Bitcoin protocol can be hacked now!

[bo.siu]

The private key of bitcoin could be recovered by flush+reload method. it seems to be true.
http://www.reddit.com/r/Bitcoin/comments/1zmgiq/new_side_channel_attack_that_can_recover_private/

[DeathAndTaxes]

The private key of bitcoin could be recovered by flush+reload method. it seems to be true.
http://www.reddit.com/r/Bitcoin/comments/1zmgiq/new_side_channel_attack_that_can_recover_private/

You do realize this requires the attacker to have access to the CPU.  If the attacker has access to do the low level hardware you system is likely rooted, and he is reading your passphrase as you type it.

The one noteable exception is this makes VPS even less secure.  They already were a horrible idea for Bitcoin security but I guarantee you at least one "professional" bitcoin site is running on a VPS right now. Information security begins with physical security and you can't have physical security inside another persons vault (your VPS running on their hardware).  Title should be changed to "Using a VPS means you can be hacked (by this and countless other attack vectors)".

[Armis]

The private key of bitcoin could be recovered by flush+reload method. it seems to be true.
http://www.reddit.com/r/Bitcoin/comments/1zmgiq/new_side_channel_attack_that_can_recover_private/

Truth or lie, doesn't matter the fact of the matter is the btc protocol needs more security
Exchanges who used it should be more transparent such that their transactions are signed (verified)

One weaknesses of the protocol has already been exposed: https://bitcointalk.org/index.php?topic=492776.0;topicseen
now the community is fighting hard to uncover more weaknesses, not to exploit them, but to know what parts of the infrastructure needs replacement.

When you find the flaws, when you fix the flaws, you create a more secure protocol, and you create a more secure environment for the community to thrive

[franky1]

if a hacker has access to your system, why bother with that sophistication, just steal the wallet.dat

the bitcoin protocol cannot be hacked. just one persons data in this scenario.

bitcoin protocol needs 51% out of millions of users for the protocol to be "hacked" or as others call it a change to cause a fork.

this hack is about gaining private keys of individuals not forking the protocol of millions of users. yes i know bitcoin uses those encryptions, but bitcoin protocol is more then just the privkey of someones address.

[RodeoX]

if a hacker has access to your system, why bother with that sophistication, just steal the wallet.dat
...

That's what I was wondering. 

[Staring Owl]

Your myth has been busted!

[DeathAndTaxes]

When you find the flaws, when you fix the flaws, you create a more secure protocol, and you create a more secure environment for the community to thrive

This is a side channel attack.  There is no flaw to find or fix in the protocol.  It says that if the attacker can monitor and manipulate the CPU then they can steal the private key.  The fix is to make sure the attacker can't monitor or manipulate the CPU.  If almost all circumstances if the attacker can do this he can simply steal the wallet.dat (which is much easier).  

The one exception would be idiot service operators running bitcoin services in "the cloud" or on VPS.  Of course there have been at least two dozen thefts in the past related to compromises of VPS (including linode).  Virtual environment will NEVER be secure for bitcoin services.  OpenSSL may eventually make this attacker harder to pull off but even then the VPS will remain a source of hundreds of attack vectors.

If you use a bitcoin related service (exchange, eWallet, mining pool, etc) ask the service operator if they are stupid enough to run it on a VPS? If the answer is yes run, run, run for the exits because it is only a matter of when not if they eventually lose all your bitcoins.  This technical vulnerability is the least of your worries.  There are attacks which are a magnitude easier (including simply logging in with the super admin/root account and stealing the coins).

[DeathAndTaxes]

if a hacker has access to your system, why bother with that sophistication, just steal the wallet.dat
...

That's what I was wondering. 

The operator is stupid enough to run a hot wallet on a VPS.  The attacker may not have access to the wallet.dat or file system but can monitor the CPU and manipulate its operation from the hypervisor.

[franky1]

One weaknesses of the protocol has already been exposed

the protocol is fine. its how people use it (their PHP scripts that do not double check transactions that is at fault)
i am still using a qt client from before christmas and it still works. your scenario involved webservices changing their website code, not the bitcoin daemon of all users to solve the issue.

i wonder when people will learn to not blame the protocol for their own lack of firewalls to prevent hackers, encryption to make data useless to outsiders, and webcode that can adequately talk to the daemon with the security and double checking standards that we see as 'basic' in the FIAT network.

its the services ontop of bitcoin at fault.
its they type of CPU and operating systems with or without antivirus/firewalls/networking monitor tools that is at fault.

if a hacker can sniff out data from the CPU cache, then private keys could be hacked. but also your bank account and personal correspondance to your mistress can be hacked. that is not bitcoin protocol flaw. that is a operating system/ CPU manufacturer security flaw.

summary:
paper wallets dont need CPU's

[tntdgcr]

When you find the flaws, when you fix the flaws, you create a more secure protocol, and you create a more secure environment for the community to thrive

This is a side channel attack.  There is no flaw to find or fix in the protocol.  It says that if the attacker can monitor and manipulate the CPU then they can steal the private key.  The fix is to make sure the attacker can't monitor or manipulate the CPU.  If almost all circumstances if the attacker can do this he can simply steal the wallet.dat (which is much easier).   

The one exception would be idiot service operators running bitcoin services in "the cloud" or on VPS.  Of course there have been at least two dozen thefts in the past related to compromises of VPS (including linode).  Virtual environment will NEVER be secure for bitcoin services.  OpenSSL may eventually make this attacker harder to pull off but even then the VPS will remain a source of hundreds of attack vectors.

If you use a bitcoin related service ask the service operator if they are stupid enough to run it on a VPS and if the answer is yes run, run, run for the exits because it is only a matter of when not if they eventually lose all your bitcoins.

QFT ++ ... the best systems cannot prevent userland errors or lack of security. encrypt encrypt encrypt encrypt, and be smart

[gollum]

Do you think it's enough to have the bitcoin wallets in a server you physically control or should also the website be located inhouse to prevent thieves from stealing bitcoins?

[aztecminer]

When you find the flaws, when you fix the flaws, you create a more secure protocol, and you create a more secure environment for the community to thrive

This is a side channel attack.  There is no flaw to find or fix in the protocol.  It says that if the attacker can monitor and manipulate the CPU then they can steal the private key.  The fix is to make sure the attacker can't monitor or manipulate the CPU.  If almost all circumstances if the attacker can do this he can simply steal the wallet.dat (which is much easier).  

The one exception would be idiot service operators running bitcoin services in "the cloud" or on VPS.  Of course there have been at least two dozen thefts in the past related to compromises of VPS (including linode).  Virtual environment will NEVER be secure for bitcoin services.  OpenSSL may eventually make this attacker harder to pull off but even then the VPS will remain a source of hundreds of attack vectors.

If you use a bitcoin related service (exchange, eWallet, mining pool, etc) ask the service operator if they are stupid enough to run it on a VPS? If the answer is yes run, run, run for the exits because it is only a matter of when not if they eventually lose all your bitcoins.  This technical vulnerability is the least of your worries.  There are attacks which are a magnitude easier (including simply logging in with the super admin/root account and stealing the coins).

most vps are run on a physical server that hosts many vps and therefore most vps cannot handle that much traffic before it becomes a problem and crashes the vps constantly.

[aztecminer]

Do you think it's enough to have the bitcoin wallets in a server you physically control or should also the website be located inhouse to prevent thieves from stealing bitcoins?

my policy is "IN_HOUSE ONLY" .. the reason for this policy is because any data that resides on someone elses hardware is accessable by who knows how many other admins. i get calls everyday of people trying to get me to send data to thier "cloud" and then wonder why i am so against "cloud" technology. very simple the data is not secure on someone elses servers.

[franky1]

Do you think it's enough to have the bitcoin wallets in a server you physically control or should also the website be located inhouse to prevent thieves from stealing bitcoins?

2 years ago i posted a idea that no wallet should be on a server. instead a withdrawal request should just be a database entry on the server. and on a separate system away from the server that has a copy of users details. no communications go to the off-server system. pure the off-server system looks in the database (one way communication) which it would see the request and compare the password or pin given on that request to the copy on their off-network system. if they match the off-server system would perform the transaction.

all that should be on the server is a hashed copy of the password, used purely for login requests where the login page hashes the users password and compares the hashes. that way the hacker cannot guess the unhashed password

adding to that the withdrawal request database uses a different hashing method which the off-server has a copy of, so that hackers dont simply copy the login hash to the withdrawal request. as the 2 would be different

combine that with the fact that there is no privkey on the server makes cpu sniffing useless also

[DeathAndTaxes]

Most vps are run on a physical server that hosts many vps and therefore most vps cannot handle that much traffic before it becomes a problem and crashes the vps constantly.

That is the least of your problems.  Some very large bitcoin services have lost some very large amounts of bitcoins because they were running on a VPS.  Google Bitcoin linode hack.

[gollum]

Do you think it's enough to have the bitcoin wallets in a server you physically control or should also the website be located inhouse to prevent thieves from stealing bitcoins?

my policy is "IN_HOUSE ONLY" .. the reason for this policy is because any data that resides on someone elses hardware is accessable by who knows how many other admins. i get calls everyday of people trying to get me to send data to thier "cloud" and then wonder why i am so against "cloud" technology. very simple the data is not secure on someone elses servers.

That's true, but you can never compete with cloud services like Amazon in uptime and you also have a higher risk of DDOS.
Even if you got two redundant servers, at two different locations, backup power, and two ISP:s your servers uptime wont be as good as Amazon. Even if you reach the same uptime and stability as Amazon your cost will be many times higher, unless you have economics of scales as a big corporation.

[proudhon]

The private key of bitcoin could be recovered by flush+reload method. it seems to be true.
http://www.reddit.com/r/Bitcoin/comments/1zmgiq/new_side_channel_attack_that_can_recover_private/

Help!?  What does this mean for my offline paper and encrypted USB wallets? 

[Sitarow]

The private key of bitcoin could be recovered by flush+reload method. it seems to be true.
http://www.reddit.com/r/Bitcoin/comments/1zmgiq/new_side_channel_attack_that_can_recover_private/

You do realize this requires the attacker to have access to the CPU.  If the attacker has access to do the low level hardware you system is likely rooted, and he is reading your passphrase as you type it.

The one noteable exception is this makes VPS even less secure.  They already were a horrible idea for Bitcoin security but I guarantee you at least one "professional" bitcoin site is running on a VPS right now. Information security begins with physical security and you can't have physical security inside another persons vault (your VPS running on their hardware).  Title should be changed to "Using a VPS means you can be hacked (by this and countless other attack vectors)".

I agree with you on all points.

Thank you for making this clear.

[Coins4life]

When you find the flaws, when you fix the flaws, you create a more secure protocol, and you create a more secure environment for the community to thrive

This is a side channel attack.  There is no flaw to find or fix in the protocol.  It says that if the attacker can monitor and manipulate the CPU then they can steal the private key.  The fix is to make sure the attacker can't monitor or manipulate the CPU.  If almost all circumstances if the attacker can do this he can simply steal the wallet.dat (which is much easier).  

The one exception would be idiot service operators running bitcoin services in "the cloud" or on VPS.  Of course there have been at least two dozen thefts in the past related to compromises of VPS (including linode).  Virtual environment will NEVER be secure for bitcoin services.  OpenSSL may eventually make this attacker harder to pull off but even then the VPS will remain a source of hundreds of attack vectors.

If you use a bitcoin related service (exchange, eWallet, mining pool, etc) ask the service operator if they are stupid enough to run it on a VPS? If the answer is yes run, run, run for the exits because it is only a matter of when not if they eventually lose all your bitcoins.  This technical vulnerability is the least of your worries.  There are attacks which are a magnitude easier (including simply logging in with the super admin/root account and stealing the coins).

+1

[cr1776]

Do you think it's enough to have the bitcoin wallets in a server you physically control or should also the website be located inhouse to prevent thieves from stealing bitcoins?

2 years ago i posted a idea that no wallet should be on a server. instead a withdrawal request should just be a database entry on the server. and on a separate system away from the server that has a copy of users details. no communications go to the off-server system. pure the off-server system looks in the database (one way communication) which it would see the request and compare the password or pin given on that request to the copy on their off-network system. if they match the off-server system would perform the transaction.

all that should be on the server is a hashed copy of the password, used purely for login requests where the login page hashes the users password and compares the hashes. that way the hacker cannot guess the unhashed password

adding to that the withdrawal request database uses a different hashing method which the off-server has a copy of, so that hackers dont simply copy the login hash to the withdrawal request. as the 2 would be different

combine that with the fact that there is no privkey on the server makes cpu sniffing useless also

QFT.  D&T also makes a good point about a pool having their VPS hacked, and tons of bitcoins stolen nearly 2 years ago now.  (And they were not the only one, it has been a recurring problem.)  If you are on a pool, exchange, etc, don't store your coins there.  Set an automatic payout, or use p2pool with an instant payout.