Bitcoin Forum
December 14, 2024, 12:01:15 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Pita Bread Munchers Could Steal Bitcoins from Public Laptops  (Read 1396 times)
MicroGuy (OP)
Legendary
*
Offline Offline

Activity: 2506
Merit: 1030


Twitter @realmicroguy


View Profile WWW
June 26, 2015, 01:06:44 AM
Last edit: June 29, 2015, 02:46:02 AM by MicroGuy
 #1



Your days of placing PGP encrypted drug orders in public, and paying for those Darknet purchases in Bitcoin, might be numbered. Don’t look now, but there’s a hacker behind you sinking his jaws into a new crypto-robbing pita bread – and he wants your Bitcoin wallet for dessert.

Researchers at Tel Aviv University and Israel’s Technion research institute have developed a palm-sized device that can wirelessly steal data from nearby laptops using the radio waves leaked by the machine’s processor.

Team member Evan Tromer says his group is working to extend the device’s capabilities to include stealing bitcoin keys.

Tromer says the group is also exploring whether the technique could be adapted and made more widely applicable, too, even allowing the theft of bitcoins by stealing the private keys created by users’ “wallet” programs.

The setup, which they’ve called the Portable Instrument for Trace Acquisition (PITA), fits inside an ordinary pita bread. While that may not make for the most common attack scenario, it is compact, works with both white and wheat, and operates untethered. This makes for a lethal weapon that can be easily hidden, especially inside sandwich shops.

Their crusty spy bug, built for less than $300, is designed to allow anyone to “listen” to the accidental radio emanations of a computer’s electronics from 19 inches away and capture the user’s secret decryption keys, enabling attackers to read the user’s encrypted communications.

The researchers have perfected a method for stealing keys from laptops running open source GnuPG within seconds. Their next experiments will involve perfecting a wireless Bitcoin wallet attack.

Original Story: http://altcoinpress.com/2015/06/pita-bread-munchers-could-steal-bitcoins-from-public-laptops/
OROBTC
Legendary
*
Offline Offline

Activity: 2968
Merit: 1895



View Profile
June 26, 2015, 01:43:13 AM
 #2

...

MicroGuy

That PITA threat looks like more of a threat to online wallets more than with cold storage hardware devices like Trezor and Ledger Nano. 

If you keep your BTC holdings to a small amount in your hot wallet, then that seems to all that would be at risk.

[Correct me if I am wrong]
franky1
Legendary
*
Offline Offline

Activity: 4438
Merit: 4821



View Profile
June 26, 2015, 02:01:59 AM
 #3

not sure if OP is trolling, or found an article wrote by a comedian..

I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
pooya87
Legendary
*
Offline Offline

Activity: 3668
Merit: 11107


Crypto Swap Exchange


View Profile
June 26, 2015, 02:15:30 AM
 #4

not sure if OP is trolling, or found an article wrote by a comedian..
it looks like this news is everywhere! http://www.bbc.com/news/technology-33229424

it is not that impressive either, it is not actually that small and does not fit "inside the bread" it is the same size of a bread (see the pictures) it fits in the pocket and it need to be so close to do the stealing.

i'll kick the ass of whoever stands in 50cm distance of my laptop!

i am also skeptical about the way it steals the keys unless i read more about it's technical stuff, and the fact that what exactly on my laptop emits those signals.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
SebastianJu
Legendary
*
Offline Offline

Activity: 2674
Merit: 1083


Legendary Escrow Service - Tip Jar in Profile


View Profile WWW
June 28, 2015, 10:37:28 PM
 #5

Pretty surely it only can steal anything that is worked on in the cpu. So when you send a bitcoin transaction in the sandwich shop and the scammy seller behind the bar has such a device, then he might get the private key for the sending address. Which should only be a problem as long as the address is still filled after that. So if you use change addresses then you are fine.

Unfortunately change addresses are a superb tool to connect all the addresses that belong to a wallet. Destroying anonymity on the way.

Please ALWAYS contact me through bitcointalk pm before sending someone coins.
QuestionAuthority
Legendary
*
Offline Offline

Activity: 2156
Merit: 1393


You lead and I'll watch you walk away.


View Profile
June 28, 2015, 11:19:04 PM
 #6

You could put your laptop in a faraday cage. Or



You could use this cooling mat to block the rf energy and save your twig and two berries from unnecessary radiation.


poncho32
Sr. Member
****
Offline Offline

Activity: 316
Merit: 250


View Profile
June 29, 2015, 12:15:39 AM
 #7

not sure if OP is trolling, or found an article wrote by a comedian..
it looks like this news is everywhere! http://www.bbc.com/news/technology-33229424

it is not that impressive either, it is not actually that small and does not fit "inside the bread" it is the same size of a bread (see the pictures) it fits in the pocket and it need to be so close to do the stealing.

i'll kick the ass of whoever stands in 50cm distance of my laptop!

i am also skeptical about the way it steals the keys unless i read more about it's technical stuff, and the fact that what exactly on my laptop emits those signals.

Years ago people could read what was on a computer screen by decoding the RF emissions it gave out. If all they are doing is reading what's visible on a screen then I'm not that impressed,. I'm not aware of any significant RF emissions given out by CPUs but I'm impressed if that's what they are decoding.
jjacob
Legendary
*
Offline Offline

Activity: 1554
Merit: 1026


★Nitrogensports.eu★


View Profile
June 29, 2015, 12:53:08 AM
 #8

It is nice to see that Bitcoin is deemed important enough by the developers.. so important that they are working on increasing the device's capabilities to steal Bitcoin private keys. This device would be more relevant in actual spying.


           █████████████████     ████████
          █████████████████     ████████
         █████████████████     ████████
        █████████████████     ████████
       ████████              ████████
      ████████              ████████
     ████████     ███████  ████████     ████████
    ████████     █████████████████     ████████
   ████████     █████████████████     ████████
  ████████     █████████████████     ████████
 ████████     █████████████████     ████████
████████     ████████  ███████     ████████
            ████████              ████████
           ████████              ████████
          ████████     █████████████████
         ████████     █████████████████
        ████████     █████████████████
       ████████     █████████████████
▄▄
██
██
██
██
██
██
██
██
██
██     
██
██
▬▬ THE LARGEST & MOST TRUSTED ▬▬
      BITCOIN SPORTSBOOK     
   ▄▄
██
██
██
██
██
██
██
██
██
██     
██
██
             ▄▄▄▄▀▀▀▀▄
     ▄▄▄▄▀▀▀▀        ▀▄▄▄▄           
▄▀▀▀▀                 █   ▀▀▀▀▀▀▀▄▄
█                    ▀▄          █
 █   ▀▌     ██▄        █          █               
 ▀▄        ▐████▄       █        █
  █        ███████▄     ▀▄       █
   █      ▐████▄█████████████████████▄
   ▀▄     ███████▀                  ▀██
    █      ▀█████    ▄▄        ▄▄    ██
     █       ▀███   ████      ████   ██
     ▀▄        ██    ▀▀        ▀▀    ██
      █        ██        ▄██▄        ██
       █       ██        ▀██▀        ██
       ▀▄      ██    ▄▄        ▄▄    ██
        █      ██   ████      ████   ██
         █▄▄▄▄▀██    ▀▀        ▀▀    ██
               ██▄                  ▄██
                ▀████████████████████▀




  CASINO  ●  DICE  ●  POKER   
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
   24 hour Customer Support   

▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
galbros
Legendary
*
Offline Offline

Activity: 1022
Merit: 1000


View Profile
June 29, 2015, 12:59:32 AM
 #9

I think I'm going to file this under things I'm not going to worry about.  Thanks for the info all the same, it does look like amazing technology.
scarsbergholden
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500



View Profile
June 29, 2015, 02:32:54 AM
 #10

I'll just keep my hot wallet coins on my trezor or a carry around amount on my phone, I am not worried about it at all. People who keep all of their coins in a hot wallet on a laptop are crazy anyways.

pita breads hackers could take over your trezor no problem, beware of the pita group taking over bitcoin, lol jking but for real i have seen a few people with their bitcoin wallets open on coffee shops like is all good, is like putting your wallet open in a table just waiting to see whos gonna take a shot at it.

AGD
Legendary
*
Offline Offline

Activity: 2070
Merit: 1164


Keeper of the Private Key


View Profile
June 29, 2015, 04:59:16 AM
 #11

not sure if OP is trolling, or found an article wrote by a comedian..
it looks like this news is everywhere! http://www.bbc.com/news/technology-33229424

it is not that impressive either, it is not actually that small and does not fit "inside the bread" it is the same size of a bread (see the pictures) it fits in the pocket and it need to be so close to do the stealing.

i'll kick the ass of whoever stands in 50cm distance of my laptop!

i am also skeptical about the way it steals the keys unless i read more about it's technical stuff, and the fact that what exactly on my laptop emits those signals.

Years ago people could read what was on a computer screen by decoding the RF emissions it gave out. If all they are doing is reading what's visible on a screen then I'm not that impressed,. I'm not aware of any significant RF emissions given out by CPUs but I'm impressed if that's what they are decoding.

It was this one: http://www.tomsguide.com/us/airhopper-data-radio-waves,news-19865.html
These techniques are used by LE already for years.
Tip: Instead of people wearing that tinfoil on their head, they can now use it to wrap their computer and monitor to be safe.
To be even more secure, you can extend the tinfoil use against possible future attacks:


Bitcoin is not a bubble, it's the pin!
+++ GPG Public key FFBD756C24B54962E6A772EA1C680D74DB714D40 +++ http://pgp.mit.edu/pks/lookup?op=get&search=0x1C680D74DB714D40
Gervais
Sr. Member
****
Offline Offline

Activity: 366
Merit: 250



View Profile
June 29, 2015, 08:49:18 AM
 #12

Did they really have to put it in a pitta bread? I mean seriously? Regardless, I think there's going to be a real issue with using your bitcoins over public wifi. Even an entry level hacker can get into your computer very easily when you use public wifi.
tokeweed
Legendary
*
Offline Offline

Activity: 4172
Merit: 1464


Life, Love and Laughter...


View Profile
June 29, 2015, 09:47:21 AM
 #13

not sure if OP is trolling, or found an article wrote by a comedian..

A little of both.

R


▀▀▀▀▀▀▀██████▄▄
████████████████
▀▀▀▀█████▀▀▀█████
████████▌███▐████
▄▄▄▄█████▄▄▄█████
████████████████
▄▄▄▄▄▄▄██████▀▀
LLBIT|
4,000+ GAMES
███████████████████
██████████▀▄▀▀▀████
████████▀▄▀██░░░███
██████▀▄███▄▀█▄▄▄██
███▀▀▀▀▀▀█▀▀▀▀▀▀███
██░░░░░░░░█░░░░░░██
██▄░░░░░░░█░░░░░▄██
███▄░░░░▄█▄▄▄▄▄████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
█████████
▀████████
░░▀██████
░░░░▀████
░░░░░░███
▄░░░░░███
▀█▄▄▄████
░░▀▀█████
▀▀▀▀▀▀▀▀▀
█████████
░░░▀▀████
██▄▄▀░███
█░░█▄░░██
░████▀▀██
█░░█▀░░██
██▀▀▄░███
░░░▄▄████
▀▀▀▀▀▀▀▀▀
||.
|
▄▄████▄▄
▀█▀
▄▀▀▄▀█▀
▄░░▄█░██░█▄░░▄
█░▄█░▀█▄▄█▀░█▄░█
▀▄░███▄▄▄▄███░▄▀
▀▀█░░░▄▄▄▄░░░█▀▀
░░██████░░█
█░░░░▀▀░░░░█
▀▄▀▄▀▄▀▄▀▄
▄░█████▀▀█████░▄
▄███████░██░███████▄
▀▀██████▄▄██████▀▀
▀▀████████▀▀
.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀
███▀▄▀█████████████████▀▄▀
█████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀
███████▀▄▀██████░█▄▄▄▄▄▄▄▄
█████████▀▄▄░███▄▄▄▄▄▄░▄▀
███████████░███████▀▄▀
███████████░██▀▄▄▄▄▀
███████████░▀▄▀
████████████▄▀
███████████
▄▄███████▄▄
▄████▀▀▀▀▀▀▀████▄
▄███▀▄▄███████▄▄▀███▄
▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄
▄██▀▄███░░░▀████░███▄▀██▄
███░████░░░░░▀██░████░███
███░████░█▄░░░░▀░████░███
███░████░███▄░░░░████░███
▀██▄▀███░█████▄░░███▀▄██▀
▀██▄▀█▄▄▄██████▄██▀▄██▀
▀███▄▀▀███████▀▀▄███▀
▀████▄▄▄▄▄▄▄████▀
▀▀███████▀▀
OFFICIAL PARTNERSHIP
SOUTHAMPTON FC
FAZE CLAN
SSC NAPOLI
S4VV4S
Hero Member
*****
Offline Offline

Activity: 1582
Merit: 502


View Profile
June 29, 2015, 10:17:54 AM
 #14

Did they really have to put it in a pitta bread? I mean seriously? Regardless, I think there's going to be a real issue with using your bitcoins over public wifi. Even an entry level hacker can get into your computer very easily when you use public wifi.

I don't think they put it in a pitta bread.
They just said it fits in a pitta bread Wink
gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 4298
Merit: 8818



View Profile WWW
June 29, 2015, 11:12:45 AM
 #15

Bitcoin Core uses signing which is constant time, constant memory access, and hardened in several other ways against side-channel private key leaks-- and specifically designed to resist these attacks. Actually being leak free also depends on the hardware, but at least in Bitcoin Core the software side of it is much more robust than the kinds of systems they were attacking here.
Yeah?
Member
**
Offline Offline

Activity: 79
Merit: 10


View Profile
June 29, 2015, 11:44:06 AM
 #16

Seems like fud. No doubt we'll get a load of trolls panicking about this now.
Gervais
Sr. Member
****
Offline Offline

Activity: 366
Merit: 250



View Profile
June 29, 2015, 11:45:30 AM
 #17

Did they really have to put it in a pitta bread? I mean seriously? Regardless, I think there's going to be a real issue with using your bitcoins over public wifi. Even an entry level hacker can get into your computer very easily when you use public wifi.

I don't think they put it in a pitta bread.
They just said it fits in a pitta bread Wink



I think they could have used something better as an example or to compare it to. Nobody measures the sizes of things in pittas.
SebastianJu
Legendary
*
Offline Offline

Activity: 2674
Merit: 1083


Legendary Escrow Service - Tip Jar in Profile


View Profile WWW
June 29, 2015, 12:37:28 PM
 #18

Bitcoin Core uses signing which is constant time, constant memory access, and hardened in several other ways against side-channel private key leaks-- and specifically designed to resist these attacks. Actually being leak free also depends on the hardware, but at least in Bitcoin Core the software side of it is much more robust than the kinds of systems they were attacking here.

A core developer saying that should lay worries to rest. Though even though you say bitcoin is more secure against such potential attacks i wonder if one shouldnt be worried because they claim they perfected stealing pgp-keys. pgp should be really secure too, because of their use cases.

Ok, ill believe you on that anyway. Only wondering why PGP is vulnerable. Its a security software. And they sound pretty confident to being able hack private keys. Why would they when they dont see a chance or tested, before they release it to the press, that they work on it?

Maybe they mentioning bitcoin private keys is only a help for spreading the news.  Roll Eyes

Please ALWAYS contact me through bitcointalk pm before sending someone coins.
S4VV4S
Hero Member
*****
Offline Offline

Activity: 1582
Merit: 502


View Profile
June 29, 2015, 12:47:32 PM
 #19

Did they really have to put it in a pitta bread? I mean seriously? Regardless, I think there's going to be a real issue with using your bitcoins over public wifi. Even an entry level hacker can get into your computer very easily when you use public wifi.

I don't think they put it in a pitta bread.
They just said it fits in a pitta bread Wink



I think they could have used something better as an example or to compare it to. Nobody measures the sizes of things in pittas.

That's the machine?
It's still not IN the pitta though Tongue

Yeah, they could have used a better comparison. Smiley
gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 4298
Merit: 8818



View Profile WWW
June 29, 2015, 01:13:53 PM
 #20

A core developer saying that should lay worries to rest. Though even though you say bitcoin is more secure against such potential attacks i wonder if one shouldnt be worried because they claim they perfected stealing pgp-keys. pgp should be really secure too, because of their use cases.
Ok, ill believe you on that anyway. Only wondering why PGP is vulnerable. Its a security software. And they sound pretty confident to being able hack private keys. Why would they when they dont see a chance or tested, before they release it to the press, that they work on it?
Maybe they mentioning bitcoin private keys is only a help for spreading the news.  Roll Eyes
Read the actual report, in particular http://www.tau.ac.il/~tromer/radioexp/  Q11 and Q8.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!