Bitcoin Forum
April 23, 2024, 01:00:02 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Bitcoin Discussion > Solution to wallet security
Poll
Question: Would this work?  (Voting closed: August 27, 2011, 12:28:37 PM)
Yes - 2 (28.6%)
No - 5 (71.4%)
See my comment below.... - 0 (0%)
Total Voters: 7

Pages: [1]
« previous topic next topic »
  Print  
Author Topic: Solution to wallet security  (Read 916 times)
truthcracker (OP)
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
June 28, 2011, 12:28:37 PM
 #1
1) Bitcoin client encrypts wallet on startup
2) Virtual keyboard option where the password is entered on a scrambled keypad with a mouse - no key-logger virus possible


How can that be hacked? Much simpler than getting a computer and running a geek os.

Damn that was an actual attempt at being constructive.....
1713877202
Hero Member
*
Offline Offline

Posts: 1713877202

View Profile Personal Message (Offline)

Ignore
1713877202
1713877202
Reply with quote  #2
1713877202
Report to moderator
The trust scores you see are subjective; they will change depending on who you have in your trust list.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1713877202
Hero Member
*
Offline Offline

Posts: 1713877202

View Profile Personal Message (Offline)

Ignore
1713877202
1713877202
Reply with quote  #2
1713877202
Report to moderator
1713877202
Hero Member
*
Offline Offline

Posts: 1713877202

View Profile Personal Message (Offline)

Ignore
1713877202
1713877202
Reply with quote  #2
1713877202
Report to moderator
Alex Beckenham
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
June 28, 2011, 12:38:50 PM
 #2
As soon as you enter your password, the contents of the wallet are decrypted so your private keys could be read from RAM.
http://btcriches.com/images/btcriches468.gif

 Need to contact me? Please read this.

 http://payb.tc/alex
julz
Legendary
*
Offline Offline

Activity: 1092
Merit: 1001



View Profile
June 28, 2011, 12:41:06 PM
 #3
Quote from: truthcracker on June 28, 2011, 12:28:37 PM
2) Virtual keyboard option where the password is entered on a scrambled keypad with a mouse - no key-logger virus possible
How can that be hacked? Much simpler than getting a computer and running a geek os.

A virus could use the Remote Frame Buffer protocol (the protocol used in VNC) to capture the pad entry.  The virus might be smart enough to at least identify which window to capture - even if it just packages up the info to send to a human to read off the actual numbers that were input.

I don't doubt there are other ways too.
@electricwings   BM-GtyD5exuDJ2kvEbr41XchkC8x9hPxdFd
mouse
Newbie
*
Offline Offline

Activity: 56
Merit: 0



View Profile
June 28, 2011, 12:42:10 PM
 #4
unless you only keep it there for a fraction of a nanosecond, and you use memory layout randomization, and, and, etc

Still possible, but progressivly more unlikely
truthcracker (OP)
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
June 28, 2011, 12:42:49 PM
 #5
Quote from: Alex Beckenham on June 28, 2011, 12:38:50 PM
As soon as you enter your password, the contents of the wallet are decrypted so your private keys could be read from RAM.


XLNT point
truthcracker (OP)
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
June 28, 2011, 12:44:24 PM
 #6
Quote from: julz on June 28, 2011, 12:41:06 PM
Quote from: truthcracker on June 28, 2011, 12:28:37 PM
2) Virtual keyboard option where the password is entered on a scrambled keypad with a mouse - no key-logger virus possible
How can that be hacked? Much simpler than getting a computer and running a geek os.

A virus could use the Remote Frame Buffer protocol (the protocol used in VNC) to capture the pad entry.  The virus might be smart enough to at least identify which window to capture - even if it just packages up the info to send to a human to read off the actual numbers that were input.

I don't doubt there are other ways too.




Hmmmm ok what about a keypad that you hover over that changes letters in a separate window like big [A B C] when you click THAT letter hits?
compro01
Hero Member
*****
Offline Offline

Activity: 590
Merit: 500



View Profile
June 28, 2011, 02:54:26 PM
 #7
Quote from: julz on June 28, 2011, 12:41:06 PM
Quote from: truthcracker on June 28, 2011, 12:28:37 PM
2) Virtual keyboard option where the password is entered on a scrambled keypad with a mouse - no key-logger virus possible
How can that be hacked? Much simpler than getting a computer and running a geek os.

A virus could use the Remote Frame Buffer protocol (the protocol used in VNC) to capture the pad entry.  The virus might be smart enough to at least identify which window to capture - even if it just packages up the info to send to a human to read off the actual numbers that were input.

I don't doubt there are other ways too.

or just simply take a screenshot via triggering the print screen key every time the mouse is clicked and bitcoin.exe is running.
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Bitcoin Discussion > Solution to wallet security
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!