timmyd
|
|
January 01, 2014, 06:25:44 PM |
|
Even if it is a client issue. Wouldnt the hacker just continue to use nrs? Instead of targeting accounts thru a new client with extra security? Will nrs always be able to connect u to ur account even if a new client comes out
New clients r supposed to generate keys with higher entropy (all 256 bits). All successful attacks were on low-entropy keys only. Ok so when a new client arises is it reccomended that all users create new accounts? All current nrs accounts are currently at risk? Some of these horror storys have me spooked a bit. I have a 50+ random password but still dont feel secure if im honest
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 01, 2014, 06:27:29 PM |
|
Ok so when a new client arises is it reccomended that all users create new accounts? All current nrs accounts are currently at risk? Some of these horror storys have me spooked a bit. I have a 50+ random password but still dont feel secure if im honest
If u use truly random password then u r ok. Recent horror stories r just black PR tricks.
|
|
|
|
rickyjames
|
|
January 01, 2014, 06:28:03 PM |
|
As long as I'm wishing for a shiny new security add-on that allows frozen accounts that would take NXT out of circulation, I would also note that tabulating from the blockchain just how much NXT was indeed frozen and OUT of circulation helps the market know just how much is IN circulation - and would be an upward pressure on NXT prices.
|
|
|
|
rickyjames
|
|
January 01, 2014, 06:31:45 PM |
|
Ok so when a new client arises is it reccomended that all users create new accounts? All current nrs accounts are currently at risk? Some of these horror storys have me spooked a bit. I have a 50+ random password but still dont feel secure if im honest
If u use truly random password then u r ok. Recent horror stories r just black PR tricks. You are probably right - but you can't be sure. And this difference between "probably right / probably safe" and "sure / certain" is the shadow of doubt that the public mind will seize upon that will hinder widespread adaptation of NXT. Bitcoin will always be able to claim an air gap option that we will not. Getting ahead of this with some form of account freeze blockchain option / two step authentication scheme is the right thing to do.
|
|
|
|
laowai80
Member
Offline
Activity: 98
Merit: 10
|
|
January 01, 2014, 06:34:22 PM |
|
New clients r supposed to generate keys with higher entropy (all 256 bits). All successful attacks were on low-entropy keys only.
oh wait, since which version is it all 256 bits? )
|
|
|
|
xyzzyx
Sr. Member
Offline
Activity: 490
Merit: 250
I don't really come from outer space.
|
|
January 01, 2014, 06:34:49 PM |
|
Why can't the client deal with email verification, google authenticator or even cellphone SMS Aren't all verifications just software that runs somewhere? Why can't that somewhere be the client?
The problem with using an authenticator, in their current forms, is that they rely on a centralized point -- google, a SMS gateway, whatever. That, and it'd need multisig implemented. Except the multisig, this is something that a NXT service provider could solve, I think. I imagine it would work like this: A group of nodes would run a parallel blockchain for the NXT2SMS functions. These nodes would use transparent forging between themselves to maintain their N2S blockchain. When you need to send a SMS, you would pay a fee and have a payload as an arbitrary message on the main blockchain. The N2S nodes would notice the payload and decide who on their blockchain gets to collect the fee and transmit whatever is represented in the payload over SMS. The one who generates the SMS is also the one who does the other side of the multisig to release the funds. There's lots of hand-waving in the above paragraph because I don't know exactly how the core NXT functions that this is build upon will operate as they're yet to be released, but it's the general idea. The hardware for the SMS transmission is the simple part as that already exists as an off-the-shelf solution: a smartphone or, for the more hardware hacker oriented, a GSM/GPRS module and an Arduio/RPi/etc to interface to it. I might have overlooked something, however.
|
"An awful lot of code is being written ... in languages that aren't very good by people who don't know what they're doing." -- Barbara Liskov
|
|
|
Anon136
Legendary
Offline
Activity: 1722
Merit: 1217
|
|
January 01, 2014, 06:36:02 PM |
|
I think this is the wrong way. what we need are clients that fore seamlessly, so even though the chance of winning will be minuscule, there will no no cost to forging, no barrier to entry so people will do it anyway. People pay to play the lottery now don't they? This lottery would be free to play, i think there is definitely some appeal there for users.
BCNext was forced to offer such the way coz small stakeholders won't bother with forging due to very high variation. Less coins forge - cheaper attacks. if you just reduce the cost of forging down to ~0 than the low incentive wont matter. thats the point im trying to make. of course this can only come with time as third party developers make better client applications but this is what we should be focusing on. not pooled mining.
|
Rep Thread: https://bitcointalk.org/index.php?topic=381041If one can not confer upon another a right which he does not himself first possess, by what means does the state derive the right to engage in behaviors from which the public is prohibited?
|
|
|
Damelon
Legendary
Offline
Activity: 1092
Merit: 1010
|
|
January 01, 2014, 06:36:19 PM |
|
Ok so when a new client arises is it reccomended that all users create new accounts? All current nrs accounts are currently at risk? Some of these horror storys have me spooked a bit. I have a 50+ random password but still dont feel secure if im honest
If u use truly random password then u r ok. Recent horror stories r just black PR tricks. You are probably right - but you can't be sure. And this difference between "probably right / probably safe" and "sure / certain" is the shadow of doubt that the public mind will seize upon that will hinder widespread adaptation of NXT. Bitcoin will always be able to claim an air gap option that we will not. Getting ahead of this with some form of account freeze blockchain option / two step authentication scheme is the right thing to do. Not only that. Íf there is some bad mediacoverage, we can point out that these issues have been debated amongst the stakeholders before launch and prove that we take security seriously and are also thinking beyond the scope of advanced users. I'm trying to think long term about these things as much as possible.
|
|
|
|
jl777
Legendary
Offline
Activity: 1176
Merit: 1134
|
|
January 01, 2014, 06:36:54 PM |
|
CfB
all the nodes would have to cryptographically store all the seeds for all accounts in a way that each node can reconstruct the desired output, without knowing the actual seed. Probably close to impossible, but not actually provably impossible. Maybe even a nice challenge for BCNext?
We don't need to use google authenticator, we just need some system that is distributed that achieves the desired result. That's a pretty open requirement and I doubt you can prove it is impossible. If it is not impossible, then it can be done.
I would like better minds than mine to figure out how to do this. I know mathematically it is probably the same odds of being hacked, but requiring an orthogonal step even after finding an account whose password you stumbled into would make everybody feel much safer.
As it is now a monkey typing random keys on the keyboard can stumble into an acct.
James
P.S. I understand why the current localhost will disappear, it has to so clients can add the new layer of security. Enforcing passwords that are strong enough is a good first step, but longer term please open your mind to the possibility of the "impossible", it will make a huge difference in NXT valuation
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 01, 2014, 06:38:52 PM |
|
New clients r supposed to generate keys with higher entropy (all 256 bits). All successful attacks were on low-entropy keys only.
oh wait, since which version is it all 256 bits? ) It has been always been 256 bits.
|
|
|
|
laowai80
Member
Offline
Activity: 98
Merit: 10
|
|
January 01, 2014, 06:39:48 PM |
|
New clients r supposed to generate keys with higher entropy (all 256 bits). All successful attacks were on low-entropy keys only.
oh wait, since which version is it all 256 bits? ) It has been always been 256 bits. ok, then I guess I misunderstood.
|
|
|
|
EvilDave
|
|
January 01, 2014, 06:40:42 PM |
|
Quick question on the theft issue:
If someone is just running a brute force attack on the whole NXT network attempting to hit the jackpot, wont this activity be very visible in the blockchain? Way I see it, every password generated by the brute force attack will create an account. Can anyone (with more skillz than me) have a look at the account creation (possibly vs IP address) stats and see if something wierd is showing up?
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 01, 2014, 06:41:06 PM |
|
if you just reduce the cost of forging down to ~0 than the low incentive wont matter. thats the point im trying to make. of course this can only come with time as third party developers make better client applications but this is what we should be focusing on. not pooled mining.
Good idea. As I wrote on Twitter, Pooled Forging may be added, not is being added.
|
|
|
|
EpicThomas
Newbie
Offline
Activity: 19
Merit: 0
|
|
January 01, 2014, 06:42:04 PM |
|
Quick question on the theft issue:
If someone is just running a brute force attack on the whole NXT network attempting to hit the jackpot, wont this activity be very visible in the blockchain? Way I see it, every password generated by the brute force attack will create an account. Can anyone (with more skillz than me) have a look at the account creation (possibly vs IP address) stats and see if something wierd is showing up?
The account will not show up in the blockchain before a transaction is made.
|
|
|
|
jl777
Legendary
Offline
Activity: 1176
Merit: 1134
|
|
January 01, 2014, 06:44:10 PM |
|
Can someone test potential passwords locally without going out to the network if he has the latest blockchain?
James
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 01, 2014, 06:44:17 PM |
|
Quick question on the theft issue:
If someone is just running a brute force attack on the whole NXT network attempting to hit the jackpot, wont this activity be very visible in the blockchain? Way I see it, every password generated by the brute force attack will create an account. Can anyone (with more skillz than me) have a look at the account creation (possibly vs IP address) stats and see if something wierd is showing up?
Brute force attack is completely offline.
|
|
|
|
rickyjames
|
|
January 01, 2014, 06:44:34 PM |
|
CfB
requiring an orthogonal step even after finding an account whose password you stumbled into would make everybody feel much safer.
As it is now a monkey typing random keys on the keyboard can stumble into an acct.
James
P.S. I understand why the current localhost will disappear, it has to so clients can add the new layer of security. Enforcing passwords that are strong enough is a good first step, but longer term please open your mind to the possibility of the "impossible", it will make a huge difference in NXT valuation
Jl777 and I absolutely see eye to eye on all of this.
|
|
|
|
BitAddict
Legendary
Offline
Activity: 1190
Merit: 1001
|
|
January 01, 2014, 06:44:59 PM |
|
I think this is the wrong way. what we need are clients that fore seamlessly, so even though the chance of winning will be minuscule, there will no no cost to forging, no barrier to entry so people will do it anyway. People pay to play the lottery now don't they? This lottery would be free to play, i think there is definitely some appeal there for users.
BCNext was forced to offer such the way coz small stakeholders won't bother with forging due to very high variation. Less coins forge - cheaper attacks. I don't really like pools for forging. This is like one step back to centralized system. I know we need to do something to allow small stakeholders to forge and get fee's everyday, but not this way.
|
|
|
|
Damelon
Legendary
Offline
Activity: 1092
Merit: 1010
|
|
January 01, 2014, 06:45:08 PM |
|
CfB
requiring an orthogonal step even after finding an account whose password you stumbled into would make everybody feel much safer.
As it is now a monkey typing random keys on the keyboard can stumble into an acct.
James
P.S. I understand why the current localhost will disappear, it has to so clients can add the new layer of security. Enforcing passwords that are strong enough is a good first step, but longer term please open your mind to the possibility of the "impossible", it will make a huge difference in NXT valuation
Jl777 and I absolutely see eye to eye on all of this. Thirded Edit: joe also added a security page to the wiki: http://wiki.nxtcrypto.org/wiki/Account_SecurityLet's hope that filters out a lot of weaker passes.
|
|
|
|
jl777
Legendary
Offline
Activity: 1176
Merit: 1134
|
|
January 01, 2014, 06:48:29 PM |
|
offline mining of all NXT accounts in parallel problem gets worse the more NXT accounts there are this attracts more hackers the more NXT is worth This will create an equilibrium effect like a boat anchor to a hot air balloon. The more NXT succeeds, the more it will be hacked.
CfB, tell me there is a solution that is more effective than the user needs to not be unlucky
James
|
|
|
|
|