Bitcoin Forum
December 13, 2024, 08:11:25 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Security Test Fail?  (Read 794 times)
And1 (OP)
Member
**
Offline Offline

Activity: 62
Merit: 10



View Profile
March 15, 2013, 08:33:16 PM
 #1

On Windows XP i've set up Bitcoin-QT 0.8, synched with network, encrypted the wallet.dat file.
I have status stating that the wallet is encrypted.
Now decided to make security test.
I copied the wallet.dat to pendrive while Bitcoin was run - and here first bad surprise. Why isn't it really locked???
Than i installed Bitcoin-QT 0.8 on another computer with Windows 7. Only instead of creating wallet i copied one from pendrive.
And another bad surprise. The wallet was opened without asking about passphrase and i has all access to my copied wallet!!!

So to me any child can write a virus that will copy and send to himself wallet.dat because the lock doesn't work AND/OR wallet is not really ciphered, than transfer all my bitcoins to himself.

I feel like i discovered America. WTF? Is there ANY security in Bitcoin, or i miss some point?
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1079


Gerald Davis


View Profile
March 15, 2013, 08:47:58 PM
 #2

You are only prompted to enter passphrase when trying to do something considered sensitive like send coins or sign a message.

The wallet file contains a public portion (addresses & prior tx history) and a private portion of the wallet file contains the private keys and it is encrypted using AES with a 256 bit key created by hashing the passphrase roughly 10,000 or more times using SHA-256.
And1 (OP)
Member
**
Offline Offline

Activity: 62
Merit: 10



View Profile
March 15, 2013, 08:56:29 PM
 #3

Aaaa, so it decyphers only in RAM when im doing transaction? It is kept cyphered on the disk all the time, so the lock is unneeded?
MysteryMiner
Legendary
*
Offline Offline

Activity: 1526
Merit: 1049


Death to enemies!


View Profile
March 15, 2013, 09:03:57 PM
 #4

Aaaa, so it decyphers only in RAM when im doing transaction? It is kept cyphered on the disk all the time, so the lock is unneeded?
Only the private keys of wallet are encrypted. All other sensitive information like receiving addresses and public keys are unencrypted.

The greatest threat are trojan horses and keyloggers. They both make wallet encryption useless. With secure enough computer the encryption is unnecessary, but this kind of setup is out of reach for beginners and ordinary users.

bc1q59y5jp2rrwgxuekc8kjk6s8k2es73uawprre4j
And1 (OP)
Member
**
Offline Offline

Activity: 62
Merit: 10



View Profile
March 15, 2013, 09:23:23 PM
 #5

If wallet deciphers only to RAM for transaction and than is immediately wiped out i guess not much people can make trojan able to catch unciphered part of private wallet.

Does bitcoin work so?

Is there many trojans able to breach in?
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1010


View Profile
March 15, 2013, 09:25:27 PM
 #6

Aaaa, so it decyphers only in RAM when im doing transaction? It is kept cyphered on the disk all the time, so the lock is unneeded?

You only need to enter the passphrase when generating a new address or when spending.

Because it can be discovered which Bitcoin addresses are yours from seeing the wallet.dat, some people use an encrypted filesystem for the Bitcoin directory (or at least for where the wallet.dat is stored).

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


And1 (OP)
Member
**
Offline Offline

Activity: 62
Merit: 10



View Profile
March 15, 2013, 09:37:33 PM
 #7

Because it can be discovered which Bitcoin addresses are yours from seeing the wallet.dat, some people use an encrypted filesystem for the Bitcoin directory (or at least for where the wallet.dat is stored).
But if file is unlocked while unciphered, i don't see the point in crypting it.
MysteryMiner
Legendary
*
Offline Offline

Activity: 1526
Merit: 1049


Death to enemies!


View Profile
March 15, 2013, 10:08:51 PM
 #8

If wallet deciphers only to RAM for transaction and than is immediately wiped out i guess not much people can make trojan able to catch unciphered part of private wallet.

The encrypted wallet is downloaded to hackers computer together with text file containing all keypresses on your computer. It includes the wallet password. Your coins are my coins.

Encryption is only good if the computer is not compromised in any way.

bc1q59y5jp2rrwgxuekc8kjk6s8k2es73uawprre4j
And1 (OP)
Member
**
Offline Offline

Activity: 62
Merit: 10



View Profile
March 16, 2013, 09:11:18 AM
 #9

Does QFX KeyScrambler help against keyloggers?
And1 (OP)
Member
**
Offline Offline

Activity: 62
Merit: 10



View Profile
March 16, 2013, 09:50:25 AM
 #10

Does QFX KeyScrambler help against keyloggers?
I found my answer - no and there isn't any keyscrambler for Bitcoin.
DannyHamilton
Legendary
*
Offline Offline

Activity: 3514
Merit: 4894



View Profile
March 16, 2013, 04:01:15 PM
 #11

If you are concerned about maintaining such a high level of security, you should only create transactions on a computer that is never connected to the network.  Take a look at the Armory client, I think it will provide you with the level of security you are interested in.
kadoban
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile WWW
March 16, 2013, 07:49:55 PM
 #12

Be sure to check the wiki for information about keeping a secure wallet: https://en.bitcoin.it/wiki/Securing_your_wallet
Gabi
Legendary
*
Offline Offline

Activity: 1148
Merit: 1008


If you want to walk on water, get out of the boat


View Profile
March 16, 2013, 08:16:03 PM
 #13

Let's make clear this: if your computer is infected then everything you do on that computer is not safe, no matter what.

Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1010


View Profile
March 17, 2013, 07:05:54 AM
 #14

But if file is unlocked while unciphered, i don't see the point in crypting it.

The granularity of Bitcoin's passphrase encryption isn't at the file level, it instead is at the Bitcoin Address record level.  There is one field in the Bitcoin Address record in the wallet.dat and that is what needs to be decrypted.

So after being decrypted, in memory is only the decrypted private key for Bitcoin addresses(es) being used for a transaction.  But in memory at some point as well is the Bitcoin passphrase that you just entered which is then used for decryption.  So like the other posts mention, the Bitcoin client still requires a secure computing environment to protect from keyloggers and other malware.

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!