Title: suggestion for client: random/custom wallet.dat filename Post by: quattro on August 08, 2011, 10:54:22 PM An added layer of security would be the ability to create custom and random wallet.dat filenames.
If someone was able to compromise a machine running the bitcoin client, it wouldn't be as easy as searching for the standard filename. And while we're at it ... how about some encryption. :) Title: Re: suggestion for client: random/custom wallet.dat filename Post by: jackjack on August 08, 2011, 11:10:56 PM Next release will include wallet encryption
But I don't believe it will include custom filenames Title: Re: suggestion for client: random/custom wallet.dat filename Post by: BookLover on August 08, 2011, 11:20:01 PM This seems so simple that I would immediately think it's a horrible idea, but I can't think of a way to easily get around it and it would stop a lot of old trojans. Awesome idea quattro! ;D(I can't wait to see what someone who knows what he's doing says) ;)
Title: Re: suggestion for client: random/custom wallet.dat filename Post by: Raoul Duke on August 08, 2011, 11:25:58 PM An added layer of security would be the ability to create custom and random wallet.dat filenames. If someone was able to compromise a machine running the bitcoin client, it wouldn't be as easy as searching for the standard filename. And while we're at it ... how about some encryption. :) Would it randomize file extension(.dat) also? And what about a custom folder/path instead of %appdata%\Bitcoin\, wouldn't that be needed as well? Title: Re: suggestion for client: random/custom wallet.dat filename Post by: ffuentes on August 08, 2011, 11:28:56 PM Does anybody else seen this (project of) client? http://bitco.tumblr.com/
Title: Re: suggestion for client: random/custom wallet.dat filename Post by: jackjack on August 08, 2011, 11:36:24 PM An added layer of security would be the ability to create custom and random wallet.dat filenames. If someone was able to compromise a machine running the bitcoin client, it wouldn't be as easy as searching for the standard filename. And while we're at it ... how about some encryption. :) Would it randomize file extension(.dat) also? And what about a custom folder/path instead of %appdata%\Bitcoin\, wouldn't that be needed as well? For example, ./bitcoin -wallet wal.bc will use the file wal.bc instead of wallet.dat as its wallet To use another directory, just use the official client's -datadir flag Title: Re: suggestion for client: random/custom wallet.dat filename Post by: quattro on August 08, 2011, 11:49:59 PM An added layer of security would be the ability to create custom and random wallet.dat filenames. If someone was able to compromise a machine running the bitcoin client, it wouldn't be as easy as searching for the standard filename. And while we're at it ... how about some encryption. :) Would it randomize file extension(.dat) also? And what about a custom folder/path instead of %appdata%\Bitcoin\, wouldn't that be needed as well? Ummm ... you should have already installed it a directory other than the default. :) I don't think it needs to randomize the file extension ... .dat is common enough. Again, this isn't meant to be foolproof. You'd be surprised how a lot of simple things can thwart even the most sophisticated attacks. Title: Re: suggestion for client: random/custom wallet.dat filename Post by: quattro on August 09, 2011, 12:07:26 AM This seems so simple that I would immediately think it's a horrible idea, but I can't think of a way to easily get around it and it would stop a lot of old trojans. Awesome idea quattro! ;D(I can't wait to see what someone who knows what he's doing says) ;) Hi BookLover, It's just one layer of an extensive approach to securing bitcoins. My suggestion merely makes it a bit harder for low level attacks to be successful. Title: Re: suggestion for client: random/custom wallet.dat filename Post by: RaTTuS on August 10, 2011, 08:05:10 AM security by obscurity is no security at all
Title: Re: suggestion for client: random/custom wallet.dat filename Post by: wumpus on August 10, 2011, 09:38:08 AM Firefox also does this; they use a random directory name for the profile directory, to prevent automated stealing attacks that have hardcoded paths.
Title: Re: suggestion for client: random/custom wallet.dat filename Post by: quattro on August 11, 2011, 05:22:42 AM security by obscurity is no security at all This is true only if obscurity is the only means of security. Title: Re: suggestion for client: random/custom wallet.dat filename Post by: Johnny-Gear on August 11, 2011, 09:51:07 AM This idea definitely has value and could work with some attacks.
I would categorise Bitcoin enthusiasts and anyone coming after their loot as having a higher than average level of technical sophistication though, and if it were me coming after a wallet file, I would probably be looking for flags like -wallet as well as default file locations. In short, I think wallet encryption should be the highest priority security measure for any wallet. Just my 2 cents. JG Title: Re: suggestion for client: random/custom wallet.dat filename Post by: BTC_Junkie on August 11, 2011, 09:30:39 PM Next release will include wallet encryption But I don't believe it will include custom filenames Anyone know the eta on this? I feel like I've been hearing about It for a while. Title: Re: suggestion for client: random/custom wallet.dat filename Post by: SgtSpike on August 11, 2011, 10:07:05 PM security by obscurity is no security at all Not true. I don't know why people keep throwing this quote around, but it's simply not true.It is easier to steal a file of known filename and location, than it is to steal a file of unknown filename and unknown location. I wouldn't rely solely on security by obscurity, but it is certainly better than "no security at all." It DOES help. OP, great idea. I like it. ;) Title: Re: suggestion for client: random/custom wallet.dat filename Post by: Gavin Andresen on August 12, 2011, 12:32:00 AM -wallet=foo.dat command-line param would be easy (unless you allow an absolute path, in which case the code that detects whether two instances of bitcoind are trying to write to the same wallet would have to be changed).
But if you pass it on the command-line, then wallet-stealers can just adapt and look in the process list to figure out where the wallet is. If you put it in the bitcoin.conf then the wallet-stealers can also look in the bitcoin.conf to figure out where it is. I like the 'deterministic wallet' idea that's been floating around (enter a Seems like there would be a clever way of combining that with white-box cryptography (http://whiteboxcrypto.com/) to make the private keys extremely trojan-resistant. In which case the wallet-stealers will just rewrite the bitcoin address/amount after you press the "send coins" button... Edited to replace 'password' with 'passphrase' Title: Re: suggestion for client: random/custom wallet.dat filename Post by: aq on August 12, 2011, 01:39:07 PM I like the 'deterministic wallet' idea that's been floating around (enter a password at startup, and keys are magically derived from that password and never touch the disk at all). Bitcoins would essentially become a race between people running dictionary attacks. The funny part would be that even the thief would not know whos bitcoins he just got.Title: Re: suggestion for client: random/custom wallet.dat filename Post by: SgtSpike on August 12, 2011, 06:21:12 PM -wallet=foo.dat command-line param would be easy (unless you allow an absolute path, in which case the code that detects whether two instances of bitcoind are trying to write to the same wallet would have to be changed). I completely agree, BUT it would eliminate the trojans that simply look for a file named wallet.dat. One extra step is one extra step. Maybe that means one less trojan would be written, because the trojan writer is noob enough to not know how to look at params in the process list.But if you pass it on the command-line, then wallet-stealers can just adapt and look in the process list to figure out where the wallet is. If you put it in the bitcoin.conf then the wallet-stealers can also look in the bitcoin.conf to figure out where it is. I like the 'deterministic wallet' idea that's been floating around (enter a Seems like there would be a clever way of combining that with white-box cryptography (http://whiteboxcrypto.com/) to make the private keys extremely trojan-resistant. In which case the wallet-stealers will just rewrite the bitcoin address/amount after you press the "send coins" button... Edited to replace 'password' with 'passphrase' Interesting thoughts regarding the deterministic wallet idea. I don't quite understand how that would work, but it does sound like it would be loads more secure than the current solutions. Well, as long as people used extremely secure passphrases, or people could brute-force their way into finding bitcoin wallets, as aq pointed out. |