Can blockchain steal our bitcoins?

[Curious8]

im going to read you comments now

[ranochigo]

Are you referring to blockchain.info?

If so, no, they can't.

They can easily feed you malicious javascript when you are logging in so your password goes to them instead of decrypting it in your browser.
So, yes, they could.

In that case, any wallet provider can do that, including Bitcoin Core.

Yes. HOWEVER, Blockchain.info is an online wallet. It downloads resources from a third party source. Unless you audit the code every single time you try to log in, there is no sure way. Bitcoin Core on the contrary, requires users to download the malicious code in order for them to steal the Bitcoins.

There is another possibility however. Unless you are using a strong password, they can easily bruteforce your wallet backup based on a dictionary wordlist. I'm not sure of the encryption used, that is a problem if its weak.

That being said, Blockchain.info being an online wallet can also:
Weaken the RNG such that private keys are predictable[1][2]

[1] https://blog.blockchain.com/2014/12/08/blockchain-info-security-disclosure/
[2] http://arstechnica.com/security/2015/05/crypto-flaws-in-blockchain-android-app-sent-bitcoins-to-the-wrong-address/

[HarryKPeters]

there were some holes in the past but many of them are fixed, now, what can really steal your coins is a infected computer, nothing else

so remember that when your coins has been stolen, it was 100% your fault if use a local wallet, and let's say 50/50 if you use a web wallet...

With those knowledge I can only advice to use your webwallet for small and fast transaction.
Your offline wallet should be used to store large amounts of bitcoin.
Remember to back it up every week or so.

[Patatas]

Yeah obviously man! Haven't you seen their stats page ? They have more than 10 btc transferred like every minute I guess.I have been using blockchain for about a while now and never had any issues with them except the technical issues they keep on having during their updates .

[bitcoinmar]

If you are using this all as correctly and controlling your Private keys then they cannot steal your bitcoins I am in this field for 3 years and I never have any issue like this so its very safe to work with them

[twister]

If you are using this all as correctly and controlling your Private keys then they cannot steal your bitcoins I am in this field for 3 years and I never have any issue like this so its very safe to work with them

I think they can if they wanted to, they do say that they don't know the keys and that they're generated completely on the user side but I don't believe that. And they did somethings wrong before which got them removed from the "Choose your Wallet" list, so that should be enough to make people understand to not use their wallet or if they must, just keep as minimal funds there as possible.

[Amadues]

Is Blockchain.info safe  ? for 15 BTC +  ?

Can you edit the subject because it's correct "Can blockchain.info steal our  bitcoins?"

By the way I think they don't have any earning from this.

[BTCBinary]

No they can't. Blockchain.info provides the customer an online wallet but the customer is always the one who as full control over the wallet and the only one with access to the secret key.

[DarkStar_]

No they can't. Blockchain.info provides the customer an online wallet but the customer is always the one who as full control over the wallet and the only one with access to the secret key.

Did you even read the previous posts?
Blockchain.info relies on javascript in your browser to decrypt your wallet.
Most users (probably 99.999%) don't check the javascript for blockchain everytime they log in.
And for the users that do it, they probably are so security conscious they wouldn't use an online wallet in the first place.
What you said is true though other than the No they can't.
Blockchain encrypts your keys so they can't read them, but they can easily change the javascript and send the password to their server. Then they can decrypt it there.

[BitMaxz]

No it will not steal your bitcoins even a decades but if your account password get by stealers or hacker
your account will be hack and your bitcoins will gone. So place your private key to your brain or some folder with lock
Your wallet will be secured..

[Outlander]

No it will not steal your bitcoins even a decades but if your account password get by stealers or hacker
your account will be hack and your bitcoins will gone. So place your private key to your brain or some folder with lock
Your wallet will be secured..

You are not reading the posts.

Did you even read the previous posts?
Blockchain.info relies on javascript in your browser to decrypt your wallet.
Most users (probably 99.999%) don't check the javascript for blockchain everytime they log in.
And for the users that do it, they probably are so security conscious they wouldn't use an online wallet in the first place.
What you said is true though other than the No they can't.
Blockchain encrypts your keys so they can't read them, but they can easily change the javascript and send the password to their server. Then they can decrypt it there.

Blockchain.info wouldn't do that otherwise their reputation will be ruined. No one will use their wallet. The previous flaws detected in blockchain.info was code bugs, which was explored by the hackers.