|
1421
|
Bitcoin / Bitcoin Discussion / Re: Tor+Blockchain wallet hacked? 633 btc loss
|
on: October 18, 2014, 07:01:48 PM
|
Thank you very much, and how can I use Armory with TOR?
You will need to have your TOR browser open whenever you are using Armory. You will need to set up Armory to use a proxy to connect, I am not 100% sure on this but I believe the IP address to set is 127.0.0.1 and the port is 9150. Armory communicates with the network via Bitcoin Core so you'll want to set the proxy settings there. This works pretty well; satoshi built Bitcoin Core's proxy support with Tor in mind back in 2009, see v0.2 changelog. Yes, by default Tor Browser's socks listening port is 9150. I believe Bitcoin Core's default proxy port is 9050 (Tor's default port) so you'll want to change this to 9150 if you're using Tor Browser to manage your circuits. Cheers mate, and it's secure? I mean... after what's happened using blockchain + tor I'm quite scared to use TOR anymore... |
|
|
|
|
1422
|
Bitcoin / Bitcoin Discussion / Re: Tor+Blockchain wallet hacked? 633 btc loss
|
on: October 18, 2014, 07:01:06 PM
|
Sucks if true, these scams just make BTC less appealing to the casual internet user.
and this will not change soon... we need better software to handle BTC, always 2 factor authentication, everywhere, that hackers won't be able to defraud money without hacking cellphone too I was using 2 factor authentication... |
|
|
|
|
1423
|
Bitcoin / Bitcoin Discussion / Re: Tor+Blockchain wallet hacked? 633 btc loss
|
on: October 18, 2014, 05:26:21 PM
|
... Then there was an error message pop up, he closed it and refreshed the wallet page...
That probably was probably a key moment. Exactly. They were key logging him or had hijacked the computer and then transferred the money out. It is doubtful it was a MITM attack while using TOR when the easier method is to just have owned his computer. (Of course it is possible, just very unlikely). I also agree. A man in the middle attack is really not feasible with TOR. One theory as to what could have happened (besides spreading FUD) to the OP is that he went on a hidden wikki, looking for a .onion version of blockchain.info, clicked on a fake blockchian.info link (hidden wikki is littered with these kinds of phishing sites), entered his identifier and password, then the person behind the phishing .onion site was able to login to blockchain and steal the OP's bitcon. IMO the OP is spreading FUD more likely then not. I don't see why the OP would be paranoid enough to use TOR when dealing with bitcoin but isn't paranoid enough to want to use cold storage It happened the same thing to me using coinbase.com and I didn't use the hidden wiki to access coinbase. There is people literally living from stealing BTC you shouldn't underestimate these people Why would you use TOR to access coinbase? They already know your identity and your bank account details therefore there is little reason to try to hide your identity to access coinbase it has been reported that POODLE has exploited a SSLv3 vulnerability so it is, in theory possible that an attacker launched a zero day attack against the OP I didn't give them any ID, just an email address. By the way, someone stole from my blockchain with double authentification and a second password when sending funds... using it via TOR I think blockchain is having an attack or something like that. Do you know any wallet that Works good with TOR? Or would you recommend me generate new wallets from my cold wallet in Armory? Fucking blockchain... When you access your blockchain.info wallet (via TOR or otherwise) you are essentially downloading the private keys to your browser as blockchain.info stores your private keys in encrypted format. When you log in you essentially telling blockchain which encrypted file to send you and you will decrypt it. If someone were to modify the blockchain code via a MITM attack they could make it so the decryption key (aka your password) will be sent to them (along with your identifier) so they can decrypt your wallet file stored on blockchain.info. To get around this potential vulnerability you could use a wallet that always has your private keys stored locally. A few examples would include QT, multibit and armory. The only time that TOR would be involved is when you use your client to push a TX to the network. Thanks for the explanation. I already have Armory with an offline wallet. Should I use a hot wallet (in Armory) for small amounts? Using a normal Internet connection (clearnet)? As long as you control the private keys on your computer TOR will not have any way of stealing your bitcoin. If you value your anonymity then you should use TOR to broadcast a TX and to monitor the Bitcoin network for new TXs received to any address that you control. The only real risk with using TOR with a wallet like Armory is that the exit node not allow you to broadcast the TX, however this can be resolved by "using a new identity" or waiting 10 minutes for TOR to automatically use a new exit node Thank you very much, and how can I use Armory with TOR? |
|
|
|
|
1424
|
Bitcoin / Bitcoin Discussion / Re: Tor+Blockchain wallet hacked? 633 btc loss
|
on: October 18, 2014, 12:55:26 PM
|
... Then there was an error message pop up, he closed it and refreshed the wallet page...
That probably was probably a key moment. Exactly. They were key logging him or had hijacked the computer and then transferred the money out. It is doubtful it was a MITM attack while using TOR when the easier method is to just have owned his computer. (Of course it is possible, just very unlikely). I also agree. A man in the middle attack is really not feasible with TOR. One theory as to what could have happened (besides spreading FUD) to the OP is that he went on a hidden wikki, looking for a .onion version of blockchain.info, clicked on a fake blockchian.info link (hidden wikki is littered with these kinds of phishing sites), entered his identifier and password, then the person behind the phishing .onion site was able to login to blockchain and steal the OP's bitcon. IMO the OP is spreading FUD more likely then not. I don't see why the OP would be paranoid enough to use TOR when dealing with bitcoin but isn't paranoid enough to want to use cold storage It happened the same thing to me using coinbase.com and I didn't use the hidden wiki to access coinbase. There is people literally living from stealing BTC you shouldn't underestimate these people Why would you use TOR to access coinbase? They already know your identity and your bank account details therefore there is little reason to try to hide your identity to access coinbase it has been reported that POODLE has exploited a SSLv3 vulnerability so it is, in theory possible that an attacker launched a zero day attack against the OP I didn't give them any ID, just an email address. By the way, someone stole from my blockchain with double authentification and a second password when sending funds... using it via TOR I think blockchain is having an attack or something like that. Do you know any wallet that Works good with TOR? Or would you recommend me generate new wallets from my cold wallet in Armory? Fucking blockchain... When you access your blockchain.info wallet (via TOR or otherwise) you are essentially downloading the private keys to your browser as blockchain.info stores your private keys in encrypted format. When you log in you essentially telling blockchain which encrypted file to send you and you will decrypt it. If someone were to modify the blockchain code via a MITM attack they could make it so the decryption key (aka your password) will be sent to them (along with your identifier) so they can decrypt your wallet file stored on blockchain.info. To get around this potential vulnerability you could use a wallet that always has your private keys stored locally. A few examples would include QT, multibit and armory. The only time that TOR would be involved is when you use your client to push a TX to the network. Thanks for the explanation. I already have Armory with an offline wallet. Should I use a hot wallet (in Armory) for small amounts? Using a normal Internet connection (clearnet)? |
|
|
|
|
1425
|
Bitcoin / Bitcoin Discussion / Re: Tor+Blockchain wallet hacked? 633 btc loss
|
on: October 18, 2014, 11:59:34 AM
|
at the end all BTC will be lost and hacked until forgotten.... that is why there is no future in current system...
It looks like it... security is key. I've lost 4 BTC in total in different attacks, and I'm no newbie. People can't expect the average user to use Armory offline wallets and shit like that. (Which I do anyway) Something must be found quickly. |
|
|
|
|
1426
|
Bitcoin / Bitcoin Discussion / Re: Tor+Blockchain wallet hacked? 633 btc loss
|
on: October 18, 2014, 11:53:46 AM
|
... Then there was an error message pop up, he closed it and refreshed the wallet page...
That probably was probably a key moment. Exactly. They were key logging him or had hijacked the computer and then transferred the money out. It is doubtful it was a MITM attack while using TOR when the easier method is to just have owned his computer. (Of course it is possible, just very unlikely). I also agree. A man in the middle attack is really not feasible with TOR. One theory as to what could have happened (besides spreading FUD) to the OP is that he went on a hidden wikki, looking for a .onion version of blockchain.info, clicked on a fake blockchian.info link (hidden wikki is littered with these kinds of phishing sites), entered his identifier and password, then the person behind the phishing .onion site was able to login to blockchain and steal the OP's bitcon. IMO the OP is spreading FUD more likely then not. I don't see why the OP would be paranoid enough to use TOR when dealing with bitcoin but isn't paranoid enough to want to use cold storage It happened the same thing to me using coinbase.com and I didn't use the hidden wiki to access coinbase. There is people literally living from stealing BTC you shouldn't underestimate these people Why would you use TOR to access coinbase? They already know your identity and your bank account details therefore there is little reason to try to hide your identity to access coinbase it has been reported that POODLE has exploited a SSLv3 vulnerability so it is, in theory possible that an attacker launched a zero day attack against the OP I didn't give them any ID, just an email address. By the way, someone stole from my blockchain with double authentification and a second password when sending funds... using it via TOR I think blockchain is having an attack or something like that. Do you know any wallet that Works good with TOR? Or would you recommend me generate new wallets from my cold wallet in Armory? Fucking blockchain... |
|
|
|
|
1427
|
Bitcoin / Bitcoin Discussion / Re: Tor+Blockchain wallet hacked? 633 btc loss
|
on: October 14, 2014, 11:25:39 PM
|
... Then there was an error message pop up, he closed it and refreshed the wallet page...
That probably was probably a key moment. Exactly. They were key logging him or had hijacked the computer and then transferred the money out. It is doubtful it was a MITM attack while using TOR when the easier method is to just have owned his computer. (Of course it is possible, just very unlikely). I also agree. A man in the middle attack is really not feasible with TOR. One theory as to what could have happened (besides spreading FUD) to the OP is that he went on a hidden wikki, looking for a .onion version of blockchain.info, clicked on a fake blockchian.info link (hidden wikki is littered with these kinds of phishing sites), entered his identifier and password, then the person behind the phishing .onion site was able to login to blockchain and steal the OP's bitcon. IMO the OP is spreading FUD more likely then not. I don't see why the OP would be paranoid enough to use TOR when dealing with bitcoin but isn't paranoid enough to want to use cold storage It happened the same thing to me using coinbase.com and I didn't use the hidden wiki to access coinbase. There is people literally living from stealing BTC you shouldn't underestimate these people |
|
|
|
|
1428
|
Bitcoin / Bitcoin Discussion / Re: Tor+Blockchain wallet hacked? 633 btc loss
|
on: October 14, 2014, 09:14:44 PM
|
|
I lost 2 BTC in a similar way, using coinbase+tor
I got a "this connection is untrusted" message and when I refreshed the window the BTC were gone...
Since then I use Armory. But the funny thing is that for small amounts I changed to blockhain + tor...
|
|
|
|
|
1429
|
Local / Esquina Libre / Re: Actualizar Bitcoin Core y Armory
|
on: October 14, 2014, 01:02:30 PM
|
Ya he actualizado bitcoin core y armory, hay alguna manera de mover la cadena de bloques a otro disco duro? Creo que ocupa unos 40GB... Es posible mover Armory y Bitcoin core a otro disco duro, solo la cadena de bloques?  Copia las carpetas blocks y chainstate , así como los ficheros bitcoin.conf y peers.datEn Windows se encuentran dentro de la carpeta C:\Users\TuUsuario\AppData\Roaming\Bitcoin . Y Armory seguirá funcionando si muevo estos ficheros o tengo que hacer algo más? Solo quiero mover la cadena de bloques pero quiero que siga funcionando Armory y Bitcoin Core |
|
|
|
|
1430
|
Local / Esquina Libre / Re: Actualizar Bitcoin Core y Armory
|
on: October 13, 2014, 07:33:10 PM
|
Ya he actualizado bitcoin core y armory, hay alguna manera de mover la cadena de bloques a otro disco duro? Creo que ocupa unos 40GB... Es posible mover Armory y Bitcoin core a otro disco duro, solo la cadena de bloques? |
|
|
|
|
1431
|
Local / Esquina Libre / Actualizar Bitcoin Core y Armory
|
on: October 07, 2014, 11:49:19 AM
|
|
Buenas,
No sé donde colocar este tema así que he optado por esquina libre.
Tengo la versión de bitcoin core 0.9.1 y la de Armory 0.90 beta
Es estrictamente necesario que actualice versiones más recientes? También tengo Armory offline en otro ordenador y no quiero volver a pasar por el proceso de verificar el instalador, etc
Qué razones hay para tener que ir actualizando constantemente?
Saludos
|
|
|
|
|
1432
|
Bitcoin / Armory / Re: Armory - Discussion Thread
|
on: October 01, 2014, 09:45:02 PM
|
Stupid (maybe not) question.
I want to update Armory, should I update Bitcoin Core as well?
You don't have to but latest core is more critical than latest armory Thanks  |
|
|
|
|
1434
|
Bitcoin / Armory / Re: Armory - Discussion Thread
|
on: September 27, 2014, 12:30:25 AM
|
I'm using Armory 0.90-beta Should I update my version? I have all my BTC in Armory and I'm afraid to update  We do recommend you update anything before 0.91. And 0.92.1 is a solid release. Ok, so I just download & install the 0.92.1 version and all my wallets will show up again? Do I have to do anything else besides download & install? EDIT: I also have an offline wallet on an offline computer, should I update that version as well? You can update your online computer without touching the offline computer if you install 0.91.2 online. However, all the offline transaction formats changed to accommodate multisig with 0.92+, so if you upgrade your online computer to that, you'll have to do the same offline. Alright, I don't have to uninstall the old versión right? Just download the new one and install both on the online and offline computer. Am I right? |
|
|
|
|
1435
|
Bitcoin / Armory / Re: Armory - Discussion Thread
|
on: September 26, 2014, 07:45:00 PM
|
I'm using Armory 0.90-beta Should I update my version? I have all my BTC in Armory and I'm afraid to update We do recommend you update anything before 0.91. And 0.92.1 is a solid release. Ok, so I just download & install the 0.92.1 version and all my wallets will show up again? Do I have to do anything else besides download & install? EDIT: I also have an offline wallet on an offline computer, should I update that version as well? |
|
|
|
|
1439
|
Local / Servicios / Re: colecta para bitcoin astral map
|
on: September 18, 2014, 10:14:57 PM
|
lo mismo lo han raptado o algo.
Claro... sabía demasiado...   +1 ¿Esto no encajaría mejor en esquina libre? Edito: si llegaseis a lo de 12.5 por persona me apunto por curiosidad pero 25 me parece demasié xD Venga venga, que esto se anima |
|
|
|
|
1440
|
Local / Mercado y Economía / Re: Alertas Mercado y Economía Bitcoin
|
on: September 18, 2014, 08:35:40 PM
|
Pregunta sencilla, nos vamos a la mierda?
Si, pero luego volvemos. Además la mierda depende de la altura donde comprases. Compré baratito baratito, 150$ approx, pero esta bajada no mola nada. Antes de saltar hay que tomar impulso Sí, de hecho estoy convencido que si no baja demasiado, tipo 50$ , cuando suba, puede ser histórico, 5000$ en poco tiempo. Pero para eso hay que sobrevivir esta oleada jeje |
|
|
|
|
Show Posts
