Bitcoin Forum
November 19, 2024, 04:31:09 AM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 »  All
  Print  
Author Topic: Bitcoin Stock Exchange Security Standards  (Read 14685 times)
ikonic (OP)
Newbie
*
Offline Offline

Activity: 15
Merit: 0


View Profile
June 21, 2011, 02:50:41 AM
Last edit: June 21, 2011, 03:10:32 AM by ikonic
 #1

Given that BitCoin is still in its infancy, many of the stock exchanges are being run by inexperienced coders or business types with no real online financial experience... and as such, putting the entire community at risk.

Therefore, what I am proposing is that the BitCoin community draft together a set of agreed security standards and best practices that all trusted exchanges should adhere to.

As an example of Web Standards, the basics would be

Web Application Requirements
  • Website to be tested to ensure SQL injections (including truncation attacks) do not exist
  • Website to be tested to ensure XSS injections do not exist
  • Website to be tested to ensure XPATH injections do not exist
  • Website to be tested to ensure CSRF vulnerabilities do not exist
  • All transactional functionality should be undertaken with http post using CSRF nuonces
  • Any and all interaction with the database should done using either Stored or Prepared Procedures

HTTP Response Header Requirements
  • All cookies to have the "HttpOnly" and "Secure" attributes
  • HTTP Headers should not include Server OS version
  • HTTP Headers should not include Web Server version
  • HTTP Headers must include an X-Frame-Options directive

Data Storage and Analysis Requirements
  • All passwords should be stored using one way encryption with a unique salt per user (salt to be a minimum 128bits)
  • Where the need for database analysis is required the data should be purged of all PII prior to be delivered to the auditor
  • Users with permissions to the database should be limited to the web application only

Finally, this list isn't extensive but only a start so it would be good to get others feedback.

btw: Sorry about being stuck in the newb section but alas such is life.

Note: Not here for the MT Gox bashing, it will achieve nothing. Lets talk about the future instead.

Edit:
Another good idea to discuss it the limit that can be transfered daily/hourly.
For instance, setting a maximum dollar amount to transfer out is pointless as you can simply crash the price and pull out. Perhaps a better idea would be to set volume limits instead?

BitCoin Transfer Requirements
  • Maximum Daily Transfer Limit - Currency $1000
  • Maximum Daily Transfer Limit - BitCoins 1000


muad_dib
Member
**
Offline Offline

Activity: 140
Merit: 10


View Profile
June 21, 2011, 09:13:34 AM
 #2

well 1000 bitcoins are a lot of money.

Moreover we need 2 levels of password:

1) An account password, sent via password-authenticated key agreement and not https

2) A Time-synchronized one-time passwords or a 2d key, to authorize movements, so that even if the password is stolen, it is impossible to authorize another transaction.


Users should not be allowed to choose passwords. A 25 characters long, strongly randomized password should be generated for the user, so he's forced to use something like keepassx.




I think we need an independent security committee to write a security standard and certify exchanges.
piuk
Hero Member
*****
Offline Offline

Activity: 910
Merit: 1005



View Profile WWW
June 21, 2011, 09:20:53 AM
 #3

Exchange code should be open source like britcoin.

hamdi
Hero Member
*****
Offline Offline

Activity: 826
Merit: 500



View Profile
June 21, 2011, 09:23:12 AM
 #4

no use of cookies at all.
Superform
Newbie
*
Offline Offline

Activity: 56
Merit: 0


View Profile
June 21, 2011, 09:26:56 AM
 #5

if anyone wants to colaborate on a proper exchange I can help with supplying a domain bitcoin-market.com

I also have over 10 years of share trading experience

another suggestion is the exchange should issue a username which is a random string of numbers/letters instead of using your email name etc

Epinnoia
Full Member
***
Offline Offline

Activity: 209
Merit: 100


View Profile
June 21, 2011, 11:35:54 AM
Last edit: June 21, 2011, 11:47:50 AM by Epinnoia
 #6

The BCSE is a great tool, but can get you into some serious trouble with the SEC if you do any sort of public offering through it.  I've spoken with a lawyer who specializes in this area (securities law) about it, and we came to the conclusion that it would be legitimate ONLY for non-public offerings -- for example, where you approached each person individually and got them to invest...  You could also put the offering/alert on a password-protected page, and be safe.  But if the offering is on an open page, viewable by the public, then you are making a public offering, and must register it with the SEC.

And those people who invest privately CANNOT SELL THOSE STOCKS publicly either.  

In other words, if I privately approached Jack, John, and Jeff for investments, and they agreed, then their stocks can only legally be traded among each other, or bought back by the company itself.



My first miner -> ATI 4550 (7.2 Mh/sec): 
https://www.facebook.com/groups/cryptospeculators/
Findeton
Full Member
***
Offline Offline

Activity: 126
Merit: 100


View Profile
June 21, 2011, 11:44:12 AM
 #7

Yes, we do need regulation. This kind of regulation.

Bitcoin Weekly, bitcoin analysis and commentary

14DD7MhRXuw3KDuyUuXvAsRcK4KXTT36XA
davout
Legendary
*
Offline Offline

Activity: 1372
Merit: 1008


1davout


View Profile WWW
June 21, 2011, 11:47:41 AM
 #8

All passwords should be stored using one way encryption with a unique salt per user (salt to be a minimum 128bits) iterative hashing
Fixed that for you.

ikonic (OP)
Newbie
*
Offline Offline

Activity: 15
Merit: 0


View Profile
June 21, 2011, 11:47:08 PM
 #9

well 1000 bitcoins are a lot of money.
Perhaps accounts should have daily transaction limits where the user can reduce online at any time but it requires admin intervention to raise.

Moreover we need 2 levels of password:
1) An account password, sent via password-authenticated key agreement and not https

2) A Time-synchronized one-time passwords or a 2d key, to authorize movements, so that even if the password is stolen, it is impossible to authorize another transaction.
I assume you're talking about a TAN? This is a good idea.

no use of cookies at all.
Not really a big fan of this, It means the URL requires a session identifier to be included or then entire site runs through POSTS?

All passwords should be stored using one way encryption with a unique salt per user (salt to be a minimum 128bits) iterative hashing
Fixed that for you.
thx
DonnyCMU
Full Member
***
Offline Offline

Activity: 143
Merit: 100


View Profile
June 22, 2011, 12:46:20 AM
 #10

Users should not be allowed to choose passwords. A 25 characters long, strongly randomized password should be generated for the user, so he's forced to use something like keepassx.

Ridiculous. If I have 5 bitcoins in my account and want to use 'boobies' as my password, it should be my own rights, my own problem, at my own risk!

Most security-minded people never bother to see how usable these measures are.

Don't you hate it when you always use a simple password for non-important login, and then there's this silly site that demand the password for you to log-in and play flash games must contain 2 numbers, 3 signs, and 1 egyptian hieroglyph???
Anonymous
Guest

June 22, 2011, 12:49:16 AM
 #11

The BCSE is a great tool, but can get you into some serious trouble with the SEC if you do any sort of public offering through it.  I've spoken with a lawyer who specializes in this area (securities law) about it, and we came to the conclusion that it would be legitimate ONLY for non-public offerings -- for example, where you approached each person individually and got them to invest...  You could also put the offering/alert on a password-protected page, and be safe.  But if the offering is on an open page, viewable by the public, then you are making a public offering, and must register it with the SEC.

And those people who invest privately CANNOT SELL THOSE STOCKS publicly either.  

In other words, if I privately approached Jack, John, and Jeff for investments, and they agreed, then their stocks can only legally be traded among each other, or bought back by the company itself.


These pedantic laws have nothing on people who trade anonymously under the veil of the sovereign web. The SEC is irrelevant. Any regulation they try to throw at Bitcoin exchanges is irrelevant.
Chick
Member
**
Offline Offline

Activity: 70
Merit: 10


View Profile
June 22, 2011, 12:51:06 AM
 #12

Given that BitCoin is still in its infancy, many of the stock exchanges are being run by inexperienced coders or business types with no real online financial experience... and as such, putting the entire community at risk.

Therefore, what I am proposing is that the BitCoin community draft together a set of agreed security standards and best practices that all trusted exchanges should adhere to.

As an example of Web Standards, the basics would be


Web Application Requirements
  • Website to be tested to ensure SQL injections (including truncation attacks) do not exist
  • Website to be tested to ensure XSS injections do not exist
  • Website to be tested to ensure XPATH injections do not exist
  • Website to be tested to ensure CSRF vulnerabilities do not exist
  • All transactional functionality should be undertaken with http post using CSRF nuonces
  • Any and all interaction with the database should done using either Stored or Prepared Procedures

HTTP Response Header Requirements
  • All cookies to have the "HttpOnly" and "Secure" attributes
  • HTTP Headers should not include Server OS version
  • HTTP Headers should not include Web Server version
  • HTTP Headers must include an X-Frame-Options directive

Data Storage and Analysis Requirements
  • All passwords should be stored using one way encryption with a unique salt per user (salt to be a minimum 128bits)
  • Where the need for database analysis is required the data should be purged of all PII prior to be delivered to the auditor
  • Users with permissions to the database should be limited to the web application only

Finally, this list isn't extensive but only a start so it would be good to get others feedback.

btw: Sorry about being stuck in the newb section but alas such is life.

Note: Not here for the MT Gox bashing, it will achieve nothing. Lets talk about the future instead.

Edit:
Another good idea to discuss it the limit that can be transfered daily/hourly.
For instance, setting a maximum dollar amount to transfer out is pointless as you can simply crash the price and pull out. Perhaps a better idea would be to set volume limits instead?

BitCoin Transfer Requirements
  • Maximum Daily Transfer Limit - Currency $1000
  • Maximum Daily Transfer Limit - BitCoins 1000


To sum it all up, BANK LEVEL SECURITY. No bullshit "25 letter passwords".

Take my money and STFU.

ikonic (OP)
Newbie
*
Offline Offline

Activity: 15
Merit: 0


View Profile
June 22, 2011, 01:06:09 AM
 #13

To sum it all up, BANK LEVEL SECURITY. No bullshit "25 letter passwords".
Take my money and STFU.
I am actually the senior developer/team leader for the online banking team which provide online services (mobile and internet banking/lending) to around 30 financial instituions. I also run a security forum and am familar with the nuoance of online transactions.

In saying that, I am not going to drop every single piece of information straight up unless others are interested in participating.

And BANK LEVEL SECURITY is shit. Just ask the CitiBank customers who card details have been nabbed...

What I am proposing is something far more secure and workable.
Findeton
Full Member
***
Offline Offline

Activity: 126
Merit: 100


View Profile
June 22, 2011, 02:37:00 PM
 #14

To sum it all up, BANK LEVEL SECURITY. No bullshit "25 letter passwords".
Take my money and STFU.
I am actually the senior developer/team leader for the online banking team which provide online services (mobile and internet banking/lending) to around 30 financial instituions. I also run a security forum and am familar with the nuoance of online transactions.

In saying that, I am not going to drop every single piece of information straight up unless others are interested in participating.

And BANK LEVEL SECURITY is shit. Just ask the CitiBank customers who card details have been nabbed...

What I am proposing is something far more secure and workable.

What about using bcrypt?

Bitcoin Weekly, bitcoin analysis and commentary

14DD7MhRXuw3KDuyUuXvAsRcK4KXTT36XA
davout
Legendary
*
Offline Offline

Activity: 1372
Merit: 1008


1davout


View Profile WWW
June 22, 2011, 02:59:57 PM
 #15

Any regulation they try to throw at Bitcoin exchanges is irrelevant.
Frozen bank accounts are relevant.

Rassah
Legendary
*
Offline Offline

Activity: 1680
Merit: 1035



View Profile WWW
June 22, 2011, 03:41:49 PM
 #16

A simple e-mail notification when BTC withdrawal address is changed, and lock on withdrawing funds for at least 24 hours after address change, would be nice too (BTCGuild's method)
Piper67
Legendary
*
Offline Offline

Activity: 1106
Merit: 1001



View Profile
June 22, 2011, 03:50:12 PM
 #17

A simple e-mail notification when BTC withdrawal address is changed, and lock on withdrawing funds for at least 24 hours after address change, would be nice too (BTCGuild's method)

Agreed, Bitmarket.eu has this extremely simple function, whereby any changes (to your email address, BTC withdrawal address, etc) has to be confirmed through a two step process. Simple and effective.
muad_dib
Member
**
Offline Offline

Activity: 140
Merit: 10


View Profile
June 23, 2011, 10:46:16 AM
 #18



Ridiculous. If I have 5 bitcoins in my account and want to use 'boobies' as my password, it should be my own rights, my own problem, at my own risk!

Most security-minded people never bother to see how usable these measures are.

Don't you hate it when you always use a simple password for non-important login, and then there's this silly site that demand the password for you to log-in and play flash games must contain 2 numbers, 3 signs, and 1 egyptian hieroglyph???

Just use KeepassX, so you are also safe from simple keyloggers.
killer2021
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
June 23, 2011, 12:51:33 PM
 #19

A simple e-mail notification when BTC withdrawal address is changed, and lock on withdrawing funds for at least 24 hours after address change, would be nice too (BTCGuild's method)

I'd like to have to have an option of having a code sent to my mobile with a code in it to activate the withdraw. Make the mobile number unchangeable after registration. Only way to change it is when the account has zero balances. Even if the account is hacked, good luck withdrawing.

Anonymous Cash-By-Mail Exchange: https://www.bitcoin2cash.com
1H6mqgB6UcqKt2SrCmhjxUp9np1Xrbkdj7
benjamindees
Legendary
*
Offline Offline

Activity: 1330
Merit: 1000


View Profile
June 23, 2011, 01:02:41 PM
 #20

Are we talking about stock exchange,like glbse, or currency exchange, like mt gox and tradehill?

Civil Liberty Through Complex Mathematics
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!