Reused R values again

[BitPappa]

Hey Johoe, would you consider publishing a tipping address in this thread, so people can send you tips?

[1714950631]

1714950631

[1714950631]

1714950631

[redsn0w]

Hey Johoe, would you consider publishing a tipping address in this thread, so people can send you tips?

I think the btc address is in his signature :

Hello,

thanks for all the warm words.  I very much appreciated them.
...snip....

If you still want to donate I added one of my bitcoin addresses to the signature.

...snip....

[johoe]

@vivalibre: if your address still has money in it, then it was not exposed by this bug
I'm sure that I have found all transactions with R values that were vulnerable due to the bc.i bug.
The only vulnerable addresses I may have missed are *new* weak addresses that didn't have money in it on Wednesday last week (when I did a complete search).  A few of these still pop up. Also there are still a few transactions from the buggy version; last night there were two of them.

1Wo2SJhHbAXYGhQPv4BT7acMvdA5Rmo8i
1Bcch6KBW9P88JgCo7WUkC9dYnnTuotLhc

The first address shows that there is a bot that immediately breaks the key and sweeps the address.  It's not clear whether it used the repeated R value or broke the RNG, both would be possible here.

[LFC_Bitcoin]

johoe can we start using bc.i again now?

Are their issues resolved?

[JorgeStolfi]

Has BCI given any explanation about what went wrong with the humanware?  Did the programmer violate any internal protocols by updating the patch without checking it? What are they doing to prevent similar problems in the future?

[johoe]

johoe can we start using bc.i again now?

Are their issues resolved?

This particular issue is resolved.  The few bad transactions can be explained by people keeping a browser tab open for over a week. Make sure you reload the page. If you created any new address since Dec. 7 that you didn't use so far, you should archive it and never use it, just to be sure.

I'm reluctant to say whether Blockchain's MyWallet is safe or unsafe to use now.  This problem may have been a glitch or it may have revealed a bigger problem with their current development scheme.  I would not recommend storing larger sums in this wallet.

Has BCI given any explanation about what went wrong with the humanware?  Did the programmer violate any internal protocols by updating the patch without checking it? What are they doing to prevent similar problems in the future?

Sorry, I don't know why the patch went through without enough checking.  I don't know their protocols, so I cannot comment on this.

[Melty Melty]

Has BCI given any explanation about what went wrong with the humanware?  Did the programmer violate any internal protocols by updating the patch without checking it? What are they doing to prevent similar problems in the future?

There's a single developer, no controls, no testing.

[newIndia]

Has BCI given any explanation about what went wrong with the humanware?  Did the programmer violate any internal protocols by updating the patch without checking it? What are they doing to prevent similar problems in the future?

There's a single developer, no controls, no testing.

Single developer ? How do you know ? They are running a million dollar business !!!

[BitPappa]

I think the btc address is in his signature :

Thanks for pointing out what I had overlooked! Not much there yet. Hopefully Blockchain.info tipped him well!

[Newar]

Has BCI given any explanation about what went wrong with the humanware?  Did the programmer violate any internal protocols by updating the patch without checking it? What are they doing to prevent similar problems in the future?

There's a single developer, no controls, no testing.

Single developer ? How do you know ? They are running a million dollar business !!!

More than one according to: https://blockchain.info/about

[Melty Melty]

Has BCI given any explanation about what went wrong with the humanware?  Did the programmer violate any internal protocols by updating the patch without checking it? What are they doing to prevent similar problems in the future?

There's a single developer, no controls, no testing.

Single developer ? How do you know ? They are running a million dollar business !!!

More than one according to: https://blockchain.info/about

No, Ben Reeves is the only person who regularly commits any code and looks to be doing it with no peer review. There's no way you can pretend the change that caused this was done with any oversight by anybody. It can't be attributed to mismanagement because well, he is management. He's the guy who started the website, and miraculously the one who caused the 900 BTC loss here as well.

[sparkster]

Oh no, scapegoat is found. This poor guy gonna be lynched.

[Remember remember the 5th of November]

Of all thefts and errors that have occurred with Bitcoin, bc.i holds the #1 spot in theft related issues.

[windpath]

Of all thefts and errors that have occurred with Bitcoin, bc.i holds the #1 spot in theft related issues.

Not by a long shot, Mt. Gox is certainly #1....

And at least bc.i is doing what they can to make it right. It was a mistake, and they are fixing it.

[itod]

Of all thefts and errors that have occurred with Bitcoin, bc.i holds the #1 spot in theft related issues.

Theft under BTC 1000 doesn't get you into the first 30:
https://bitcointalk.org/index.php?topic=83794.0

BC.i is still to small to make it to the list.

[Remember remember the 5th of November]

Of all thefts and errors that have occurred with Bitcoin, bc.i holds the #1 spot in theft related issues.

Theft under BTC 1000 doesn't get you into the first 30:
https://bitcointalk.org/index.php?topic=83794.0

BC.i is still to small to make it to the list.

This wasn't about number of bitcoins lost, but number of people who lost coins one way or another.

[goosoodude]

Of all thefts and errors that have occurred with Bitcoin, bc.i holds the #1 spot in theft related issues.

Theft under BTC 1000 doesn't get you into the first 30:
https://bitcointalk.org/index.php?topic=83794.0

BC.i is still to small to make it to the list.

They were lucky johoe saved them. It wouldve been over 1000BTC if he was not here to sweep.
Technically, the number lost temporarily is above 1000BTC, so it should get in.

[windpath]

Of all thefts and errors that have occurred with Bitcoin, bc.i holds the #1 spot in theft related issues.

Theft under BTC 1000 doesn't get you into the first 30:
https://bitcointalk.org/index.php?topic=83794.0

BC.i is still to small to make it to the list.

This wasn't about number of bitcoins lost, but number of people who lost coins one way or another.

Other then Bc.i who lost coins? I believe they were all returned..

[smoothie]

Of all thefts and errors that have occurred with Bitcoin, bc.i holds the #1 spot in theft related issues.

Uh no there are at least a handful of bigger thefts that occurred far before this. 

[nogf]

They were lucky johoe saved them.

Not only johoe actually.

I'm the security researched who "caused" all of this by reporting a related bug to blockchain.info, which is why they were touching this critical code in the first place. The broken changes (there were multiple, only one is public knowledge) was pushed into production at midnight on Sunday in the UK. I caught the change and was able to get an emergency message to them in order to get them to pull the plug. Had I not had a script watching for changes like this on their site (previous experience has shown they love pushing broken code and then hiding it in git), it might have been a full 8 hours of sleep later that they could have taken down the website. Unsung hero and all that, but people would have lost a lot more money had it not been for that.

Their RNG was broken at least 4 times before this incident as well, it just didn't get any publicity.

So don't go go patting them on the back for their upstanding security, there's still piles of broken shit I've responsibly reported they haven't patched yet.