jquiroga
Newbie
Offline
Activity: 10
Merit: 0
|
|
October 01, 2012, 11:51:46 PM |
|
There is another way in which you can get robbed.
Since any valid Bitcoin transaction must get in the public block chain. Your public keys must be in the block chain. And some body might use the block chain to calculate what is the balance of a 'big' and 'static' Bitcoin address and use a cryptographic attack that address to find out the corresponding private key. It might take months, but you are not moving those Bitcoins so the attacker can take the time. Once he has the private key he makes a transaction to one of is addresses.
|
|
|
|
Fcx35x10
|
|
October 02, 2012, 03:46:50 AM |
|
Thanks for the helpful tips
|
|
|
|
thebitbabe
Newbie
Offline
Activity: 28
Merit: 0
|
|
October 02, 2012, 05:25:00 AM |
|
Is totally secured even really possible?
|
|
|
|
BkkCoins
|
|
October 02, 2012, 06:41:22 AM |
|
There is another way in which you can get robbed.
Since any valid Bitcoin transaction must get in the public block chain. Your public keys must be in the block chain. And some body might use the block chain to calculate what is the balance of a 'big' and 'static' Bitcoin address and use a cryptographic attack that address to find out the corresponding private key. It might take months, but you are not moving those Bitcoins so the attacker can take the time. Once he has the private key he makes a transaction to one of is addresses.
Try all the time of the universe, billions of billions of years, then maybe, just maybe you may have a better chance than one atom out of all the atoms on planet earth. I wasn't going to bother posting but that "It might take months" was just too juicy to pass up.
|
|
|
|
jquiroga
Newbie
Offline
Activity: 10
Merit: 0
|
|
October 02, 2012, 05:52:14 PM |
|
There is another way in which you can get robbed.
Since any valid Bitcoin transaction must get in the public block chain. Your public keys must be in the block chain. And some body might use the block chain to calculate what is the balance of a 'big' and 'static' Bitcoin address and use a cryptographic attack that address to find out the corresponding private key. It might take months, but you are not moving those Bitcoins so the attacker can take the time. Once he has the private key he makes a transaction to one of is addresses.
Try all the time of the universe, billions of billions of years, then maybe, just maybe you may have a better chance than one atom out of all the atoms on planet earth. I wasn't going to bother posting but that "It might take months" was just too juicy to pass up. Good luck with your assumption that: 1. The discrete logarithm in the subgroup spanned by g (resp. G) is hard. 2. SHA-1 is a one-way hash function. 3. SHA-1 is a collision-resistant hash function. 4. The generator for k is unpredictable. will hold for billions and billions of years for any given pair of keys.
|
|
|
|
majorddf
Member
Offline
Activity: 99
Merit: 10
|
|
October 02, 2012, 06:48:57 PM |
|
Nice info-rant, you sound like me after a few beers :p
|
|
|
|
Monkey1
|
|
October 02, 2012, 09:10:47 PM |
|
Define completely secured? Is your wallet with paper money 'completely secured' downstairs while you sleep updatirs? Is your cash in the bank 'completely secured', especially these past few years when banks are more likely to go under than give youyour cash.
the point I am trying to make is that its all relative. Its more secure than anything else around, but nothing is completely secure!
|
|
|
|
citboin
Newbie
Offline
Activity: 58
Merit: 0
|
|
October 03, 2012, 02:43:49 AM |
|
What happens if I have a wallet, receive a payment on the first address and send one, then someone sends me a payment to the first address? Is this payment compromised in any way?
|
|
|
|
Cm5xng
Newbie
Offline
Activity: 12
Merit: 0
|
|
October 03, 2012, 02:59:40 PM |
|
I am curious that if someone else has your wallet.dat's copy too, can they bruteforce it and get all the cash?
|
|
|
|
chorchonga
Member
Offline
Activity: 65
Merit: 10
|
|
October 03, 2012, 07:28:13 PM |
|
If someone has your wallet.dat, they already have your private keys and have no need to bruteforce. Look up public-key encryption if that doesn't make sense.
|
|
|
|
lile
Newbie
Offline
Activity: 41
Merit: 0
|
|
October 04, 2012, 11:18:11 AM |
|
What happens if I have a wallet, receive a payment on the first address and send one, then someone sends me a payment to the first address? Is this payment compromised in any way?
No, it is not compromised. It wouldn't be a very good system if it were. If someone has your wallet.dat, they already have your private keys and have no need to bruteforce. Look up public-key encryption if that doesn't make sense.
Not if the private keys are encrypted. In that case if a weak password was used someone could bruteforce it, sure.
|
|
|
|
#machinist
Newbie
Offline
Activity: 18
Merit: 0
|
|
October 05, 2012, 06:24:02 PM |
|
Anyone using Yubikey to provide some feedback? mt.gox used to have one
|
|
|
|
Zeek_W
|
|
October 06, 2012, 12:30:41 AM |
|
Great read! My toughbook has fingerprint read, smart card authentication and I'm in the process of getting them to work with the linux distro I am liveCDing. Also as the toughbook has had quite a 'tough' life the USB ports are fried so anyone who wants to gather info off it onto USB sticks end up with a blown up USB Stick
|
|
|
|
shwoop
Newbie
Offline
Activity: 43
Merit: 0
|
|
October 07, 2012, 12:07:24 PM |
|
Fascinating read.
I think an additional security consideration is to diversify. I currently spread my funds across a few online wallets and a few computers. Generating the wallets on a liveCD and securing them over multiple .dat's is a great idea.
|
|
|
|
Ashkanian
Newbie
Offline
Activity: 9
Merit: 0
|
|
October 07, 2012, 01:35:30 PM |
|
excuse me guys I have a queston I read bitcoin wiki and on that it said you can zip your wallet.dat with 7zip I do THAT but one of my friend said it is useless because they can hack and crack it very easily is it true ?
|
|
|
|
an4rchy
Newbie
Offline
Activity: 5
Merit: 0
|
|
October 07, 2012, 02:13:58 PM |
|
Great post. It sounds like you hate Windows. What do you think about a MAC, can i atleast leave an encrypted wallet on my computer. I believe if the wallet is encrypted to a high standard it should be uncrackable.
|
|
|
|
nobbynobbynoob
|
|
October 07, 2012, 02:22:27 PM |
|
Great post. It sounds like you hate Windows. What do you think about a MAC, can i atleast leave an encrypted wallet on my computer. I believe if the wallet is encrypted to a high standard it should be uncrackable.
To the best of our knowledge it is... except by a keylogger.
|
|
|
|
Kas
Newbie
Offline
Activity: 4
Merit: 0
|
|
October 07, 2012, 06:10:25 PM |
|
This is good, I'd be so scared having more than like $50 in my bitcoin wallet. If I ever have larger amounts I will follow this guide, thanks
|
|
|
|
MarkOST
Newbie
Offline
Activity: 14
Merit: 0
|
|
October 07, 2012, 09:46:29 PM |
|
Yup, I'm a windows cunt that was finally convinced to switch over to a Linux Live CD after realizing how easy it would be for a hacker to steal all my stuff.
And in the process I realized that Linux isn't so user unfriendly after all, and am starting to use it for any important data like checking bank accounts, etc.
Basically only boot up Windows to play games and graphic programs now.
|
|
|
|
transientbeing
Newbie
Offline
Activity: 1
Merit: 0
|
|
October 07, 2012, 10:16:38 PM |
|
Linux isn't all that user unfriendly eh? I didn't study computer science in college so I'd be happy if I could just figure out how to get the Bitcoin program to function on my laptop with Linux Mint 11. The program files are saved on my hard drive but they won't do anything.
|
|
|
|
|