Most people are not capable of keeping their wallets safe?

[tomcollins]

Right now there are a lot of technology geeks involved, so most people are capable.  But if BitCoins were to spread to a more widestream appeal, most people wouldn't be able to safely keep track of their wallets.

You'd see the following things:

1)  Trojans/viruses/exploits getting to the wallet file.  If I understand correctly, this file is unencrypted, so anyone who takes this file can take control of your wallet.

2)  People may lose their wallet.  Their computer crashes, they accidentally delete it, etc...  Bye bye Bitcoins forever.

3)  People will encrypt stuff, but forget the password and screw themselves.

Anything else that you would expect a casual user to screw up?

Those two things are real deal breakers that I would recommend to people who were not computer geeks to NOT use BitCoins, just because they would be incapable of having a good experience with them almost all of the time.

Some people have said "fools and their money should be parted, so this parts them faster", but I disagree.  We are the small minority and we cannot expect Joe Sixpack or Grandma to ever learn anything about computer security or backing up files.  Even knowing what to do, it would be a lot nicer if it was done for me automatically.

As the market matures, these issues will be solved.  But I would expect either an enhanced client for those types of users (clearly not a priority now), or some type of more centralized service for those types to keep from shooting themselves in the foot.

Are there any other common scenarios where someone would really shoot themselves in the foot?

[1714011940]

1714011940

[brocktice]

There is already MyBitcoin, but then we have seen with MtGox that services like this are already being targeted.

[cypherdoc]

There is already MyBitcoin, but then we have seen with MtGox that services like this are already being targeted.

can u elaborate on what u mean by this?

[mewantsbitcoins]

I suspect that the biggest problem will be trojans/viruses/exploits if wallet remains unencrypted. This should be addressed ASAP.

As to the other two points, backing up and remembering your password are trivial tasks. It's not 80's anymore - computers are here to stay and will become increasingly bigger part of our lives. We should learn to interact with them.

[cypherdoc]

I suspect that the biggest problem will be trojans/viruses/exploits if wallet remains unencrypted. This should be addressed ASAP.

As to the other two points, backing up and remembering your password are trivial tasks. It's not 80's anymore - computers are here to stay and will become increasingly bigger part of our lives. We should learn to interact with them.

did Mtgox and Mybitcoin get hacked?

[Alex Beckenham]

You'd see the following things:

1)  Trojans/viruses/exploits getting to the wallet file.  If I understand correctly, this file is unencrypted, so anyone who takes this file can take control of your wallet.

2)  People may lose their wallet.  Their computer crashes, they accidentally delete it, etc...  Bye bye Bitcoins forever.

3)  People will encrypt stuff, but forget the password and screw themselves.

Anything else that you would expect a casual user to screw up?

If Alice owes Bob 100 btc and her wallet contains exactly 100 btc, she may just email him her wallet.dat.

Now it's stored unencrypted in both parties email accounts...

Plus Bob possibly now gets any future money intended for Alice as he has those old keys.

[Ian Maxwell]

Private keys really need to be strongly encrypted. Like, yesterday. At the moment theft is much too easy considering how potentially profitable it is. I should have to enter in my passphrase every time I want to send bitcoins---a forgotten passphrase is unlikely if it's used frequently enough.

And there ought to be an automatic backup system as well. Right now I have an encrypted wallet.dat in my Dropbox which I update periodically (I deliberately produced a lot of keys up front), but I don't trust my mother or aunt to remember to do something like this. Even a centralized backup server is better than nothing.

[tomcollins]

I suspect that the biggest problem will be trojans/viruses/exploits if wallet remains unencrypted. This should be addressed ASAP.

As to the other two points, backing up and remembering your password are trivial tasks. It's not 80's anymore - computers are here to stay and will become increasingly bigger part of our lives. We should learn to interact with them.

Should and reality are two different things.  I have probably 50 different passwords for different things, different logons, etc...  I'll forget them every once in a while and have been bailed out by the "forgot your password" link on things all the time.

I'm not sure what the answer is, but if any significant wealth is stored on bitcoin, with no way to ever recover money, that's a big deal.  Even if I get hit by a bus, it's gone unless I left the information in my will or a trust or something.

[brocktice]

I understand and agree that currently bitcoin wallets are not very secure, and that that should change in the future, (or yesterday, as suggested).

That said, I am curious. Have there been any reports *yet* of bitcoin theft directly from an individual's wallet (and not from some hacked web service)?

[chooseusername10]

Encryption wont solve this problem, because the hackers will steal the keys.
From another thread

I would change it so vital parts of the protocol can be preformed with out a connection to the internet, and only encrypted blocks of cipher text / already signed data would need to touch the internet. People could decrypt and verify signatures on a different machine with no connection to the internet, and the data to try to hash also transferred this way and then coins mined for and stored completely offline prior to a signed/ciphertext transfer of value. This would prevent hackers from being able to attack the network with buffer overflows and similar, root all of the clients and destroy the value of Bitcoin. This could be done either with flaws in the programming of the bitcoin client used, or flaws in the programming of other applications used in a shared environment. I doubt many Bitcoin users are taking security measures capable of defending from intelligence agency / military / super l33t hackers in general and such an attacker could likely take over the network. By removing critical processes from the internet entirely and having only secured/signed/encrypted data online, you can completely remove the risk of hackers 100%. This is the only way to remove such risk 100% as well, but most users are not even securing themselves near as well as they could be while connected to the internet, and the technical expertise required to do this is significantly beyond that of the average computer user.

I should also add that data should be transferred between the internet connected machine and the disconnected machine via CD which is discarded, so an attacker can not use the CD as a compromise vector to communicate data from the disconnected machine to the connected machine and then back to the attacker. Also, at least one back up of the drive of the disconnected drive should be made periodically, incase a compromise attempts to wipe the drive rather than steal the wallet

I think this is the only solution. Also I would like to point out that even if you are a security expert, as long as you are connected to the internet there is always the risk of some hacker. There are probably hacker groups out there right now that would be capable of taking over 99% of the bitcoin network and stealing all wallets, and adding encrypted wallets isn't going to change that since they could just steal the key.

[RodeoX]

I agree this should be a priority. At least encrypting the wallet file and requiring a strong passphrase to open it for spending.
Remember bitcoins are money, this is not like protecting a forum account from practical jokes. Enough coins in your wallet could bring out the not f-ing around crew.

[cypherdoc]

i don't leave my Bitcoin client open while i'm browsing and just to make sure, i offload the wallet.dat file after i encrypt off to my Blackberry with another copy in Dropbox.  how do u guys feel about storing a Truecrypt file in Dropbox.

[allinvain]

Yeah the bitcoin clients needs and should encrypt the wallet.dat file like RIGHT NOW..PRONTO!! This is a huge security risk. If we want bitcoin to become more widely adopted it has to be more than a e-currency for geeks..it has to be almost idiot proof and as secure BY DEFAULT as possible..ok..enough shouting :p

I think storing an encrypted file on Dropbox should be ok. If you want to be super paranoid store another copy on another cloud storage provider as well.

[ribuck]

i don't leave my Bitcoin client open while i'm browsing and just to make sure

Don't keep Bitcoin (i.e. wallet.dat) in the same login account that you do your browsing from.

[brocktice]

i don't leave my Bitcoin client open while i'm browsing and just to make sure, i offload the wallet.dat file after i encrypt off to my Blackberry with another copy in Dropbox.  how do u guys feel about storing a Truecrypt file in Dropbox.

I think it's a great idea to store an encrypted backup of your wallet in dropbox. HOWEVER, this only solves the I-lost-my-money-because-of-a-hard-drive-crash-or-fire problem, not the someone-hacked-my-computer-and-took-my-money problem.

[Alex Beckenham]

Encryption wont solve this problem, because the hackers will steal the keys.
From another thread

I would change it so vital parts of the protocol can be preformed with out a connection to the internet, and only encrypted blocks of cipher text / already signed data would need to touch the internet. People could decrypt and verify signatures on a different machine with no connection to the internet, and the data to try to hash also transferred this way and then coins mined for and stored completely offline prior to a signed/ciphertext transfer of value. This would prevent hackers from being able to attack the network with buffer overflows and similar, root all of the clients and destroy the value of Bitcoin. This could be done either with flaws in the programming of the bitcoin client used, or flaws in the programming of other applications used in a shared environment. I doubt many Bitcoin users are taking security measures capable of defending from intelligence agency / military / super l33t hackers in general and such an attacker could likely take over the network. By removing critical processes from the internet entirely and having only secured/signed/encrypted data online, you can completely remove the risk of hackers 100%. This is the only way to remove such risk 100% as well, but most users are not even securing themselves near as well as they could be while connected to the internet, and the technical expertise required to do this is significantly beyond that of the average computer user.

I should also add that data should be transferred between the internet connected machine and the disconnected machine via CD which is discarded, so an attacker can not use the CD as a compromise vector to communicate data from the disconnected machine to the connected machine and then back to the attacker. Also, at least one back up of the drive of the disconnected drive should be made periodically, incase a compromise attempts to wipe the drive rather than steal the wallet

I think this is the only solution. Also I would like to point out that even if you are a security expert, as long as you are connected to the internet there is always the risk of some hacker. There are probably hacker groups out there right now that would be capable of taking over 99% of the bitcoin network and stealing all wallets, and adding encrypted wallets isn't going to change that since they could just steal the key.

Your main wallet could be in the offline machine, then you just update it's blockchain via CD.

As most people know, you can easily send to an offline account, so that's no problem, but how do you spend from it securely?

The answer I think is in wallet surgery... upcoming tools that will allow you to split off say $49.95 from your wallet while completely OFFLINE. Then transfer that new $49.95-value wallet.dat to the net-connected machine via CD for spending. This will probably be a bit dependent on your savings wallet consisting of many small-value addresses, rather than a few large-value addresses.

[cypherdoc]

i don't leave my Bitcoin client open while i'm browsing and just to make sure

Don't keep Bitcoin (i.e. wallet.dat) in the same login account that you do your browsing from.

thank you.

[Timo Y]

The problem is that it's extremely hard to achieve user friendliness and strong security at the same time.  It might even be impossible. There seems to be a fundamental law that greater security must always come at the cost of less user friendliness.

The best compromise I can think of is a piece of hardware, perhaps a smartphone, used exclusively for bitcoin.  This device takes the user's fingerprint and a password before every transaction. It has an extremely restrictive firewall.  The advantage of using a separate device is that it's simple to use and the amateur user can't compromise system security by installing software from third parties.

Automatic wallet encryption is not very secure at all, because the trojan/virus only has to sit and wait for the next time the user sends some bitcoins for the unencrypted version to appear on the OS.  There is also the problem that modern operating systems are getting increasingly complex and who knows where cached copies of the unencrypted wallet might be hiding, even if the copy visible to the bitcoin client is encrypted?

Giving users a false sense of security is worse than no security.

The market will no doubt one day offer solutions for non-geek users, such as my example of the "bitphone". Demand for them will soar once there are a few highly publicised cases of bittheft.  I fear that the fear is what it will take for a decent product to emerge. Unfortunately that's the way humans work. They grossly underestimate the risk from events that have never occurred (yet).

[RodeoX]

I like to keep three copies of my wallet file. One I encrypt and leave in the /.bitcoin (in linux) folder then delete the original, not just move to trash. Then I make two copies of the encrypted file and store one on a remote server, the other on a USB stick well hidden. That is a lot of hassle, but what else can i do?

[Timo Y]

[...] and we cannot expect Joe Sixpack or Grandma to ever learn anything about computer security or backing up files.
[...]

Well maybe we should expect them to learn about it.

Basic computer literacy should be considered just as important as the three Rs these days.

I've not saying that Joe Sixpack should be expected to understand the mathematics of encryption, but he should have a conceptual notion of what comprises a good password, the most common attack scenarios, what a firewall does, backup strategies, redundance, etc .

Almost everybody can learn those basic concepts if they want to.  The problem I see with a lot of older people especially is not a lack of ability but a lack of motivation to deal with computers.  If a computer is suddenly more than just a novel way of shopping and mailing letters, and a big part of their savings is at stake, I bet that the motivation will appear.