51% attack would be far less damaging and I do not believe is a real threat.

So yeah, different linux distributions are located in different countries. Which government has the auto update backdoor into them? Maybe all goverments? Or even aliens?

Linux is better than most alternatives.  At least it should be possible to audit the source and validate checksums of exe.   Unfortunately, the other 99% of normal everyday users would be in trouble.

I didn't say it would affect all users, I just said 'most users' and few would know how the virus got on their computers.

That's a good synopsis for a bitcoin scifi novel, are you a writer?

Would that not make the surviving bitcoins ultravaluable after a decimal shift?
Also,
+1

Oh brother... The mental energy that is exhausted in this forum is astounding. Could power a small nation.

There are no exe's on linux, it is a windows binary format. It wouldn't bother me much, it's just the way your whole post is: no basis for anything that you write, but you do surround terms like auto-update with apostrophes for some reason, I guess to strengthen your point and make up for claims which have no grounds?

Simply deleting the wallet would not be enough.  Most of us figured out pretty quick how to copy or replace the wallet.dat someplace safe.  They can delete my whole hard drive, burn down my house, and lock me up for 20 years and I'm pretty sure I can at least get my wallet back. To really do any damage, the coins have to disappear.  To do that they'd have to get the wallet, decrypt my password, and send the coins to never, never land. Easy enough for a couple of thousand wallets, but to hurt the whole community, doing it millions of times before we caught on would be daunting even for a quantum computer.

Although it wouldn't be the direct cause of destroying bitcoin it would make the service less valuable if they did it regularly.

Highly unlikely. All updates by major software vendors are signed, and the signing keys are stored in specially designed hardware. It would be highly unlikely that ALL software vendors had their signing keys compromised.

LOL, who doesn't keep backups? It's going to be easier than ever with deterministic wallets.

No, people will just learn to BACKUP THEIR WALLETS.

Clearly this would only affect casual users, but I an assure you that most users are not being *that* careful with their wallets.  They may have a backup on multiple different drives but what good is a backup if the auto-update can patch the bitcoin client and transfer your funds the next time you unlock it?

The point of this post was that your wallet and password is only as secure as the software you allow on to your system.  The solution is an open source hardware wallet that is never updated, never has network connectivity, generates all keys, and for which there is no means to get the keys off of the device.  

Then this wallet must be made as easy to use as possible.    Ideally the entire wallet and hardware system is open source.

Users should never have more than the cash they normally carry with them backed by any private key that has ever existed on a networked computer.  

Note when I said exe it was short for executable which linux certainly has.

Ok, you don't need all vendors to be compromised at once and who said anything about them being 'hacked'.   Governments can easily coerce any large company into signing anything.   

Even with a wallet backup, you can have your client patched to steal your password and coins the next time you make a transaction.

You've added more detail, yet there is still a problem.  Even with auto-updates, not everyone will have the updates at the same time, and if the government has to wait weeks or months for everyone to get the malicious code, they risk getting caught by the source savvy power-users.  And, there are a lot of different clients out there now.  Granted, they mostly use similar code, but each has it's separate routes for updating.  A more plausible attack would be to discredit bitcoins as an evil invention of drug dealers, gamblers, and weapons dealers... oh wait, that is what they are doing! 

Ever heard about backups?  ::)

Ever heard of reading the whole post? ::)

Honestly if they can not stop people using bit torrents or child pornography it is laughable that they could damage the Bitcoin network.

They would just pass legislation saying it is illegal to hold the Private Keys for wallets and then have a smear campaign to claim anyone that uses bitcoins is a paedophile and if found on your hard disk you would be treated as one. Similar to how they are now starting to treat smokers. All of a sudden you are number one threat to children.

They are utter bastards and do not care for you or your well being in the slightest - you are here to fill their pockets so they do not have to work.

Instead of putting so much energy into the impossible - put your energy into a bitcoin based business - you could be the new Amazon and that would really hurt them - who knows???

You know, there is software that "encrypts" the binary so that it does a self-check if the binary has been modified. I think it was a Themida based protection.

Why the conspiracy theories? In the US the gov could do it the same as they did with online poker - make it so it's illegal for banks to send money to bitcoins and to not allow US firms to accept them. If we can't do wires, dwolla, moneygram, etc it becomes exceedingly hard to buy / sell bitcoins. It wouldn't shut it down entirely yet without the convenience of being able to use them the appeal would rapidly bring the value down and no real value as an online exchange medium.

Also why would the NSA have bothered to create PRISM if they can just get in through a backdoor on your PC?????

The mind truly boggles.

PRISM is an ongoing effort. A "red button" is a one-time panic solution.

Always wanted to say this... Never got this words.. You nailed it :)

Cheers

that's the point. It's highly unlikely that every software vendor is hacked. of course they can coerce the companies, but it would be very hard for the "government" to frame anyone.

bitcoin builds can be audited by anyone. plus with hardware wallets, it would be very hard to "patch" anything.

bitcoin is open source, you can always build your own copy without protection.

because it's human nature to think that "someone" is out to get you. it's easy and reassuring to point the finger at a powerful authority, such as the US government.

Hey, I think you have something rolling here.

Somewhere in the near future were there is a global government and the bitcoin economy is somehow threatening that power, DRM is everywhere and OSS is threatened by the IP/copyright/Patent Lobby, a new worm is created by some government/military/bank shady organization to wipe out all traces of bitcoin...

This could be a scifi thriller.

Hey bytemaster, make this into a PDF and sell it for bitcoins, you might become the Dan Brown of bitcoin..

Clearly hardware wallets would solve this, especially open-source hardware.   Building your own copy of Bitcoin does not solve it nor would encrypting it.   If I have root access to your machine (because I am a trusted software vendor in bed with the government) then I could easily modify and patch the copy that you were careful to build from source yourself.   You claim the government wouldn't be able to frame these companies...  I am not suggesting that the company would be framed (they are a partner in the crime via coercion).   

The point of this isn't to be 'overly paranoid' but highlight a major security hole we all expose ourself to by 'trusting' automated updates. 

All I know is that governments regularly approach companies and demand backdoors into their products (Skype).  The only thing that could keep a company honest is dealing with multiple different countries all of which depend upon their computers being secure from other countries.   If these governments use these commercial products then they must believe them to be secure.   

All I know is that there is a reason top-secret computers are kept unplugged from any external network and no data is ever allowed to leave. 

If you trust Apple, Google, and other tech companies not to cave to government pressure to sneak a patch to spy, tamper, or otherwise undermine your security then good for you.  Ultimately I am putting some trust here as well.   The more important question is can these companies really be trusted any more than the banking system we are trying to reform?
 

So your hypothetical government's master plan to wipe Bitcoin off the planet is foiled by people who back up their Bitcoin wallets.

Shouldn't that be everyone? What idiot doesn't back up their Bitcoin wallet? This is no threat to Bitcoin, this is a joke.

Did you ever pay out those two 10 BTC bounties you posted (for showing there is a problem with your BitShares and sub-currencies linked to nothing proposal)? Someone deserves them at least. Your proposal had nothing to make it work just like this 'threat' to Bitcoin so you really should put your money where your mouth is if you want anyone to take you seriously.

In the end there's nothin you can do to defeat Skynet. They're gonna get ya. Better run and hide. rofl

The risk here is very different with Microsoft Windows and MAC OS X than with GNU/Linux.

1) In the case of Microsoft Windows what the OP describes is very easy to implement, since the operating system is propriety software. It is easy to keep this quite until the date and time of the attack. The patch is included in a software update from the "trusted" vendor Microsoft and delayed in effect in order to maximize installation. With over 90% market share in the desktop the impact on Bitcoin would be huge (knocking out the vast majority of nodes for example) but not fatal (see (3) below). We must also keep in mind that since the advent of the DRM in Windows Vista https://en.wikipedia.org/wiki/Criticism_of_Windows_Vista Windows Administrators do not really have the equivalent to full root access since certain processes are "protected" in order to enforce the DRM as per the MPAA's etc requirements. The paper by Peter Gutmann is very relevant here. http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.html. The situation is getting way worse with Windows 8. It is fair to say that Microsoft Windows is the single biggest vulnerability for a centralized attack that Bitcoin has, and it is not just governments we have to be concerned about here. An attack by a criminal / terrorist organization that finds a vulnerability in Microsoft Windows is far more likely and could be equally harmful.
2) As for Mac OS X the attack under (1) is possible since again the operating system is for the most part propriety. The one difference from Microsoft Windows and also from its mobile cousin IOS is that it is not as infected with DRM at the OS Level as Microsoft Windows or IOS. Maybe an Mac Expert can clarify this but I do believe that root in Mac OS X is for real. So the attack is possible but harder and easer to defend against. Because of this and the low relative to Microsoft Windows market share of Mac OS X, I would consider the impact of Mac OS X here to be neutral.

3) GNU/Linux. The attack here is very unlikely because of a) The software is Free Software / Open Source so if a binary does not match the source code alarms will sound all over the place. There are literally hundreds of GNU / Linux distributions all over the world. c) Each component of the Operating System is maintained by thousands of different individuals, projects, corporations, and organizations all over the world, many of which have very radical and opposing views. Good luck keeping a secret to coordinate this among the likes of both Richard Stallman and Linus Torvalds for starters. The secret would be out long before any implementation so an attacker would find it in their best interest to limit themselves to Microsoft and its proprietary Windows operating system.

The real question becomes will Bitcoin survive if most of the Windows users and nodes are knocked out? The answer is yes there are enough GNU/Linux users around to ensure Bitcoin's survival so the attack will fail. One possible consequence however is that some of the GNU/Linux users may become very wealthy at the expense of some Microsoft Windows users in the resulting panic.  ;)

The best defence here is simply to stay away from proprietary software and operating systems when using Bitcoin. Here is a list of effective antidotes: http://prism-break.org/

None of my computers auto-updates. I'm losing some time because of that choice, but I want to be in control of my tools.

I did pay the *one* 10 BTC bounty on an old version of BitShares based upon a design that did not work.  The bounty was well worth it because it led me to the current design.  The new design and white paper being discussed on the Invctus thread will work and the individual who won the original bounty (thezerg) said the new one is much harder to find flaws with. 

And for the record, the attack I am suggesting here does not just mean 'delete' but could also mean modify your bitcoin client.

Sure, everyone knows you *should* backup your wallet.  But that is beside the point because if they could patch the client they could steal your coins brain wallet or not.

* that you know of *

Also, when you do choose to update (say apply an OS patch to fix a security hole) how do you know that is *ALL* that patch does?

This attack has already been done by malware writers, on the Microsoft Windows platform of course. There is no need to patch the client. All that it needs is a key logger to capture the decryption password and an "evil" client to empty wallet.dat.

Once again, the conclusion here is that all private keys must NEVER exist on any networked computer.  That a dedicated hardware solution for managing your private keys (perhaps a Raspberry Pi with hardware-disabled network card) should be used.  

The sooner people recognize this requirement for storing their savings the better.   The trick is that the hardware wallet would require some kind of display to validate the trade prior to signing (incase your hacked bitcoin client created a different transaction that the GUI led you to believe it was creating).

So, a raspberry pi, hooked to a TV with an app that allowed you to see and confirm the transaction loaded via USB drive may be what is required to protect your savings.  This hardware box would never be 'upgraded' and never reveal the private keys to the USB drive.

Paper Wallets, Brain Wallets, etc can all become victim of key loggers and back-door patches to the bitcoin client.  

Sure you can keep a 'live wallet' for easy access and accept the losses if you are compromised.  If I were storing more than a couple thousand dollars then I would want to know that I could trust that my client was not compromised in some easy to verify manner.

I double this point.

To hack bitcoin network you need ~70 Thash/sec cluster. GPU based cluster with this power would cost about $70M, ASIC based - just a few million $. Not a big deal for a government of any developed country. If they seize some ASICs, it would cost them even cheaper. After that they could continue to destroy every cripto coin which pops up in the future.

Assuming the crypto-coins use the same hash algorithm and only look at the proof of work rather than some other stats like % of known transactions included in the block.   51% attack is not a threat at all except for some small potential for double-spends.

No, they should not use the same hash algorithm. As long as network is vulnerable to 51% attack, a cluster with enough GPUs can crack it. The fact that neither  governments nor banks attempted to perform 51% attack on any of crypto coins while their hash rates are low means that they have no intention to do war against crypto currencies.

the op assumes bitcoins are stored on a Pc and are able to be deleted.

your personal wallet is just a password file ( your private keys) which give you access to change ownerships of the coins held on the blockchain which is distributed.

so with torrent websites holding many seeds of the latest blockchain database and not everyone doing windows updates to fear their copies of the blockchain/wallet getting destroyed.. there would be very little damage to the network that cant be fixed within 24 hours.

all i would advise is to back up private keys.

Conglaturation!

This thread has earned you, the OP, an honorable IGNORE!

well then, just use the same encrypted chat software Snowden used to communicate with the Guardian.

It seems that OP's who post threads like this still done quite grasp the concept... it'll sink in.

you could be making money by coming up with an Indie movie named "BitCoin - The Heist"...

+1 many movies can stem off of bitcoin.

not just documentary channel movies but major picture movies like
social network (facebook)
fifth estate(wikileaks)

so imagine a bitcoin major picture, then many major pictures as spin offs which over dramatise bitcoinica and pirate@40 into some kind of die hard esq movie lol

They may be able to kill Bitcoin but they can never kill an idea.

Plus all us tinfoil hat wearing folks would be on our way to forking a new client, we would probably reach the same stage Bitcoin is currently in relatively fast. They will also never get away with that, people are not that brainwashed.

The threat OP outlines would work only if executed in perfection.
As soon as just someone escapes the destructive assault and finds out that there was an intervention which "doesn't sum up", then the effect of such an attack would be the exact opposite as intended: it would strengthen the Bitcoin community and the originators of such an attack would be challenged, drawn to court, or declared as "Terrorists".

Let's put it this way: "THEY" are well aware of the danger of backfiring inherent to such an attack vector. Thus "THEY" will probably prefer less spectacular and less risky attack vectors.... ;)

What for? Why would you ignore a guy for some lengthy sci-fi post, and then visit his thread to say that you did?

I think this is a risk each individual will have to avoid themselves...having said that...I'm going to get a wallet.

Bitcoin is far too interesting to just do away with. The academics and technocrats would rather watch. Im not sure what the aliens want.

Www.goldsilverbitcoin.com

That would be in the Southern US, and most of them have guns in the house.

The media retaliation from this would be horrendous for the companies involved. Can you just imagine if the government/Microsoft/Apple/whoever just started randomly deleting legitimate files from users' computers? I'd hate to be associated with them if something like that did happen. I think an easier way would be to just get rid of the exchanges.

Who said such a company would do it in a way that is directly traceable back to them?

Mine would only install it if the update was signed by Fedora. I don't see that happening.

It has never happened before, not with Red Hat / Fedora / Debian / SuSE / etc.

I just realized today a very simple reason and practical that governments can not destroy bitcoin. It's the same reason all the money in Hollywood isn't capable of stopping file sharing.

The set of skills needed to stop Bitcoin resides within a fairly well defined group of people. The hearts and minds of that group of people are for the most part on the side of Bitcoin, not governments.

Too much of the necessary talent just can't be bought for that job, and that which can be bought is insufficient when to overcome the opposite such an effort will attract.

Having to basically blackmail so many people would leave a trail. The same way Prism came out, such a huge overstep as this couldn't remain secret. Also, remember that not everyone in the government is willing to stoop so low. All of the recent leaks provide proof of that even if they didn't handle it quite right.

I dont think this could happen, think about all the government officials who would have to be involved in this. Probably hundreds, to thousands. One of them would say something then mass protests, and a lawsuit against the government :)