Bitcoin Forum
March 29, 2024, 09:35:06 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: How to counter Ram Scapers?  (Read 1122 times)
mczarnek (OP)
Hero Member
*****
Offline Offline

Activity: 527
Merit: 500


View Profile
December 24, 2015, 05:38:23 PM
 #1

You can store the wallet.dat as encrypted as you want on the harddrive, but if you want to use it, you eventually have to decrypt it and store the private key in RAM. How can this be prevented? Is it possible to prevent other programs from spying on your RAM?

BitSend ◢◤Clients | Source
www.bitsend.info
█▄
█████▄
████████▄
███████████▄
██████████████
███████████▀
████████▀
█████▀
█▀












Segwit | Core 0.14 | Masternodes
XEVAN | DK3 | Electrum soon
Bitcore - BTX/BTC -Project












BSD -USDT | Bittrex | C.Gather | S.Exchange
Cryptopia | NovaExchange | Livecoin
Litebit.eu | Faucet | Bitsend Airdrop













████
 ████
  ████
   ████
    ████
     ████
      ████
       ████
        ████
       ████
      ████
     ████
    ████
   ████
  ████
 ████
████

████
 ████
  ████
   ████
    ████
     ████
      ████
       ████
        ████
       ████
      ████
     ████
    ████
   ████
  ████
 ████
████
Make sure you back up your wallet regularly! Unlike a bank account, nobody can help you if you lose access to your BTC.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
achow101
Moderator
Legendary
*
expert
Offline Offline

Activity: 3346
Merit: 6473


Just writing some code


View Profile WWW
December 24, 2015, 05:54:50 PM
 #2

Bitcoin core only briefly stores the data in RAM. It decrypts it for a short time, long enough to use the data, but then the data is removed after a little bit so it reduces the effectiveness of RAM spying programs.

Also, aren't programs only able to access RAM allocated to it unless it somehow has special permissions?

DannyHamilton
Legendary
*
Offline Offline

Activity: 3346
Merit: 4505



View Profile
December 24, 2015, 06:14:32 PM
 #3

Just use an offline wallet such as Armory Offline or Electrum Offline.

Then if the computer is infected with a RAM scraper, it won't be able to communicate anything it scrapes with any attacker.
mczarnek (OP)
Hero Member
*****
Offline Offline

Activity: 527
Merit: 500


View Profile
December 24, 2015, 07:39:53 PM
 #4

Bitcoin core only briefly stores the data in RAM. It decrypts it for a short time, long enough to use the data, but then the data is removed after a little bit so it reduces the effectiveness of RAM spying programs.

Also, aren't programs only able to access RAM allocated to it unless it somehow has special permissions?

You may be right, and it would make sense, was just poking around reading about Ram Scrapers effect on Point of Sale systems  and wondering how big of a deal they are. Only needs to be briefly stored for it to be an issue for RAM scrapers. Might not be possible though. Seems most modern OSs have some form of memory protection to prevent this.

Yes, offline could do it but that's quite a hassle for consumers.

BitSend ◢◤Clients | Source
www.bitsend.info
█▄
█████▄
████████▄
███████████▄
██████████████
███████████▀
████████▀
█████▀
█▀












Segwit | Core 0.14 | Masternodes
XEVAN | DK3 | Electrum soon
Bitcore - BTX/BTC -Project












BSD -USDT | Bittrex | C.Gather | S.Exchange
Cryptopia | NovaExchange | Livecoin
Litebit.eu | Faucet | Bitsend Airdrop













████
 ████
  ████
   ████
    ████
     ████
      ████
       ████
        ████
       ████
      ████
     ████
    ████
   ████
  ████
 ████
████

████
 ████
  ████
   ████
    ████
     ████
      ████
       ████
        ████
       ████
      ████
     ████
    ████
   ████
  ████
 ████
████
DannyHamilton
Legendary
*
Offline Offline

Activity: 3346
Merit: 4505



View Profile
December 24, 2015, 09:50:34 PM
 #5

You may be right, and it would make sense, was just poking around reading about Ram Scrapers effect on Point of Sale systems 

A Ram Scraper wouldn't be a problem for a bitcoin based Point Of Sale (POS) system, since the POS system shouldn't have any of the private keys. It would be a problem for an individual consumer if they had a Ram Scraper running on whatever equipment they were using to send the bitcoins, but that wouldn't effect the rest of the consumers that were paying at that same POS system.  It would be up to the consumer to protect their own funds (through muti-sig, or offline transactions, or by simply managing risk by avoiding storing large amounts of bitcoin on vulnerable systems).

POS systems are a target for credit card numbers because the POS system gets to access the number of every card that is used to pay at that system.  With a large scale merchant, that means that an attacker can gain thousands or even millions of credit card numbers by targeting a single POS system.

The threat model doesn't work as well for bitcoin transactions, since the attacker would need to target the specific wallet (or wallets) that they want access to.
samson
Legendary
*
Offline Offline

Activity: 2097
Merit: 1068


View Profile
December 28, 2015, 09:19:15 PM
 #6

Three words : Hardware Security Modules

The keys are stored on an external device and never leave this device.

Every time the private key is needed to sign something like a transaction for example the transaction is sent to the HSM and the signed transaction comes back.

I suspect this kind of thing will become more popular in Bitcoin.

HSM's can generally also be used to encrypt and sign other messages like emails, etc.

They're not in mainstream use right now. Not yet anyway. This is going to change in 2016.

The point is the key is never disclosed to the computer so it never enters the systems RAM, ever.

There's a little linux USB computer named the 'USB Armory' which could be used to create something like this.
tl121
Sr. Member
****
Offline Offline

Activity: 278
Merit: 251


View Profile
January 01, 2016, 09:06:28 PM
 #7

Three words : Hardware Security Modules

The keys are stored on an external device and never leave this device.

Every time the private key is needed to sign something like a transaction for example the transaction is sent to the HSM and the signed transaction comes back.

I suspect this kind of thing will become more popular in Bitcoin.

HSM's can generally also be used to encrypt and sign other messages like emails, etc.

They're not in mainstream use right now. Not yet anyway. This is going to change in 2016.

The point is the key is never disclosed to the computer so it never enters the systems RAM, ever.

There's a little linux USB computer named the 'USB Armory' which could be used to create something like this.

Two words:  hardware wallet.
One word:  Trezor
samson
Legendary
*
Offline Offline

Activity: 2097
Merit: 1068


View Profile
January 01, 2016, 09:11:07 PM
 #8

Three words : Hardware Security Modules

The keys are stored on an external device and never leave this device.

Every time the private key is needed to sign something like a transaction for example the transaction is sent to the HSM and the signed transaction comes back.

I suspect this kind of thing will become more popular in Bitcoin.

HSM's can generally also be used to encrypt and sign other messages like emails, etc.

They're not in mainstream use right now. Not yet anyway. This is going to change in 2016.

The point is the key is never disclosed to the computer so it never enters the systems RAM, ever.

There's a little linux USB computer named the 'USB Armory' which could be used to create something like this.

Two words:  hardware wallet.
One word:  Trezor

Yeah, these always sounded cool but something that can be programmed to what you want sounds a lot more useful.

I got one of the USB Armory devices late last year and it's pretty good.

Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!