Bitcoin Forum
December 11, 2016, 02:02:22 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 [15]  All
  Print  
Author Topic: Hacked Linode & coins stolen to 1NRy8GbX56MymBhDYM...  (Read 57602 times)
notme
Legendary
*
Offline Offline

Activity: 1540


View Profile
March 11, 2012, 06:07:47 PM
 #281

Public addresses are derived from the private key, so deterministic wallet is not the solution.  However, you are correct that you don't need the private keys.  You can simple keep a buffer of a few thousand address in your db that match private keys you store in a safe location.

I think electrum has implemented a solution where the addresses can also be derived from a seed.

I don't see how.... the private key is the only input to the formula for generate the public key/address.  Sure, you can throw away the private key after you calculate the address, but if you're hacked they will just take the seed and generate the private keys.

Do you have a link to the solution you mentioned?

https://www.bitcoin.org/bitcoin.pdf
While no idea is perfect, some ideas are useful.
12jh3odyAAaR2XedPKZNCR4X4sebuotQzN
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481464942
Hero Member
*
Offline Offline

Posts: 1481464942

View Profile Personal Message (Offline)

Ignore
1481464942
Reply with quote  #2

1481464942
Report to moderator
1481464942
Hero Member
*
Offline Offline

Posts: 1481464942

View Profile Personal Message (Offline)

Ignore
1481464942
Reply with quote  #2

1481464942
Report to moderator
1481464942
Hero Member
*
Offline Offline

Posts: 1481464942

View Profile Personal Message (Offline)

Ignore
1481464942
Reply with quote  #2

1481464942
Report to moderator
molecular
Donator
Legendary
*
Offline Offline

Activity: 2142



View Profile
March 11, 2012, 06:23:08 PM
 #282

Public addresses are derived from the private key, so deterministic wallet is not the solution.  However, you are correct that you don't need the private keys.  You can simple keep a buffer of a few thousand address in your db that match private keys you store in a safe location.

I think electrum has implemented a solution where the addresses can also be derived from a seed.

I don't see how.... the private key is the only input to the formula for generate the public key/address.  Sure, you can throw away the private key after you calculate the address, but if you're hacked they will just take the seed and generate the private keys.

Do you have a link to the solution you mentioned?

took me a while, but found it, what I meant is called a "type 2 deterministic wallet". see this post: https://bitcointalk.org/index.php?topic=19137.0 ("Deterministic Wallets")

Quote
Type-2 is a bit less obvious and understanding it requires you to know about a property of ECC keys, roughly:

A_public_key = A_private_key*point

Which means you can do:

B_public_key = A_public_key+B_secret*point
and have a new key which has a private key:
B_private_key = A_private_key+B_secret

So a type2 wallet stores:
Master_private_key
A large Random_seed S.

and keys are given by

Privatekey(type,n) = Master_private_key + H(n|S|type)

which works just like a type-1, the advantage of the type-2 is that you can separately secure the Master_private_key, but still generate new addresses with
Publickey(type,n) = Master_public_key + H(n|S|type)*point


PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
notme
Legendary
*
Offline Offline

Activity: 1540


View Profile
March 11, 2012, 06:39:48 PM
 #283

took me a while, but found it, what I meant is called a "type 2 deterministic wallet". see this post: https://bitcointalk.org/index.php?topic=19137.0 ("Deterministic Wallets")

Quote
Type-2 is a bit less obvious and understanding it requires you to know about a property of ECC keys, roughly:

A_public_key = A_private_key*point

Which means you can do:

B_public_key = A_public_key+B_secret*point
and have a new key which has a private key:
B_private_key = A_private_key+B_secret

So a type2 wallet stores:
Master_private_key
A large Random_seed S.

and keys are given by

Privatekey(type,n) = Master_private_key + H(n|S|type)

which works just like a type-1, the advantage of the type-2 is that you can separately secure the Master_private_key, but still generate new addresses with
Publickey(type,n) = Master_public_key + H(n|S|type)*point



Thanks... that would work.  In case it's not obvious to someone else, this may help:



A_public_key = A_private_key*point, so B_public_key = B_private_key*point

B_private_key = A_private_key + B_secret -> B_public_key = (A_private_key + B_secret)*point

Since A_private_key*point is our A_public_key, this gives us B_public_key = A_public_key + B_secret*point

Like you quoted, as long as you have the first public key you can generate all the public keys in the sequence without providing enough information to reveal the private keys.



Thanks again for digging up that information.

https://www.bitcoin.org/bitcoin.pdf
While no idea is perfect, some ideas are useful.
12jh3odyAAaR2XedPKZNCR4X4sebuotQzN
ThomasV
Legendary
*
Offline Offline

Activity: 1722



View Profile WWW
March 11, 2012, 06:40:12 PM
 #284

Public addresses are derived from the private key, so deterministic wallet is not the solution.  However, you are correct that you don't need the private keys.  You can simple keep a buffer of a few thousand address in your db that match private keys you store in a safe location.

I think electrum has implemented a solution where the addresses can also be derived from a seed.

I don't see how.... the private key is the only input to the formula for generate the public key/address.  Sure, you can throw away the private key after you calculate the address, but if you're hacked they will just take the seed and generate the private keys.

Do you have a link to the solution you mentioned?

yes, I was referring to "type 2" deterministic wallets. This solution is currently implemented in Electrum and Armory.

in addition, Electrum has a working example of address generator in python-php: http://ecdsa.org/remote.php

Electrum: the convenience of a web wallet, without the risks
Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 700


Wat


View Profile WWW
July 12, 2012, 12:09:49 PM
 #285

Very interesting. Now if Gox or GLBSE or who knows who else can ID one of the address....


....i hope they dont reveal cutomer data - to finish that line of thought Smiley

Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
July 12, 2012, 12:45:07 PM
 #286

Very interesting. Now if Gox or GLBSE or who knows who else can ID one of the address....


....i hope they dont reveal cutomer data - to finish that line of thought Smiley

I think that what each exchanges decide to do with information that can be
mined from the blockchain in that way will very much end up being a part
of how they compete with one another.

In particular, should they choose to comply with authorities with disclosure
requests that are based on blockchain forensics, this will make using one
exchange over an other more or less of an option for a certain category of
people.

This will all lead to a diversification of the ecosystem, which is a good thing.



When I "lost" 400 BTC people were able to track down the address to GLBSE just by looking at address. I'm pretty sure there is a lot of info in here if someone wanted to look. I did offer a 40 BTC (10%) bounty however. Maybe bitcoinica could do the same:)

They don't even bother to file a police report when they get robbed or their servers breached, why would they offer a bounty? Wink

bitcoinBull
Legendary
*
Offline Offline

Activity: 826


rippleFanatic


View Profile
July 12, 2012, 11:18:53 PM
 #287

Excellent work.

Looks like it could be a potential slip-up of the thief. Now to make sure the exchanges are aware of the two extra addresses:

Code:
    Fri Jan  6 03:01:59 2012    10c0f04931b015c0d339a1510cfc23a12a6dcdbe    fcee4be6c1fc527aaa2e9bdf1dd07f8119f9d0bd1bdeee78e04fdeb56fc6ce81               0.00000000 +             367.41137900 =             367.41137900
    Sat Jan  7 01:31:48 2012    80ab5bcd943419b8988234e8e19b83389edc542a    92a05c0ae62d11a64f132976ab44cc9b1e127c189abda8948aecdb42abb4d101             367.41137900 +             298.61836200 =             666.02974100

College of Bucking Bulls Knowledge
bitcoinBull
Legendary
*
Offline Offline

Activity: 826


rippleFanatic


View Profile
July 13, 2012, 12:34:04 AM
 #288

Excellent work.

Looks like it could be a potential slip-up of the thief. Now to make sure the exchanges are aware of the two extra addresses:

Code:
    Fri Jan  6 03:01:59 2012    10c0f04931b015c0d339a1510cfc23a12a6dcdbe    fcee4be6c1fc527aaa2e9bdf1dd07f8119f9d0bd1bdeee78e04fdeb56fc6ce81               0.00000000 +             367.41137900 =             367.41137900
    Sat Jan  7 01:31:48 2012    80ab5bcd943419b8988234e8e19b83389edc542a    92a05c0ae62d11a64f132976ab44cc9b1e127c189abda8948aecdb42abb4d101             367.41137900 +             298.61836200 =             666.02974100


What do you mean "two" ?


nevermind, haven't had much sleep and was confused by gap in dates.

still, it seems possible that the earliest ones could be the most revealing. there really should be a database for tagging addresses (as belonging to different exchanges, pools, services, etc.), or is there one i'm not aware of?

College of Bucking Bulls Knowledge
tcp_rst
Member
**
Offline Offline

Activity: 74



View Profile
November 06, 2012, 11:00:55 PM
 #289

Hey slush--so eight months later can you give us any update on this incident?  I'm curious to know if Linode host ever compensated you, even partly.  Did you get enough donations to cover even a small percentage of your losses?
slush
Legendary
*
Offline Offline

Activity: 1358



View Profile WWW
November 06, 2012, 11:06:56 PM
 #290

Hey slush--so eight months later can you give us any update on this incident?  I'm curious to know if Linode host ever compensated you, even partly.  Did you get enough donations to cover even a small percentage of your losses?

Linode "compensated" me by providing one year of VPS server "for free". I sent them official snail mail letter asking for some compensation, I contacted them by email, no response.

I received around 30BTC on donations from many people and I'm really glad for that support. Still, I had to covered the rest of stolen 3094 BTC from my pocket...

SouthernComfort
Newbie
*
Offline Offline

Activity: 28



View Profile
January 21, 2013, 05:49:56 AM
 #291

+1

As soon as there's such a mechanism, stolen coins will find a way to avoid being detected, there's just no way you can do that 100% reliably. This would only result in a great big mess - people wrongfully accusing others of having their coins stolen (even if it was a regular payment or donation) just to get them into trouble, people fighting over evidence and reputation, online wallet services getting into trouble because some think their acceptance policies are not strict enough, tainting coins of innocent others in the process, people flooding donation addresses with tainted coins,...
Also, what would be the next step? Refuse blocks from "shady" miners who include transactions with tainted fees?

We really don't need that - fighting Bitcoin thefts at that level is just not the way to go. You'd only make it a bit harder for Bitcoin thieves at the cost of making Bitcoin a much more miserable experience for everyone else!

Oh and I'm not trying to talk anybody out of implementing such a system, please go ahead and do it, just don't expect it to become widely adopted. Even people thinking such a system would be a good idea in principle are likely to disagree on the details, fighting and lobbying for their favored policies, etc... In the end, it would have been much more effective to just make two-factor authentication easy to use for everyone.

Bitcoin Fanatic!
constitution
Newbie
*
Offline Offline

Activity: 28



View Profile
January 23, 2013, 01:10:42 AM
 #292

Very interesting. Now if Gox or GLBSE or who knows who else can ID one of the address....


....i hope they dont reveal cutomer data - to finish that line of thought Smiley

Lol we can only hope

Droid!
benjamindees
Legendary
*
Offline Offline

Activity: 1288


View Profile
November 16, 2013, 03:32:33 AM
 #293

Confirmed FBI operation.

Jeremy Hammond:  hacks for the FBI, sentenced to 10 years in prison in return:

http://www.dailydot.com/news/jeremy-hammond-fbi-foreign-governments-list/

http://lists.randombit.net/pipermail/cryptography/2012-March/002586.html

Quote
Apparently, a 4 day old (or rather 'official since 4 days') Parallels
Plesk control panel weakness was used yesterday to break into a number
of large Bitcoin mining pools hosted on cheap virtual servers.

http://pastebin.com/xy8aQY9W

Quote
Sabu also supplied lists of targets that were vulnerable to "zero day exploits" used to break into systems, including a powerful remote root vulnerability effecting the popular Plesk software. At his request, these websites were broken into, their emails and databases were uploaded to Sabu's FBI server, and the password information and the location of root backdoors were supplied. These intrusions took place in January/February of 2012 and affected over 2000 domains
...
All of this happened under the control and supervision of the FBI

Anyone still not aware of what is going on here?

Civil Liberty Through Complex Mathematics
LightRider
Legendary
*
Offline Offline

Activity: 1488


I advocate the Zeitgeist Movement & Venus Project.


View Profile WWW
November 16, 2013, 06:03:56 AM
 #294

Damn.

Bitcoin combines money, the wrongest thing in the world, with software, the easiest thing in the world to get wrong.
Visit www.thevenusproject.com and www.theZeitgeistMovement.com.
dancingnancy
Sr. Member
****
Offline Offline

Activity: 407


View Profile
November 16, 2013, 06:29:28 AM
 #295

Confirmed FBI operation.

Jeremy Hammond:  hacks for the FBI, sentenced to 10 years in prison in return:

http://www.dailydot.com/news/jeremy-hammond-fbi-foreign-governments-list/

http://lists.randombit.net/pipermail/cryptography/2012-March/002586.html

Quote
Apparently, a 4 day old (or rather 'official since 4 days') Parallels
Plesk control panel weakness was used yesterday to break into a number
of large Bitcoin mining pools hosted on cheap virtual servers.

http://pastebin.com/xy8aQY9W

Quote
Sabu also supplied lists of targets that were vulnerable to "zero day exploits" used to break into systems, including a powerful remote root vulnerability effecting the popular Plesk software. At his request, these websites were broken into, their emails and databases were uploaded to Sabu's FBI server, and the password information and the location of root backdoors were supplied. These intrusions took place in January/February of 2012 and affected over 2000 domains
...
All of this happened under the control and supervision of the FBI

Anyone still not aware of what is going on here?

Wow, wonder what else has happened behind the scenes?

EDIT: Wait, didn't our bitcoinica funds get hacked from a Linode server? 
adamstgBit
Legendary
*
Offline Offline

Activity: 1904


Trusted Bitcoiner


View Profile WWW
November 16, 2013, 06:35:30 AM
 #296

Confirmed FBI operation.

Jeremy Hammond:  hacks for the FBI, sentenced to 10 years in prison in return:

http://www.dailydot.com/news/jeremy-hammond-fbi-foreign-governments-list/

http://lists.randombit.net/pipermail/cryptography/2012-March/002586.html

Quote
Apparently, a 4 day old (or rather 'official since 4 days') Parallels
Plesk control panel weakness was used yesterday to break into a number
of large Bitcoin mining pools hosted on cheap virtual servers.

http://pastebin.com/xy8aQY9W

Quote
Sabu also supplied lists of targets that were vulnerable to "zero day exploits" used to break into systems, including a powerful remote root vulnerability effecting the popular Plesk software. At his request, these websites were broken into, their emails and databases were uploaded to Sabu's FBI server, and the password information and the location of root backdoors were supplied. These intrusions took place in January/February of 2012 and affected over 2000 domains
...
All of this happened under the control and supervision of the FBI

Anyone still not aware of what is going on here?

Wow, wonder what else has happened behind the scenes?

EDIT: Wait, didn't our bitcoinica funds get hacked from a Linode server?  

pastebin.com

lol, is this crap....

SgtSpike
Legendary
*
Offline Offline

Activity: 1344



View Profile
November 16, 2013, 07:11:57 AM
 #297

Confirmed FBI operation.

Jeremy Hammond:  hacks for the FBI, sentenced to 10 years in prison in return:

http://www.dailydot.com/news/jeremy-hammond-fbi-foreign-governments-list/

http://lists.randombit.net/pipermail/cryptography/2012-March/002586.html

Quote
Apparently, a 4 day old (or rather 'official since 4 days') Parallels
Plesk control panel weakness was used yesterday to break into a number
of large Bitcoin mining pools hosted on cheap virtual servers.

http://pastebin.com/xy8aQY9W

Quote
Sabu also supplied lists of targets that were vulnerable to "zero day exploits" used to break into systems, including a powerful remote root vulnerability effecting the popular Plesk software. At his request, these websites were broken into, their emails and databases were uploaded to Sabu's FBI server, and the password information and the location of root backdoors were supplied. These intrusions took place in January/February of 2012 and affected over 2000 domains
...
All of this happened under the control and supervision of the FBI

Anyone still not aware of what is going on here?
You're saying the Bitcoins were stolen by an FBI employee?  Or what are you inferring?
benjamindees
Legendary
*
Offline Offline

Activity: 1288


View Profile
November 16, 2013, 06:41:00 PM
 #298

LulzSec was working for the FBI.  This is openly admitted.

http://www.theguardian.com/technology/2012/mar/06/lulzsec-sabu-working-for-us-fbi

Civil Liberty Through Complex Mathematics
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 [15]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!