|
|
Rules85
Member
 Offline
Activity: 182
Merit: 10
|
 |
January 07, 2018, 11:19:58 AM |
|
As you can see, all you need to do is update your wallet, so it's perfectly fine, and you don't need to worry about it.
|
|
|
|
DooMAD
Legendary
Offline
Activity: 3808
Merit: 3160
Leave no FUD unchallenged
|
|
January 07, 2018, 12:04:53 PM |
|
As you can see, all you need to do is update your wallet, so it's perfectly fine, and you don't need to worry about it.
Strictly speaking, if you neglected to put a password on your wallet, then you probably should worry as your funds are currently vulnerable. But other than that, yes, it should just be a simple update. Users of Bitcoin and other cryptocurrencies should also be vaguely aware of the security risks around JavaScript generally. It's not just any given website you happen to be visiting that could potentially run malicious code, but also all the third party websites utilised by that site which handle all manner of things from advertising to multimedia plugins. Browsing the internet with JavaScript completely disabled will result in a somewhat limited experience, as many websites won't function correctly. So the trade-off is to use a browser plugin to manually pick and choose which sites are safe to run JavaScript and which ones should be blocked. For any Firefox/Mozilla users, there's NoScript and I'm pretty sure there's something similar for Chrome users. You'll have to click some buttons for each and every website you know and trust to allow JavaScript, which does take some time and effort, but it's worth it. |
|
|
|
|
Casey7
Member
Offline
Activity: 266
Merit: 10
|
|
January 07, 2018, 12:15:16 PM |
|
As you can see, all you need to do is update your wallet, so it's perfectly fine, and you don't need to worry about it.
I think so. You dont need to be worry about it because it just need to be upgrade then everything would be alright. I think we need to do this to protect our account and make higher security |
|
|
|
|
|
NavI_027
|
|
January 07, 2018, 12:21:16 PM |
|
End your worries now, you just only need to update your wallet to fix this issue. So if you are still using the old version then better for you to update as soon as possible to avoid the risk of losing your coins.
|
|
|
|
|
iamjher
Newbie
Offline
Activity: 17
Merit: 0
|
|
January 07, 2018, 12:26:44 PM |
|
I have read about it and its very alarming specially to those who mainly use electrum as a wallet.
I do have electrum wallet because of its signing message function which will i be needing for some purpose.
but don't worry guys developers already have an solution, you just need to update your electrum.
|
|
|
|
|
Kittygalore
Member
Offline
Activity: 868
Merit: 63
|
|
January 07, 2018, 12:32:00 PM |
|
Don't panic! all you need to do is uninstall your electrum and reinstall it or just update, easy as 123 solution but i think there are some people who lost some of their funds because of that issue. Wallets are improving and so the hackers and scammers too, be careful guys even if its safe bad guys will surely look for it.
|
|
|
|
|
|
paolo099
|
|
January 07, 2018, 12:33:48 PM |
|
besides the wallet, if you have no password in your wallet, you deserve to be hacked because really, that means you don't give a value to your BTC (dust or not), as soon as i saw the red dot at the top of this page i have upgraded my electrum wallet and everything went fine.
If you don't have a password now it's the time to encrypt it, now.. come on guys, you will not regret to have a password but you will cry hard if you get hacked because you're too lazy to add it.
|
|
|
|
|
xlcus
Legendary
Offline
Activity: 966
Merit: 1009
|
|
January 07, 2018, 12:35:05 PM |
|
I also used the electrum.
Is there any report that someone got lost with electrum so far?
|
|
|
|
|
|
BitcoinHodler
|
|
January 07, 2018, 12:36:29 PM |
|
besides the wallet, if you have no password in your wallet, you deserve to be hacked because really, that means you don't give a value to your BTC (dust or not), as soon as i saw the red dot at the top of this page i have upgraded my electrum wallet and everything went fine.
If you don't have a password now it's the time to encrypt it, now.. come on guys, you will not regret to have a password but you will cry hard if you get hacked because you're too lazy to add it.
it is not such a good idea to open your Electrum now that this method of exploiting it have been made public, there are going to be a lot of people who will try to abuse this. first upgrade your wallet to the new version (or wait a while to see if it is all fixed and then upgrade to the latest version) then attempt to set a password. it is worth mentioning that none of this would have mattered if you were using cold storage! |
Holding Bitcoin More Every Day
|
|
|
Shamefulpilchard
Newbie
Offline
Activity: 33
Merit: 0
|
|
January 07, 2018, 12:37:03 PM |
|
Thanks guys! Quickly updated to the latest version as soon as I read this thread. Glad to hear that the flaw wasn't permanently damaging to Electrum.
|
|
|
|
|
Blackhammer321
Member
Offline
Activity: 400
Merit: 59
|
|
January 07, 2018, 12:38:08 PM |
|
You just only need to update your electrum to 3.0.4 version to solve that issue. Old version might be vulnerable for some who does not use password on his/her wallet other than that you don't have to worry much. I've read that electrum is vulnerable on past version and uses javascripts to do it.
|
|
|
|
|
|
paolo099
|
|
January 07, 2018, 12:39:55 PM |
|
besides the wallet, if you have no password in your wallet, you deserve to be hacked because really, that means you don't give a value to your BTC (dust or not), as soon as i saw the red dot at the top of this page i have upgraded my electrum wallet and everything went fine.
If you don't have a password now it's the time to encrypt it, now.. come on guys, you will not regret to have a password but you will cry hard if you get hacked because you're too lazy to add it.
it is not such a good idea to open your Electrum now that this method of exploiting it have been made public, there are going to be a lot of people who will try to abuse this. first upgrade your wallet to the new version (or wait a while to see if it is all fixed and then upgrade to the latest version) then attempt to set a password. it is worth mentioning that none of this would have mattered if you were using cold storage! i completely agree with you and bear in mind, my advice to add a password to your electrum wallet is to do it AFTER you updated to the newest version! And of course, cold storage does not have bugs  |
|
|
|
|
ManaMan
Member
Offline
Activity: 238
Merit: 38
|
|
January 07, 2018, 12:42:29 PM |
|
I also used the electrum.
Is there any report that someone got lost with electrum so far?
So far none that I am aware of, even if one or few person lost their funds this way question is if they would even report it. They might be new to crypto or they may have all sorts of things in their minds about that it was their mistake. This is why if you simply follow up with updates of any software no matter if it's oriented to crypto, it should be safer and more secure. Keep up wit updates and always encrypt your wallet. I mean even if some guy saw this issue and tried to use and exploit it and steal funds from others he wouldn't get far if user have set password and I mean strong one. besides the wallet, if you have no password in your wallet, you deserve to be hacked because really, that means you don't give a value to your BTC (dust or not), as soon as i saw the red dot at the top of this page i have upgraded my electrum wallet and everything went fine.
If you don't have a password now it's the time to encrypt it, now.. come on guys, you will not regret to have a password but you will cry hard if you get hacked because you're too lazy to add it.
it is not such a good idea to open your Electrum now that this method of exploiting it have been made public, there are going to be a lot of people who will try to abuse this. first upgrade your wallet to the new version (or wait a while to see if it is all fixed and then upgrade to the latest version) then attempt to set a password. it is worth mentioning that none of this would have mattered if you were using cold storage! Well at least they hope that some news sites will pick it up and imform community about an update, do you think that many people upgraded their previous versions? Some people might not even upgraded it to support LN... They have to make it public and raise awareness in my opinion. |
|
|
|
|
|
BitcoinHodler
|
|
January 07, 2018, 12:44:49 PM |
|
besides the wallet, if you have no password in your wallet, you deserve to be hacked because really, that means you don't give a value to your BTC (dust or not), as soon as i saw the red dot at the top of this page i have upgraded my electrum wallet and everything went fine.
If you don't have a password now it's the time to encrypt it, now.. come on guys, you will not regret to have a password but you will cry hard if you get hacked because you're too lazy to add it.
it is not such a good idea to open your Electrum now that this method of exploiting it have been made public, there are going to be a lot of people who will try to abuse this. first upgrade your wallet to the new version (or wait a while to see if it is all fixed and then upgrade to the latest version) then attempt to set a password. it is worth mentioning that none of this would have mattered if you were using cold storage! i completely agree with you and bear in mind, my advice to add a password to your electrum wallet is to do it AFTER you updated to the newest version! And of course, cold storage does not have bugs yeah, i was just clarifying. and technically speaking the cold storage[1] has the bugs since it is the same software you are running but it is not affected by this particular issue and most of the rest that usually cause issues similar to this one like the new CPU meltdown and specter attacks. [1] http://docs.electrum.org/en/latest/coldstorage.html |
Holding Bitcoin More Every Day
|
|
|
xiaowu55
Newbie
Offline
Activity: 84
Merit: 0
|
|
January 07, 2018, 12:49:24 PM |
|
It gives us a warning Our wallets may not be safe, the safety of the purse is worth we suspect If we "had been stolen Who is responsible for So we should be prepared for protection It is very important for us the wallet operators should also be measures Timely find loopholes And in a timely manner to repair
|
|
|
|
|
cellard
Legendary
Offline
Activity: 1372
Merit: 1252
|
|
January 07, 2018, 01:04:05 PM |
|
This is great. It points out at how SPV wallets are a waste of time and why you should run your own full Bitcoin client to process your own transactions and put your coins in cold storage.
This also points out at how big blockers are terrorists against Bitcoin, as they want to get the power away from the users running full Bitcoin clients and they want everyone using nodes only except corporations.
Roger Ver and co are the biggest threats to Bitcoin.
|
|
|
|
|
|
BitcoinHodler
|
|
January 07, 2018, 01:15:53 PM |
|
This is great. It points out at how SPV wallets are a waste of time and why you should run your own full Bitcoin client to process your own transactions and put your coins in cold storage.
This also points out at how big blockers are terrorists against Bitcoin, as they want to get the power away from the users running full Bitcoin clients and they want everyone using nodes only except corporations.
Roger Ver and co are the biggest threats to Bitcoin.
dude take a chill pill  this has nothing to do with Electrum being an SPV wallet. it is only because the JSONRPC interface of electrum were not using encryption. even if Electrum were a full client the same thing could have happened. read the issue: https://github.com/spesmilo/electrum/issues/3374 |
Holding Bitcoin More Every Day
|
|
|
DooMAD
Legendary
Offline
Activity: 3808
Merit: 3160
Leave no FUD unchallenged
|
|
January 07, 2018, 04:04:56 PM |
|
This is great. It points out at how SPV wallets are a waste of time and why you should run your own full Bitcoin client to process your own transactions and put your coins in cold storage.
This also points out at how big blockers are terrorists against Bitcoin, as they want to get the power away from the users running full Bitcoin clients and they want everyone using nodes only except corporations.
Roger Ver and co are the biggest threats to Bitcoin.
Is that really the overall message you take from this thread? What an utterly shameful stance. Particularly as you seem to be deliberately twisting what happened to suit some political narrative. Even if you could distort the facts to suit your personal attacks (which you've utterly failed at doing, as BitcoinHodler pointed out), it's never " great" that users could have their wallets compromised due to a security vulnerability. Running a full node won't be suitable for every user and it's not something people should be coerced into against their will. Dismissing SPV users as some sort of worthless underclass is reprehensible behaviour. All you achieve is creating further division in the community when that's the last thing we need right now. |
|
|
|
|
casparthefriendly
Member
Offline
Activity: 84
Merit: 10
|
|
January 07, 2018, 04:09:41 PM |
|
besides the wallet, if you have no password in your wallet, you deserve to be hacked because really, that means you don't give a value to your BTC (dust or not), as soon as i saw the red dot at the top of this page i have upgraded my electrum wallet and everything went fine.
If you don't have a password now it's the time to encrypt it, now.. come on guys, you will not regret to have a password but you will cry hard if you get hacked because you're too lazy to add it.
NOBODY DESERVES to be hacked! Do you deserved to be hacked for posting this assinine post? Sheez! |
|
|
|
|
|
