|
abuelau
|
 |
February 19, 2014, 06:32:50 PM |
|
Yes but the signing happens on your server, that is the problem. With blockchain.info type wallet, NOTHING leaves the browser. Only the broadcast happens on the server there. This is a HUGE difference.
Why is it such a big difference? If an attacker has a keylogger you may lose your coins the same way in mynxt.info and blockchain.info. There is a big difference. You are sending your password to a third party who is running the server. Password should never leave your computer. Only signed transactions should be broadcast to the servver You are not sending your wallet key. You are sending a password that you defined that was used to encrypt the wallet. I get the trust argument though. As with any online services, you need to trust the person running the server. Same for blockchain.info and all the exchanges out there. |
|
|
|
ChuckOne
Sr. Member
 Offline
Activity: 364
Merit: 250
☕ NXT-4BTE-8Y4K-CDS2-6TB82
|
|
February 19, 2014, 06:34:44 PM |
|
Your browser downloads the java file (code?!?) and your wallet gets decrypted only within this java environment on your browser. With bitcoin you can prepare a transaction locally, you don't need a connection to the blockchain for that. After you have finished signing the transaction, you can broadcast it. No sensitive information ever leaves your browser!
Ohh noo. No java applet, please. I could imagine that this is implemented in JavaScript. But then you rely on the server, sending you the JS. So, where is the trust? You need to trust your browser vendor, you need to trust the server that sends you the JS, you need to trust your browser plugins/addons, you need to trust your OS, you hardware, etc. etc. |
|
|
|
|
TwinWinNerD
Legendary
Offline
Activity: 1680
Merit: 1001
CEO Bitpanda.com
|
|
February 19, 2014, 06:34:55 PM |
|
Yes but the signing happens on your server, that is the problem. With blockchain.info type wallet, NOTHING leaves the browser. Only the broadcast happens on the server there. This is a HUGE difference.
Why is it such a big difference? If an attacker has a keylogger you may lose your coins the same way in mynxt.info and blockchain.info. What is important is that the wallet is encrypted and in order to decrypt it you need the user's password. Whether the decrypting happens on the server or on the browser, I don't think this is such a big deal. In fact, I can imagine people developing a malware that you get in your browser (since your browser holds an unencrypted version of your wallet). The really big difference is, that the person that hosts the wallet can spend your coins if you send your password. Because if you sign serverside, your wallet has to be decrypted atleast once for a short period of time. You as the owner of the server can interfere if you chose to, or if your server is compromised and bad code is implemented coins can be stolen. That is the reason that the guy that created blockchain.info said that all wallets that don't offer browserside signing WILL be hacked/scamed. Well, of course the guy would say that. Everyone will say their product is better. The fact is: you need to decrypt the wallet at some point in order to spend coins. The decryption can happen on the browser or the server, and to decrypt it you will need to type your password. Don't forget when you sign up in blockchain.info you ALSO type your password on their website. There's no guarantee that they didn't save a copy of your password somewhere. What I am saying is that I don't see the "save in the browser" as being any safer, to me this is more marketing that actual security. If there's any security experts here please prove me wrong (and I will be happy to be proven wrong). You get this wrong i think. You don't operate on "their website". You can actually download the java code and run it WITHOUT internet connection, then you reconnect and broadcast the transaction. There is a BIG difference. They are NOT able to steal your password. He isn't some random actually, but one of the most respected member of the whole bitcoin community. |
|
|
|
|
bitcoinpaul
|
|
February 19, 2014, 06:35:24 PM |
|
Just to inform, 0.7.6 runs smoothly on Android TV stick public node. For a while  +1 |
|
|
|
|
|
Eadeqa
|
|
February 19, 2014, 06:35:34 PM |
|
Question:
How much do you think would a java based blockchain.info-like wallet for NXT cost to program? Do you think it would be worth to start a bounty for that?
Which part? Do you mean the iPhone mobile app? Or the website? The part where blockchain.info works within you browser and no information leaves your browers, only the encrypted backup on your server. As i understand, we can now sign transactions without the client? We basically need an online wallet WITHOUT trust. How is that possible? Your browser downloads the java file (code?!?) and your wallet gets decrypted only within this java environment on your browser. With bitcoin you can prepare a transaction locally, you don't need a connection to the blockchain for that. After you have finished signing the transaction, you can broadcast it. No sensitive information ever leaves your browser! The thing is that NRS does not yet have API to accept signed transactions. CFB is working on that, as I understand it. Once that is done, the browser can sign the transaction and broadcast it to any public node. |
|
|
|
TwinWinNerD
Legendary
Offline
Activity: 1680
Merit: 1001
CEO Bitpanda.com
|
|
February 19, 2014, 06:37:11 PM |
|
Question:
How much do you think would a java based blockchain.info-like wallet for NXT cost to program? Do you think it would be worth to start a bounty for that?
Which part? Do you mean the iPhone mobile app? Or the website? The part where blockchain.info works within you browser and no information leaves your browers, only the encrypted backup on your server. As i understand, we can now sign transactions without the client? We basically need an online wallet WITHOUT trust. How is that possible? Your browser downloads the java file (code?!?) and your wallet gets decrypted only within this java environment on your browser. With bitcoin you can prepare a transaction locally, you don't need a connection to the blockchain for that. After you have finished signing the transaction, you can broadcast it. No sensitive information ever leaves your browser! The thing is that NRS does not yet have API to accept signed transactions. CFB is working on that, as I understand it. Once that is done, the browser can sign the transaction and broadcast it to any public node. Oh, i though that is ready already. Well then this is on hold anyway. |
|
|
|
|
bitcoinpaul
|
|
February 19, 2014, 06:37:48 PM |
|
Maybe change it to a simpler version: Unregistered users = 3 votes per hour!
Just click 3 times on the VOTE Button for NXT - that's it!
>>>>>>>>>>>>>>> PLEASE VOTE! <<<<<<<<<<<<<<<
Much color, so many less words, yammy nxt  |
|
|
|
|
|
bitcoinpaul
|
|
February 19, 2014, 06:38:18 PM |
|
QUICK UPDATEAtomic-Trade will be adding Nxt. I'm paying for integration with my own funds since AT agreed to add USD/Nxt trade abilities. This will allow any users to buy Nxt with USD directly. Currently AT only offers USD/BTC trading, so we will have an advantage over other alts on the exchange. Also, when I get home this evening, expect Nxt to lead the voting in Mintpal  Another great day for nxt! |
|
|
|
|
|
|
ChuckOne
Sr. Member
Offline
Activity: 364
Merit: 250
☕ NXT-4BTE-8Y4K-CDS2-6TB82
|
|
February 19, 2014, 06:42:37 PM |
|
It's an Amazon AWS EC2, I have a lot of experience working with AWS.
Great. That should be it. Regardless of the issues presented above. I think you did a great service to NXT. Have you already been supported/funded by some of these committees? For the online wallet - no. Don't know where to add a request. Maybe somebody could help on that? |
|
|
|
|
|
|
|
antanst
|
|
February 19, 2014, 06:43:13 PM |
|
Abuelau, ChuckOne, you should really read this: https://blockchain.info/wallet/technical-faqand pay attention to TwinWinNerD. If you can't sign transactions offline (that is without transmitting private keys to anyone), you can't build a secure web wallet. Period. The way to do this in the browser is via JS a-la blockchain.info. |
|
|
|
|
abuelau
|
|
February 19, 2014, 06:43:29 PM |
|
Yes but the signing happens on your server, that is the problem. With blockchain.info type wallet, NOTHING leaves the browser. Only the broadcast happens on the server there. This is a HUGE difference.
Why is it such a big difference? If an attacker has a keylogger you may lose your coins the same way in mynxt.info and blockchain.info. What is important is that the wallet is encrypted and in order to decrypt it you need the user's password. Whether the decrypting happens on the server or on the browser, I don't think this is such a big deal. In fact, I can imagine people developing a malware that you get in your browser (since your browser holds an unencrypted version of your wallet). The really big difference is, that the person that hosts the wallet can spend your coins if you send your password. Because if you sign serverside, your wallet has to be decrypted atleast once for a short period of time. You as the owner of the server can interfere if you chose to, or if your server is compromised and bad code is implemented coins can be stolen. That is the reason that the guy that created blockchain.info said that all wallets that don't offer browserside signing WILL be hacked/scamed. Well, of course the guy would say that. Everyone will say their product is better. The fact is: you need to decrypt the wallet at some point in order to spend coins. The decryption can happen on the browser or the server, and to decrypt it you will need to type your password. Don't forget when you sign up in blockchain.info you ALSO type your password on their website. There's no guarantee that they didn't save a copy of your password somewhere. What I am saying is that I don't see the "save in the browser" as being any safer, to me this is more marketing that actual security. If there's any security experts here please prove me wrong (and I will be happy to be proven wrong). You get this wrong i think. You don't operate on "their website". You can actually download the java code and run it WITHOUT internet connection, then you reconnect and broadcast the transaction. There is a BIG difference. They are NOT able to steal your password. He isn't some random actually, but one of the most respected member of the whole bitcoin community. I understand what you are saying. But I think you don't understand what I am saying. Tell me one scenario where an attacker would be able to steal your NXT from wallet.mynxt.info but not your Bitcoins from Blockchain.info using the same technique. Btw, I am not questioning any individual. Blockchain.info is a company and as such you would expect it to do what companies do (earn money, spend money, do marketing, sales, plans, etc). |
|
|
|
msin
Legendary
Offline
Activity: 1512
Merit: 1006
|
|
February 19, 2014, 06:44:19 PM |
|
Maybe change it to a simpler version: Unregistered users = 3 votes per hour!
Just click 3 times on the VOTE Button for NXT - that's it!
>>>>>>>>>>>>>>> PLEASE VOTE! <<<<<<<<<<<<<<<
Much color, so many less words, yammy nxt We should be in 1st place in a little bit. |
|
|
|
|
|
wesleyh
|
|
February 19, 2014, 06:45:14 PM |
|
Where is the list of client side javascript libraries for signing? (a bounty was offered by cfb for this)
|
|
|
|
|
TwinWinNerD
Legendary
Offline
Activity: 1680
Merit: 1001
CEO Bitpanda.com
|
|
February 19, 2014, 06:45:40 PM |
|
Yes but the signing happens on your server, that is the problem. With blockchain.info type wallet, NOTHING leaves the browser. Only the broadcast happens on the server there. This is a HUGE difference.
Why is it such a big difference? If an attacker has a keylogger you may lose your coins the same way in mynxt.info and blockchain.info. What is important is that the wallet is encrypted and in order to decrypt it you need the user's password. Whether the decrypting happens on the server or on the browser, I don't think this is such a big deal. In fact, I can imagine people developing a malware that you get in your browser (since your browser holds an unencrypted version of your wallet). The really big difference is, that the person that hosts the wallet can spend your coins if you send your password. Because if you sign serverside, your wallet has to be decrypted atleast once for a short period of time. You as the owner of the server can interfere if you chose to, or if your server is compromised and bad code is implemented coins can be stolen. That is the reason that the guy that created blockchain.info said that all wallets that don't offer browserside signing WILL be hacked/scamed. Well, of course the guy would say that. Everyone will say their product is better. The fact is: you need to decrypt the wallet at some point in order to spend coins. The decryption can happen on the browser or the server, and to decrypt it you will need to type your password. Don't forget when you sign up in blockchain.info you ALSO type your password on their website. There's no guarantee that they didn't save a copy of your password somewhere. What I am saying is that I don't see the "save in the browser" as being any safer, to me this is more marketing that actual security. If there's any security experts here please prove me wrong (and I will be happy to be proven wrong). You get this wrong i think. You don't operate on "their website". You can actually download the java code and run it WITHOUT internet connection, then you reconnect and broadcast the transaction. There is a BIG difference. They are NOT able to steal your password. He isn't some random actually, but one of the most respected member of the whole bitcoin community. I understand what you are saying. But I think you don't understand what I am saying. Tell me one scenario where an attacker would be able to steal your NXT from wallet.mynxt.info but not your Bitcoins from Blockchain.info using the same technique. Btw, I am not questioning any individual. Blockchain.info is a company and as such you would expect it to do what companies do (earn money, spend money, do marketing, sales, plans, etc). If one computer is hacked than ONE person loses money. If your server is compromised, he gets access to every wallet that logs in.... If you decide to collect the passwords and go rouge .... The argument is extremely simple... Read this: http://bitcoin.stackexchange.com/questions/5249/how-secure-is-blockchain-info |
|
|
|
|
|
ChuckOne
Sr. Member
Offline
Activity: 364
Merit: 250
☕ NXT-4BTE-8Y4K-CDS2-6TB82
|
|
February 19, 2014, 06:47:51 PM |
|
Abuelau, ChuckOne, you should really read this: https://blockchain.info/wallet/technical-faqand pay attention to TwinWinNerD. If you can't sign transactions offline (that is without transmitting private keys to anyone), you can't build a secure web wallet. Period. The way to do this in the browser is via JS a-la blockchain.info. It has nothing to do with TRUSTLESS as it is promoted. As I already pointed out: In the end, you have to trust somebody.I know what you mean, but it is not really trustless. |
|
|
|
|
|
abuelau
|
|
February 19, 2014, 06:49:19 PM |
|
If one computer is hacked than ONE person loses money.
Same for mynxt.info If your server is compromised, he gets access to every wallet that logs in....
No, not every wallet that logs in. But every wallet the sends money somewhere because that is the only time we decrypt the wallet. Imagine if there is a malware that can steal blockchain wallets from Firefox or IE or Chrome right when these are decrypted? If you decide to collect the passwords and go rouge ....
Same for blockchain.info. How do you know they don't store a copy of passwords? |
|
|
|
TwinWinNerD
Legendary
Offline
Activity: 1680
Merit: 1001
CEO Bitpanda.com
|
|
February 19, 2014, 06:49:31 PM |
|
Abuelau, ChuckOne, you should really read this: https://blockchain.info/wallet/technical-faqand pay attention to TwinWinNerD. If you can't sign transactions offline (that is without transmitting private keys to anyone), you can't build a secure web wallet. Period. The way to do this in the browser is via JS a-la blockchain.info. It has nothing to do with TRUSTLESS as it is promoted. As I already pointed out: In the end, you have to trust somebody.I know what you mean, but it is not really trustless. Blockchain.info is as trustless as possible. """""""" Server Side The site currently runs on 4 dedicated servers, hosted in a locked cabinet. All servers run behind a dedicated cisco security appliance with intrusion detection. On the servers themselves various "booby traps" are set to alert the webmaster if an intrusion is detected. The java code deployed to the Site is deployed in a single war (zip) file. Each server monitors the checksum of this file to detect any unauthorised changes to the code. In order to make reverse engineering our encryption schemes more difficult the the java class files are obfuscated using proguard. A copy of every wallet is stored all our servers. Additionally the latest 50 versions of a wallet are stored on Amazon S3 and can be restored from the [Import / Export] section. The server side code that handles wallets is open source. The site is not vulnerable to CSRF requests as no login details or sensitive data is ever saved in session cookies. In the time the Site has been running there has been handful of XSS vulnerabilities reported. None of these were on a wallet page and could not have resulted in any direct loss of funds. """"""""" |
|
|
|
|
