Bitcoin Forum
June 14, 2024, 10:47:26 AM *
News: Voting for pizza day contest
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 [7]  All
  Print  
Author Topic: How long until bots can profitably guess private keys?  (Read 7739 times)
nutildah (OP)
Legendary
*
Offline Offline

Activity: 3024
Merit: 8118



View Profile WWW
July 25, 2014, 06:38:54 PM
 #121

Quote from: The00Dustin link=topic=706223.msg8016823#msg8016823
I'm not sure why I'm explaining this since your previous post in this very same thread was a link to a thread that probably explains the same,

I'm not sure why I have to explain to you it doesn't.

Quote from: The00Dustin link=topic=706223.msg8016823#msg8016823
but the brain wallets you refer to were probably "hacked" before the deposits were ever made and then monitored.  A bot is used to monitor those addresses and immediately redirect funds, but it isn't really "hacking" addresses that have funds, it is generating addresses based on parameters and then monitoring them for deposits.  This is no different than setting up a regular wallet with a bot to redirect all deposits except that the regular wallet derived without parameters is unlikely to have collisions while the wallet derived from simple dictionary passwords is very likely to have exact matches.

OK thanks for the clarification. It is good to know the difference. But the end result is the same: a user thinks they are generating their own, private address and they're not and their funds get stolen.

▄▄███████▄▄
▄██████████████▄
▄██████████████████▄
▄████▀▀▀▀███▀▀▀▀█████▄
▄█████████████▄█▀████▄
███████████▄███████████
██████████▄█▀███████████
██████████▀████████████
▀█████▄█▀█████████████▀
▀████▄▄▄▄███▄▄▄▄████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀
.
 MΞTAWIN  THE FIRST WEB3 CASINO   
.
.. PLAY NOW ..
The00Dustin
Hero Member
*****
Offline Offline

Activity: 807
Merit: 500


View Profile
July 25, 2014, 07:00:08 PM
 #122

Quote from: The00Dustin link=topic=706223.msg8016823#msg8016823
I'm not sure why I'm explaining this since your previous post in this very same thread was a link to a thread that probably explains the same,
I'm not sure why I have to explain to you it doesn't.
I felt bad about not following the link to confirm even though I thought I had read that thread before, then I followed the link...
A 12 characters mixed with numbers and simbols, then converted to sha256 2 times, and then generating a private key with that hash its unsecured? Who, so all the entire bitcoin system is unsecured.

Hi Wolf Rainer,

Please read carefully the following article: http://www.palkeo.com/code/stealing-bitcoin.html

We can see how they were able to find many active wallets by generating addresses with a dictionnary. They actually found your address by using the passphrase "alfanumerico".

I hope this answers your questions!
That URL includes a brainwallet section that tells the same information I gave, albeit in a more vague/indirect manner.  This is why I felt like it was in that thread, although I suppose I can see why you didn't.

the end result is the same: a user thinks they are generating their own, private address and they're not and their funds get stolen.
This is true, and in that regard, the answer to the question the title of this topic poses is they already can, but only when they aren't targeting a specific key and users are bypassing the inherent security in randomly generated keys.
minerpumpkin
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500


A pumpkin mines 27 hours a night


View Profile
July 25, 2014, 10:05:19 PM
 #123

the simplest best answer is cold storage.
authorization is irrelevant if a hacker got into your machine.

Which still wouldn't save you from being 'hacked' by a bot that guesses private keys.

I should have gotten into Bitcoin back in 1992...
jonald_fyookball
Legendary
*
Offline Offline

Activity: 1302
Merit: 1004


Core dev leaves me neg feedback #abuse #political


View Profile
July 25, 2014, 10:06:52 PM
 #124

the simplest best answer is cold storage.
authorization is irrelevant if a hacker got into your machine.

Which still wouldn't save you from being 'hacked' by a bot that guesses private keys.

...Which won't happen because bots can't guess private keys
except poorly/amateurishly chosen brain wallets.

rgm108
Sr. Member
****
Offline Offline

Activity: 274
Merit: 250



View Profile
July 25, 2014, 10:30:45 PM
 #125

Has Satoshi's ~1mln been touched?

Now, if I were to hack an account, that would be the target.

My answer to OP question = NEVER! (Except by accident ocf  Tongue)

SPECTRE                ▄▄███▄▄
            ▄▄███▀▀▀▀▀███▄▄
▄▄      ▄▄███▀▀ ▄▄███▄▄ ▀▀███▄▄      ▄▄
████▄▄  ▀▀▀ ▄▄███████████▄▄ ▀▀▀  ▄▄████
  ▀▀████▄    ▀▀█████████▀▀    ▄████▀▀
 ██▄▄ ▀██ █▄▄    ▀▀▀▀▀    ▄▄█ ██▀ ▄▄██
 ▀▀███ ██ █████▄       ▄█████ ██ ███▀▀
     ██ ███████▄   ▄███████ ██
       ██ ████████   ████████ ██
       ██▄▄ ▀▀████   ████▀▀ ▄▄██
        ▀▀███▄▄ ▀▀   ▀▀ ▄▄███▀▀
            ▀▀███▄▄▄▄▄███▀▀
                ▀▀███▀▀
            │
     │      ███
     │      ███
    │    ███
███  │    ███
███ ███ ███ ███
███ ███ ███ ███
███ ███ ███ ███
███ ███ ███ ███
███ ███     │
███ ███     │
    │
 
▬▬     WHITEPAPER    ▬▬
FACEBOOK     TELEGRAM
TWITTER     SLACK     MEDIUM
.
PRE-SALE.
PUBLIC SALE.
smoothie
Legendary
*
Offline Offline

Activity: 2492
Merit: 1473


LEALANA Bitcoin Grim Reaper


View Profile
July 25, 2014, 10:32:36 PM
 #126

I heard that there exists a persistent army of bots that are currently trying every possible combination of known words to unlock a brain wallet, which apparently happens all the time. This was 8 months ago:

http://www.reddit.com/r/Bitcoin/comments/1ptuf3/brain_wallet_disaster/


So... I realize the brainwallet word combination is many exponents smaller in possible combinations than the private key, but what happens if/when the processor power is developed to brute force keys with relative success?

Maybe it will take until some well-connected cybercriminal element gets their hands on a functioning quantum supercomputer and can actually use it to harvest correct private key and address matches from parallel universes. Or such.

If people use encryption and really long brain wallet pass phrases I'd say VERY LONG!

███████████████████████████████████████

            ,╓p@@███████@╗╖,           
        ,p████████████████████N,       
      d█████████████████████████b     
    d██████████████████████████████æ   
  ,████²█████████████████████████████, 
 ,█████  ╙████████████████████╨  █████y
 ██████    `████████████████`    ██████
║██████       Ñ███████████`      ███████
███████         ╩██████Ñ         ███████
███████    ▐▄     ²██╩     a▌    ███████
╢██████    ▐▓█▄          ▄█▓▌    ███████
 ██████    ▐▓▓▓▓▌,     ▄█▓▓▓▌    ██████─
           ▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌          
           ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌          
    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─  
     ²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩    
        ▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀       
           ²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀`          
                   ²²²                 
███████████████████████████████████████

. ★☆ WWW.LEALANA.COM        My PGP fingerprint is A764D833.                  History of Monero development Visualization ★☆ .
LEALANA BITCOIN GRIM REAPER SILVER COINS.
 
minerpumpkin
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500


A pumpkin mines 27 hours a night


View Profile
July 25, 2014, 10:33:33 PM
 #127

the simplest best answer is cold storage.
authorization is irrelevant if a hacker got into your machine.

Which still wouldn't save you from being 'hacked' by a bot that guesses private keys.

...Which won't happen because bots can't guess private keys
except poorly/amateurishly chosen brain wallets.

Yes, exactly. I just wanted to remind the uninformed reader that it doesn't matter if bitcoins are in a paper wallet or on a computer. They're only not 'accessible' because the key is on a piece of paper.

I should have gotten into Bitcoin back in 1992...
Pages: « 1 2 3 4 5 6 [7]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!