Victor_sueca (OP)
Newbie
Offline
Activity: 21
Merit: 0
|
|
April 17, 2017, 01:48:20 PM Last edit: April 17, 2017, 02:01:12 PM by Victor_sueca |
|
Apparently, the large bitcoin collider, a software that is meant to use vonlunteer's computing resources to list all the possbile private keys into a server also allows remote arbitrary code to be executed on computers that run it. SopaXorzTaker made this post at Reddit explaining it. Just in case somebody is wondering... No, it's not possible to list all the possible bitcoin private keys. ECDSA, the cryptography algorithm on which bitcoin private keys are based on, allows for 2 256 possible private keys. Even if you had a computer of the size of the solar system, that used the sun as energy source and that you can cool at no extra energy cost, the sun will burn out before the computer counts up to 2 256, let alone hashing and other math stuff which is also needed, only counting, 1...2...3...4... This software uses the argument that private keys can be brute-forced to get people to run the software until all the private keys are exhausted and the bitcoin economy is ruined. Can't be more far from reality, this is impossible, breaking a bitcoin private key would imply by the mathematical state of art, breaking also several universe thermodynamic laws (something that only quantum computer may achieve). So, summarizing, this software is not only useless, but also dangerous for your computer and security. Be careful. If you still have any doubt, extra reviews to the code are welcome.
|
|
|
|
Dorky
Sr. Member
Offline
Activity: 392
Merit: 250
Best IoT Platform Based on Blockchain
|
|
April 17, 2017, 01:58:06 PM |
|
Rootkit?!?!?!?
SHEETTTTTTTTTTTT...!!!!
|
|
|
|
Dorky
Sr. Member
Offline
Activity: 392
Merit: 250
Best IoT Platform Based on Blockchain
|
|
April 17, 2017, 02:00:31 PM |
|
Good news is that bitcoin is still superman.
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
April 17, 2017, 02:06:43 PM |
|
Apparently, the large bitcoin collider, a software that is meant to use vonlunteer's computing resources to list all the possbile private keys into a server also allows remote arbitrary code to be executed on computers that run it. SopaXorzTaker made this post at Reddit explaining it. Just in case somebody is wondering... No, it's not possible to list all the possible bitcoin private keys. ECDSA, the cryptography algorithm on which bitcoin private keys are based on, allows for 2 256 possible private keys. Even if you had a computer of the size of the solar system, that used the sun as energy source and that you can cool at no extra energy cost, the sun will burn out before the computer counts up to 2 256, let alone hashing and other math stuff which is also needed, only counting, 1...2...3...4... This software uses the argument that private keys can be brute-forced to get people to run the software until all the private keys are exhausted and the bitcoin economy is ruined. Can't be more far from reality, this is impossible, breaking a bitcoin private key would imply by the mathematical state of art, breaking also several universe thermodynamic laws (something that only quantum computer may achieve). So, summarizing, this software is not only useless, but also dangerous for your computer and security. Be careful. If you still have any doubt, extra reviews to the code are welcome. ECDSA bitsize is twice of security. 256 bits gets you 128 bits of security.
|
|
|
|
Hydrogen
Legendary
Offline
Activity: 2562
Merit: 1441
|
|
April 17, 2017, 02:56:04 PM |
|
Large bitcoin collider claims they generated 100 trillion keys and found 5 keys that worked.
I'm not sure I believe that.
A normal password with more than 8 digits can have trillions of possible combinations.
100 trillion keys doesn't seem like it would do anything.
|
|
|
|
slaman29
Legendary
Offline
Activity: 2800
Merit: 1282
Livecasino, 20% cashback, no fuss payouts.
|
|
April 17, 2017, 03:00:29 PM |
|
Large bitcoin collider claims they generated 100 trillion keys and found 5 keys that worked.
I'm not sure I believe that.
A normal password with more than 8 digits can have trillions of possible combinations.
100 trillion keys doesn't seem like it would do anything.
I suppose now they did not show evidence for those claims? 5 in 100 is 1 in 20 trillion... it does not make sense even for me when I don't think I'm any good at statistics and maths.
|
|
|
|
unamis76
Legendary
Offline
Activity: 1512
Merit: 1012
|
|
April 17, 2017, 03:05:57 PM |
|
This is already being discussed on the project's thread, from here onwards.
|
|
|
|
Hydrogen
Legendary
Offline
Activity: 2562
Merit: 1441
|
|
April 17, 2017, 03:07:31 PM |
|
I suppose now they did not show evidence for those claims? 5 in 100 is 1 in 20 trillion... it does not make sense even for me when I don't think I'm any good at statistics and maths.
It was cited in a vice article on large bitcoin collider, published this month, which interviewed one of lbc's developers. https://motherboard.vice.com/en_us/article/the-large-bitcoin-collider-is-generating-trillions-of-keys-and-breaking-into-walletsNo evidence shown as far as I know, although vice probably did make an effort to confirm the identity of the person they were interviewing to ensure they were associated with lbc. This is already being discussed on the project's thread, from here onwards. Thx for the info.
|
|
|
|
Gotottack
|
|
April 17, 2017, 03:10:05 PM |
|
Large bitcoin collider claims they generated 100 trillion keys and found 5 keys that worked.
I'm not sure I believe that.
A normal password with more than 8 digits can have trillions of possible combinations.
100 trillion keys doesn't seem like it would do anything.
I suppose now they did not show evidence for those claims? 5 in 100 is 1 in 20 trillion... it does not make sense even for me when I don't think I'm any good at statistics and maths. I would like to see them work on cracking Satoshi's address or the genesis address. A password is hard enough to crack let alone a super crazy amount of combination of letters and numbers and not to mention that it has capitalized and non capitalized letters. This is is really BS from the start. This is already being discussed on the project's thread, from here onwards. I'll also look into this thread.
|
|
|
|
Victor_sueca (OP)
Newbie
Offline
Activity: 21
Merit: 0
|
|
April 17, 2017, 03:44:42 PM |
|
Large bitcoin collider claims they generated 100 trillion keys and found 5 keys that worked.
I'm not sure I believe that.
A normal password with more than 8 digits can have trillions of possible combinations.
100 trillion keys doesn't seem like it would do anything.
It may be possible though if some wallet out there gave users keys with bad randomness.
|
|
|
|
Pearls Before Swine
|
|
April 17, 2017, 03:50:46 PM |
|
And the chances of them ever finding out what my private keys are, well, that's close enough to zero that I can sleep very well at night holding bitcoin. It's BS anyway, as OP has pointed out. They're not going to colllide anybody's money.
|
|
|
|
Mometaskers
|
|
April 17, 2017, 04:05:17 PM |
|
First time I heard of this. So basically the plan is to brute-force their way to finding all the private keys and use that to get people's coins? I wonder what the people who downloaded and installed this were thinking. It's probably more likely that it's they that will get hacked later. If ever, guess they deserved it. I mean, why bother with this malicious idea of getting people's money. There's a legal way to get people's money and you don't even have to force them to give it to you. It's called business - providing services or products.
|
|
|
|
BrewMaster
Legendary
Offline
Activity: 2114
Merit: 1293
There is trouble abrewing
|
|
April 17, 2017, 04:27:49 PM |
|
(i admit i have never wasted time to read it completely to see what it does but this is my understanding).
it is not a brute force, it is not breaking private keys, i think the word collider is not even right.
what it does (to my understanding) is generating private keys from 0 up towards that crazy number that is max (private key is a number after all). on the way up there has been some numbers that contained some amounts and it was a puzzle not real wallets and they found the reward for that puzzle.
i remember reading something like this between 1 and 2^1 was one private key from this puzzle between 2^1 and 2^2 another 2^2 and 2^3 another .... 2^101 and 2^101 ....
and they found a couple of these on the way up.
|
There is a FOMO brewing...
|
|
|
Kprawn
Legendary
Offline
Activity: 1904
Merit: 1074
|
|
April 17, 2017, 04:28:45 PM |
|
Another site with bullshit claims that they are listing valid addresses that was hacked, but contains no bitcoins. The electricity bill for the bruteforcing of millions of private keys will be much more than the possibility to get a address with actual bitcoins that might be worth their effort. They are looking for a needle in a haystack and doing it blindfolded.
|
|
|
|
Catmony
|
|
April 17, 2017, 05:11:24 PM |
|
Another shit that claims can find private keys of bitcoin addresses to ruin the bitcoin network completely. Challenging sha256 encryption can't be more than a joke.
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
April 17, 2017, 05:23:06 PM |
|
Another shit that claims can find private keys of bitcoin addresses to ruin the bitcoin network completely. Challenging sha256 encryption can't be more than a joke.
ECDSA encryption. SHA-256 is just the hash function used within that.
|
|
|
|
talkbitcoin
Legendary
Offline
Activity: 1372
Merit: 1032
All I know is that I know nothing.
|
|
April 18, 2017, 10:21:30 AM |
|
damn, why isn't this already in the first page. consider this as a bump. is this the same project: https://bitcointalk.org/index.php?topic=1573035.0i have seen this a long time ago and thought of it as shady. never went through it though. and if so why isn't anything being done about it as in removing the topic or banning the user spreading this also it seems that OP of that topic has been tagged a while ago by gmaxwell https://bitcointalk.org/index.php?action=trust;u=159476
|
|
|
|
gentlemand
Legendary
Offline
Activity: 2590
Merit: 3014
Welt Am Draht
|
|
April 18, 2017, 11:29:45 AM |
|
So program that offers the possibility of free money turns out to be a program that might get free money for the programmer. Shocker.
|
|
|
|
Hydrogen
Legendary
Offline
Activity: 2562
Merit: 1441
|
|
April 18, 2017, 06:26:40 PM |
|
damn, why isn't this already in the first page. consider this as a bump. It seems as if there are farmed accounts that only bump low quality threads. I have to go to page 2 or 3 to find posts that are informative and interesting. Not sure why that is, but a lot of forums are structured this way.
|
|
|
|
Monnt
Legendary
Offline
Activity: 938
Merit: 1002
|
|
April 19, 2017, 03:26:15 PM |
|
Good point, shows how you can’t trust everything you see even if a lot of people condone it. What strikes me is that in my opinion someone seeing this would look into it and try to check if this is in fact true. I mean especially if you have to pay for the software. Just goes to show you should check everything twice even three times and extra care for anything anyone says is anything online. Stay safe everybody and be careful.
|
|
|
|
|