Bitcoin Forum
November 05, 2024, 03:56:24 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 4 »  All
  Print  
Author Topic: Is bitcoin System Vulnerable ?  (Read 2370 times)
Roboabhishek (OP)
Hero Member
*****
Offline Offline

Activity: 882
Merit: 528


View Profile
October 13, 2016, 11:54:08 AM
 #21

You didn't got me did you ?
I meant if someone gets the database by brute force like " http://directory.io "

Then he can Search the database like he's searching Note pad and can easily find a particular Private key of an address.

For Example a website is giving facility to find your address on " http://directory.io " With your Private key.

It's " https://bitcoin-checker.appspot.com/ "

What will happen if Instead of Private key it search the website ( http://directory.io ) with Bitcoin Address and trace Private key ?
RkVza
Newbie
*
Offline Offline

Activity: 56
Merit: 0


View Profile
October 13, 2016, 11:59:46 AM
 #22

Its vulnerable if it hits by trojan or keylogger
Coding Enthusiast
Legendary
*
Offline Offline

Activity: 1042
Merit: 2799


Bitcoin and C♯ Enthusiast


View Profile WWW
October 13, 2016, 12:11:26 PM
Last edit: October 13, 2016, 12:28:14 PM by Coding Enthusiast
 #23

You didn't got me did you ?
I meant if someone gets the database by brute force like " ♯♯♯ "
Then he can Search the database like he's searching Note pad and can easily find a particular Private key of an address.

What will happen if Instead of Private key it search the website ( ♯♯♯ ) with Bitcoin Address and trace Private key ?

Your problem is that you think directory[dot]io is a database. well it is not a database.

It is a very simple code that generates private keys on the go. Which means when you click on a page it generates private keys based on the number of the page you are in.

And also it is because you are seeing the private keys in WIF format (https://en.bitcoin.it/wiki/Wallet_import_format) which makes you confused. In fact the first page of directory[dot]io looks like this:
0000000000000000000000000000000000000000000000000000000000000001 : 5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAnchuDf  
0000000000000000000000000000000000000000000000000000000000000002 : 5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAvUcVfH  
and so on. It starts from value 1 and goes up from there.

You can easily make a code yourself and start creating private keys based on 1 to 1,000,000,...........

Quote
For Example a website is giving facility to find your address on " ♯♯♯ " With your Private key.
It's " ♯♯bitcoin-checker♯♯appspot♯♯♯com♯♯ "

This site will steal your private keys. It does not search
You would be a fool to go here an insert your private keys to check. Because sites like this don't search with bitcoin address (pubkey) but with private key instead in other words you enter your private key and they empty it for you Cheesy

Projects List+Suggestion box
Donate: 1Q9s or bc1q
|
|
|
FinderOuter(0.19.1)Ann-git
Denovo(0.7.0)Ann-git
Bitcoin.Net(0.26.0)Ann-git
|
|
|
BitcoinTransactionTool(0.11.0)Ann-git
WatchOnlyBitcoinWallet(3.2.1)Ann-git
SharpPusher(0.12.0)Ann-git
Roboabhishek (OP)
Hero Member
*****
Offline Offline

Activity: 882
Merit: 528


View Profile
October 13, 2016, 12:16:48 PM
 #24

You didn't got me did you ?
I meant if someone gets the database by brute force like " ♯♯♯ "
Then he can Search the database like he's searching Note pad and can easily find a particular Private key of an address.

What will happen if Instead of Private key it search the website ( ♯♯♯ ) with Bitcoin Address and trace Private key ?

your problem is that you think directory[dot]io is a database. well it is not.

it is a very simple code that generates private keys on the go. which means when you click on a page it generates private keys based on the number of the page you are in.

and also it is because you are seeing the private keys in WIF format which makes you confused. in fact the first page of directory[dot]io looks like this:
private key for value 1 : 5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAnchuDf 
private key for value 2 : 5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAvUcVfH 
and so on.

you can easily make a code yourself and start creating private keys based on 1 to 1,000,000,...........

Quote
For Example a website is giving facility to find your address on " ♯♯♯ " With your Private key.
It's " ♯♯bitcoin-checker♯♯appspot♯♯♯com♯♯ "

you would be a fool to go here an insert your private keys to check. because sites like this don't search with bitcoin address (pubkey) but with private key instead in other words you enter your private key and they empty it for you Cheesy

Take a look at the bot of the page you will find " It took a lot of computing power to generate this database. "
Think again dude.
franky1
Legendary
*
Offline Offline

Activity: 4396
Merit: 4755



View Profile
October 13, 2016, 12:19:13 PM
 #25

Take a look at the bot of the page you will find " It took a lot of computing power to generate this database. "
Think again dude.

its not a database. the webmaster put that there as a scare tactic/prank to make people things its a searchable database.
its not.

but anyway. feel free to spend the rest of your life, your great great great great great great great great great great great grand childrens lives
trying to search it.

I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
Coding Enthusiast
Legendary
*
Offline Offline

Activity: 1042
Merit: 2799


Bitcoin and C♯ Enthusiast


View Profile WWW
October 13, 2016, 12:24:08 PM
 #26

♯♯
Take a look at the bot of the page you will find " It took a lot of computing power to generate this database. "
Think again dude.

I tried to explain it the best I can so if you want to ignore facts and believe it is a "database" when it clearly IS NOT that would be your choice.

Projects List+Suggestion box
Donate: 1Q9s or bc1q
|
|
|
FinderOuter(0.19.1)Ann-git
Denovo(0.7.0)Ann-git
Bitcoin.Net(0.26.0)Ann-git
|
|
|
BitcoinTransactionTool(0.11.0)Ann-git
WatchOnlyBitcoinWallet(3.2.1)Ann-git
SharpPusher(0.12.0)Ann-git
jacktheking
Legendary
*
Offline Offline

Activity: 1484
Merit: 1001


Personal Text Space Not For Sale


View Profile
October 13, 2016, 12:30:42 PM
 #27

I may like technology but I am not as tech-savvy as those guys (and girls) who develop Bitcoin. However, if there is really a vulnerability in the Bitcoin system, I do not think these tech-savvy people will still continue to develop Bitcoin.

So sad! This profile does not appear as the #1 result (on anonymous) Google searches anymore.

Time to be active on the crypto forums again? Proud to be one of the few Legendary members of the Sparkie Red Dot!

Gonna put this on my resume if I ever join a cryptocurrency/blockchain industry!
Noctis Connor
Hero Member
*****
Offline Offline

Activity: 1008
Merit: 540


View Profile
October 13, 2016, 12:33:10 PM
 #28

This question is arising in my mind after i did some research.
What will happen if someone brute Force Private keys in Base58 Format ?

And he succeeds then I think he will get admin access to all the wallets and can ruin the Bitcoin.
I know it's very hard to go through the database but It's not impossible either.

Tell me what you guys think about this.
i think no bitcoin is like money right its money from the internet that we are using too but if we are going to convert it into fiat then it more be realistic because of some activities that we are going to do and i think in this bitcoin wallet are vulnerable into ddos attack and thats all.
franky1
Legendary
*
Offline Offline

Activity: 4396
Merit: 4755



View Profile
October 13, 2016, 12:35:43 PM
 #29


that website is a scam.
it asks for people to put their private keys in.. (literally stealing any funds stored as soon as you hit submit)
it does not check any database (because there is no database)

it does not even ask for a public key.
it is just a private key funds stealer.. dont try it.

note
it has now become obvious why the OP started this topic. he wanted to play dumb thinking noobs will then be scared enough to reveal their private keys by typing them into his "checker".(stealer)

bait. directory.io.... switch privkey stealer..
nice try but epic fail


never hand a private key over to anyone.

I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
talkbitcoin
Legendary
*
Offline Offline

Activity: 1372
Merit: 1032


All I know is that I know nothing.


View Profile
October 13, 2016, 12:38:26 PM
 #30

directory.io is like a bad joke from at least 4-5 years ago and every couple of months i see a new user around here saying the same thing (this time it is Full Member).

* if you have some small amount of bitcoin knowledge you can see how wrong you are

* if you don't have that, but if you are not too lazy to search you can find out how wrong your are again (this question has been asked a thousand times and explained 10 thousand times)

* if you don't want to use any of the above, then if you have a brain do some calculations: this site was created a long time ago, if it really contained all the private keys don't you think people have emptied each other wallets a million times by now?!!!!

......
.L I V E C O I N . N E T.
.
..PROFITBOX..
██  █████████████████████████
  █████████▄      ▄██████████
█████████████▄  ▄████████████
    █████████████████████████
  ██████████▀    ▀█ ▀████████
████  █████▀  ▄▄  ▀█  ▀██████
  ████████▀  ▄██▄  ▀█   ▀████
    ██████   ▀██▀   ██   ████
  █████████▄      ▄██████████
██  █████████▄  ▄████████████
  ███████████████████████████
██  █████████████████████████
  █████████████████████▀ ███
█████████████████████▀   ███
    █████████████▀     ████
  █████████████▀   ██    ████
████  █████▀     ██    ████
  ███████▀   ██    ██    ████
    █████    ██    ██    ████
  ███████    ██    ██    ████
██  █████    ██    ██    ████
  ███████████████████████████
.....
prabowo96
Full Member
***
Offline Offline

Activity: 238
Merit: 100

it's showtime


View Profile
October 13, 2016, 12:40:44 PM
 #31

Maybe in the future, supercomputers can crack something, if one isn't enough, you can put 10-100 working togheter... But why? Just to prove it? Because if they stolen all bitcoin, it will still have value? I don't think so.

levent
Member
**
Offline Offline

Activity: 63
Merit: 10


View Profile
October 13, 2016, 12:41:57 PM
 #32


Bitcoin greatest vulnerability

https://bitcointalk.org/index.php?topic=1516755.msg15262075;topicseen#msg15262075
Xenophoto
Hero Member
*****
Offline Offline

Activity: 826
Merit: 502


View Profile
October 13, 2016, 12:45:51 PM
 #33

You didn't got me did you ?
I meant if someone gets the database by brute force like " http://directory.io "

Then he can Search the database like he's searching Note pad and can easily find a particular Private key of an address.

For Example a website is giving facility to find your address on " http://directory.io " With your Private key.

It's " https://bitcoin-checker.appspot.com/ "

What will happen if Instead of Private key it search the website ( http://directory.io ) with Bitcoin Address and trace Private key ?
"easily"? I don't think you really want to use that word when searching for a particular address in the entire Bitcoin addresses possible. If that can "easily" be done, then people would just be stealing Bitcoins away from each other. Explore the directory.io a little and you'll see the amount of Bitcoin addresses that is in there.

Do you honestly think if you press CTRL + F in your notepad, you can easily see a particular address? That's a lot of waiting to do, your computer might even overheat just because of that. Even just importing all the info in directory.io into a .txt file would take some time even if you're using a certain script to do the work.

Solidsnake2016
Member
**
Offline Offline

Activity: 113
Merit: 10


View Profile
October 13, 2016, 01:34:35 PM
 #34

Quantum Computers will cause the demise of Bitcoin. That's my fear.  
Roboabhishek (OP)
Hero Member
*****
Offline Offline

Activity: 882
Merit: 528


View Profile
October 13, 2016, 02:07:30 PM
 #35

You didn't got me did you ?
I meant if someone gets the database by brute force like " http://directory.io "

Then he can Search the database like he's searching Note pad and can easily find a particular Private key of an address.

For Example a website is giving facility to find your address on " http://directory.io " With your Private key.

It's " https://bitcoin-checker.appspot.com/ "

What will happen if Instead of Private key it search the website ( http://directory.io ) with Bitcoin Address and trace Private key ?
"easily"? I don't think you really want to use that word when searching for a particular address in the entire Bitcoin addresses possible. If that can "easily" be done, then people would just be stealing Bitcoins away from each other. Explore the directory.io a little and you'll see the amount of Bitcoin addresses that is in there.

Do you honestly think if you press CTRL + F in your notepad, you can easily see a particular address? That's a lot of waiting to do, your computer might even overheat just because of that. Even just importing all the info in directory.io into a .txt file would take some time even if you're using a certain script to do the work.

I know it's not easy even if you use script because there are more than billions of pages with more than 50 Address per page.
I also know this if it's that easy then everyone will steal btc from one another.
cyrixcer
Hero Member
*****
Offline Offline

Activity: 524
Merit: 500


View Profile
October 13, 2016, 02:20:37 PM
 #36

ok lets worse case scenario this.

lets imagine all possible private keys at binary level
from
00000000-00000000-00000000-00000000-00000000-00000000-00000000-00000000-00000000-00000000-00000000-00000000-00000000-00000000-
00000000-00000000-00000000-00000000-00000000-00000000
to
11111111-11111111-11111111-11111111-11111111-11111111-11111111-11111111-11111111-11111111-11111111-11111111-11111111-11111111-
11111111-11111111-11111111-11111111-11111111-11111111

you may think that 20 bytes looks small but its not the case of changing a bit 160 times. its instead progressively more changes as you go through it.

EG lets start with 3 bits its not
000   001   011   111   done
its
000   001   010   011   100   101   110   111   done

adding another bit is not just one extra change, but double
0000   0001   0010   0011   0100   0101   0110   0111  1000   1001   1010   1011   1100   1101   1110   1111   done
another bit, again double

even with the 160bit limitations it is 1461501637330900000000000000000000000000000000000 combinations
imagine you processed 1000 combinations a second
thats only 31536000000 combinations a year.
meaning you will process all combinations in
46343912903694300000000000000000000000 years

lets say you could do 1trillian combinations a second
thats only 31536000000000000000 combinations a year.
meaning you will process all combinations in
46343912903694300000000000000 years


remember a person only lives ~99 years and has become a grandparent (3rd generation) in that time
so to get to 999 years your descendants need to hand your project down the lineage of offspring 20 times
the next digit (9,999 years) is passing it down your lineage 4000 times
the next digit (99,999 years) is passing it down your lineage 80000 times
in short even if a caveman done 1trillian combinations a second, their modern day ancestor would not have got that far.

Comprehensive knowledge about bitcoin indeed, bitcoin system is theoretically proven secure and safe, reliable system, so at least in our age, we won't see it collapse.
odolvlobo
Legendary
*
Offline Offline

Activity: 4494
Merit: 3401



View Profile
October 13, 2016, 06:19:56 PM
Last edit: October 13, 2016, 06:45:40 PM by odolvlobo
 #37

You didn't got me did you ?
I meant if someone gets the database by brute force like " http://directory.io "

Then he can Search the database like he's searching Note pad and can easily find a particular Private key of an address.

For Example a website is giving facility to find your address on " http://directory.io " With your Private key.

It's " https://bitcoin-checker.appspot.com/ "

What will happen if Instead of Private key it search the website ( http://directory.io ) with Bitcoin Address and trace Private key ?

Consider the size of a database necessary to do what you suggest, i.e search for private key based on bitcoin address.

A minimum-sized database would simply be a list of private keys -- one for each bitcoin address. This database would require 32 bytes per bitcoin address, and there are 2160 addresses, so the database would have to be at least 2165 bytes in size.

How big is 2165 bytes?

According to this article in 2011:
For anyone that's ever wondered about the world's data storage capacity, scientists have come up with a nice little number: 295 exabytes.

295 exabytes is about 268 bytes, so a database with 2165 bytes would be 297 (about 160,000,000,000,000,000,000,000,000,000) times the current storage capacity of the entire world.


How long would it take to generate this database?

First, you need to generate addresses for at least 2160 private keys to generate the entire database. Let's use that number to simplify things.

A top-of-the-line PC can generate nearly 64 million (226) addresses per second (https://en.bitcoin.it/wiki/Vanitygen#Expected_keysearch_rate). At that rate it would take about 2134 seconds, or 6.9x1030 (6,900,000,000,000,000,000,000,000,000,000) centuries to generate the database. There are about 2 billion PCs in the world (https://www.reference.com/technology/many-computers-world-e2e980daa5e128d0). If every PC in the world was a top-of-the-line PC and was working on this database, then you could cut it down to only 3,500,000,000,000,000,000,000 centuries.

Go for it!

Join an anti-signature campaign: Click ignore on the members of signature campaigns.
PGP Fingerprint: 6B6BC26599EC24EF7E29A405EAF050539D0B2925 Signing address: 13GAVJo8YaAuenj6keiEykwxWUZ7jMoSLt
bitbunnny
Legendary
*
Offline Offline

Activity: 2912
Merit: 1068


WOLF.BET - Provably Fair Crypto Casino


View Profile
October 13, 2016, 06:29:09 PM
 #38

At the moment there is no 100% "malware proof" system so I guess Bitcoin system is vulnerable too. The question is how.much is realy vulnerable and how likely is for something like this to happen. Having in mind the Bitcoin system structure there is no much chance for such security breach, at least not at the moment.

Patatas
Legendary
*
Offline Offline

Activity: 1750
Merit: 1115

Providing AI/ChatGpt Services - PM!


View Profile
October 13, 2016, 07:03:06 PM
 #39

This question is arising in my mind after i did some research.
What will happen if someone brute Force Private keys in Base58 Format ?
Brute Forcing Base58 ? What is the probability of that happening as a successful attack ? There goes a failed one,followed by many https://github.com/Marclass/BritExploit/blob/master/src/bruteForcer/BruteForce.java

This dude has put it in brief,most simple and to the point information I found so far

http://blog.richardkiss.com/?p=371

And he succeeds then I think he will get admin access to all the wallets and can ruin the Bitcoin.
I know it's very hard to go through the database but It's not impossible either.
That is absurd.There is literally no specific database as such.Bitcoin wouldn't be as successful if they put it all in a static database. 
calkob
Hero Member
*****
Offline Offline

Activity: 1106
Merit: 521


View Profile
October 13, 2016, 10:00:11 PM
 #40

everything is possible to do, there just isnt a person alive with the time left to do it, and there never will be. Grin
Pages: « 1 [2] 3 4 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!