Bitcoin Forum
November 14, 2024, 08:41:12 AM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: Can viruses steal people's bitcoin purses? What can be done for protection?  (Read 12409 times)
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470
Merit: 1006


Bringing Legendary Har® to you since 1952


View Profile
January 11, 2011, 04:40:03 AM
 #21

If you're using Linux for bitcoin & only install software from signed repositories & keep system up to date, then probability of infection is almost unexistant.

You should be more worried if You're using Windows however.

Sadly Linux installs with outdated patches tend to get penetrated quite often.  Hosting software, in particular, is often copied into a webspace by an "install script" and just left to rot, unpatched.

I'm not saying about hosting software, I'm saying about a Desktop computer with newest version of Firefox installed.
And contrary to some hostings which use such install scripts installing unstable & unsecure shit (by the way, what hosting companies are these ? i will know what to avoid - thx), standard desktops are not so suspectible to infections - of course only if you install software from signed repos and keep updated.

That's because "standard desktops" do not serve anything to outgoing world as hostings do.

jgarzik
Legendary
*
qt
Offline Offline

Activity: 1596
Merit: 1100


View Profile
January 11, 2011, 05:31:13 AM
 #22

And contrary to some hostings which use such install scripts installing unstable & unsecure shit (by the way, what hosting companies are these ? i will know what to avoid - thx),

Any web host -- it's the whole workflow that is insecure.  Install scripts are downloaded and run by the webmaster, which installs (for example) the latest version of phpBB inside their webspace.  Time passes, phpBB is not automatically updated, and the eventual intrusion occurs.

Most software offered by the webhost themselves is more likely to be patched regularly, and stay up-to-date on security.


Quote
That's because "standard desktops" do not serve anything to outgoing world as hostings do.

Quite true.

Jeff Garzik, Bloq CEO, former bitcoin core dev team; opinions are my own.
Visit bloq.com / metronome.io
Donations / tip jar: 1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1010


View Profile
January 11, 2011, 09:08:16 AM
 #23

I almost felt like I needed another shower after reading up on this:
  http://www.viruszoo.com

Fortunately searching for bitcoin there still returns "Found (0) viruses." but i suspect with this project's wider visibility that to become no longer true at some point.

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1010


View Profile
January 14, 2011, 11:35:58 AM
 #24

Worm_Rixobot.A

Quote
Having taken over a user’s machine the worm terminates a range of Windows and security programs and block access to websites while a splash screen demands that users pay the Russian rouble equivalent of $12 by texting a premium-rate SMS number in order to receive an unlock key.
  http://ecommerce-journal.com/node/30836




Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


alowm
Newbie
*
Offline Offline

Activity: 26
Merit: 0



View Profile
January 14, 2011, 03:55:19 PM
 #25

with newest version of Firefox installed.

http://www.mozilla.org/security/known-vulnerabilities/firefox36.html

Web browsers have proven to be one of the most difficult types of application to secure against buffer overflows, off by one errors, heap corruption, race conditions, etc.

Once local access has been obtained, the attacker can probably do what he needs to do in order to steal your wallet. How many Linux users leave bitcoind somewhere in their home directory and writable by their user account? The attacker could replace bitcoind with his own version and your wallet would be emptied the next time you restart it. Smiley

0-day exploits would become even more godly if something like bitcoin ever becomes relatively mainstream.
Anonymous
Guest

January 15, 2011, 04:11:13 AM
 #26

Backups are like condoms...if they only save you once a year...its a goodyear.
alowm
Newbie
*
Offline Offline

Activity: 26
Merit: 0



View Profile
January 15, 2011, 09:41:57 AM
 #27

Backups are like condoms...if they only save you once a year...its a goodyear.

A backup of an empty wallet isn't going to be very useful, though backups, in general, are a good thing. Smiley
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470
Merit: 1006


Bringing Legendary Har® to you since 1952


View Profile
January 16, 2011, 02:43:29 AM
 #28

with newest version of Firefox installed.

http://www.mozilla.org/security/known-vulnerabilities/firefox36.html

Web browsers have proven to be one of the most difficult types of application to secure against buffer overflows, off by one errors, heap corruption, race conditions, etc.

Once local access has been obtained, the attacker can probably do what he needs to do in order to steal your wallet. How many Linux users leave bitcoind somewhere in their home directory and writable by their user account? The attacker could replace bitcoind with his own version and your wallet would be emptied the next time you restart it. Smiley

0-day exploits would become even more godly if something like bitcoin ever becomes relatively mainstream.

1. Use Noscript, Adblock, Flashblock
2. Run bitcoin with a different user (making this default option in bitcoin client shouldn't be very difficult, at least in Linux/UNIX), perhaps in chroot.

Problem solved.

alowm
Newbie
*
Offline Offline

Activity: 26
Merit: 0



View Profile
January 16, 2011, 03:38:37 AM
 #29

1. Use Noscript, Adblock, Flashblock
2. Run bitcoin with a different user (making this default option in bitcoin client shouldn't be very difficult, at least in Linux/UNIX), perhaps in chroot.

Problem solved.

1. Noscript/Adblock/Flashblock don't protect against a large subset of the vulnerabilities found to date in Firefox. The browser itself is insecure in almost all areas (but so are all the others, too).

2. This is a good idea. To add another level of paranoia, you could compile a static version of bitcoind so that you don't have to rely on potentially compromised shared libraries.
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470
Merit: 1006


Bringing Legendary Har® to you since 1952


View Profile
January 16, 2011, 04:31:15 AM
 #30

1. Use Noscript, Adblock, Flashblock
2. Run bitcoin with a different user (making this default option in bitcoin client shouldn't be very difficult, at least in Linux/UNIX), perhaps in chroot.

Problem solved.

1. Noscript/Adblock/Flashblock don't protect against a large subset of the vulnerabilities found to date in Firefox. The browser itself is insecure in almost all areas (but so are all the others, too).

Incorrect.

Noscript protects against almost ALL possible vulnerabilities, because it disables simply everything that can cause security problems (Javascript, JAVA, Iframes, HTML5 storage and such).
I dare you to show me a 0-day vulnerabitilty that will still work after i install Noscript.

Also, i wouldn't call firefox a buggy/insecure browser. It is quite secure, because vulnerabilities are very quickly (48 hours AFAIK) fixed. This is the power of open source.

alowm
Newbie
*
Offline Offline

Activity: 26
Merit: 0



View Profile
January 16, 2011, 05:57:10 AM
 #31

I dare you to show me a 0-day vulnerabitilty that will still work after i install Noscript.

This was 0-day at the time: http://www.mozilla.org/security/announce/2010/mfsa2010-41.html

There's more in the link I provided to Mozilla's "Security Advisories" page. NoScript is a good plugin, but it's not going to keep you 100% safe. This mentality is dangerous. Even the plugin architecture itself is not infallible.

Also, i wouldn't call firefox a buggy/insecure browser. It is quite secure, because vulnerabilities are very quickly (48 hours AFAIK) fixed. This is the power of open source.

Firefox has failed to survive (along with almost every other major browser) the last two annual Pwn2Own contests. Open Source projects generally do react more quickly to security issues than their closed source brethren, but that's a moot point when your wallet is now empty. The browsers can, also, only be patched after the vulnerabilities/exploits are public. Until then, you're screwed.

I've established in this thread that web browsers (all of them) are generally insecure and would likely be a primary attack vector. Disabling plugins (Java, Flash), using NoScript with Firefox, and keeping your browser up-to-date are your best bets for now.

I'll provide shellcode later for siphoning BTC out of the official Windows Bitcoin client if anyone is interested.
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470
Merit: 1006


Bringing Legendary Har® to you since 1952


View Profile
January 16, 2011, 07:18:53 AM
 #32

Open Source projects generally do react more quickly to security issues than their closed source brethren, but that's a moot point when your wallet is now empty. The browsers can, also, only be patched after the vulnerabilities/exploits are public. Until then, you're screwed.

Well, you've got a point here.

I guess that
1) There is still possibility of running Bitcoin as a different user, or
2) Perhaps everybody should keep their bitcoins on an small, specialized system which is not directly connected to internet (can only be accessed over SSH from your home). That would be a kind of "personal digital safe".

I think that once Bitcoin becomes really popular, somebody may start producing/selling such "digital personal safes" from 2) and advertise them around bitcoiners.

alowm
Newbie
*
Offline Offline

Activity: 26
Merit: 0



View Profile
January 16, 2011, 10:42:42 AM
 #33

1) There is still possibility of running Bitcoin as a different user, or

Hmm, I've been thinking about this issue now that we're discussing it. Running the bitcoin process as a separate user has a few considerations:

1. The bitcoin binary/libraries/wallet cannot be writable by the main, non-root user account on the system. As I stated earlier, a modified binary could be silently slipped into place.
2. The main, non-root user cannot be allowed to interact with bitcoin in any manner. This precludes the use of setuid and setgid to force bitcoin to run as a different user and still have the GUI or command-line interfaces available. Exploit code can simply manipulate the controls of the GUI by sending them messages (I'll post a Windows example later) or communicate with the command-line client via spawning a process or some method of interprocess communication available on the OS.
3. Because of 2., you might as well just log out of the main user account completely before logging into your secondary account to run bitcoin. The only way (I can think of at the moment) for someone to interfere with that process is to have subverted your OS at the kernel level (custom kernel driver/rootkit) or to trick a privileged process into spawning another privileged process that can manipulate bitcoin or your wallet (see: Confused Deputy Problem).

This is a situation where the inversely proportional relationship between security and usability becomes evident.

I will probably use an encrypted thumbdrive with a minimalist bootable Linux image for bitcoin if we ever get to this point. For now, it's fun to speculate, though. We should create a threat flowchart. Smiley

2) Perhaps everybody should keep their bitcoins on an small, specialized system which is not directly connected to internet (can only be accessed over SSH from your home). That would be a kind of "personal digital safe".

This made me think of something interesting. In addition to having a specialised system or bootable disc image exclusively for bitcoin, you could also configure it with an inward facing firewall that only allows outbound traffic that is part of bitcoin. Maybe you'd want to allow other small exceptions for debugging network issues (like ICMP traffic), but that would greatly reduce the number of potentially exploitable applications interfacing with the network.
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470
Merit: 1006


Bringing Legendary Har® to you since 1952


View Profile
January 16, 2011, 12:49:36 PM
 #34

This made me think of something interesting. In addition to having a specialised system or bootable disc image exclusively for bitcoin, you could also configure it with an inward facing firewall that only allows outbound traffic that is part of bitcoin. Maybe you'd want to allow other small exceptions for debugging network issues (like ICMP traffic), but that would greatly reduce the number of potentially exploitable applications interfacing with the network.

This is completely doable using existing technologies in a reasonable time - you could create a custom Linux distro with specialized scripts & QoS software preinstalled. All the needed software already exists. Shoudln't be very difficult for an average Linux-geek.

Once bitcoin becomes mainstream, i guess we're going to see many of these.

brocktice
Sr. Member
****
Offline Offline

Activity: 292
Merit: 250


Apparently I inspired this image.


View Profile WWW
January 16, 2011, 10:13:26 PM
 #35

I will probably use an encrypted thumbdrive with a minimalist bootable Linux image for bitcoin if we ever get to this point. For now, it's fun to speculate, though. We should create a threat flowchart. Smiley

I understand that with root access on the host machine, very few things are impossible, but would running a VM in kvm or vmware player for example, used only for Bitcoin, provide a reasonable improvement in isolation for the required effort? I mean here a linux guest on a linux host.

http://media.witcoin.com/p/1608/8----This-is-nuts

My #bitcoin-otc ratings: http://bitcoin-otc.com/viewratingdetail.php?nick=brocktice&sign=ANY&type=RECV

Like my post? Leave me a tip: 15Cgixqno9YzoKNEA2DRFyEAfMH5htssRg
alowm
Newbie
*
Offline Offline

Activity: 26
Merit: 0



View Profile
January 17, 2011, 01:33:24 AM
 #36

I understand that with root access on the host machine, very few things are impossible, but would running a VM in kvm or vmware player for example, used only for Bitcoin, provide a reasonable improvement in isolation for the required effort? I mean here a linux guest on a linux host.

It would up until a large subset of people started using a system like this. Then you'd likely start to see VM-traversing code.

Running in a VM wouldn't increase security on its own (since it's just another level of indirection for an attacker to overcome once they're aware of it), but it would initially keep you safer since you'd be in a minority on which an attacker would not spend development time. Less "bang for your buck". That layer of indirection becomes less valuable when/if the minority grows.
caveden
Legendary
*
Offline Offline

Activity: 1106
Merit: 1004



View Profile
January 17, 2011, 09:58:36 AM
 #37

it disables simply everything that can cause security problems (Javascript, JAVA, Iframes, HTML5 storage and such).

Wow, basically, it disables the web... It's comparable to live in a plastic bubble in order not to get air contagious diseases.
ribuck
Donator
Hero Member
*
Offline Offline

Activity: 826
Merit: 1060


View Profile
January 17, 2011, 10:27:56 AM
 #38

Wow, basically, it disables the web... It's comparable to live in a plastic bubble in order not to get air contagious diseases.

It's comparable to diabetics who only inject themselves using syringes from trusted sources.

You can disable restrictions for sites that use the blocked technologies in ways that are useful to you, provided you trust those sites.
caveden
Legendary
*
Offline Offline

Activity: 1106
Merit: 1004



View Profile
January 17, 2011, 01:32:37 PM
 #39

You can disable restrictions for sites that use the blocked technologies in ways that are useful to you, provided you trust those sites.

Ok, seems fair enough... I will give it a try. Wink
brocktice
Sr. Member
****
Offline Offline

Activity: 292
Merit: 250


Apparently I inspired this image.


View Profile WWW
January 17, 2011, 03:24:03 PM
 #40

You can disable restrictions for sites that use the blocked technologies in ways that are useful to you, provided you trust those sites.

Ok, seems fair enough... I will give it a try. Wink

I use NoScript. It's a pain, but it really reduces your exposure to attack vectors. As has been discussed in this thread, it does not completely protect you, but it's a good first step.

http://media.witcoin.com/p/1608/8----This-is-nuts

My #bitcoin-otc ratings: http://bitcoin-otc.com/viewratingdetail.php?nick=brocktice&sign=ANY&type=RECV

Like my post? Leave me a tip: 15Cgixqno9YzoKNEA2DRFyEAfMH5htssRg
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!