Researchers Expose Flaw in Bitcoin Wallets That Could Be Exploited for Double-Spendinghttps://www.coindesk.com/researchers-expose-flaw-in-bitcoin-wallets-that-could-be-exploited-for-double-spendingA standard way to transact bitcoin could be vulnerable to double-spending, new research has found. Blockchain sleuths at ZenGo, a wallet startup,
have found a vulnerability that affected at least three major crypto wallets – Ledger Live, Edge and Breadwallet (BRD) – and potentially more.
The bug, which the Tel Aviv-based firm calls BigSpender, allows a hacker to double-spend a user’s funds and possibly prevent them from ever using their wallet again.
It works by exploiting a flaw in Bitcoin’s replace-by-fee (RBF) function, a failsafe that enables users to swap an unconfirmed transaction with one that has a higher fee. Better keep an eye out on wallet updates. my version of a TL;DR wait for 6 confirmations to avoid attack part one use wallet with coin control to avoid attack part two |
|
|
|
Also copied from the link: https://www.coindesk.com/researchers-expose-flaw-in-bitcoin-wallets-that-could-be-exploited-for-double-spendingHowever, ZenGo researchers found there is a second order attack, which follows the same scheme outlined above, which could permanently disable a wallet with or without the victim’s knowledge of the transaction. In this case, the attacker again artificially inflates a victim’s balance by sending repeated transactions to her wallet. This can be done without a victim’s consent. By canceling the transactions before confirmed, the victim’s stated wallet balance and actual funds are again decoupled, making their wallet unusable. Worse, the attack can affect multiple wallets at the same time. a wallet with coin control will (should? correct me if wrong) nullify this second kind of attack. so a coin control capable wallet is still usable in that particular case. |
|
|
|
So, in the meantime I thought I would fire up an old bitcoin wallet from 2014 and see just what I was spending coins on.
Some gems include:
Wii U console: .5 bitcoins, $4,600 in today's money
Delivered Pizza including tip: .02btc, $184
Towels for the house: .4 bitcoin, $3680
While it is true I have been able to enjoy these things for the past 6 years, they did wind up costing me a lot. Something to keep in mind if you sell your bitcoins today, in 6 years you might be thinking "I could have bought xxxxx with that money"
years ago steam took btc. so at todays values i have like ~20 grand of steam games (couple bitcoins worth - maybe a couple hundred bucks at the time many years ago). bought i think like 4 or 5 games and a steam controller. i even played a few. one shows 3 minutes total time, couple others less than 30 minutes. i think there was one i that i played through. |
|
|
|
 e// I guess images dont show up for Newbies. yes newbies cant post images so i quoted you for the pic to show. |
|
|
|
|
i dont even remember how at this point. had the official client(s), mew geth something else.
so for me too many changes to be worth keeping anything in them.
|
|
|
|
A $5 wrench is too damn cheap. And too damn effective!
yeah but with the brrrrr machines whirling away that $5 wrench will soon cost $50. so its getting more costly to attack us by the day, looks like. |
|
|
|
Good afternoon WO!
Observing @ $9,061
I think at some point in last 24 hours we had below $9k. Where was panicking?
was there panic? i hate sleeping through a good panic. currently observing ~$9075 USD at the, uh, unmentionable place. so back to sleep for me. |
|
|
|
|
wouldnt he need to produce the medical records that shows that diagnosis? privately to the judge of course.
cuz in medical, if it aint documented in your chart, its not a legal diagnosis, just someones opinion.
|
|
|
|
Ye, seems like a lot of effort for nothing. its the thought that counts. |
|
|
|
|
ooof
some of those images need a NSFW tag theyre so ugly.
|
|
|
|
Don't you hate getting tripped up by that last when quoting?  took forever to balance them[/quote] sorta anyway |
|
|
|
Why do so many people in here have hats as their avatar
A lot of us are ashamed of our hair loss from years of crazy bitcoin price swings, but not silly enough to try a combover. I feel like my hat needs an update... hmm maybe it just needs to be thrown in the wash? You throw away your hat, we throw away YOU.   I didn't say throw it AWAY! I said throw it in the wash! It's kinda smelly by now. i tried that. half my brain cells went down the drain  Not good. Change your methods. You might not be quite ready for the washing stage of hat ownership, yet. Some peeps just take longer to figure some things out. We are all like special lil snowflakes (whoops, I am not supposed to use that word). well to be fair i should of taken my hat off before washing it in the machine. |
|
|
|
Are you a HODLER or a PANIC SELLER?
many of us have been both at one point or another. its an educational thing. or right of passage maybe. |
|
|
|
Why do so many people in here have hats as their avatar
A lot of us are ashamed of our hair loss from years of crazy bitcoin price swings, but not silly enough to try a combover. I feel like my hat needs an update... hmm maybe it just needs to be thrown in the wash? You throw away your hat, we throw away YOU. I didn't say throw it AWAY! I said throw it in the wash! It's kinda smelly by now. i tried that. half my brain cells went down the drain |
|
|
|
|
mid 2011. mined my 1st coin with an ATI HD4850 as a test and sent to my core (qt at the time?) wallet. it worked, obviously.
|
|
|
|
I just wrote to an email to the service suggested above (WalletRecoveryServices) and according to Dave (the owner of the site) it should be possible to crack the password without knowing the address associated with the encrypted private key.
that's interesting. i wish their system was open source so i could take a look at the code and figure out how it works, i am very curious. do you know any other BIP38 recovery tools that is open source and i could look at? wouldnt all they need to do is check whatever addy the program spits out and see if theres a history? it would need to check the addys anyway as runs. but then again i may be completely misunderstanding this thread. apologies if that is the case. |
|
|
|
I don't think that the people get "happy" when the price of a certain financial asset goes up or down.
well when it drops 40% in a matter of hours (minutes?). that feeling you get? man its indescribable. i wont say "happy" but its almost worth the ride. |
|
|
|
*We are all being tracked*
Lets leave it at that .
yes. and even if blockchain analysis isnt that good now, it will be. i mentioned upthread i always pull 20% more on sells so its already in fiat for taxes. i dont touch that 20% fiat in the bank, only cash it in when the man wants his tax. also i put on my tax returns the stuff i buy through payment processors and stores that take btc directly. as they are taxable events and need to be reported too. now i probably could of got away with not reporting newegg or whatever purchases, but im sure glad i did. you do NOT want the IRS as your enemy. |
|
|
|
Especially in the wall observer, you will see people that want bitcoin's price to get increased. Although, if bitcoin price goes down, it's good for many people too. For example, I want to get decreased so I can buy more BTC
Don't believe everything you see online and don't take things too serious as most visitors of that particular thread aren't as happy as they seems knowingly fully well some sold before the spike in price or are dying inside waiting for a dip to buy into the market but since the whole atmosphere of the threads looks positive and filled with excitement, they just play along not to look odd. many of us older members sold some (perhaps a lot even) way before the 2017 ATH. i sold coins in the $10 to $100 USD range back in the day. and im not unhappy, i was supporting bitcoin before all those ATMs and payment processors were around. gotta find its use case and test the snots outta it before moon can happen. the experience in being involved fairly early on in a game changing experiment about sound money more than outweighs having more coins (just speaking for me, dunno how others feel). now sure we all wish we had more but dont lump all us WOers into some group that sold most or all and regretted it, although you will find some of them in the WO. or lump us in with the whales (but maybe some are there too), |
|
|
|
Already explained this somewhat but here is another visual aid. Seems like some serious compression/tension is building up for the nothingburger event that is the future expiry set for tomorrow. Just have to remain calm and see how it plays out. Three types of faults: A. Strike-slip B. Normal C. Reverse There are three main types of fault, all of which may cause an interplate earthquake: normal, reverse (thrust), and strike-slip. Normal and reverse faulting are examples of dip-slip, where the displacement along the fault is in the direction of dip and where movement on them involves a vertical component. Normal faults occur mainly in areas where the crust is being extended such as a divergent boundary. Reverse faults occur in areas where the crust is being shortened such as at a convergent boundary. Strike-slip faults are steep structures where the two sides of the fault slip horizontally past each other; transform boundaries are a particular type of strike-slip fault. Many earthquakes are caused by movement on faults that have components of both dip-slip and strike-slip; this is known as oblique slip.
Reverse faults, particularly those along convergent plate boundaries, are associated with the most powerful earthquakes, megathrust earthquakes, including almost all of those of magnitude 8 or more. Strike-slip faults, particularly continental transforms, can produce major earthquakes up to about magnitude 8. Earthquakes associated with normal faults are generally less than magnitude 7. For every unit increase in magnitude, there is a roughly thirtyfold increase in the energy released. https://en.wikipedia.org/wiki/Earthquake#dyor wait is california scheduled to split off into the ocean and sink tomorrow (today?) thats not on my schedule. man i need to pay more attention. well, maybe. |
|
|
|
|
Show Posts
