Now that we seem to have figured out this breach, we need to warn anybody that downloaded that version, but I guess we can't broadcast message yet...
Still there will be concerns about the offline parallel attack. I am still waiting for CfB's answers on my architecture question. We don't need an immediate solution as long as there is a clear roadmap to higher security. both perceived and actual.
If the hacker has to search a space 2^256, then even with petahashes it will take a long time. However, I am worried about clustering especially with user selected passwords without maximum entropy. Realistically, if anybody uses alphanumeric passwords of a short length or just combines common words, a hacker running a simple brute force search of these combos will unlock all these accounts pretty quickly. Our opponents will intentionally use reasonable looking but weak passwords to intentionally get hacked and give us black PR.
I want to proactively attack this issue. How does NXT security compare to BTC or to Ripple security? These are critical questions for mass adoption of NXT. I want to hear that NXT is better than all the rest, but what I need is an independent cryptographic expert to analyze this objectively.
Not sure how much this will cost, but it will go a long ways toward eliminating this as an issue if indeed NXT is as secure or more secure than BTC (and Ripple). Does anybody know how much it will cost to get an independent cryptographic analysis?
James
P.S. also maybe a bounty to PaulyC of 7808 NXT for finding this?
Agree. PaulyC deserves a bounty to uncover this type of thief. |
|
|
|
Ok here are the two zip files in one file. The bigger one is the one I DLed from Nextcoin.org and used when my NXT were stolen. the smaller one I believe was the one posted on the front page? DO NOT USE THIS FILE FOR NXT: https://mega.co.nz/#!lZQBXQqK!EpQQbx9uBy9gcQe7-vc8smWDwHcM7LBODbtoCpKNXNo Got it. The bogus client is in the link. Can someone check where is the modification ? |
|
|
|
I literally saw my client a few moments after it happened (it was open) so how this happened is odd!
My actual User account that has been stolen from is
NXT
16821029889165561706
I don't have any idea how this may have happened either. Just wanted to confirm, at the moment the theft happened your client was running and you had the browser window opened, and your account was unlocked (you were seeing your balance and the "send money" arrow), is that all correct? Just trying to differentiate the possibilities, whether the hacker obtained you password via brute-force or some other way and initiated the transaction from another machine, or somehow your own machine was tricked to initiate the transaction. And you were running 0.4.8 at the time, right? I added the second check for secret phrase before send money exactly to increase security, so that even if you account is unlocked in the browser you still need to enter your password again. Another question, did you generate your random-looking password using some software - password manager, online service, or created it manually by typing at random? I just wanted to clarify, with this, I had my server and client open. Was just perusing the blocks within the client, seeing if I was up-to-date, something I just do sometimes, and the account balance went from 7808, then on next look 0, maybe a moment later, less than 10 seconds. No one was remotely accessing my computer etc. It was just balance 0, account recipient ID under sent transactions with 7808, etc. Update ran a full scan with my antivirus software, ESET, all up to date, no viruses or intrusions found. The other question about password, this is the very first account I made so I did use the password generator that I had seen recommended on nextcoin.org used "local" mode, to a certain degree, http://passwordsgenerator.net/(i definitely wouldn't recommend using one of these) for 25 of the char of the PW, then I just made up the rest randomly 9 more characters. and I'm not sure about what online nodes refers to exactly, but I can honestly say I never used anything online with that PW until today with CfB. I don't see any strange opened ports so I believe I'm good on that end. Has anyone else noticed the 4.8 download zip from nextcoin.org vs. the one from this exact link Nxt 0.4.8 - https://mega.co.nz/#!yV5A1BTR!oi33K7WovgccuEHvP05nzggTnxrkZHJbwFmv5tGeXNI Are 5 Kb in difference? is that anything to be concerned about? I want to buy more NXT, but it just sucks cuz i got in somewhat early and thought I was following all the instructions correctly, and I honestly don't know what happened which makes me hesitant. It's not cool everyone thinks I'm some troll planning this all out, but I guess that's a natural reaction. I would hope in the future there's someway to stop someone from just taking someone's NXT like this, (I actually thought the two step PW on "sending" was a good idea, but didn't stop them in this case) I'll try to keep an eye out on this hacker's acct# to see if he hits anybody else. http://22k.io/-account/16204974692852323982Looks like you downloaded a bogus client. Scary stuff. The client at the front page of this thread is legit. You need to calculate the hash256 of the zip file of your client and compare to the hash in the 0.4.8 in the front page. They have to match exactly. As you said you have two same client with 5Kb difference in size. One is certainly bogus. Sorry for your loss. This should really be sticky. I could have fallen for this since I never checked the file until today. But for now, only use client file from trusted source and do a checksum hash256 the zip file before using. This needs to be in wiki and the front page. |
|
|
|
What about the nextern-holiday-fund? Is there someone organazing it so he can work on the client full time?
C'mon bitchizzz I have asked several stakeholders to lead a fund-raising but they do not seem to be interested. I would suggest nextern to sell his full-feature client instead of making it free. That would give him quite a sum for his work. I know a couple stakeholders that have given 100k+ Nxt to nexern. One has set aside 250k for when the client is finished. I personally gave him 50k Nxt and plan to give him more when the client is done. I'm not a stakeholder by the way. The big stakeholder I asksed has not contributed anything. But I think nexern will be fine for now. Let's see what he is delivering first. |
|
|
|
Can't wait. Do we have a time for the launch ?
Full potential of TF will be unleashed step by step. We must build infrastructure and prepare for war against some big Bitcoin holders and then against some governments. Complete description of TF is held by few people, who will publish it if BCNext, me and Jean-Luc suddenly disappear.Is it a question ? |
|
|
|
I have asked several stakeholders to lead a fund-raising but they do not seem to be interested.
 unbelievable if true Well of course I am not lying. |
|
|
|
What about the nextern-holiday-fund? Is there someone organazing it so he can work on the client full time?
C'mon bitchizzz I have asked several stakeholders to lead a fund-raising but they do not seem to be interested. I would suggest nextern to sell his full-feature client instead of making it free. That would give him quite a sum for his work. |
|
|
|
What do you mean with 4.25 tps to 1000 tps?
One of the killer features of Nxt is ability to process transactions at VISA rate (thousands per second). Honestly, I am still unsure about the whole the concept and implementation. But if it can be pulled though, it would be a not-small-technical achievement. Can't wait. Do we have a time for the launch ? |
|
|
|
when it's getting too serious it's not funny... i know all farm owners don't agree but someone should think about the end users as well
Go with Proof of Stake instead like NXT. |
|
|
|
What's hash comparison ? the hash of the authentic file ?
This guide 'll help you. I understand about comparing hash. But I can't locate the hash of the authentic file ? is the hash from the first page of this thread good ? You 'll find SHA256 sum provided by developer with every release of NXT Client. Compare it with a hash of downloaded file. Looks good, the download file and its hash in the font page of this thread is safe also. Thanks Intel, It is good to learn these things. |
|
|
|
What's hash comparison ? the hash of the authentic file ?
This guide 'll help you. I understand about comparing hash. But I can't locate the hash of the authentic file ? is the hash from the first page of this thread good ? |
|
|
|
How to check SHA256 checksum ? and what should I expect ? I and to check my client right now .
in linux type: sha256sum filename.zip In Window 7 ? Download HashTabWhat should I expect when run the file ? There 'll be a new tab when clicking right-mouse -> properties  Also, you can select required checksum algorithms:  What's hash comparison ? the hash of the authentic file ? |
|
|
|
How to check SHA256 checksum ? and what should I expect ? I and to check my client right now .
in linux type: sha256sum filename.zip In Window 7 ? Download HashTabWhat should I expect when run the file ? |
|
|
|
How to check SHA256 checksum ? and what should I expect ? I and to check my client right now .
in linux type: sha256sum filename.zip In Window 7 ? |
|
|
|
|
How to check SHA256 checksum ? and what should I expect ? I want to check my client right now .
|
|
|
|
I've got PaulyC's password. It's uncrackable and matches the account. If he is not trolling then we have 4 explanations:
- Someone cracked SHA256 and Curve25519 (why then multi-million accounts not hacked?)
- Someone distributes modified NRS (someone should decompile PaulyC's software)
- Keylogger
- He used online node that records entered passphrases
While I may give PaulyC the benefit of doubt, it can't be ruled out that it is a legit transaction authorized by PaulyC himself. |
|
|
|
Ok I'll PM Cfb the PW, honestly I would like that he didn't post it as of yet, maybe there is something goofy going on that can be remedied? will be someway to get my coins back or retain my aliases, I would hope!. btw. I in no way condone giving up a PW ever, believe me I'm crazy secure about it, and I don't want comments about well if he'll PM his PW then he must be loose with it!.. argh. but if it can help catch that mofo! haha I know that's not likely..not.  Where did you download the client ? is it a trusted source ? this could be a potential leak of security. |
|
|
|
"It's like you guys are building a really high-performance car, and then criticizing the roads for being too bumpy and drivers for being unskilled. It's a great car, and it can do amazing things, but if it isn't adapted to the world as it is or drivers as they are (and not as you want them to be), then it will not have widespread adoption."
OK, just to bubble this to the top again, I officially request ...BLAH BLAH BLAH.
Question one: is this technically possible, yes or no.
I proposed this a few days ago. I believe it is possible, but would require extensive rewrite, as different pairs/keys would have to be implemented, and I dont believe the current curve/sha256 implementation of the hashing is compatible with what we desire. Dude, it's time to roll out the Nike slogan: Just Do It. Who want the Nike justdoit alias ? just contact me |
|
|
|
As a public key on a colored coin?
Your account number is public key already. You're constantly trying to create unnecessary entities. Want to "freeze" some coins with some new private key? Just create new account with this key, trasfer coins to it, and then use this key only when you need to spend this coins. The problem is that the "lucky gold strike" loophole for somebody else to hit this new account when miskeying their own password exists just like it exists for the old one. Psychologically to the public this is always going to be perceived as a flaw because they don't understand how unlikely it is. You haven't increased security one iota, you have only created a different winning lottery number. Publically announcing to the world not to accept withdrawals from an account closes this loophole. That will make a huge psychological difference to the public. And I am telling you, for NXT to succeed with the public, irrational psychological issues are going to have to be addressed. You still need a pass at some point to make an announcement like "I want to spend this money again" right ? you would still need to enter this pass into the network right ? It is essentially the same thing as current implementation. No. If it is a dual colored coin scheme, attempts to unlock the account for withdrawals are publically seen on the blockchain and can be monitored and throw up warnings that an account is under attack. If somebody hits the powerball jackpot and gets into an account through a miskey of another password, that is a one-time private event that is all over in under a minute and nobody even realizes it has happened until the next time they open their account or check it on the block chain. I understand the math on how unlikely it is that a miskeyed password could open the fattest wallet by accident. This isn't about math. It's about public psychology. Saying as a programmer it isn't necessary ignores the popularity of Powerball in the public mind and the psychology bias it introduces against brain wallets. If you use a random generator, the chance of someone mis-types and get your pass is zero. Because the pass will use a lot of special characters and not-well-placed keys. Pass like that cannot be accidentally typed. No humanly possible guess is a random. So no mis-type is not possible even in a billion year. I only worried about hacking. But just educated myself with some current articles on password picking, I can say that it is already extremely time- consuming and impossible at current state of art to pick a 10 character pass if they are truly random. Now key logger is another topic and definitely a risk. As long as you connect to Internet, there is a risk. |
|
|
|
I want to tell the world to never accept a withdrawal from my NXT account. To do this I click a button on my client and go to a special page. I pay a NXT fee and the page generates two numbers, a public key and a private key. I attach the public key to a colored coin. THis is my announcement to the world to lock my account... This can be done with existing functionality. Just create new account, send coins to it and never use this account until NXT costs $500. This is absolutely the same scheme as yours. And it's free  That's basically what I did. Create an account with very strong pass (even a 160 bit pass is enough). Name it saving and transfer all your fund there. Never put the password online again. Nothing can break this account unless they can break down the whole NXT network. This kills NxT if people can't forge in a secure way. If no-one wants to forge because system is not secure enough (like having cold wallets) this is wtf. A node does not need a huge account to back. I could be wrong but I think a lot of nodes forging is more important than a few huge account forging. If you have a big account, that is the risk you have to take, have absolute security or earn some small forging income. |
|
|
|
|
Show Posts
