Bitcoin Forum
October 23, 2017, 02:01:05 PM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3]  All
  Print  
Author Topic: Warning about portable versions  (Read 99888 times)
DuddlyDoRight
Sr. Member
****
Offline Offline

Activity: 318



View Profile WWW
February 20, 2016, 10:05:40 PM
 #41

calculate the checksum of the electrum file, and put it in a text file next to it, and rename that file to something like blablabla.txt

that way every time you run it, you can check if it has been replaced with a malicious one or not. It works for me, so it should work for you.

And if you rename the file to a random stuff, then the virus wont know whats in the txt file.


Also rename the electrum executable too to something random.

Just put a MD5 or SHA3 hash in any file anywhere(neither have practical collisions).

Disc image patching isn't where I the attacker am going to attack. I'm going to inline patch UI callbacks post-execution by using debug APIs on Windows, Linux, and OSX. You can't do this on Android or IOS without paring internal "services" to allow trans-sandbox communication and even then you have to give the attacker memory through mailbox buffers..

Jails and memory corruption protection on Linux and OSX and a special user and owning folder and EFS and DEP for Windows 7/8/10. Along with that hash. It'd take a specialized rootkit to get past this which rootkit authors probably won't do unless it become a big trend.

Things will get better when AMD gets something like SkyLake's SGX. This is basically like Truszone in IOS and Anroid by ARM. You'll be able to isolate processes with hardware protection and not even rootkits can interact..

I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
1508767265
Hero Member
*
Offline Offline

Posts: 1508767265

View Profile Personal Message (Offline)

Ignore
1508767265
Reply with quote  #2

1508767265
Report to moderator
1508767265
Hero Member
*
Offline Offline

Posts: 1508767265

View Profile Personal Message (Offline)

Ignore
1508767265
Reply with quote  #2

1508767265
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
RealBitcoin
Hero Member
*****
Offline Offline

Activity: 854


JAYCE DESIGNS - http://bit.ly/1tmgIwK


View Profile
February 21, 2016, 08:14:46 AM
 #42



Just put a MD5 or SHA3 hash in any file anywhere(neither have practical collisions).

Disc image patching isn't where I the attacker am going to attack. I'm going to inline patch UI callbacks post-execution by using debug APIs on Windows, Linux, and OSX. You can't do this on Android or IOS without paring internal "services" to allow trans-sandbox communication and even then you have to give the attacker memory through mailbox buffers..

Jails and memory corruption protection on Linux and OSX and a special user and owning folder and EFS and DEP for Windows 7/8/10. Along with that hash. It'd take a specialized rootkit to get past this which rootkit authors probably won't do unless it become a big trend.

Things will get better when AMD gets something like SkyLake's SGX. This is basically like Truszone in IOS and Anroid by ARM. You'll be able to isolate processes with hardware protection and not even rootkits can interact..

Ok that sounds complicated and i dont really understand, but what i get is that you will attack post execution by corrupting my memory.

Ok but for that you still need some pre-installed malware on the PC, a trojan , that will allow you to do this and remote control my pc like this.

As with any virus, first you need to get your virus on the PC, and then attack like this.


Any electrum user with a quarter brain knows not to download shit or open random links if they have money on their PC.

So how would you get the virus on the PC?

DuddlyDoRight
Sr. Member
****
Offline Offline

Activity: 318



View Profile WWW
February 21, 2016, 08:08:23 PM
 #43



Just put a MD5 or SHA3 hash in any file anywhere(neither have practical collisions).

Disc image patching isn't where I the attacker am going to attack. I'm going to inline patch UI callbacks post-execution by using debug APIs on Windows, Linux, and OSX. You can't do this on Android or IOS without paring internal "services" to allow trans-sandbox communication and even then you have to give the attacker memory through mailbox buffers..

Jails and memory corruption protection on Linux and OSX and a special user and owning folder and EFS and DEP for Windows 7/8/10. Along with that hash. It'd take a specialized rootkit to get past this which rootkit authors probably won't do unless it become a big trend.

Things will get better when AMD gets something like SkyLake's SGX. This is basically like Truszone in IOS and Anroid by ARM. You'll be able to isolate processes with hardware protection and not even rootkits can interact..

Ok that sounds complicated and i dont really understand, but what i get is that you will attack post execution by corrupting my memory.

Ok but for that you still need some pre-installed malware on the PC, a trojan , that will allow you to do this and remote control my pc like this.

As with any virus, first you need to get your virus on the PC, and then attack like this.


Any electrum user with a quarter brain knows not to download shit or open random links if they have money on their PC.

So how would you get the virus on the PC?

"pre-installed" what? My process just has to run and intercept any time you put in the encryption data to unlock the wallet..

How do I get it on your box with the wallet software?
  • Ads and zero-day
  • zero-day or MITM via DNS hijack
  • zero-day or MITM via TOR entry or exit nodes
  • Header parsing zero-day in your POP3 or IMAP client
  • "spear-phishing"
  • infect something on a USB drive and wait for you to use it if you use an air-gap(works with crypto drives too)
  • MITM non-TLS non-signed executable over subnet box via AP or infected box
  • Brute-force RPC or try SMB zero-day on subnet or AP
A FUD packer or uncommon compiler or compiler-switches so your AV doesn't detect it before I detect and kill your AV or quit before HIPS detects it.

There are others too like Manufacturing backdoors and codec vulnerabilities.

I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
RealBitcoin
Hero Member
*****
Offline Offline

Activity: 854


JAYCE DESIGNS - http://bit.ly/1tmgIwK


View Profile
February 22, 2016, 08:50:04 AM
 #44


"pre-installed" what? My process just has to run and intercept any time you put in the encryption data to unlock the wallet..

How do I get it on your box with the wallet software?
  • Ads and zero-day
  • zero-day or MITM via DNS hijack
  • zero-day or MITM via TOR entry or exit nodes
  • Header parsing zero-day in your POP3 or IMAP client
  • "spear-phishing"
  • infect something on a USB drive and wait for you to use it if you use an air-gap(works with crypto drives too)
  • MITM non-TLS non-signed executable over subnet box via AP or infected box
  • Brute-force RPC or try SMB zero-day on subnet or AP
A FUD packer or uncommon compiler or compiler-switches so your AV doesn't detect it before I detect and kill your AV or quit before HIPS detects it.

There are others too like Manufacturing backdoors and codec vulnerabilities.

Pretty large threats exist there. Do you know any ways to defend against these attacks?

What if electrum needs some king of memory obfuscation system, to hide it's computations in the memory so that viruses can't detect it. And rename the process name of it to a random name as well.


DuddlyDoRight
Sr. Member
****
Offline Offline

Activity: 318



View Profile WWW
February 22, 2016, 08:54:16 PM
 #45


Pretty large threats exist there. Do you know any ways to defend against these attacks?

What if electrum needs some king of memory obfuscation system, to hide it's computations in the memory so that viruses can't detect it. And rename the process name of it to a random name as well.



Stop believing in "secure coding practices" and "secure design" and start believing in OSS hardware isolation with low-complexity.

TREZOR without the dishonest price-tag.. It's open source and the only way you can attack it is through memory corruption and a ARM payload that sends keys back over USB.

I don't have the funding else I could emulate their hardware with any cheap hardware. I've looked at the GIT changes for Electrum it's not hard to do. No way I'm paying $100 for a $10 piece of hardware though..

I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
RealBitcoin
Hero Member
*****
Offline Offline

Activity: 854


JAYCE DESIGNS - http://bit.ly/1tmgIwK


View Profile
February 22, 2016, 10:12:31 PM
 #46


Pretty large threats exist there. Do you know any ways to defend against these attacks?

What if electrum needs some king of memory obfuscation system, to hide it's computations in the memory so that viruses can't detect it. And rename the process name of it to a random name as well.



Stop believing in "secure coding practices" and "secure design" and start believing in OSS hardware isolation with low-complexity.

TREZOR without the dishonest price-tag.. It's open source and the only way you can attack it is through memory corruption and a ARM payload that sends keys back over USB.

I don't have the funding else I could emulate their hardware with any cheap hardware. I've looked at the GIT changes for Electrum it's not hard to do. No way I'm paying $100 for a $10 piece of hardware though..

To my understanding Trezor is not that secure because it updates it's firmware from the internet, thats a major attack vector.

Social engineering or the company goes rogue and the signign keys can be compromized, so the entire hardware is worth trash afterthat. That is a major design flaw if you let your "secure" hardware keep contact with the internet.

Best method to store btc is to put it in a cold storage and use QR code to sign the transactions in the offline space. Buy a 2$ cheap webcam, that should do the trick.


Ok but I`m still concerned about online vulnerabilities, if what you say is true, then every online account can be theoretically hacked.

DuddlyDoRight
Sr. Member
****
Offline Offline

Activity: 318



View Profile WWW
February 23, 2016, 02:18:52 AM
 #47


Pretty large threats exist there. Do you know any ways to defend against these attacks?

What if electrum needs some king of memory obfuscation system, to hide it's computations in the memory so that viruses can't detect it. And rename the process name of it to a random name as well.



Stop believing in "secure coding practices" and "secure design" and start believing in OSS hardware isolation with low-complexity.

TREZOR without the dishonest price-tag.. It's open source and the only way you can attack it is through memory corruption and a ARM payload that sends keys back over USB.

I don't have the funding else I could emulate their hardware with any cheap hardware. I've looked at the GIT changes for Electrum it's not hard to do. No way I'm paying $100 for a $10 piece of hardware though..

To my understanding Trezor is not that secure because it updates it's firmware from the internet, thats a major attack vector.

Social engineering or the company goes rogue and the signign keys can be compromized, so the entire hardware is worth trash afterthat. That is a major design flaw if you let your "secure" hardware keep contact with the internet.

Best method to store btc is to put it in a cold storage and use QR code to sign the transactions in the offline space. Buy a 2$ cheap webcam, that should do the trick.


Ok but I`m still concerned about online vulnerabilities, if what you say is true, then every online account can be theoretically hacked.

That's only insecure if they don't internally do a signature check on the image. You have to update firmware from a network.

The only way it can still be vulnerable with an internal signature check is if the transfer or signature code has memory corruption. This code can be done very primitive though where you can give strong attention to crypto implementation and memory handling.

Hardware isolation remedies everything if properly implemented. It's such a small set of function it's not that hard to secure. Even targeted attacks become impossible at some point, because there is only this little query interface to give input to.

I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
DuddlyDoRight
Sr. Member
****
Offline Offline

Activity: 318



View Profile WWW
February 23, 2016, 08:44:56 PM
 #48


That's only insecure if they don't internally do a signature check on the image. You have to update firmware from a network.

The only way it can still be vulnerable with an internal signature check is if the transfer or signature code has memory corruption. This code can be done very primitive though where you can give strong attention to crypto implementation and memory handling.

Hardware isolation remedies everything if properly implemented. It's such a small set of function it's not that hard to secure. Even targeted attacks become impossible at some point, because there is only this little query interface to give input to.

Thats the soft problem. It has a small risk of the signature getting corrupted itself.

What is more likely that the company goes rogue, or gets coerced by the government to hand over the keys and update the device with backdoored updates.

My demands are: complete isolation or junk , there is no other option if you hold millions of $ of bitcoin.

That's a problem with the CPU you're using too. They can get microcode updates with backdoors, and no security product will be able to detect it. Security products also don't check BIOS ROMs. A small isolated device in that environment with crypto is secure though. The NSA would have to find a vulnerability in that small exchange interface or modify the image between repo and signing with a stable backdoor.

I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
Darra
Newbie
*
Offline Offline

Activity: 2


View Profile
November 06, 2016, 09:43:41 PM
 #49

Hello.
No matter which version of the portable electrum for Windows I run, I keep on getting:

Microsoft Visual C++ Runtime Library

Runtime Error!
Program A:\electrum-2.7.11-portable.exe

R6034
An application has made an attempt to load the C runtime library incorrectly.
Please contact the application's support team for more information.



but after clicking ok, the application seems to run normally..
I am using Windows 10 64-bit..
The installation setup runs fine, but due to privacy (and SAFETY!) reasons, I prefer to use the portable one on a crypted drive..
Any idea why do I keep on getting that runtime error message? (i even tried it on a normal,non-crypted drive.. the same happens..)
Do I need to install something on my win 10,or copy some more files to the portable electrum directory?
Thanks for help, in advance.

edit:
I found the answer myself..
The portable version is built without a manifest...
You need to have "electrum.exe.manifest" from the installer version to be included in the same directory with the portable
version, renamed the same as the portable version.. (eg. electrum-2.6.4-portable.exe.manifest )

(see: https://msdn.microsoft.com/en-us/library/ms235560(v=vs.90).aspx     )

bitcoin-shark
Hero Member
*****
Offline Offline

Activity: 504



View Profile WWW
July 28, 2017, 07:52:02 AM
 #50

just download stand alone version and it s fine for me...

██
█║█
║║║
║║║
█║█
██
'BTC MULTI-WALLET SOON'
▬▬▬▬ Download WHITEPAPER ▬▬▬▬

                    ▄██▄
                  ▄██████▄
                ▄██████████
              ▄██████████▀   ▄▄
            ▄██████████▀   ▄████▄
          ▄██████████▀    ████████▄
         ██████████▀      ▀████████
         ▀███████▀   ▄███▄  ▀████▀   ▄█▄
    ▄███▄  ▀███▀   ▄███████▄  ▀▀   ▄█████▄
  ▄███████▄      ▄██████████     ▄█████████
  █████████    ▄██████████▀    ▄██████████▀
   ▀█████▀   ▄██████████▀    ▄██████████▀
     ▀▀▀   ▄██████████▀    ▄██████████▀
          ██████████▀    ▄██████████▀
          ▀███████▀      █████████▀
            ▀███▀   ▄██▄  ▀█████▀
                  ▄██████▄  ▀▀▀
                  █████████
                   ▀█████▀
                     ▀▀▀
e i d o o
██

███▀▀
▐▐▌
▐▌
▐▌
▐▐▌
███▄▄
▀▀███
▐▌▌
▐▌
▐▌
▐▌▌
▄▄███
Thirdspace
Sr. Member
****
Online Online

Activity: 340


The Future of Stock Trading on The Blockchain


View Profile
August 05, 2017, 12:22:09 PM
 #51

I downloaded electrum portable version 2.9.2
when I tried to run it, I'm getting "Error loading Pyton DLL: C:\DOCUME...  \python27.dll (error code 14001)"
what does it mean? how to solve this problem
If I download the Windows Installer version will I be getting the same problem?
also there's a signature file... how do I use this to verify


         ▄▄███▄▄
     ▄▄███████████▄▄
 ▄▄███████████████████▄▄
██████████████████████████
  ▀▀██████████████████▀▀ ▄▄
      ▀▀██████████▀▀ ▄▄████
          ▀▀█▀▀ ▄▄█████████
             ▄█████████████
             ██████████████
             ██████████████
             ██████████████
             ██████████████
             █████████████▀
             █████████▀▀
             █████▀▀
             ▀▀▀
.
Brickblock.io
║║
║║
║║
║║
║║
.
║║
║║
║║
║║
║║





                  ▄▄██▄
              ▄▄█▀▀  ██
          ▄▄█▀▀      █▌
      ▄▄█▀▀   ▄▀    ██
 ▄▄▄█▀▀    ▄█▀     ▐█
██      ▄██▀       █▌
 ▀▀██▄███▀        ██
     ██▀▀█▄▄▄     █▌
      █▄  ██▀▀▀█▄██
       █▄█▀




       ▄▄▄▄▄▄
    ▄████████
    █████▀▀▀▀
   ▐████
   ▐████
████████████
████████████
   ▐████
   ▐████
   ▐████
   ▐████




                 ▄████▄▄    ▄
██             ████████████▀
████▄         █████████████▀
▀████████▄▄   █████████████
▄▄█████████████████████████
██████████████████████████
  ▀██████████████████████
   █████████████████████
    ▀█████████████████▀
      ▄█████████████▀
▄▄███████████████▀
   ▀▀▀▀▀▀▀▀▀▀▀



▄▄▄                  ▄▄▄
█████▄             ▄██████▄
█████████▄        ████████████▄
██████████▌▄     ██████████████
██████████▌▐█  ▄█████████████▀▄█
██████████▌▐██▄▀████████████ ███
██████████▌▐████▀██████████ ████
██████████▌▐█████ ███████▀▄█████
██████████▌ ▀█████▄▀████ ███████
██████████▌   ▀▀████ ██▄████████
▀█████████▌      ▀▀▀▀ ▄█████████
   ▀▀█████▌             ▀▀██████
        ▀█▌                  ▀▀█
║║
║║
║║
║║
║║
.
Jiddu
Sr. Member
****
Offline Offline

Activity: 266


into the clusterfuck


View Profile
August 23, 2017, 01:59:45 PM
 #52

I downloaded electrum portable version 2.9.2
when I tried to run it, I'm getting "Error loading Pyton DLL: C:\DOCUME...  \python27.dll (error code 14001)"
what does it mean? how to solve this problem
If I download the Windows Installer version will I be getting the same problem?
also there's a signature file... how do I use this to verify

This should help: https://www.reddit.com/r/Bitcoin/comments/1t70ud/electrum_fatal_error_fix_re_python27dll/
(run as admin)

To verify the file, you need GPG. Using a search engine, you should find many tutorials about that.
kelstasy
Full Member
***
Offline Offline

Activity: 140

Blocklancer - Freelance on the Blockchain Close


View Profile
August 24, 2017, 10:57:04 AM
 #53

Thanks for the heads up! Don't mind using the portable version because I'll use it on my personal desktop.

★★★★★★★ BLOCKLANCER ★★★★★★★
★ Freelance on the BlockchainVISIT US! JOIN BOUNTY
The first Decentralized Autonomous Job market (DAJ)
Silviulung
Newbie
*
Offline Offline

Activity: 11


View Profile
September 01, 2017, 05:06:22 AM
 #54

could we use electrum and electron cash on the same laptop?
cause before 1 august, alot of rumor about don't use both at the same laptop for claiming BCC...
thanks
zurylostboys
Member
**
Offline Offline

Activity: 69

Earn Need Patient's


View Profile WWW
September 01, 2017, 05:45:12 AM
 #55

so far with me nothing happend .. maybe i use diffrent location not the same data cash and btc ...

Legal & Sustainable faucet Rewards Pool..Bitrated user: zurylostboys.
Sauaba
Newbie
*
Offline Offline

Activity: 2


View Profile
October 10, 2017, 12:50:33 PM
 #56

Using both. Standalone and Portable. But I have a question. Is there a way to visualize not just the coins I have but also their value in $?
HCP
Sr. Member
****
Offline Offline

Activity: 392

<insert witty quote here>


View Profile
October 12, 2017, 10:36:15 AM
 #57

"Tools -> Preferences -> Fiat"

Set the value and server as you wish. Note that this will only give you a fiat value for your total balance (it doesn't show fiat values in the transaction history or transaction details)... and when you try to create a send it will show a "fiat value" text entry box next to the "btc value" text entry box.

Sauaba
Newbie
*
Offline Offline

Activity: 2


View Profile
October 17, 2017, 02:00:11 PM
 #58

Thanks HCP,

Worked fine here.
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!