Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 01, 2014, 05:44:33 PM |
|
Hey, looks like I just got robbed, too. Someone please check this account: 12152013998194592943 They now have 147k+ from me. Had a 40 char random password, capital, lower, numbers, symbols. WTF?
Can u prove that ur coins were stolen? My account passphrase < 40 chars and contains 2M, why did the thief choose ur account instead of mine? Sorry, but ur case looks more like black PR attempt.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 01, 2014, 05:52:32 PM |
|
can someone asnwer why sometimes ann account forges 2 consecutive blocks?? This happens more frequently that I would think it should
Small stakeholders don't bother with forging. Number of large ones is not very big, so u should see 2-3 blocks in a row.
|
|
|
|
opticalcarrier
|
|
January 01, 2014, 05:52:47 PM |
|
"It's like you guys are building a really high-performance car, and then criticizing the roads for being too bumpy and drivers for being unskilled. It's a great car, and it can do amazing things, but if it isn't adapted to the world as it is or drivers as they are (and not as you want them to be), then it will not have widespread adoption."
I agree.
OK, just to bubble this to the top again, I officially request that a function be implemented in the NXT client and server that allows an account to publicly declare in the blockchain that it is closed to withdrawals until further notice. Until this notice is given and verified, all attempts to withdraw from this account are to be deemed invalid by whoever is processing the block with the withdrawal request.
This function would be implemented by accessing a special lock page in the client software where a fee would be assessed for utilizing this option. Clicking on the "accept fee" key on this page does two things: (1) sends out a colored coin or equivalent containing the account number, the lock notification, and the public half of an unlock code (2) displays for the user the private half of an unlock code that is to be copied down manually.
During the account lockdown period, all pending transactions on the blockchain are compared against a list of locked accounts as part of the verification process. If the withdrawal is against a locked account, it is rejected as invalid.
To unlock the account, a user goes to a special unlock page in the client, enters the previously copied private key half generated during the original account locking, pays a fee, and sends a colored coin or equivalent containing the account number, the unlock notification, and the private half of the unlock code. A server processing a block containing a colored account unlock code verifies the public / private keys unlock the account correctly and removes the specified account from the unlock list. There may be a time delay while this information is propogated throughout the system and this delay would be accepted as part of the unlocking process.
This effectively would implement two factor authentication for sending NXT from a high-value account because the sender would need both the unlock code and the original account passphrase.
This scheme is NOT the same as transferring large sums to a new and seldom used NXT account for safekeeping. Such an account still has an extremely small but non-zero probability of being opened via a brute force or lucky hit of its password, or of being keylogged or trojaned. Publically announced frozen accounts have a zero chance of being drained. This difference between extremely small chance and zero is huge in the public mind and will go a long way in making the general public accept the NXT always-online brainwallet concept.
Question one: is this technically possible, yes or no.
I proposed this a few days ago. I believe it is possible, but would require extensive rewrite, as different pairs/keys would have to be implemented, and I dont believe the current curve/sha256 implementation of the hashing is compatible with what we desire.
|
|
|
|
jl777
Legendary
Offline
Activity: 1176
Merit: 1134
|
|
January 01, 2014, 05:56:09 PM |
|
CfB
Why can't the client deal with email verification, google authenticator or even cellphone SMS Aren't all verifications just software that runs somewhere? Why can't that somewhere be the client?
Granted, to fully support it properly i would imagine that there would need to be some additional code in the core, but please explain your statement that it is impossible.
Client can send email i know this. Client can wait for confirmation. So if there were api calls that required aditional confirmations and this was made secure cryptographically, then at least the hacker would have to hack the email too instead of just the password. I am not clever enough to figure out how to make a cryptographically secure api call, but i imagine you or BCNext could do it
The way things are now a hacker can brute force search the entire password space and without specifically targeting anybody, targets everybody. The more nxt accounts that get funded, the more likely a hacker will stumble upon an acct.
This needs to be fixed for mass market adoption. Without it nxt value will not increase much from what it is now. There needs to be some additional layer of security that the person who creates the account can optionally enable. As it is now there is basically one nxt account and a hacker just has to be patiently mining passwords until he finds a funded account. How long does it take to see if an account exists?
If that can be done locslly on a computer, then some sort of massively parallel setup or server farm could search through trillions of accounts per second. What is the density of nxt accounts if there are one million nxt accts?
James
P.S. I am hoping this is one of the planted security flaws that was talked about. Otherwise it turns out there is mining of nxt after alll, randomly try passwords till you find a funded acct. do we really think petahashes of computing will not be aimed at all the juicy nxt accts? It doesn't matter if you never use your acct after funding it. It doesn't matter if you never use the password online if nxt accts can be mined with a brrute force search. Please tell me we can fix this
|
|
|
|
nadrimajstor
Newbie
Offline
Activity: 30
Merit: 0
|
|
January 01, 2014, 06:00:31 PM |
|
In that case you will need a hardware firewall in front from your VPS which are very expensive ( ~$30k ) or you could move to some host that provides anti-ddos firewall protection ( which is also too expensive).
For a DoS attack you don't need those pricey HW firewalls... DoS should be resolved in nxt's code-base and if needed ad-hoc mitigated with simple greping/parsing server logs and applying appropriate iptables rules. For DDoS attacks the bottleneck is the uplink... In case of DDoS having eg. 10 servers on same uplink (same data-center/rack) won't help whatever you place in front of them. I could elaborate on poor's-man/wealthy's-man/our's-way of mitigating DDoS if anyone interested.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 01, 2014, 06:03:52 PM |
|
Pooled Forging details
A special type of transactions will be used to lease part or all forging power to one or several accounts. These accounts will sign blocks and decide what transactions to include into them. Fees will go to leasee accounts, not to leasors. This may lead to centralization (similar to Bitcoin) so leasor accounts r not advised to lease more than 50% of their effective* balance. Splitting 100% effective balance among different leasee accounts won't work coz of Sybil attack.
Comment plz.
--- * - Effective balance == balance that used for forging
|
|
|
|
rickyjames
|
|
January 01, 2014, 06:04:06 PM |
|
CfB
The way things are now a hacker can brute force search the entire password space and without specifically targeting anybody, targets everybody. The more nxt accounts that get funded, the more likely a hacker will stumble upon an acct.
This needs to be fixed for mass market adoption. Without it nxt value will not increase much from what it is now. There needs to be some additional layer of security that the person who creates the account can optionally enable. As it is now there is basically one nxt account and a hacker just has to be patiently mining passwords until he finds a funded account.
Amen brother, preach on. When the public realizes that a hacker attacking NXT isn't trying to break into a specific big account but is going after ALL ACCOUNTS SIMULTANEOUSLY INCLUDING THEIRS - I'm telling you, the psychology outweighs the math. You've got to give them some way to do something that makes them feel more secure - and actually BE more secure - than the current brainwallet scheme that requires Faith In Math. The public ain't got no stinkin' Faith In Math.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 01, 2014, 06:05:38 PM |
|
CfB
Why can't the client deal with email verification, google authenticator or even cellphone SMS Aren't all verifications just software that runs somewhere? Why can't that somewhere be the client?
Nxt is decentralized. Email verification, google authenticator and even cellphone SMS require centralization.
|
|
|
|
Alias
Full Member
Offline
Activity: 127
Merit: 100
Money be green
|
|
January 01, 2014, 06:11:38 PM |
|
Pooled Forging details
A special type of transactions will be used to lease part or all forging power to one or several accounts. These accounts will sign blocks and decide what transactions to include into them. Fees will go to leasee accounts, not to leasors. This may lead to centralization (similar to Bitcoin) so leasor accounts r not advised to lease more than 50% of their effective* balance. Splitting 100% effective balance among different leasee accounts won't work coz of Sybil attack.
Comment plz.
--- * - Effective balance == balance that used for forging
Fantastic! I was hoping this would be implemented! I have big ideas for applications of this. Will keep you guys posted. Thanks, Al
|
In times of change, it is the learners who will inherit the earth, while the learned will find themselves beautifully equipped for a world that no longer exists.
|
|
|
jl777
Legendary
Offline
Activity: 1176
Merit: 1134
|
|
January 01, 2014, 06:11:47 PM |
|
Hackers cannot easily target specific accts, but they automatically target all accounts at once It is like parallel mining of btc and nmc at the same time, but it is parallel mining of all nxt accts, so the more nxt accts the higher the probability of getting a hit.
The only defense against this i can see, other than additional security in the client and or core, is to split up your funds into tiny amounts across many accts. of course this just increases the hackers chances that much more, but at least you only lose a small percentage of what you have instead of all
This is a SERIOUS issue and responses like get a stronger password are not responsive. We need an actial solution to this problem, BCNext you are our only hope!
James
|
|
|
|
rickyjames
|
|
January 01, 2014, 06:11:57 PM |
|
"It's like you guys are building a really high-performance car, and then criticizing the roads for being too bumpy and drivers for being unskilled. It's a great car, and it can do amazing things, but if it isn't adapted to the world as it is or drivers as they are (and not as you want them to be), then it will not have widespread adoption."
OK, just to bubble this to the top again, I officially request ...BLAH BLAH BLAH.
Question one: is this technically possible, yes or no.
I proposed this a few days ago. I believe it is possible, but would require extensive rewrite, as different pairs/keys would have to be implemented, and I dont believe the current curve/sha256 implementation of the hashing is compatible with what we desire. Dude, it's time to roll out the Nike slogan: Just Do It.
|
|
|
|
utopianfuture
Sr. Member
Offline
Activity: 602
Merit: 268
Internet of Value
|
|
January 01, 2014, 06:14:00 PM |
|
"It's like you guys are building a really high-performance car, and then criticizing the roads for being too bumpy and drivers for being unskilled. It's a great car, and it can do amazing things, but if it isn't adapted to the world as it is or drivers as they are (and not as you want them to be), then it will not have widespread adoption."
OK, just to bubble this to the top again, I officially request ...BLAH BLAH BLAH.
Question one: is this technically possible, yes or no.
I proposed this a few days ago. I believe it is possible, but would require extensive rewrite, as different pairs/keys would have to be implemented, and I dont believe the current curve/sha256 implementation of the hashing is compatible with what we desire. Dude, it's time to roll out the Nike slogan: Just Do It. Who want the Nike justdoit alias ? just contact me
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 01, 2014, 06:14:54 PM |
|
Hackers cannot easily target specific accts, but they automatically target all accounts at once It is like parallel mining of btc and nmc at the same time, but it is parallel mining of all nxt accts, so the more nxt accts the higher the probability of getting a hit.
The only defense against this i can see, other than additional security in the client and or core, is to split up your funds into tiny amounts across many accts. of course this just increases the hackers chances that much more, but at least you only lose a small percentage of what you have instead of all
This is a SERIOUS issue and responses like get a stronger password are not responsive. We need an actial solution to this problem, BCNext you are our only hope!
James
This is client issue. U should ask Nxt client devs to use wallet.dat approach.
|
|
|
|
Anon136
Legendary
Offline
Activity: 1722
Merit: 1217
|
|
January 01, 2014, 06:15:10 PM |
|
Pooled Forging details
A special type of transactions will be used to lease part or all forging power to one or several accounts. These accounts will sign blocks and decide what transactions to include into them. Fees will go to leasee accounts, not to leasors. This may lead to centralization (similar to Bitcoin) so leasor accounts r not advised to lease more than 50% of their effective* balance. Splitting 100% effective balance among different leasee accounts won't work coz of Sybil attack.
Comment plz.
--- * - Effective balance == balance that used for forging
I think this is the wrong way. what we need are clients that fore seamlessly, so even though the chance of winning will be minuscule, there will no no cost to forging, no barrier to entry so people will do it anyway. People pay to play the lottery now don't they? This lottery would be free to play, i think there is definitely some appeal there for users.
|
Rep Thread: https://bitcointalk.org/index.php?topic=381041If one can not confer upon another a right which he does not himself first possess, by what means does the state derive the right to engage in behaviors from which the public is prohibited?
|
|
|
timmyd
|
|
January 01, 2014, 06:18:15 PM |
|
Hackers cannot easily target specific accts, but they automatically target all accounts at once It is like parallel mining of btc and nmc at the same time, but it is parallel mining of all nxt accts, so the more nxt accts the higher the probability of getting a hit.
The only defense against this i can see, other than additional security in the client and or core, is to split up your funds into tiny amounts across many accts. of course this just increases the hackers chances that much more, but at least you only lose a small percentage of what you have instead of all
This is a SERIOUS issue and responses like get a stronger password are not responsive. We need an actial solution to this problem, BCNext you are our only hope!
James
This is client issue. U should ask Nxt client devs to use wallet.dat approach. Even if it is a client issue. Wouldnt the hacker just continue to use nrs? Instead of targeting accounts thru a new client with extra security? Will nrs always be able to connect u to ur account even if a new client comes out
|
|
|
|
EpicThomas
Newbie
Offline
Activity: 19
Merit: 0
|
|
January 01, 2014, 06:18:39 PM |
|
Both bitcoin and nxt generate your address from a 256bit key. The only problem is that bitcoin generates your private key while nxt uses sha256(pass) to get your private key.
I think a lot of people would feel safer letting nxt itself generate the private keys.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 01, 2014, 06:19:57 PM |
|
I think this is the wrong way. what we need are clients that fore seamlessly, so even though the chance of winning will be minuscule, there will no no cost to forging, no barrier to entry so people will do it anyway. People pay to play the lottery now don't they? This lottery would be free to play, i think there is definitely some appeal there for users.
BCNext was forced to offer such the way coz small stakeholders won't bother with forging due to very high variation. Less coins forge - cheaper attacks.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 01, 2014, 06:22:27 PM |
|
Even if it is a client issue. Wouldnt the hacker just continue to use nrs? Instead of targeting accounts thru a new client with extra security? Will nrs always be able to connect u to ur account even if a new client comes out
New clients r supposed to generate keys with higher entropy (all 256 bits). All successful attacks were on low-entropy keys only.
|
|
|
|
jl777
Legendary
Offline
Activity: 1176
Merit: 1134
|
|
January 01, 2014, 06:24:05 PM |
|
CfB If the client runs all the authentication software, where is the centralization? Nxt is java running on each node, if that node ran all the authentication software, how is that centralized? Pop3 and smtp are not so much to add into client is it? I cant imagine adding support for google authenticator in the client is impossible. The part i can't figure out is how to have an api that enforces the additional security, at worst all the nodes would have to run google authenticator verification on all transactions. Difficult, but not impossible. Ok, sms probably not good to have a zillion verification texts senta to your cellphone, but google authenticator has a dynamically changing code for each acct, if there was a authenticator alias for an acct could that be used by all nodes to enable validation before sending of funds? James
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 01, 2014, 06:25:41 PM |
|
CfB If the client runs all the authentication software, where is the centralization? Nxt is java running on each node, if that node ran all the authentication software, how is that centralized? Pop3 and smtp are not so much to add into client is it? I cant imagine adding support for google authenticator in the client is impossible. The part i can't figure out is how to have an api that enforces the additional security, at worst all the nodes would have to run google authenticator verification on all transactions. Difficult, but not impossible. Ok, sms probably not good to have a zillion verification texts senta to your cellphone, but google authenticator has a dynamically changing code for each acct, if there was a authenticator alias for an acct could that be used by all nodes to enable validation before sending of funds? James Who will store the seed that used for Google auth?
|
|
|
|
|