So, bitcoin client still use unencrypted wallet.dat

[Gabi]

I think how the wallet is managed is one of the major problem of the bitcoin client as now. To use it you have to have it unencrypted and this is a serious security flaw as it allow a virus to directly steal it. I know it has been asked a lot of times but, we need a client that can use a CRYPTED wallet.dat

Then we have the fact that well the client automatically create wallet.dat in his folder inside roaming without telling you anything and while it is not a problem for people who know how the software work, it's a bit fail for new ppl, because by trying the bitcoin client you just end with a NEW folder under roaming that you don't even know it exist (you discover it LATER, when you go read the wiki). Not exactly the safer way, there should be like something in the client that allow you to create the wallet and place it where you want or something like that...

[1714928656]

1714928656

[1714928656]

1714928656

[1714928656]

1714928656

[1714928656]

1714928656

[foo]

Read: http://gavinthink.blogspot.com/2011/06/why-arent-bitcoin-wallets-encrypted.html

[JoelKatz]

Encryption is not some magic dust you sprinkle on an application and it magically becomes secure. If you can come up with a wallet encryption scheme that has more upsides than downsides, there's a good chance it will be implemented.

IMO, that's just inviting disaster. The client should only be running on machines that are inherently secure. Doing this will encourage people to run the client on insecure machines, which will compromise their wallets even if they are encrypted. Strong passwords will be forgotten, leading to lost BitCoins. Weak passwords will be brute forced, accomplishing nothing.

[de_bert]

IMO, that's just inviting disaster. The client should only be running on machines that are inherently secure. Doing this will encourage people to run the client on insecure machines, which will compromise their wallets even if they are encrypted. Strong passwords will be forgotten, leading to lost BitCoins. Weak passwords will be brute forced, accomplishing nothing.

Yeah, but a forgotten password is everybody's own fault, while the average BTC user can't be expected to only keep his wallet on his walled-off linux machine with only carrier pigeon connectivity.
Of course, most known cases of theft have been linked to gross negligence, but that's just how people work - you don't worry until it's too late.

I, for one, would welcome wallet encryption, even if it's not 100% secure and perfect. I mean, what is 100% secure?

[mouse]

I really dont understand why people defend NOT encrypting the wallet.

Maybe I'm missing something.

Gavin Writes in the blog:
"First, losing your wallet or forgetting your password is (arguably) as big a threat as theft."
Even if we ran with this and said, 50/50 you lose your password or get your unencrypted wallet stolen, people would still choose to lose their password. At least some douch bag isnt out there spending them.

IMO, that's just inviting disaster. The client should only be running on machines that are inherently secure. Doing this will encourage people to run the client on insecure machines, which will compromise their wallets even if they are encrypted. Strong passwords will be forgotten, leading to lost BitCoins. Weak passwords will be brute forced, accomplishing nothing.

It seems to me nobody ever expects 'average' people to use bitcoins (whereby I define average as someone running windows, and is not really sure if blu-ray is the same as bluetooth).
In that case, I think just take down the windows binaries, and make users compile it themselves. if they can do that, they're ready for bitcoin.

BTW I really hate this elitest attitude.

[JoelKatz]

Yeah, but a forgotten password is everybody's own fault,

It really doesn't make any difference whose fault it is. If anything, having it be your fault makes it worse.

while the average BTC user can't be expected to only keep his wallet on his walled-off linux machine with only carrier pigeon connectivity.

Of course not. Since they can't be expected to secure their machine, they shouldn't be holding BitCoin keys on it. The best way to use a credit card is not to become a bank or a merchant.

I, for one, would welcome wallet encryption, even if it's not 100% secure and perfect. I mean, what is 100% secure?

Propose a scheme. I don't know how to do it so that the upside exceeds the downside. If you do, please share.

[Gabi]

Ok, if your pc is infected, then encrypting don't help and you need a non-infected pc to use the wallet

But encrypting it is not only about viruses, it's also about more simpler things like someone use my pc and steal the file.

Then you will say that i can still delete the wallet.dat and keep the encrypted copy and unencrypt it only when i need it, and then i say, yes, but if we add this to the bitcoin client it is much easier.

Also if the client directly encrypt it we can make sure an unencrypted wallet NEVER goes on the hard disk (cause the client will unencrypt and use it on the memory and not the hard disk), so it will be impossible to later recover it from the hard disk (like if someone steal your hard disk)

[de_bert]

Yeah, but a forgotten password is everybody's own fault,

It really doesn't make any difference whose fault it is. If anything, having it be your fault makes it worse.
[/quote]
if you say so.... I would not think so.

Of course not. Since they can't be expected to secure their machine, they shouldn't be holding BitCoin keys on it. The best way to use a credit card is not to become a bank or a merchant.

I was under the impression that BitCoin is meant for everybody, not only for banks... So there should be security enough for everybody to use it, otherwise it will fail.

Propose a scheme. I don't know how to do it so that the upside exceeds the downside. If you do, please share.

As long as "oh noes you could install a keylogger specifically for bitcoin, which makes no encryption better than having encryption" is an argument, I won't bother, thank you ;-)

[MikesMechanix]

Jesus, how hard can it be to understand.

unencrypted :
- thief steals your hard drive : wallet.dat up for grabs be it linux or windows or w/e
- thief hacks your PC : wallet.dat up for grabs be it linux or windows or w/e
- get a trojan : trivial to add a couple of lines of code to an existing one to steal wallet.dat
Average time needed to steal all user's coins : microseconds

encrypted:
- thief steals your hard drive : thief more or less s.o.o.l
- thief hacks your PC : thief needs to grab wallet.dat, install a keylogger and wait patiently until user makes a payment, which could be today, next week, or never
- get a trojan : needs to target Bitcoin specifically and wait until a payment is made as above
Average time needed to steal all user's coins : days to weeks

FWIW, there are ways to evade the most common keyloggers. KeePass, for instance, has implemented one such system: http://sourceforge.net/projects/keepass/forums/forum/329220/topic/4198801

Also, AFAIK, encrypting wallet.dat doesn't prevent you from doing any other security measures you might find necessary.

NOT encrypting wallet.dat means that to be safe from the kids' friends, 0-day exploits and the occasional 'oops, shouldn't have downloaded that' you need some sort of security scheme, which probably involves encryption and passwords anyways. And how were you going to spend coins without unencrypting the keys, again?

[cmh]

Bitcoin is a specification and protocol. The bitcoin client that everybody is talking about is an implementation. But for the normal user, the only thing something "is" is what is in front of their face on the screen. So for new users, the bitcoin client from bitcoin.org is bitcoin. There's a great opportunity for somebody to develop a more full-featured client (with encryption, backup, payment confirmation, etc.). I bet one will emerge soon.

[DamienBlack]

All this discussion is pointless. The developers are working on it, it should be included in the next version. You can see their progress here:

https://github.com/bitcoin/bitcoin/pull/232

[aral]

But encrypting it is not only about viruses, it's also about more simpler things like someone use my pc and steal the file.

If someone uses your pc?

You mean you don't have your own user login with encrypted home folder on your pc then I guess?  Because you should, if you're keeping many bitcoins on it. 

If someone stole my PC then I suppose they could crack the encryption and steal my wallet but I hope this security at least would buy me enough time to get my wallet backup to another PC and move my bitcoins to a safe place.

[Gabi]

Ye well if we want to use bitcoins we should be able to keep the wallet with us, so maybe i have the big wallet encrypted somewhere and a wallet with few bitcoins that i bring around with me and someone can steal it. If the client directly encrypt this, the problem is solved

[Horkabork]

Personally, I am only allowed access to my encrypted wallet after I prick my finger and take a small blood sample. 12 hours later, my DNA is roughly confirmed and I'm allowed to "see" in the wallet. I can't make transactions to new addresses for about 5 days while confidence in my identity is confirmed.

Also, I'm required to submit nasal and fecal swabs. A few tests are run and the unique combination and relative numbers of various bacteria, as well as their particular drug resistances and other protein markers, are used to confirm that I am probably me, and probably alive. One time, I got food poisoning and this threw everything off until my bacterial load was back to normal. I couldn't spend bitcoins for a few weeks.

After those tests are approved, I have verbal passphrase that is checked not just for correctness, but for indicators of stress in order to test if I am likely being coerced. After that, I type in a password that varies daily based on another password that was encrypted with a one-time-pad. Then, a random block of text is generated on-screen for me to type out. You might be able to fake all the prior checks, but have fun trying to replicate the exact cadence of my typing.

All throughout this, I have a hidden microphone that listens for me saying a particular keyword that indicates that I'm under duress. If I drop it into conversation with whoever might be coercing me, my wallet is locked for 1 month.

After that, I am given 3 names of random friends and relatives who I must talk to in order to be given one-time passwords taken from separate books that I gave them previously.

One person is chosen to perform a "secret handshake" that varies slightly with each day of the week.

Then, my dog has to go through most of the above steps, because he's always with me. I haven't been able to get into my wallet this month because he really sucks at typing and can't remember his verbal password until I give him a treat.

[AtlasONo]

The client should only be running on machines that are inherently secure

So long non-niche market adoption! This is as asinine as owning a computer /just/ to store a wallet.dat on.

[JoelKatz]

The client should only be running on machines that are inherently secure

So long non-niche market adoption! This is as asinine as owning a computer /just/ to store a wallet.dat on.

Running the client is not the only way to adopt BitCoin. Currently, it is most certainly not the best.

[Joise]

The client should only be running on machines that are inherently secure

So long non-niche market adoption! This is as asinine as owning a computer /just/ to store a wallet.dat on.

I think it's a requirement to use bitcoin with non-negligible amounts of money on a computer. It doesn't work without security, including strong confidentability and integrity of data.

You have to realize that what is secure enough now for a home computer user is very probably not sufficient. You are not going to change that by fussing around.

Think about only one aspect: To make backups possible, pre-generated keys (addresses) are stored in the wallet. If you receive some amount of money, the security of that amount depends on the security of these keys since their creation until the money is moved to another address, which can take years.

Another point: If I can copy your wallet.dat, I can probably replace your entire bitcoin client as easily. I don't need to install a key logger then - I can do directly with the money whatever I want.

Or just another trick: You use your browser to look up payment addresses. Fine. I install some add-on into your browser which once in a while replaces some addresses with one of my owns. And you just wonder why your landlord throws you out.

[JoelKatz]

Jesus, how hard can it be to understand.

unencrypted :
- thief steals your hard drive : wallet.dat up for grabs be it linux or windows or w/e
- thief hacks your PC : wallet.dat up for grabs be it linux or windows or w/e
- get a trojan : trivial to add a couple of lines of code to an existing one to steal wallet.dat
Average time needed to steal all user's coins : microseconds

encrypted:
- thief steals your hard drive : thief more or less s.o.o.l
- thief hacks your PC : thief needs to grab wallet.dat, install a keylogger and wait patiently until user makes a payment, which could be today, next week, or never
- get a trojan : needs to target Bitcoin specifically and wait until a payment is made as above
Average time needed to steal all user's coins : days to weeks

You haven't proposed a complete scheme, so you're comparing the advantages and disadvantages of something that exists to something that isn't even specified. For example, under 'encrypted', you assume the thief cannot brute force your password. That will mean that your password will have to be the kinds of things a human being can't memorize reliably. Yet you don't consider the risks of forgotten passwords.

Anyone who has been around computers for at least ten years has had the experience of using a system you used to use regularly one time after a year or more of not using it and having no idea what your password is. This is the #1 way people will lose their BitCoins.

Just a few months ago, I had to use a system I used to use daily for six years with the same password after having not used it for just 8 months. I had no idea what my password was and had to recover it. I must have typed that password at least 2,000 times. And this was a short/simple password, I think it consisted of a short English word and two digits that were meaningful to me -- but I don't even remember that for sure. A password that short would be useless for protecting your wallet. And there's nobody to recover your password for you with BitCoins.

Remember, if your password is only needed to transfer coins, the thief will know exactly how valuable cracking your wallet is. And he'll probably have access to a vast network of compromised machines to use to brute force your password.

If you have a scheme for wallet encryption that you think has advantages that outweigh its disadvantages, propose it.

[mouse]

If you have a scheme for wallet encryption that you think has advantages that outweigh its disadvantages, propose it.

Why are you arguing against passwords? You seem to believe that passwords create more issues than they solve. Is this a universal thing, or does it only apply in the case of bitcoins (and why)?

I'm not asking if you think passwords have caveats (they do). I'm asking why you think they are worse than no encryption at all. For them to be worse, they would have to make MORE people vulnerable to bitcoin loss then unencrypted wallets. Seems unlikely. Surely, you don't advocate the universal abolishment of passwords? But that's exactly how I read your quote above.


*EDIT*
Let me say where I think this argument is coming from. Correct me if I'm wrong.
Your angle: People such as youself have secure machines, thus passwords do not add anything. For you, they only create the potential for a forgotten password.
My Angle: most people who pick up bitcoin will be vulnerable to wallet.dat theft, especially as the userbase shifts. Passwords can help protect a lot of them.

Solution? By default the client encrypts the wallet, but for advanced users it can be disabled (my target audience is likely to leave it an whatever the default is).

[JoelKatz]

Why are you arguing against passwords?

Because I believe they create more problems than they solve in this case. If you think otherwise, propose a schemce.

You seem to believe that passwords create more issues than they solve. Is this a universal thing, or does it only apply in the case of bitcoins (and why)?

It applies only to this specific case. Passwords are great "is X allowed to do Y". They are *not* great for this case. At least, not in any of the proposals I've seen.

I'm not asking if you think passwords have caveats (they do). I'm asking why you think they are worse than no encryption at all. For them to be worse, they would have to make MORE people vulnerable to bitcoin loss then unencrypted wallets. Seems unlikely. Surely, you don't advocate the universal abolishment of passwords? But that's exactly how I read your quote above.

You are more likely to lose your BitCoins through forgetting your password than you are to have them stolen by a trojan. If the passwords are made short enough that people will remember them, they will be brute forced, giving the worst of both worlds -- a false sense of security, and a risk of losing your own wallet if you can't muster enough power to brute force.

Your angle: People such as youself have secure machines, thus passwords do not add anything. For you, they only create the potential for a forgotten password.
My Angle: most people who pick up bitcoin will be vulnerable to wallet.dat theft, especially as the userbase shifts. Passwords can help protect a lot of them.

Solution? By default the client encrypts the wallet, but for advanced users it can be disabled (my target audience is likely to leave it an whatever the default is).

I have yet to hear your proposal. I can't evaluate a proposal I haven't heard. I can't think of one that doesn't make things worse for the average user. Maybe you can. If so, let's hear it.