Bitcoin Forum

Im creating an application with a great programming professor who's an expert when it comes to encryption and file access protocols.

Soon it will be impossible for anyone to steal your wallet, with full backup options with the ability to backup the encrypted versions to my secured dedicated server with tape backups.



With the latest bitcoin application, although you have to type a pass phrase to send funds, this really isnt that secure at all. If someone was to use a trojan to steal your wallet, its dead simple to use a keylogger to record the password. My software will make it impossible for the wallet to be accessed by anything other than the real bitcoin software.


How much interest would anyone have with this and how much would you pay for something like this to protect your funds?


Quick update:

It will also come with notifications and blocking of any applications trying to access your wallet or interfere with the wallet protector or any of the bitcoin files.

1)  It wouldn't be your software alone, your prof would have a claim.

2)  Why should I trust you and

3)  Why should I trust your software?  What will your client do differently that the current one does not?

1, It would be both of ours. Although I would be paying for the software, and developing the main UI.

2, you dont have to

3,  As my edited post above says, it stops anything else accessing the wallet, protects your funds by a better encryption, and offers offsite backups.

The vague "details" and dubious claim in the title combined with the fact that someone else is writing it makes me think you don't even know how it works.

Do you?

If the wallet.dat can be backed up then it can be copied by an attacker.
The attacker can download their own copy of the client.  Client + wallet.dat + passphrase = access to funds.

the wallet.dat will not be backed up as is. it will be fully encrypted before it is backed up. anyone with access to the encrypted file will not be able to so anything with it. The application will prevent it from being copied by anything else. It is quite simple how it works.

Probally in the future it will be apart of the main software.

To be unstealable wouldn't you have to somehow sign outgoing transactions with a drop of blood containing your DNA?

So the thief would have to also steal some of your blood too in order to spend the funds. Uuuuuh, hmmm, maybe that's not such a good idea actually.

Nothing in that paragraph made any sense.  Your answers indicate you have no technical understanding of how this "impossible to steal system" works.

The only thing I am unsure about is this
a) someone who honestly (and incorrectly) thinks they have something which is unhackable
b) a scam
c) just someone who has no clue

You are aware the current client has encrypted wallet right?  The wall.dat is never left decrypted and the backup is always encrypted.  It still can be stolen.

At the end of the day, only your machine will be able to access the wallet file. using the file on another machine will not work, even with the application. This will cause a problem if your machine was to fail, or if you planned to use the wallet on more than one machine. But there will eventually be measures to protect against this too.

using some crappy passphase is a stupid idea, all a wallet stealer would have to do currently is log the passphrase. This is hardly a good protection from a wallet stealer.

Yes i do know how this will work as most of the application has been created already.

Which is still possible to steal.  If the attacker has remote access to the machine via a trojan he can still steal coins in a variety of ways.
1) simply use wallet to transfer them out to an address he owns.
2) grab decrypted keys from memory.
3) decompile the client to determine what hardware specific strings are used to generate the decryption key and decrypt the wallet file.

Tip for next time.  You might get more interest without stupid claims like "impossible to steal".

You keep using this word "impossible".  This word, I don't think this word means what you think it means.

You are going to be rich.

1. Buy coins
2. Release code
3. Profit

Your (supposed) software makes coins more valuable. There is a much better way to profit than selling the software. Lets call it the Satoshi method.

But wouldnt be able to access the wallet file at all due to the file protection, not to mention as soon as it trys to access the wallet or any of the files, It would get blocked. That is as long as the application service is running.

It would be much more work than what is currently required to copy the file, and log the passphrase.

Not impossible to steal i guess, but impossible to steal the funds from it

this service not a bad idea.

if you can pull it off and you fell it renders the wallet un-steal-able ... i think you should sell insurance " use my software to store your wallet and i guaranty 100% your funds , *for a smaal fee* "

this could make money if its well build.. BUT 1 flaw and you could end up owning millions of bitcoins...
 

Soooooo..... how does it work? if there is no passphrase, how do you spend the coins? how does it prevent the attacks you describe?

Your claims imply a grand innovation in computer security!

The titanic was unsinkable ...  Just like this wallet scheme is unstealable...

The software controlls access to the wallet, only with your machine, and the application running, with the legit bitcoin software can you access the funds. It WILL create a ten-fold in the amount of security the file currently has.

The guy who's helping do this teach's security, and since I explained to him the main idea, has come up with alot of interesting methods to help protect it.

I have an impossible to steal wallet.  It's called a paper wallet.  Physical bitcoins are just metallic paper wallets with a preloaded balance.

I suppose it can be stolen in person.  But can't be stolen online if produced securely.

Ultimately, with computers being hackable and as porous as swiss cheese, I feel that offline bitcoins is the only safe way for the average consumer to go.

+1

I already have such a utility on my linux box, and I use if regularly:

  shred -u ~/.bitcoin/wallet.dat

Nobody's stealing that fucker!

joeyjoe, there are extremely good theoretical and practical reasons to think that safely handling bitcoins using a compromised computer is impossible, no matter what tricks you use to protect them, and that this issue is fundamentally impossible to fix. While you can write software which makes stealing bitcoins inconvenient, the only true defenses are (a) keeping your computer secure, and (b) incorporating multiple devices, such as by using multi-signature transactions (coming in a future version).

Various tricks have been proposed for doing protected computation in non-bitcoin contexts, and it always ends up being an arms race with the bad guys having a substantial advantage. Things like using a TPM, hiding the keys behind interprocess communication, in-memory encryption, and device fingerprinting only help a little.

You shouldn't assume that because your teacher hasn't shot you down, that your plan will work. Experts in cryptography often propose schemes that are later proven not to work, and this happens so often that it's considered poor form to advertise anything as truly secure until it's been published and peer reviewed for a fairly long time.

If it's not gonna be open source i won't trust it can live up to the claims.

The only thing impossible is your claim. Any protection you put into the software can be simulated if the system is compromised.

Trollolol

in b4 OP runs off with the bitcoins of anyone stupid enough to install his trojan

If it is not open source - forget it.... just don't spend your time on it you will not get a dime out of it...

people that make anti-viruses or firewalls do not make them open source as that would defeat the point. With the source, people would work out ways around it.

It wont be open source, if you dont trust it, dont install it. Dont install anything ever again, why have you got an OS installed if its not open source?? have you installed anything in the past year that isnt open source?? i wouldnt trust it then if i were you.

Have you put funds on mtgox or tradehill recently? how can you trust it without full password access to their servers and bank accounts?

I bet 99% of you didnt check the source code for the bitcoin software anyway, let alone check the signature. I could easily post source code to a trojan and remove all the trojan bits, and no one would notice for some time.

I know people will still use it. Probally be a bit wary of it at first, but once it gains enough reputation more people will trust and use it.

My Bitcoins are already protected against theft and I don't have to trust a 3rd party for their security.

I've created about 100 Bitcoin addresses off-line. I've divided my Bitcoins into manageable denominations and distributed the Bitcoins to those off-line addresses.

The private keys have been GPG encrypted and encoded to QRCodes. Those QRCodes have been printed to paper and distributed to several locations online and in the real world.

As I need to spend Bitcoin, I only need to import an address at a time until I have my needed funds. The rest remain off-line - safe.

It was a very tedious and scary process, but I did a lot of testing to ensure my procedure. I would not wish this on any n00b. Any solution to protect someone's Bitcoins needs to be a self reliant process, with redundant outputs, and no requirement for 3rd party trust. I am confident that some developer will soon make this process an easy, "click here" solution for the average user to benefit from.

If your security depends on the source being secret, then its not secure, period.

http://www.clamav.net/
http://www.smoothwall.org

Security through obscurity is no security.

True security comes from taking the aproach that your attacker already knows the secrets.   For example a good bank vault is designed to deter an attacker even if an attacker has the complete scematics and material specs.  

http://en.wikipedia.org/wiki/Kerckhoffs%27_principle

If your code can't survive scrutiny and remains secure you are merely hiding the mechanism that blocks an attacker.  Eventually an attacker will discover it an "undo" it.  

SHA-256, Bitcoin, and Linux are three examples of secure systems where there are no "secrets".  Everything about SHA-256 hash is in the open publicly available.  Go ahead and try and crack it.  There are no secrets so it should be easy right?

There are times when closed source is fine.  I don't care if a video game is closed source, however mining and wallets can involve significant amounts of money so that ups the security requirements. 

My mining rigs are 100% open source.  Linux (open source) + Miner (open source) + utilities (open source).

I'm thinking perhaps it is a OS process that blocks access to the wallet.dat file except for the Bitcoin program (and a backup program).

That way if a Trojan were running on the system it could not copy or read the file. At least it would make it more difficult for the Trojan as it would have to circumvent or shut down the protecting process first, or it would have to directly read out of the memory.

wow, i never realized you felt that strongly about it.  hmmm....

Or just use the wallet remotely.  Simulating user input is somewhat trivial task.  You don't need to steal the wallet.dat if you simply write a trojan which waits until it acquired passphrase and then uses the wallet to send full balance to an address owned by the attacker.  I have been looking into running a wallet inside a smart card because it provides some resistance to an attacker (compromising the computer is useless you need to compromise the smartcard). 

Just bouncing attack and defense ideas off myself and colleges I believe that the only secure digital wallet is one that also has a secure 2nd factor authentication.

Problem is, the trojan probably already elevated privileges to install itself. If it's got that permission on the system, it would be able to do anything else (like disable the "dont touch my wallet.dat" file protection process.

joeyjoe, thank you for working so hard for the good of the community. An unhackable wallet is a much needed product, it can't arrive any moment too soon. If only allinvain, the infamous wallet.dat victim would be alive to see this day ! Sadly the pressure of loosing half a million dollars to a hacker was too much for the poor soul, he succumbed to deep depression and took his own life by homoerotic asphyxiation. Sad indeed.

However I cannot but wonder why would men with such genius waste time on a small fish like the Bitcoin. Banks are wasting billions of dollars on things like security tokens and authentication methods. A method guaranteeing that only the bank software has access to say, a certificate file used in the authentication, is pure gold. It's easily the invention of the decade in the field of security. Your company might very well be the next Apple. Since I see it's potential, I'm more than anxious to buy stock in an IPO, please keep me posted !

Hush now, stop wasting your talent on these unworthy simpletons, disclosing the glorious invention. Together the three of us will make billions !

when you release it, i will hack it in 10 seconds, or at least proof that there are a flaw in your system.

wanna a bet? 100btc, 1000btc?

Ill take it!
1000 BTC it takes you more than 10 second to hack or disprove my unhackable arhm.. I dont know, obfuscated file extension enhanced password protected zip file method. Ready when you are, Ill publish and you have 10 seconds. Deal?

typo! minutes?

True in most cases, however for things like a TPM a process doesn't have access to data stored inside the TPM unless it has also compromised the operating system.  I was just pointing out a second attack vector, even IF you could assure the private keys remain private a wallet could be compromised by transfering the value using the client.

A truly secure wallet would:
a) be deterministic to avoid the need for backups and protect against loss.
b) prevent access to private keys by any process.
c) required 2nd factor authentication.

a compromise of the OS, would'nt do anything. the TPM only does signing, it contains a private key, that the OS does not have access to.

True I spoke somewhat unclearly.   TPM doesn't have enough memory to store bitcoin wallet.  It also doesn't support the hahsing algorithms used by Bitcoin.  so TPM could only be used to hold the decryption key for a Bitcoin wallet.  A TPM aware OS will support a feature called protected memory.  TPM can indicate to the OS to dedicate some memory as protected memory and indicate which processes are allowed to access it.  This would allow a key in TPM to be given to a wallet running in protected memory to decrypt wallet, perform transactions, and then clear the protected memory.

If everything works correctly the key can only be accessed by the valid wallet application.  If the OS is compromised though it may not properly protect this "protected memory" allowing a trojan or other app.

The larger point is that even if the private key can be guaranteed to NEVER be lost/stolen/copied one still needs to protect the actual wallet applications otherwise malicious software could simply use the wallet to transfer funds out.

There is a way to make bitcoins safe,   we offer the cold storage option that the bitcoins are sent to a computer physically turned off...   but it's a manual process and we had to spend considerable funds securing a deposit box in the bank to store the USB keys,  rent an office with a security system just for the cold storage system,  get new servers only to be used for the backup process...

It's possible, just such a hassle...

If the computer is compromised, the malware can do anything, and this means anything! If it is specifically targeting one software (your Bitcoin "protection"), it will circumvent it and it's done!

Backing up file to network? Sounds bad idea. Even if the wallet is encrypted, the encryption keys should remain known only to owner of wallet.dat So the keys should be backed up by owner, prefereably on removalbe medium. So why not back up the whole wallet.dat on encrypted flash drive instead, and keep your system always clean and secure? With secure system the wallet can be in plaintext.

Okay i read, the first 5posts, Then Laughed too hard to keep reading.

"My software will make it impossible for the wallet to be accessed by anything other than the real bitcoin software."

Okay, So that means that if i try to right click on wallet.dat my comp should BSoD? Right?
LOL

Come the fuck on, Nobody listen to this drabble, Just toss your wallet into a TrueCrypt Partition and Voila, No matter how compromised your computers is(please challenge me on this lol), Whatevers in that TrueCrypt folder isnt going Anywhere.

I would love to see a virus/Remote user (or literally BADASS hacker) try to get inside a remote truecrypt volume.

The fucking FBI takes One Month to open a 6letter truecrypt drive(if you dont use the Noob encryptions), And thats when the comp is At Their Place, and they can do ANYTHING to it.
This is just so fucking funny.


"My software will make it impossible for the wallet to be accessed by anything other than the real bitcoin software."
That is impossible. lollololololololllllll.

Good points.  Paper wallet works equally well also.  Keeping "frozen" bitcoins (or deposit only accounts) secure is relatively easy.  Keeping funds ready to outgoing transactions secure is more complex.

Still anyone claiming something is "impossible to steal" knows nothing of security.  Hell the authors of AES or SHA don't even make claims like "impossible to crack" they use more realistic terms like "no know cryptographic flaws", "no pre-image vulnerabilities beyond 40 rounds".

Keys should only be held in Cold Storage or Mental Memory,Almost Anything else will eventually be compromised.

Personally, i've never seen malware Find a TrueCrypt volume, But a Remote attacker would sure as hell know what to look for.
Want an IMPOSSIBLE to steal wallet? Stick it on a fucking CD, And stick the CD in a safe, Then mail the safe to a bank, then have the bank lockup, and go 100fathoms below into the ocean.
But that wont even work. Nothing is impossible to steal.

My best bet? Truecrypt it onto a USB stick and stick the USB stick into a safe. Done.

Unless your computer is infected w/ a trojan.  When you insert the USB and unlock the truecrypt partion it has access to wallet.dat and your passphrase.

As indicated upthread securing "frozen" bitcoins is trivially easy.  No need even for truecrypt just print out the private keys or print out QR codes and put them in a safe.

Securing online, transaction ready wallet is more difficult.  Truecrypt doesn't add anything beyond an encrypted wallet.dat.

Everything can be stolen. EVERYTHING. You can make it harder, but not impossible. Keyloggers (hardware or software), code injection, cold boot attacks, and so on, will beat any encryption.

Here, get this tool: http://www.mcgrewsecurity.com/tools/msramdmp/ and have fun recovering your encrypted wallet private keys from memory.

I put all my bitcoin information in plain text on my microsoft front page websites,  no one bothers to view source :)

Is this based on some kind of unknown to masses magic or is it because once the coins are stolen they cannot be stolen again (not from the same person anyway)?

Well, it's hardly a measure for anti-viruses. And firewalls? What part of them are obscure?


If I run something that isn't open source, I run it as a user with few privileges. I do the same with software that isn't popular, even if it is open source, so being oss is not an automatic protection.


You can't trust them fully, can you... You'd also need the source code for their brains. That's a whole different mechanism.


That's not the point at all. Obviously enough people check Bitcoin sources and all commits are distinctly visible. You can't sneak in malicious code easily. If you are talking about compromised servers or MITM, that's also a different issue altogether.


That's true. But without knowing the internals, we have to assume that it "could be" security by obscurity, so the system could be depending on reverse engineering skills of some people. After reading how you missed the point with firewalls, etc., I'd certainly worry about that.

The only really secure way to use a wallet is to use some trusted computing platform, like a smartcard. This could be done when bitcoin supports this new transaction type which requires two or more signatures. One of the required keys could be stored on the trusted platform (and NEVER LEAVE IT) and add the additional signature to the transaction. Correct destination address and amount of coins must be verified and confirmed on the trusted platform (like with this smart cards who have a display and buttons). The finished transaction is transfered back to the computer and then send to the network.

THIS is secure. Anything else is just making it more anoying to malware to steal the wallet.

lol @ protecting the wallet with truecrypt. Of course it's a good idea to encrypt your wallet, especially when putting it on some external storage, but it won't help against the most likely attack scenario, and that's a trojan on the computer.

That has already happened.  Go to www.bitaddress.org, save his single .htm file, put a copy on an offline machine that's connected to nothing but a printer, and voila, you have a secure paper wallet factory complete with QR codes.

I'm already suspicious of programs that make absurd claims about protecting my whatever, it's even worse when it's a paid closed source system from a random individual. I haven't installed, much less trusted, anything like that, your thing won't be the first.

As far as keepeing wallet.dat on TrueCrypt encrypted volumes goes, it helps only against thug who might steal your computer. For Bitcoin to operate you need wallet.dat to be acessible, so the truecrypt volume must be mounted. And when mounted, truecrypt volume is acessible to any software, including malware. Even more, malware can capture your truecrypt password and steal the truecrypt container to be mounted later.

And no source available = security trough obscurity = no real security at all. Don't waste your time, there are enough false security software out there, such as Kaspersky, Norton and NOD32, better learn more about real life security.

There was actually someone on here that claimed to have recovered a wallet he accidentally deleted using shred - it's not guaranteed to actually protect you.

There was a discussion about this a while ago. I'd suggest wiping all free space after deletion.

After the above command completes, you should have an impossible to steal wallet*, provided no backups are lying around.

PS: Tieing the wallet to a specific computer is insecure. There is more to wallet security than keeping attackers out. You must also guard against data loss.

*More accurately, you should not have a wallet left to steal.

Looks like for all intents and purposes you are right and I was wrong.  At least given my white lie about being on a Linux box.

I actually do perform a similar operation not irregularly.  The reason why is that I prefer to have a large number wallet.dat files with a relatively small number of coins (associated with the addresses) in them.  This, in part, as a theft mitigation strategy.

I think the operative word here (as with these "impossible to steal wallets") is claimed. Scanning the device would also show any copies that the user had forgotten were there...
That said, just like you implied elsewhere the infrastructures we operate in are so complex today that there are loopholes. Shredding a file without shredding the empty space on the partition does leave a shadow of a doubt: e.g. what if the user (or an application, or a fs defragmentation tool) made a temporary copy earlier and that happened to actually be real bits in another address and not just a COW-copy?

Speaking of shredding... For joeyjoe and anyone who even thinks of putting their money into this "impossible to steal" wallet: This is quite clearly either a scam or wishful thinking. "Impossible to steal" is just as viable as as perpetual motion machine. As someone already said, an invention like this would make that creator fabulously rich and world famous in a very short time. Occam's razor says that joeyjoes "programming professor" friend has not invented that, and as soon as the details of this "invention" are available, the theory will be shred to pieces.


TL;DR: Security can always be improved but it's often not easy.
1. If someone says it is easy to do it, he should be treated with caution.
2. If that person fails to explain how it's done (even though it was supposedly easy), he probably sells snake oil.
3. When the same person advertises backing up your money on their "secured dedicated server", alarm bells should be ringing loud and clear.

Scam detected

Proposing a closed source solution like this is equivalent to saying: "give me all your money and I'll make sure nobody else will have access to it".
Not exactly a very appealing offer to somebody who has - for the first time - got the possibility to _not_ have to trust a third party with their money.

Yep, that's exactly how I started my process... But I wanted to paperize encrypted private keys, rather than simply store the unencrypted paper QRCodes gererated by bitaddress.

I ended up using a barcode scanner to input the address/keys from the bitaddress sheet into text files, gpg'd those batches and pipe it to a qr encoder, then import the qrcodes to a word doc to print and PDF it for distribution.

I wrote up a noob guide about the simple side of the process here: http://bitcoinintro.com/offline-storage-of-bitcoins/

created enough interest already, ive sold the software and rights to it for quite a bit. so who ever said "you will not make a dime...".

You mean Satoshi, right? 8D Curious, Did you accept fiat or BTC?

http://lh4.ggpht.com/_CqtZ6YfaifQ/SoSAHPxLQPI/AAAAAAAACXY/H9NCd_SVDYs/noooooo.jpg



I'm offering TEN TIMES what he's paying ! I will pledge my whole stash of one billion premined trollars, the alternate currency i'm releasing.
C'mon man, give us a chance to invest in this baby. It's a monster I tell you !

Taking this into trolling territory now, huh? Somehow I like that more -- scamming is a dirty business without exception but trolling can sometimes be beautiful. :)

I wonder if your buyer is interested in transport infrastructure, I've got a really nice bridge I've been trying to sell for a while.

  Does that bridge happen to be located in Alaska by chance?

I think it's in the Moon.

So, I'm guessing btc-e, bitcoinica, bitfloor didn't use these type of wallets.

Scam, scam, scam! No "access control" or encryption will really save you if your computer is compromised by remote access trojan. Trust me, I have spent years on malware and hacking scene and I know it. I have stolen about 400 Bitcoins that I own right now. And even this was a free time leisure and for fun.

Tape backup is no more reliable than regular hard drive backups. For my own servers under my control I have slowly abandoned LTO tapes in favor of regular offline HDD backups because they are cheaper and faster than LTO tape. And the backup is only a protection in a case if server is hit by 88mm armor piercing round, it does not protect from hacking or anything else.

If someone can spend them, someone else can steal them.

One thinking people!

It is only matter of tweaking the hacking "payload" software to bypass the "protection". The biggest pain in ass was mobile phone authorization but it was bypassed by "synchronization" and installing malware on phone also. The only real problem now is people losing they own coins because phone or mobile subscription was cancelled or subverted by network operator.

Think again people! All things are simple. Keep Your computers clean and safe. Even 20$ router can do the job!

Nothing is impossible. Don't say that too loudly. You'll basically be issuing a challenge to all the hackers out there :O

You guys realize you've resurrected a thread that is almost a year old?  ;)  I was about to comment on-topic but then decided against it after looking at the date.  :)

It is better to resurrect old topic than create new topics with same question again and again. It will be like TrueCrypt forum when noobs constantly ask about implementing data destruction on wrong password and DRM capabilities in TrueCrypt.