tobacco123
|
|
February 14, 2016, 12:16:40 PM |
|
If private key can be hacked, then that will be the end of bitcoin.
Come, hack this address : 1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF
|
|
|
|
lister storm
|
|
February 14, 2016, 12:16:50 PM |
|
it is impossible to hack a wallet with a good password, i dont think that they found out something new
|
|
|
|
Mickeyb
|
|
February 14, 2016, 12:22:46 PM |
|
it is impossible to hack a wallet with a good password, i dont think that they found out something new
This guy from yobit knows everything, and we were all thinking addresses are made with random private keys, nope we use "good passwords"
|
|
|
|
Anddos
|
|
February 14, 2016, 12:52:20 PM |
|
Such threads are pointless and only create panic and discomfort.
|
| █ █ █ █ █ █ █ █ █
| | █ █ █ █ █ █ █ █ █
| | █ █ █ █ █ █ █ █ █
| ☑
|
|
|
|
AliceWonderMiscreations
|
|
February 14, 2016, 12:57:07 PM |
|
Private keys can be hacked if you pRNG is flawed.
In fact I believed it happened with the Android bitcoin client where actual value was stolen as a result.
Flawed pRNG is analogous to a brain wallet but you are not likely to know your pRNG is flawed until it is disclosed by a security researcher.
|
I hereby reserve the right to sometimes be wrong
|
|
|
AliceWonderMiscreations
|
|
February 14, 2016, 12:58:34 PM |
|
Such threads are pointless and only create panic and discomfort.
The bliss of ignorance is much better.
|
I hereby reserve the right to sometimes be wrong
|
|
|
franky1
Legendary
Offline
Activity: 4410
Merit: 4769
|
|
February 14, 2016, 12:58:54 PM |
|
If private key can be hacked, then that will be the end of bitcoin.
Come, hack this address : 1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF
vanity addresses are easier to hack compared to totally random addresses.. imagine it. if it only took you half an hour for the owner to gen that address.. it wont take long for someone else to follow the same steps. some of the flaws of vanity address is that some coders base it from the same starting nonce(not random initially).. so others can follow the same steps. vanity addresses have more entropy than a brain wallet. but not as much as totally random
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
NorrisK
Legendary
Offline
Activity: 1946
Merit: 1007
|
|
February 14, 2016, 01:02:18 PM |
|
This type of news is just spreading fear to people who are not familiar with the technology. Although it may make them think twice about the type of seed they use (not made up yourself), it is still confusing for most.
It is an idditional reason I like the system of a trezor for instance. 20 random words you have no control over to pick and in addition you can add a password or as many passwords to it which act like a salt at the end of your seed for every private key derived from the seed. If you spread your coins around multiple added salts it is basically impossible to crack. (they'd have to guess the 20 words correctly and than a completely unrelated and random salt, good luck).
|
|
|
|
xqus
|
|
February 14, 2016, 01:07:47 PM |
|
If private key can be hacked, then that will be the end of bitcoin.
Come, hack this address : 1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF
vanity addresses are easier to hack compared to totally random addresses.. imagine it. if it only took you half an hour for the owner to gen that address.. it wont take long for someone else to follow the same steps. some of the flaws of vanity address is that some coders base it from the same starting nonce(not random initially).. so others can follow the same steps. vanity addresses have more entropy than a brain wallet. but not as much as totally random That is true, but not that easy. It's not like since it took half an hour to generate an address with for example the first 4 characters predefined, it will take a looooooooooot longer to generate they key for one specific address.
|
|
|
|
Pursuer
Legendary
Offline
Activity: 1638
Merit: 1163
Where is my ring of blades...
|
|
February 14, 2016, 01:13:14 PM |
|
for the love of god some mod change this topic's topic! OP is spreading FUD (with or without purpose) with only removing a simple word of "Brainwallet" from the news. there is a lot of new users that are going to panic by reading this stuff and the article on cryptocoinsnews itself does not help either, they don't care as long as they receive traffic to their news site.
|
Only Bitcoin
|
|
|
franky1
Legendary
Offline
Activity: 4410
Merit: 4769
|
|
February 14, 2016, 01:24:14 PM |
|
If private key can be hacked, then that will be the end of bitcoin.
Come, hack this address : 1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF
vanity addresses are easier to hack compared to totally random addresses.. imagine it. if it only took you half an hour for the owner to gen that address.. it wont take long for someone else to follow the same steps. some of the flaws of vanity address is that some coders base it from the same starting nonce(not random initially).. so others can follow the same steps. vanity addresses have more entropy than a brain wallet. but not as much as totally random That is true, but not that easy. It's not like since it took half an hour to generate an address with for example the first 4 characters predefined, it will take a looooooooooot longer to generate they key for one specific address. if the original owner of 1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF used a dodgy vanitygen that had a nonce that started at 0 then for someone else, they too can use that same program and generate it in the same time. however if the original owner of 1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF used a good vanitygen that had a nonce that started at RANDOM+X then for someone else, just to find 1Feex would give for examlple 1FeexGFqW9sb6uQMjJrcV6bAHb8ybZjCrH 1FeexqW9sb6uQMbZjCrHG6bAHbFjJrcV8y 1FeexQMbZjCqW6urH9sbAH8ybFjJrcVG6b over an hour and a half period. and it would take YEARS (even grand children would be pensioners) by the time they happen upon 1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF depending ofcourse on how much entropy RANDOM was
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
AliceWonderMiscreations
|
|
February 14, 2016, 01:57:07 PM |
|
When I generated vanity addresses, I just read from /dev/urandom until private key resulting from hashing the data gave me the address I wanted.
Actually what I did is put every address into a database and then looked through the database containing millions of addresses until I found ones that looked neat.
I doubt they can be cracked any easier than non vanity addresses. The 25 byte hex address has nothing about it that is vanity, and that's what has to be cracked. Well, the ripemd160 part of it.
|
I hereby reserve the right to sometimes be wrong
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
February 14, 2016, 03:41:51 PM |
|
Cracking brain wallets with weak pass phrases is same as cracking online accounts such as email/social-media/etc, which is why brain wallets are not recommended. Who ever tells you that bitcoin private keys can be cracked, tell them to go ahead and do it, instead of telling you.
actually its worse. With online accounts, you can slow down the number of attempts with captchas, IP blocking, etc. But with private keys, you are free to throw as much computing power at it as you want. That is one reason that extra care should be taken with Bitcoin.
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
February 14, 2016, 03:45:56 PM |
|
Private keys can be hacked if you pRNG is flawed.
In fact I believed it happened with the Android bitcoin client where actual value was stolen as a result.
Flawed pRNG is analogous to a brain wallet but you are not likely to know your pRNG is flawed until it is disclosed by a security researcher.
Thats why the ultimate form of cold storage involves generating physical entropy to eliminate this attack vector.
|
|
|
|
AliceWonderMiscreations
|
|
February 14, 2016, 04:08:35 PM |
|
Private keys can be hacked if you pRNG is flawed.
In fact I believed it happened with the Android bitcoin client where actual value was stolen as a result.
Flawed pRNG is analogous to a brain wallet but you are not likely to know your pRNG is flawed until it is disclosed by a security researcher.
Thats why the ultimate form of cold storage involves generating physical entropy to eliminate this attack vector. Physical entropy is also sometimes not very random. I have no clue about windows, but /dev/random on Linux is a blocking entropy pool and the problems in Linux usually come from /dev/urandom being used fresh after install without enough of a seed because the install is fresh. The distributions often use /dev/urandom because they don't want users to have to be forced to wait - waiting can be a problem for example when generating the ssh keys on first boot. /dev/urandom is probably good enough for short term one use keys but long term like ssh keys, TLS keys for x509 certs, and bitcoin private keys really should be using /dev/random even if it means the user has to wait because there's not enough entropy. Bigger problem on servers where there isn't keyboard / mouse / sound card.
|
I hereby reserve the right to sometimes be wrong
|
|
|
European Central Bank
Legendary
Offline
Activity: 1288
Merit: 1087
|
|
February 14, 2016, 04:11:13 PM |
|
They're hacking human dumbness. That's way more predictable and less secure than anything genuinely randomly generated.
|
|
|
|
AliceWonderMiscreations
|
|
February 14, 2016, 04:20:04 PM Last edit: February 14, 2016, 04:51:19 PM by AliceWonderMiscreations |
|
It wastes entropy but since I run haveged not really a problem - this is what I actually do when generating a private key outside my wallet def randomHexAlphabet(): a = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'] for i in range(0, random.randint(27,45)): random.shuffle(a) return a
def randomByte(): a = randomHexAlphabet() with open("/dev/random", 'rb') as f: m = hashlib.md5() data = f.read(32) m.update(data) rhash = m.hexdigest() rnum = int(rhash[16:-12], 16) rnom = rnum % 256 return a[rnom % 16] + a[rnom / 16]
I can generate any hex string a byte at a time and since there is activity between generation of each byte (the shuffling of the hex alphabet), the read from /dev/random is not sequential. EDIT The %256 isn't needed, it will always be the last byte of the two bytes read from the md5sum. Things you don't see until you read it outside of a text editor...
|
I hereby reserve the right to sometimes be wrong
|
|
|
Kakmakr
Legendary
Offline
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
|
|
February 15, 2016, 06:05:23 AM |
|
We all know this is BS, but the average Joe do not know this and we need to stop this kind of reporting. We should have a army of people spreading the truth about Bitcoin and creating articles to counter this FUD. We can complain in forums like this, but it will not reach the average Joe.
Our strategy should be to create more positive content than negative content to a ratio of 5 : 1
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
Amph
Legendary
Offline
Activity: 3248
Merit: 1070
|
|
February 15, 2016, 08:23:14 AM |
|
Private keys can be hacked if you pRNG is flawed.
In fact I believed it happened with the Android bitcoin client where actual value was stolen as a result.
Flawed pRNG is analogous to a brain wallet but you are not likely to know your pRNG is flawed until it is disclosed by a security researcher.
they should use a hardware random number generator instead, since it much more akin to a real casual generation than anything else
|
|
|
|
AliceWonderMiscreations
|
|
February 15, 2016, 08:41:40 PM |
|
Private keys can be hacked if you pRNG is flawed.
In fact I believed it happened with the Android bitcoin client where actual value was stolen as a result.
Flawed pRNG is analogous to a brain wallet but you are not likely to know your pRNG is flawed until it is disclosed by a security researcher.
they should use a hardware random number generator instead, since it much more akin to a real casual generation than anything else The android problem I believe was caused by using non blocking entropy source instead of blocking entropy source. Long term keys should always use /dev/random and /dev/urandom should be used for short term session keys. Android does some java wrapper to access the kernel entropy pool and if I remember it wasn't obvious how to make it use the blocking instead of non-blocking. With Linux anyway, you can have a hardware entropy source feed /dev/random so that's what programmers should read entropy from, it is up to the hardware admin whether or not an external entropy source helps to feed it. Smart phones obviously don't have that. PCs I believe there are some that use USB that easily connect but I've never used them. And with Linux it saves unused entropy as a seed so using /dev/urandom is usually safe if the system install is not fresh but I believe the java layer thing in Android did not do that. I don't do mobile apps but I believe what happened with Android is the java layer always uses /dev/urandom but Android doesn't save the seed from unused entropy so you had to specifically seed it before using it and the android bitcoin client (and browsers for tls connections) didn't.
|
I hereby reserve the right to sometimes be wrong
|
|
|
|