|
Title: Web wallets that are RFC6979 complaint ?? Post by: dunchy on December 15, 2014, 09:21:39 PM After Johoe's kick-ass move with blockchain.info I don't feel safe with them anymore.
But, I'm not able to find out which web wallets are at the moment exposed to "weak addresses that reveal private keys". Can anyone tell? bitgo.com looks good... Are they safe with regard to this? Title: Re: Web wallets that are RFC6979 complaint ?? Post by: bitbaby on December 16, 2014, 06:12:30 AM Web wallets will always have vulnerabilities, if you really want to be safe you should move to desktop wallets such as Bitcoin Core or Electrum if you want a lighter wallet.
Title: Re: Web wallets that are RFC6979 complaint ?? Post by: Coef on December 16, 2014, 12:45:57 PM Web wallets will always have vulnerabilities, if you really want to be safe you should move to desktop wallets such as Bitcoin Core or Electrum if you want a lighter wallet. Generally agree that web wallets are less secure, but AFAIK bitcoin core is not using deterministic signature either. Title: Re: Web wallets that are RFC6979 complaint ?? Post by: dunchy on December 16, 2014, 03:00:28 PM Keeping personal backups is something that scares me more than a good web wallet service with client-side encryption.
Strange that blockchain.info never said anything about Johoe's attack on the blog. No statement at all.. I'm inclined to go for BitGo.com. Any thoughts? Title: Re: Web wallets that are RFC6979 complaint ?? Post by: Coef on December 16, 2014, 03:27:04 PM Strange that blockchain.info never said anything about Johoe's attack on the blog. No statement at all.. Isn't this blog entry on Dec 8 about the problem Johoe found? http://blog.blockchain.com/2014/12/08/blockchain-info-security-disclosure/#more-4187 |