We knew the Large Bitcoin Collider was useless, now we know it's also rootkit

[Victor_sueca]

Apparently, the large bitcoin collider, a software that is meant to use vonlunteer's computing resources to list all the possbile private keys into a server also allows remote arbitrary code to be executed on computers that run it.

SopaXorzTaker made this post at Reddit explaining it.

Just in case somebody is wondering... No, it's not possible to list all the possible bitcoin private keys. ECDSA, the cryptography algorithm on which bitcoin private keys are based on, allows for 2²⁵⁶ possible private keys. Even if you had a computer of the size of the solar system, that used the sun as energy source and that you can cool at no extra energy cost, the sun will burn out before the computer counts up to 2²⁵⁶, let alone hashing and other math stuff which is also needed, only counting, 1...2...3...4...

This software uses the argument that private keys can be brute-forced to get people to run the software until all the private keys are exhausted and the bitcoin economy is ruined. Can't be more far from reality, this is impossible, breaking a bitcoin private key would imply by the mathematical state of art, breaking also several universe thermodynamic laws (something that only quantum computer may achieve).

So, summarizing, this software is not only useless, but also dangerous for your computer and security. Be careful. If you still have any doubt, extra reviews to the code are welcome.

[1713987018]

1713987018

[1713987018]

1713987018

[1713987018]

1713987018

[Dorky]

Rootkit?!?!?!?

SHEETTTTTTTTTTTT...!!!!

[Dorky]

Good news is that bitcoin is still superman.

[jonald_fyookball]

Apparently, the large bitcoin collider, a software that is meant to use vonlunteer's computing resources to list all the possbile private keys into a server also allows remote arbitrary code to be executed on computers that run it.

SopaXorzTaker made this post at Reddit explaining it.

Just in case somebody is wondering... No, it's not possible to list all the possible bitcoin private keys. ECDSA, the cryptography algorithm on which bitcoin private keys are based on, allows for 2²⁵⁶ possible private keys. Even if you had a computer of the size of the solar system, that used the sun as energy source and that you can cool at no extra energy cost, the sun will burn out before the computer counts up to 2²⁵⁶, let alone hashing and other math stuff which is also needed, only counting, 1...2...3...4...

This software uses the argument that private keys can be brute-forced to get people to run the software until all the private keys are exhausted and the bitcoin economy is ruined. Can't be more far from reality, this is impossible, breaking a bitcoin private key would imply by the mathematical state of art, breaking also several universe thermodynamic laws (something that only quantum computer may achieve).

So, summarizing, this software is not only useless, but also dangerous for your computer and security. Be careful. If you still have any doubt, extra reviews to the code are welcome.

ECDSA bitsize is twice of security. 256 bits gets you 128 bits of security. 

[Hydrogen]

Large bitcoin collider claims they generated 100 trillion keys and found 5 keys that worked.

I'm not sure I believe that.

A normal password with more than 8 digits can have trillions of possible combinations.

100 trillion keys doesn't seem like it would do anything.

[slaman29]

Large bitcoin collider claims they generated 100 trillion keys and found 5 keys that worked.

I'm not sure I believe that.

A normal password with more than 8 digits can have trillions of possible combinations.

100 trillion keys doesn't seem like it would do anything.

I suppose now they did not show evidence for those claims? 5 in 100 is 1 in 20 trillion... it does not make sense even for me when I don't think I'm any good at statistics and maths.

[unamis76]

This is already being discussed on the project's thread, from here onwards.

[Hydrogen]

I suppose now they did not show evidence for those claims? 5 in 100 is 1 in 20 trillion... it does not make sense even for me when I don't think I'm any good at statistics and maths.

It was cited in a vice article on large bitcoin collider, published this month, which interviewed one of lbc's developers.

https://motherboard.vice.com/en_us/article/the-large-bitcoin-collider-is-generating-trillions-of-keys-and-breaking-into-wallets

No evidence shown as far as I know, although vice probably did make an effort to confirm the identity of the person they were interviewing to ensure they were associated with lbc.

This is already being discussed on the project's thread, from here onwards.

Thx for the info.

[Gotottack]

Large bitcoin collider claims they generated 100 trillion keys and found 5 keys that worked.

I'm not sure I believe that.

A normal password with more than 8 digits can have trillions of possible combinations.

100 trillion keys doesn't seem like it would do anything.

I suppose now they did not show evidence for those claims? 5 in 100 is 1 in 20 trillion... it does not make sense even for me when I don't think I'm any good at statistics and maths.

I would like to see them work on cracking Satoshi's address or the genesis address. A password is hard enough to crack let alone a super crazy amount of combination of letters and numbers and not to mention that it has capitalized and non capitalized letters. This is is really BS  from the start.

This is already being discussed on the project's thread, from here onwards.

I'll also look into this thread.

[Victor_sueca]

Large bitcoin collider claims they generated 100 trillion keys and found 5 keys that worked.

I'm not sure I believe that.

A normal password with more than 8 digits can have trillions of possible combinations.

100 trillion keys doesn't seem like it would do anything.

It may be possible though if some wallet out there gave users keys with bad randomness.

[Pearls Before Swine]

And the chances of them ever finding out what my private keys are, well, that's close enough to zero that I can sleep very well at night holding bitcoin.  It's BS anyway,  as OP has pointed out.   They're not going to colllide anybody's money.

[Mometaskers]

First time I heard of this. So basically the plan is to brute-force their way to finding all the private keys and use that to get people's coins? I wonder what the people who downloaded and installed this were thinking. It's probably more likely that it's they that will get hacked later.

If ever, guess they deserved it. I mean, why bother with this malicious idea of getting people's money. There's a legal way to get people's money and you don't even have to force them to give it to you. It's called business - providing services or products. 

[BrewMaster]

(i admit i have never wasted time to read it completely to see what it does but this is my understanding).

it is not a brute force, it is not breaking private keys, i think the word collider is not even right.

what it does (to my understanding) is generating private keys from 0 up towards that crazy number that is max (private key is a number after all). on the way up there has been some numbers that contained some amounts and it was a puzzle not real wallets and they found the reward for that puzzle.

i remember reading something like this
between 1 and 2^1 was one private key from this puzzle
between 2^1 and 2^2 another
2^2 and 2^3 another
....
2^101 and 2^101
....

and they found a couple of these on the way up.

[Kprawn]

Another site with bullshit claims that they are listing valid addresses that was hacked, but contains no bitcoins. The electricity bill for the

bruteforcing of millions of private keys will be much more than the possibility to get a address with actual bitcoins that might be worth their

effort. They are looking for a needle in a haystack and doing it blindfolded.  

[Catmony]

Another shit that claims can find private keys of bitcoin addresses to ruin the bitcoin network completely. Challenging sha256 encryption can't be more than a joke.

[jonald_fyookball]

Another shit that claims can find private keys of bitcoin addresses to ruin the bitcoin network completely. Challenging sha256 encryption can't be more than a joke.

ECDSA encryption.

SHA-256 is just the hash function used within that.

[talkbitcoin]

damn, why isn't this already in the first page. consider this as a bump.
is this the same project: https://bitcointalk.org/index.php?topic=1573035.0
i have seen this a long time ago and thought of it as shady. never went through it though.
and if so why isn't anything being done about it as in removing the topic or banning the user spreading this

also it seems that OP of that topic has been tagged a while ago by gmaxwell
https://bitcointalk.org/index.php?action=trust;u=159476

[gentlemand]

So program that offers the possibility of free money turns out to be a program that might get free money for the programmer. Shocker.

[Hydrogen]

damn, why isn't this already in the first page. consider this as a bump.

It seems as if there are farmed accounts that only bump low quality threads.

I have to go to page 2 or 3 to find posts that are informative and interesting.

Not sure why that is, but a lot of forums are structured this way.  

[Monnt]

Good point, shows how you can’t trust everything you see even if a lot of people condone it. What strikes me is that in my opinion someone seeing this would look into it and try to check if this is in fact true. I mean especially if you have to pay for the software. Just goes to show you should check everything twice even three times and extra care for anything anyone says is anything online. Stay safe everybody and be careful.