How governments could destroy bitcoin (for most) in one day

[rovchris]

Also why would the NSA have bothered to create PRISM if they can just get in through a backdoor on your PC??

The mind truly boggles.

[Matthew N. Wright]

Also why would the NSA have bothered to create PRISM if they can just get in through a backdoor on your PC??

The mind truly boggles.

PRISM is an ongoing effort. A "red button" is a one-time panic solution.

[buysellbitcoin]

Oh brother... The mental energy that is exhausted in this forum is astounding. Could power a small nation.

Always wanted to say this... Never got this words.. You nailed it

Cheers

[grue]

Ok, you don't need all vendors to be compromised at once and who said anything about them being 'hacked'.   Governments can easily coerce any large company into signing anything.  

that's the point. It's highly unlikely that every software vendor is hacked. of course they can coerce the companies, but it would be very hard for the "government" to frame anyone.

Even with a wallet backup, you can have your client patched to steal your password and coins the next time you make a transaction.

bitcoin builds can be audited by anyone. plus with hardware wallets, it would be very hard to "patch" anything.

You know, there is software that "encrypts" the binary so that it does a self-check if the binary has been modified. I think it was a Themida based protection.

bitcoin is open source, you can always build your own copy without protection.

Why the conspiracy theories? In the US the gov could do it the same as they did with online poker - make it so it's illegal for banks to send money to bitcoins and to not allow US firms to accept them. If we can't do wires, dwolla, moneygram, etc it becomes exceedingly hard to buy / sell bitcoins. It wouldn't shut it down entirely yet without the convenience of being able to use them the appeal would rapidly bring the value down and no real value as an online exchange medium.

because it's human nature to think that "someone" is out to get you. it's easy and reassuring to point the finger at a powerful authority, such as the US government.

[pedrog]

Hey, I think you have something rolling here.

Somewhere in the near future were there is a global government and the bitcoin economy is somehow threatening that power, DRM is everywhere and OSS is threatened by the IP/copyright/Patent Lobby, a new worm is created by some government/military/bank shady organization to wipe out all traces of bitcoin...

This could be a scifi thriller.

Hey bytemaster, make this into a PDF and sell it for bitcoins, you might become the Dan Brown of bitcoin..

[bytemaster]

Clearly hardware wallets would solve this, especially open-source hardware.   Building your own copy of Bitcoin does not solve it nor would encrypting it.   If I have root access to your machine (because I am a trusted software vendor in bed with the government) then I could easily modify and patch the copy that you were careful to build from source yourself.   You claim the government wouldn't be able to frame these companies...  I am not suggesting that the company would be framed (they are a partner in the crime via coercion).   

The point of this isn't to be 'overly paranoid' but highlight a major security hole we all expose ourself to by 'trusting' automated updates. 

All I know is that governments regularly approach companies and demand backdoors into their products (Skype).  The only thing that could keep a company honest is dealing with multiple different countries all of which depend upon their computers being secure from other countries.   If these governments use these commercial products then they must believe them to be secure.   

All I know is that there is a reason top-secret computers are kept unplugged from any external network and no data is ever allowed to leave. 

If you trust Apple, Google, and other tech companies not to cave to government pressure to sneak a patch to spy, tamper, or otherwise undermine your security then good for you.  Ultimately I am putting some trust here as well.   The more important question is can these companies really be trusted any more than the banking system we are trying to reform?
 

[spiral_mind]

So your hypothetical government's master plan to wipe Bitcoin off the planet is foiled by people who back up their Bitcoin wallets.

Shouldn't that be everyone? What idiot doesn't back up their Bitcoin wallet? This is no threat to Bitcoin, this is a joke.

Did you ever pay out those two 10 BTC bounties you posted (for showing there is a problem with your BitShares and sub-currencies linked to nothing proposal)? Someone deserves them at least. Your proposal had nothing to make it work just like this 'threat' to Bitcoin so you really should put your money where your mouth is if you want anyone to take you seriously.

[QuestionAuthority]

In the end there's nothin you can do to defeat Skynet. They're gonna get ya. Better run and hide. rofl

[ArticMine]

The risk here is very different with Microsoft Windows and MAC OS X than with GNU/Linux.

1) In the case of Microsoft Windows what the OP describes is very easy to implement, since the operating system is propriety software. It is easy to keep this quite until the date and time of the attack. The patch is included in a software update from the "trusted" vendor Microsoft and delayed in effect in order to maximize installation. With over 90% market share in the desktop the impact on Bitcoin would be huge (knocking out the vast majority of nodes for example) but not fatal (see (3) below). We must also keep in mind that since the advent of the DRM in Windows Vista https://en.wikipedia.org/wiki/Criticism_of_Windows_Vista Windows Administrators do not really have the equivalent to full root access since certain processes are "protected" in order to enforce the DRM as per the MPAA's etc requirements. The paper by Peter Gutmann is very relevant here. http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.html. The situation is getting way worse with Windows 8. It is fair to say that Microsoft Windows is the single biggest vulnerability for a centralized attack that Bitcoin has, and it is not just governments we have to be concerned about here. An attack by a criminal / terrorist organization that finds a vulnerability in Microsoft Windows is far more likely and could be equally harmful.

2) As for Mac OS X the attack under (1) is possible since again the operating system is for the most part propriety. The one difference from Microsoft Windows and also from its mobile cousin IOS is that it is not as infected with DRM at the OS Level as Microsoft Windows or IOS. Maybe an Mac Expert can clarify this but I do believe that root in Mac OS X is for real. So the attack is possible but harder and easer to defend against. Because of this and the low relative to Microsoft Windows market share of Mac OS X, I would consider the impact of Mac OS X here to be neutral.

3) GNU/Linux. The attack here is very unlikely because of a) The software is Free Software / Open Source so if a binary does not match the source code alarms will sound all over the place. There are literally hundreds of GNU / Linux distributions all over the world. c) Each component of the Operating System is maintained by thousands of different individuals, projects, corporations, and organizations all over the world, many of which have very radical and opposing views. Good luck keeping a secret to coordinate this among the likes of both Richard Stallman and Linus Torvalds for starters. The secret would be out long before any implementation so an attacker would find it in their best interest to limit themselves to Microsoft and its proprietary Windows operating system.

The real question becomes will Bitcoin survive if most of the Windows users and nodes are knocked out? The answer is yes there are enough GNU/Linux users around to ensure Bitcoin's survival so the attack will fail. One possible consequence however is that some of the GNU/Linux users may become very wealthy at the expense of some Microsoft Windows users in the resulting panic.  

The best defence here is simply to stay away from proprietary software and operating systems when using Bitcoin. Here is a list of effective antidotes: http://prism-break.org/

[countryfree]

None of my computers auto-updates. I'm losing some time because of that choice, but I want to be in control of my tools.

[bytemaster]

So your hypothetical government's master plan to wipe Bitcoin off the planet is foiled by people who back up their Bitcoin wallets.

Shouldn't that be everyone? What idiot doesn't back up their Bitcoin wallet? This is no threat to Bitcoin, this is a joke.

Did you ever pay out those two 10 BTC bounties you posted (for showing there is a problem with your BitShares and sub-currencies linked to nothing proposal)? Someone deserves them at least. Your proposal had nothing to make it work just like this 'threat' to Bitcoin so you really should put your money where your mouth is if you want anyone to take you seriously.

I did pay the *one* 10 BTC bounty on an old version of BitShares based upon a design that did not work.  The bounty was well worth it because it led me to the current design.  The new design and white paper being discussed on the Invctus thread will work and the individual who won the original bounty (thezerg) said the new one is much harder to find flaws with. 

And for the record, the attack I am suggesting here does not just mean 'delete' but could also mean modify your bitcoin client.

Sure, everyone knows you *should* backup your wallet.  But that is beside the point because if they could patch the client they could steal your coins brain wallet or not.

[bytemaster]

None of my computers auto-updates. I'm losing some time because of that choice, but I want to be in control of my tools.

* that you know of *

Also, when you do choose to update (say apply an OS patch to fix a security hole) how do you know that is *ALL* that patch does?

[ArticMine]

...

And for the record, the attack I am suggesting here does not just mean 'delete' but could also mean modify your bitcoin client.

Sure, everyone knows you *should* backup your wallet.  But that is beside the point because if they could patch the client they could steal your coins brain wallet or not.

This attack has already been done by malware writers, on the Microsoft Windows platform of course. There is no need to patch the client. All that it needs is a key logger to capture the decryption password and an "evil" client to empty wallet.dat.

[bytemaster]

Once again, the conclusion here is that all private keys must NEVER exist on any networked computer.  That a dedicated hardware solution for managing your private keys (perhaps a Raspberry Pi with hardware-disabled network card) should be used.  

The sooner people recognize this requirement for storing their savings the better.   The trick is that the hardware wallet would require some kind of display to validate the trade prior to signing (incase your hacked bitcoin client created a different transaction that the GUI led you to believe it was creating).

So, a raspberry pi, hooked to a TV with an app that allowed you to see and confirm the transaction loaded via USB drive may be what is required to protect your savings.  This hardware box would never be 'upgraded' and never reveal the private keys to the USB drive.

Paper Wallets, Brain Wallets, etc can all become victim of key loggers and back-door patches to the bitcoin client.  

Sure you can keep a 'live wallet' for easy access and accept the losses if you are compromised.  If I were storing more than a couple thousand dollars then I would want to know that I could trust that my client was not compromised in some easy to verify manner.

[yvv]

I imagined it in more straightforward way - grab some pool owners by the balls, find where majority of asics are located, seize them and make 51% attack.

I double this point.

To hack bitcoin network you need ~70 Thash/sec cluster. GPU based cluster with this power would cost about $70M, ASIC based - just a few million $. Not a big deal for a government of any developed country. If they seize some ASICs, it would cost them even cheaper. After that they could continue to destroy every cripto coin which pops up in the future.

[bytemaster]

Assuming the crypto-coins use the same hash algorithm and only look at the proof of work rather than some other stats like % of known transactions included in the block.   51% attack is not a threat at all except for some small potential for double-spends.

[yvv]

Assuming the crypto-coins use the same hash algorithm and only look at the proof of work rather than some other stats like % of known transactions included in the block.   51% attack is not a threat at all except for some small potential for double-spends.

No, they should not use the same hash algorithm. As long as network is vulnerable to 51% attack, a cluster with enough GPUs can crack it. The fact that neither  governments nor banks attempted to perform 51% attack on any of crypto coins while their hash rates are low means that they have no intention to do war against crypto currencies.

[franky1]

the op assumes bitcoins are stored on a Pc and are able to be deleted.

your personal wallet is just a password file ( your private keys) which give you access to change ownerships of the coins held on the blockchain which is distributed.

so with torrent websites holding many seeds of the latest blockchain database and not everyone doing windows updates to fear their copies of the blockchain/wallet getting destroyed.. there would be very little damage to the network that cant be fixed within 24 hours.

all i would advise is to back up private keys.

[ralree]

Conglaturation!

This thread has earned you, the OP, an honorable IGNORE!

[cypherdoc]

All I know is that governments regularly approach companies and demand backdoors into their products (Skype). 

well then, just use the same encrypted chat software Snowden used to communicate with the Guardian.