Bitcoin Forum
December 03, 2016, 01:53:04 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: Password, what password?  (Read 2864 times)
cdnbcguy
Full Member
***
Offline Offline

Activity: 128


View Profile WWW
December 30, 2010, 03:12:16 AM
 #1

Why doesn't the BC client - currently 0.3.19 - ask for a password? My wallet is on my disk unencrypted, right?

I don't think that's a good idea. I think that the wallet.dat file should be encrypted with AES-256 with a salted hashed password as part of normal operating procedure.

Annona ad! Please keep in mind that there is nothing wrong with Bitcoin itself. All it's scandals are caused by wonky websites and sleazy people exploiting it. The light attracts bugs.

When all this bullshit drys up and blows away, Bitcoin will be stronger than ever.
1480773184
Hero Member
*
Offline Offline

Posts: 1480773184

View Profile Personal Message (Offline)

Ignore
1480773184
Reply with quote  #2

1480773184
Report to moderator
1480773184
Hero Member
*
Offline Offline

Posts: 1480773184

View Profile Personal Message (Offline)

Ignore
1480773184
Reply with quote  #2

1480773184
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480773184
Hero Member
*
Offline Offline

Posts: 1480773184

View Profile Personal Message (Offline)

Ignore
1480773184
Reply with quote  #2

1480773184
Report to moderator
1480773184
Hero Member
*
Offline Offline

Posts: 1480773184

View Profile Personal Message (Offline)

Ignore
1480773184
Reply with quote  #2

1480773184
Report to moderator
jib
Member
**
Offline Offline

Activity: 84


View Profile
December 30, 2010, 03:22:52 AM
 #2

I agree that this would be a useful feature.

It could also be argued, though, that file encryption or disk encryption are better done by separate tools rather than by adding more unnecessary code to the Bitcoin client. Good operating systems support it already.

Looking forward to quantum computing so we can have qubitcoins.
Mahkul
Sr. Member
****
Offline Offline

Activity: 420


Be silent, or be silenced.


View Profile WWW
December 30, 2010, 03:25:48 AM
 #3

The problem is that the Bitcoin application would have to be able to operate on an encrypted file somehow.

Bitalo.com coming soon!

1MAHKULzqZb4evFFg9157LvnJhJQQbeYo7
danknug
Newbie
*
Offline Offline

Activity: 15


View Profile
December 30, 2010, 03:38:43 AM
 #4

An absolute must.  It's only a matter of time until trojans start going for wallet.dat
kiba
Legendary
*
Offline Offline

Activity: 980


View Profile
December 30, 2010, 03:42:06 AM
 #5

If you can't code this feature, you might want to put up a bounty for it.

bitcoinex
Sr. Member
****
Offline Offline

Activity: 350


probiwon.com


View Profile WWW
December 30, 2010, 04:07:15 AM
 #6

Oh no, again?!  Angry

New bitcoin lottery: probiwon.com
- Может, ты ещё и в Невидимую Руку Рынка веруешь? - Зачем же веровать в то, что можно наблюдать непосредственно?
Gavin Andresen
Legendary
*
Offline Offline

Activity: 1652


Chief Scientist


View Profile WWW
December 30, 2010, 04:11:32 AM
 #7

An absolute must.  It's only a matter of time until trojans start going for wallet.dat
If you have a trojan on your computer you've already lost.  The trojan could easily log your keystrokes and send your password along with the encrypted wallet.dat to the bad guys.

How often do you get the chance to work on a potentially world-changing project?
bitcoinex
Sr. Member
****
Offline Offline

Activity: 350


probiwon.com


View Profile WWW
December 30, 2010, 04:13:46 AM
 #8

https://www.bitcoin.org/smf/index.php?topic=1852.0

and many other topics...

New bitcoin lottery: probiwon.com
- Может, ты ещё и в Невидимую Руку Рынка веруешь? - Зачем же веровать в то, что можно наблюдать непосредственно?
Nefario
Hero Member
*****
Offline Offline

Activity: 602


GLBSE Support support@glbse.com


View Profile WWW
December 30, 2010, 04:32:50 AM
 #9

Actually having thought about this for a while (and the threat models in general for many many months) the answer is that no encryption or protection of wallet.dat should be provided by the bitcoin devs at all. I will provide the following reasons in the points below.

1)It will take development time away from core development items. Bitcoin.exe is very young and providing this kind of functionality is too much too soon. We have more important things that need to be done at this time.

2)There is no danger yet. One reason there are so few viruses for Macs is that they are less popular, and as a result writing a virus or trojan for them has less of an overall effect(there are other reasons, but this is one of them). Yes eventually bitcoin and wallet.dat will become a target for trojans but only after it has reached a significant level of popularity. Until it is much more generally accepted as a currency it is of no use to criminals. It will remain below criminals radar for at least 1-2 more years.

3)It will provide a false sense of security to users. Once encryption is used then trojans need only target the users password, and it is very easy for a trojan to steal a password, making all encryption useless. This is why the Pidgin IM follows this route, they believe that encrypting the users passwords (for their IM accounts) will give users a false sense of security, so they leave it un-encrypted, in a text file, and specifically tell the user this.

The actual problem is once a users system is compromised there is nothing that the bitcoin.exe can do to protect wallet.dat

The only way for users to protect themselves is to work in preventing their systems being compromised by trojans and viruses and unauthorised users. This means they must have full disk encryption, if they are using windows they must have good, up to date anti-virus and anti-spyware, keep their system and applications up to date, and be careful where they visit on the internet or what they install. For other operating systems it's a lot easier; full disk encryption and that is pretty much it.

If users want to protect their money they must take action to do so, they must take it seriously. Keep backups etc. They have locks on the doors and windows of their home, some even have alarms. If they have anything worth protecting they hide it. They same can be said for the important information on computers.

And besides, I believe a lot of the people who are here(and using bitcoin) are cypherpunks, crypto-anarchists, and Linux or Mac users, and in general wear tinfoil hats. This is one of the first places I have been where it is considered normal for users of the site to use PGP encryption. The other users are all Austrian school economists, and they will be happy to pay someone to secure their system for them.




PGP key id at pgp.mit.edu 0xA68F4B7C

To get help and support for GLBSE please email support@glbse.com
kiba
Legendary
*
Offline Offline

Activity: 980


View Profile
December 30, 2010, 04:37:46 AM
 #10

Provide an extension architecture and let bitcoiners add their own extension on top of the bitcoin client. Of course, that mean more work for the limited developer pool.

As for me, I don't do backup often because it's not exactly a walk in the park to do them. I have the programming skill to automate my backup, but far too often are distracted by somebody else.

Gavin Andresen
Legendary
*
Offline Offline

Activity: 1652


Chief Scientist


View Profile WWW
December 30, 2010, 04:42:24 AM
 #11

Playing devil's advocate for a moment:

"Security theater" is popular.  It makes people feel safer.  Bitcoin-the-program will probably be more popular if it asks for a password before sending and there is a bullet-point on the feature list:  "State of the art AES-256 encryption."

I believe TrueCrypt is open source; maybe it would be easy to use their password handling / encryption code in bitcoin.  Anybody here looked at their code?

How often do you get the chance to work on a potentially world-changing project?
kiba
Legendary
*
Offline Offline

Activity: 980


View Profile
December 30, 2010, 04:42:47 AM
 #12

http://bitcointalk.org/index.php?topic=2528.msg34263#msg34263

Anonymous
Guest

December 30, 2010, 04:44:20 AM
 #13

Lastpass  Smiley
bitcoinex
Sr. Member
****
Offline Offline

Activity: 350


probiwon.com


View Profile WWW
December 30, 2010, 05:00:48 AM
 #14

Playing devil's advocate for a moment:

"Security theater" is popular.  It makes people feel safer.  Bitcoin-the-program will probably be more popular if it asks for a password before sending and there is a bullet-point on the feature list:  "State of the art AES-256 encryption."

I believe TrueCrypt is open source; maybe it would be easy to use their password handling / encryption code in bitcoin.  Anybody here looked at their code?


Their code are too bad whan bitcoin code, info 100% Smiley

We in Russia have an official program-purse for WebMoney named "Keeper". This program has taken the way of the security theater. As a result it became very difficult to use and yet it is blocked whenever the user changes the hardware. Smiley This is one of the reasons for the rapid loss of market.

New bitcoin lottery: probiwon.com
- Может, ты ещё и в Невидимую Руку Рынка веруешь? - Зачем же веровать в то, что можно наблюдать непосредственно?
cdnbcguy
Full Member
***
Offline Offline

Activity: 128


View Profile WWW
December 30, 2010, 05:25:45 AM
 #15

See, what I want is to have the wallet.dat file encrypted, start the BC client, have it ask for my password, read and decrypt the wallet.dat file and keep it in ram, never write a clear version to the disk.

When I create a new key pair, it writes it in encrypted form to the disk. No need to encrypt it when saving as it is never on the disk in clear.

Annona ad! Please keep in mind that there is nothing wrong with Bitcoin itself. All it's scandals are caused by wonky websites and sleazy people exploiting it. The light attracts bugs.

When all this bullshit drys up and blows away, Bitcoin will be stronger than ever.
davout
Legendary
*
Offline Offline

Activity: 1358


1davout


View Profile WWW
December 30, 2010, 08:01:52 AM
 #16

See, what I want is to have the wallet.dat file encrypted, start the BC client, have it ask for my password, read and decrypt the wallet.dat file and keep it in ram, never write a clear version to the disk.

When I create a new key pair, it writes it in encrypted form to the disk. No need to encrypt it when saving as it is never on the disk in clear.
Keeping things in RAM doesn't make anything safer, at all, understood that the day i downloaded my first Diablo trainer.

caveden
Legendary
*
Offline Offline

Activity: 1106



View Profile
December 30, 2010, 08:36:10 AM
 #17

If we really want to give the average user a good chance of protecting his wallet, it would be more effective to allow the split of a wallet by just "pressing a button". A new wallet file, encrypted with a given password, would be created, and the corresponding coins would not be on the main file anymore. Then the program recommends the user to keep multiple backups of this piece of wallet on safe, disconnected devices.
I know all this can be done manually or with scripting, but I just don't see my parents doing so. Cheesy

This is the best approach in terms of security. But Gavin has a really good point when he says that a built-in encryption gives the feeling of security, and may increase bitcoin adoption. And, well, such protection can be effective against not-so-expert attacks, for instance somebody that happens to have access to your computer while you're not there (a "friend" that you shouldn't have trusted, that new nanny you just hired etc...). Of course, such kind of risk will only be something to worry about when bitcoin reaches mainstream, and by then we'll probably have multiple clients doing built-in encryption...

18rZYyWcafwD86xvLrfuxWG5xEMMWUtVkL
theymos
Administrator
Legendary
*
Offline Offline

Activity: 2492


View Profile
December 30, 2010, 08:52:24 AM
 #18

If we really want to give the average user a good chance of protecting his wallet, it would be more effective to allow the split of a wallet by just "pressing a button". A new wallet file, encrypted with a given password, would be created, and the corresponding coins would not be on the main file anymore.

This is the best solution. Bitcoin doesn't even need to do the encryption (though it would be nice) -- it just needs to split the wallet. Then users can secure their "savings account file" appropriately.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
grondilu
Legendary
*
Offline Offline

Activity: 1134


View Profile
December 30, 2010, 09:09:24 AM
 #19

If we really want to give the average user a good chance of protecting his wallet, it would be more effective to allow the split of a wallet by just "pressing a button". A new wallet file, encrypted with a given password, would be created, and the corresponding coins would not be on the main file anymore.

This is the best solution. Bitcoin doesn't even need to do the encryption (though it would be nice) -- it just needs to split the wallet. Then users can secure their "savings account file" appropriately.

+1
Timo Y
Legendary
*
Offline Offline

Activity: 938


bitcoin - the aerogel of money


View Profile
December 30, 2010, 09:33:20 AM
 #20

Encrypting your "current account" wallet.dat on the HD is no protection against trojans or hackers because sooner or later it must be decrypted again (at the latest when you want to send a transaction).

So the first priority should be protecting your system against infiltration.  Use a firewall, don't install too much crap, and only connect via Tor (that way you are not advertising to the whole world - hey eveybody, there is a wallet.dat located at this IP address!).

Also, keep your coins in more than one wallet.


GPG ID: FA868D77   bitcoin-otc:forever-d
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!