danherbias07 (OP)
Legendary
Offline
Activity: 3304
Merit: 1132
Leading Crypto Sports Betting & Casino Platform
|
|
June 20, 2020, 05:03:16 PM |
|
We are still in quarantine and to avoid going out we watch movies or series to entertain ourselves. A friend recommended me to watch Prison Break telling it was an excellent series, and so I did. Season 2 Episode 7-8 Origami Codes from Scofield to Dr. Sara Tancredi being decoded. It hit me that perhaps we could use this to hide our seed phrases for addition of security. Let's start. Seeds are phrases mostly so it could also be coded with the use of dots. Requirements: An old phone. Turn off dictionary or autofill.You will need numbers to assign where it would be pressed. Let's use the one applied in the series as an example. 7 3 6 3 3 9 8 6 8 7 - the keys... .. .. . .. .... ... ... .. .... 3 2 2 1 2 4 3 3 2 4 - the amount of press for each key R E N D E Z V O U S For our seeds, we need 12 words which will be a lot of codes. We could just simplify it. Example: 5...6...9...2.5... = loyal3.3..7....5.. = desk2..4...5..3.. = ? 7...3..7....6...8..7...2...3.. = ? And so on... Its old school and new hackers will have a problem breaking it. I hope. It could also be used for private keys. How will we input a number? Try this: 2....0..3.... = 203 (when you press "0" once it will be space) How about big letters? Try this: #2..#2.#4. Let's try combining them. 2....#2..3...4....0..9.....#8. = 2Bf409T The only problem left is number 1. We could use 1=1Using the same example above we will add "1's" just to show it. 12....#2..3...4....0..19.....#8. Since there is no 12 or 19 in our keypads you just drop the "1's".12Bf4019T Note: Be careful putting the dots. I made errors while doing this just my missing 1 dot. Double or triple check it if necessary.
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
June 20, 2020, 05:06:54 PM |
|
Security by obscurity is never a good idea. You are not encrypting your information, just encoding it. You might as well use the binary notation. It does not increase the security.
|
|
|
|
danherbias07 (OP)
Legendary
Offline
Activity: 3304
Merit: 1132
Leading Crypto Sports Betting & Casino Platform
|
|
June 20, 2020, 05:10:23 PM |
|
Security by obscurity is never a good idea. You are not encrypting your information, just encoding it. You might as well use the binary notation. It does not increase the security. Okay then. Should I just delete it?
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
coupable
|
|
June 20, 2020, 06:09:00 PM |
|
Security by obscurity is never a good idea. You are not encrypting your information, just encoding it. You might as well use the binary notation. It does not increase the security. Okay then. Should I just delete it? Delete what? This topic? No you shouldn't as long it is in the biggenners board and the first reply below it is clarifying things for you and for other readers as well. I can even thank you for sharing your thoughts here as it's made for good willingness. You may just edit it with mention to the reply made by bob123 Btw, afaik you can't delete your own topic in this board.
|
|
|
|
NeuroticFish
Legendary
Offline
Activity: 3850
Merit: 6583
Looking for campaign manager? Contact icopress!
|
|
June 20, 2020, 06:13:36 PM |
|
The method could be good only if you share it to somebody you trust 100%. Why good? Because if somebody finds the paper you wrote this down, the chance he'll understand what's that is smaller than if it's a plain text seed. (So I'd say you can leave it if others want to use this method or adapt it).
But one has to share the info (the method) with somebody else because it's (somewhat!) like something password protected: if you lose your memory, most probably nobody else will be able to access your funds. And maybe you have family that should be able to access them if you need expensive medical help, for example (especially if you have "life changing amounts of money").
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
June 20, 2020, 07:01:11 PM |
|
Okay then. Should I just delete it?
No, i was just making a point regarding this: It hit me that perhaps we could use this to hide our seed phrases for addition of security.
Such a method definitely has a use case, just as steganography too. But it doesn't make your data more secured. That's all i tried to point out.
|
|
|
|
Harlot
|
|
June 20, 2020, 08:11:31 PM |
|
I've read similar methods to this one like how they will jumble the order of the seed phrases are and them only knowing the combination. And to be honest I don't like the idea of messing around the order of the seed phrase as it could really screw me up if something happened bad with it. In your example where you would alter the input of your old phone there is no guarantee that it will be set that way, phones can malfunction especially the old ones and if you don't have any backup for you to decrypt your combinations then you are basically screwed.
|
|
|
|
20kevin20
Legendary
Offline
Activity: 1134
Merit: 1598
|
|
June 20, 2020, 09:05:47 PM |
|
5...6...9...2.5... = loyal 3.3..7....5.. = desk 2..4...5..3.. = ? 7...3..7....6...8..7...2...3.. = ?
I'm quite sure this could easily be cracked by someone who knows how to write a script (or program). If I see a paper with 24 rows of numbers and dots on it, I'd have to assume it's for a Bitcoin seed so completely ignoring the dots, I know that the rows contain: - 5 digits - 4 digits - 4 digits - 8 digits - (..) Which shrinks down the randomness by a significant amount of words (for example, if there are no 7 digit rows out of your 24 then I can exclude any 7 letter word out of the dictionary) and the possible combinations of words become way less. And then there are patterns.. for example, the ones I have underlined, bolded or underlined & bolded in the quote above. They're easy to create a pattern out of.
|
|
|
|
pixie85
|
|
June 20, 2020, 10:18:06 PM |
|
I agree with the above. It makes it harder for you and someone you trust like a family member to get access to the money and to a thief who has days to crack your seed it's going to be just another puzzle.
Can you imagine your mother decoding it? Who would do it faster your mother or a group of 20 year old thieves who robbed your house and found the code?
Security is important but backing your seed on a piece of paper isn't even if you encode it. You'll be safer with an encrypted or password protected file.
|
|
|
|
pooya87
Legendary
Offline
Activity: 3626
Merit: 10994
Crypto Swap Exchange
|
|
June 21, 2020, 02:50:20 AM |
|
The method could be good only if you share it to somebody you trust 100%.
no it can not. this is a very well known method of translating (or encoding) words into numbers and any half wise attacker can figure it out within 10 seconds of seeing the numbers written down. https://en.wikipedia.org/wiki/Telephone_keypadthere are also loads of tools that can be used to do the translation in a blinking of an eye which means it has zero security.
|
|
|
|
danherbias07 (OP)
Legendary
Offline
Activity: 3304
Merit: 1132
Leading Crypto Sports Betting & Casino Platform
|
|
June 21, 2020, 03:56:24 AM Last edit: June 21, 2020, 04:08:50 AM by danherbias07 |
|
No you shouldn't as long it is in the biggenners board and the first reply below it is clarifying things for you and for other readers as well. I can even thank you for sharing your thoughts here as it's made for good willingness. You may just edit it with mention to the reply made by bob123 Thank you. Btw, afaik you can't delete your own topic in this board.
Yes, there is a delete key when you are the OP. It hit me that perhaps we could use this to hide our seed phrases for addition of security.
Such a method definitely has a use case, just as steganography too. But it doesn't make your data more secured. That's all i tried to point out. I forgot that was there. I used "hide" a lot here. Or perhaps it was the right word to complete the sentence. In your example where you would alter the input of your old phone there is no guarantee that it will be set that way, phones can malfunction especially the old ones and if you don't have any backup for you to decrypt your combinations then you are basically screwed.
That's the default set-up of an old phone here in the Philippines. I have tried other phones like Nokia 3390 before made in Finland, purchased in the USA and it has the same default keys and usage. The difference will happen with Sony Ericsson old phones and Motorola I think. Yeah, maybe I should have input Nokia as the default phone being used. But this is just for private keys hiding. The seed phrase hiding is for any phone. If I see a paper with 24 rows of numbers and dots on it, I'd have to assume it's for a Bitcoin seed so completely ignoring the dots, I know that the rows contain:
The rows were intended for example purposes only. You could create your own style to make it not look like 24 rows.
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
pooya87
Legendary
Offline
Activity: 3626
Merit: 10994
Crypto Swap Exchange
|
|
June 21, 2020, 04:20:23 AM |
|
Yes, there is a delete key when you are the OP.
there is a delete key probably because starting post is still a comment like others and being the one who wrote it forum shows you the button. but when you click it, it can not be deleted instead you will see this error message "You cannot delete your own topics in this board." (tested this on my own topics in other boards).
|
|
|
|
pilosopotasyo
Member
Offline
Activity: 952
Merit: 27
|
|
June 21, 2020, 07:32:51 AM |
|
Yes, there is a delete key when you are the OP.
there is a delete key probably because starting post is still a comment like others and being the one who wrote it forum shows you the button. but when you click it, it can not be deleted instead you will see this error message "You cannot delete your own topics in this board." (tested this on my own topics in other boards). I don't see anything wrong with it, in fact, it just shows a way not to hide your private key this way it can help newbies and others who don't know this method don't work, don't delete it and just make it as a reference, I myself discover a lot of helpful links on this thread.
|
BACK FROM A LONG VACATION
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18726
|
|
June 21, 2020, 10:38:31 AM |
|
this is a very well known method of translating (or encoding) words into numbers and any half wise attacker can figure it out within 10 seconds of seeing the numbers written down. If we go back 20 years, I was able to touch type on phones like this much like many people can touch type on standard QWERTY keyboards. I think I could probably do about 20 words per minute, and could type entire paragraphs without looking at my phone once. I was certainly not the only one, and if I saw a code like this written down not only would I understand it immediately, I could probably decode it in a matter of seconds simply from memory without even having a reference. As pointed out above, this is bad way to store your seed phrase. It's probably worse than storing it in plain text, as it gives a false sense of security and may lead to someone storing their seed phrase in a less secure manner, falsely believing it to be "encoded".
|
|
|
|
hatshepsut93
Legendary
Offline
Activity: 3038
Merit: 2161
|
|
June 21, 2020, 01:05:37 PM |
|
Hide means make something invisible, right? I would use invisible UV ink to write down my explicit SEED between the lines somewhere in the middle of the thick book which is on the shelf among dozens of other books. Conveniently, securely and safely...aren't it? All those cipher-fiddles-riddles will eventually be able to mislead you.
All these homebrew schemes are likely to backfire and cause the user to lose access to their coins. Special ink might degrade over time, you might forget in which book or on which pages the seed is hidden, which can really screw you over if you have an emergency that requires you to take your seed.
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
June 21, 2020, 01:44:37 PM |
|
Hide means make something invisible, right? I would use invisible UV ink to write down my explicit SEED between the lines somewhere in the middle of the thick book which is on the shelf among dozens of other books. Conveniently, securely and safely...aren't it?
Where is the security? I don't see any security here: Confidentiality: Your mnemonic code is not encrypted. It is visible for anyone who looks for it. Integrity: Anyone can change your mnemonic, append new words, delete words etc. Availability: Books are not known for being very resilient against water/fire etc. All you did was to hide your mnemonic. Same could be applied by writing it on a piece of paper and putting it into the drawer. Well, I’m not that half-witted to not remember what a single specific book looks like or not memorize the one page number which coincides with my mother’s birthday, squared (everyone can choose his favorite number). And as for degradation - I suppose it could be refreshed any time if nessesary
Despite of the lack of security (as mentioned above), what about an accident (e.g. a car hits you) ? There is nothing against hiding secret information. But you shouldn't exclusively rely on that to secure your information.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18726
|
|
June 21, 2020, 01:56:39 PM |
|
And as for degradation - I suppose it could be refreshed any time if nessesary, ink won’t go away from the store shelf. How are you going to refresh it if you don't have your seed backed up the correct way - on a piece of paper with regular ink? You open the book, shine a UV light on it, and find out half the words are now unreadable. Hopefully you do this during a routine check and not because you need to recover your coins, which are now lost forever. Some UV ink will degrade within weeks or even days. If someone opens the book and exposes it to natural light, it will fade even faster. This method is not worth the risk for the tiny additional protection it grants.
|
|
|
|
cheezcarls
|
|
June 21, 2020, 03:00:43 PM |
|
We are still in quarantine and to avoid going out we watch movies or series to entertain ourselves. A friend recommended me to watch Prison Break telling it was an excellent series, and so I did. Season 2 Episode 7-8 Origami Codes from Scofield to Dr. Sara Tancredi being decoded. It hit me that perhaps we could use this to hide our seed phrases for addition of security. Let's start. Seeds are phrases mostly so it could also be coded with the use of dots. Requirements: An old phone. Turn off dictionary or autofill.You will need numbers to assign where it would be pressed. Let's use the one applied in the series as an example. 7 3 6 3 3 9 8 6 8 7 - the keys... .. .. . .. .... ... ... .. .... 3 2 2 1 2 4 3 3 2 4 - the amount of press for each key R E N D E Z V O U S For our seeds, we need 12 words which will be a lot of codes. We could just simplify it. Example: 5...6...9...2.5... = loyal3.3..7....5.. = desk2..4...5..3.. = ? 7...3..7....6...8..7...2...3.. = ? And so on... Its old school and new hackers will have a problem breaking it. I hope. It could also be used for private keys. How will we input a number? Try this: 2....0..3.... = 203 (when you press "0" once it will be space) How about big letters? Try this: #2..#2.#4. Let's try combining them. 2....#2..3...4....0..9.....#8. = 2Bf409T The only problem left is number 1. We could use 1=1Using the same example above we will add "1's" just to show it. 12....#2..3...4....0..19.....#8. Since there is no 12 or 19 in our keypads you just drop the "1's".12Bf4019T Note: Be careful putting the dots. I made errors while doing this just my missing 1 dot. Double or triple check it if necessary.
It's not bad when you have your own idea in hiding your seeds and private keys, but I am not in favor in using an old phone. You know why? It's because it may be vulnerable to system corrupt and it lets you force to do factory reset data. Trust me, I've been there. My phone was corrupted and some of my seed phrases and private keys are there and cannot be recovered. Luckily, I have activated Google Cloud drive to back them up before it happened. But still, it's not a good idea to store them in a phone. For me, it's still writing them on a piece of paper or notebook in exact order and put it somewhere safe. Not just one paper though, make sure you have a few pieces of that with your private keys or seed phrases. I usually wanna do more than one piece of paper with private keys and seed phrases, because if something happens to me later on, at least they can be a family inheritance. You know what I mean?
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18726
|
|
June 21, 2020, 03:16:04 PM |
|
It's not bad when you have your own idea in hiding your seeds and private keys Yes, it is. As this topic shows, people are bad at coming up with secure methods for protecting data. If you want to store some data securely, then encrypt it. There is reason that encryption is the global standard used by every half-serious tech company or user, and not everyone coming up with their own methods of encoding data like OP has done. It's because it may be vulnerable to system corrupt and it lets you force to do factory reset data. Did you read OP's post? There is nothing stored on the phone. He is simply using the keypad as an encoding method. Luckily, I have activated Google Cloud drive to back them up before it happened. Backing things up on cloud servers, email accounts, or any other online storage is a terrible idea. You are exposing your seed phrase to an unknown number of servers in an unknown number of locations, which can be accessed remotely or physically by an unknown number of people. This kind of storage is frequently hacked. I suggest you move all coins out of those wallets immediately.
|
|
|
|
Asuspawer09
|
|
June 21, 2020, 03:31:28 PM |
|
We are still in quarantine and to avoid going out we watch movies or series to entertain ourselves. A friend recommended me to watch Prison Break telling it was an excellent series, and so I did. Season 2 Episode 7-8 Origami Codes from Scofield to Dr. Sara Tancredi being decoded. It hit me that perhaps we could use this to hide our seed phrases for addition of security. Let's start. Seeds are phrases mostly so it could also be coded with the use of dots. Requirements: An old phone. Turn off dictionary or autofill.You will need numbers to assign where it would be pressed. Let's use the one applied in the series as an example. 7 3 6 3 3 9 8 6 8 7 - the keys... .. .. . .. .... ... ... .. .... 3 2 2 1 2 4 3 3 2 4 - the amount of press for each key R E N D E Z V O U S For our seeds, we need 12 words which will be a lot of codes. We could just simplify it. Example: 5...6...9...2.5... = loyal3.3..7....5.. = desk2..4...5..3.. = ? 7...3..7....6...8..7...2...3.. = ? And so on... Its old school and new hackers will have a problem breaking it. I hope. It could also be used for private keys. How will we input a number? Try this: 2....0..3.... = 203 (when you press "0" once it will be space) How about big letters? Try this: #2..#2.#4. Let's try combining them. 2....#2..3...4....0..9.....#8. = 2Bf409T The only problem left is number 1. We could use 1=1Using the same example above we will add "1's" just to show it. 12....#2..3...4....0..19.....#8. Since there is no 12 or 19 in our keypads you just drop the "1's".12Bf4019T Note: Be careful putting the dots. I made errors while doing this just my missing 1 dot. Double or triple check it if necessary.
I guess you could make your own encryption to your seeds or private key so that even if the hackers find a way to get your files where the encrypted private key saves you it may still not going to be hack as it is encrypted. You could code your encryption or maybe create your own application that could encrypt and Decrypt your own password. It seems not to be a good idea or not recommended but I guess it might work for some cases.
|
|
|
|
|