Bitcoin Forum
December 03, 2016, 03:42:16 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 15 »  All
  Print  
Author Topic: Hacked Linode & coins stolen to 1NRy8GbX56MymBhDYM...  (Read 57537 times)
kano
Legendary
*
Offline Offline

Activity: 1918


Linux since 1997 RedHat 4


View Profile
March 01, 2012, 10:39:22 PM
 #61

Wow, I was actually just looking into moving some of my hosting and linode was where I had chosen.  I guess I will have to rethink that.  I'll probably go with EC2 since it seems Amazon takes security quite seriously, but EC2 is noticably more expensive.
The security of EC2 is dependent on what applications you install on it.
If you install an application that has a security vulnerability that gives access to the wrong information then you are no better off.

However, the fact that Linode has an administrative "backdoor" into their system that they put in place with crap level security, certainly suggests anyone would be a fool to EVER use them again.
I'd probably even say that just having an administrative "backdoor" into their system that they put in place means you should not trust them.

Hopefully comments similar to that will spread across the internet and that will be the end of Linode.

Pool: https://kano.is BTC: 1KanoiBupPiZfkwqB7rfLXAzPnoTshAVmb
CKPool and CGMiner developer, IRC FreeNode #ckpool and #cgminer kanoi
Help keep Bitcoin secure by mining on pools with Stratum, the best protocol to mine Bitcoins with ASIC hardware
1480779736
Hero Member
*
Offline Offline

Posts: 1480779736

View Profile Personal Message (Offline)

Ignore
1480779736
Reply with quote  #2

1480779736
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480779736
Hero Member
*
Offline Offline

Posts: 1480779736

View Profile Personal Message (Offline)

Ignore
1480779736
Reply with quote  #2

1480779736
Report to moderator
1480779736
Hero Member
*
Offline Offline

Posts: 1480779736

View Profile Personal Message (Offline)

Ignore
1480779736
Reply with quote  #2

1480779736
Report to moderator
1480779736
Hero Member
*
Offline Offline

Posts: 1480779736

View Profile Personal Message (Offline)

Ignore
1480779736
Reply with quote  #2

1480779736
Report to moderator
Red Emerald
Hero Member
*****
Offline Offline

Activity: 742



View Profile WWW
March 01, 2012, 10:46:31 PM
 #62

I'd probably even say that just having an administrative "backdoor" into their system that they put in place means you should not trust them.
QFT

slush
Legendary
*
Offline Offline

Activity: 1358



View Profile WWW
March 01, 2012, 10:50:30 PM
 #63

Big irony is that my previous login into Linode Manager (those on 08/02/12) was because I created backup machine and moved pool backup here from my home server. I had some connectivity issues at home and sometimes backup didn't finished properly, so I decided to move backup to standalone machine to make it "safer".

kiba
Legendary
*
Offline Offline

Activity: 980


View Profile
March 01, 2012, 10:51:50 PM
 #64

Wow, I was actually just looking into moving some of my hosting and linode was where I had chosen.  I guess I will have to rethink that.  I'll probably go with EC2 since it seems Amazon takes security quite seriously, but EC2 is noticably more expensive.

I heard a polish exchange lost their money there because they didn't backup the wallet somewhere else.

rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
March 01, 2012, 10:52:36 PM
 #65

I'd probably even say that just having an administrative "backdoor" into their system that they put in place means you should not trust them.
QFT
It isn't possible to design large automated systems with no kind of management built in. It just can't be done. Certainly it would be possible for Amazon or any other provider to do something similar - shut down the VPS, modify /etc/shadow, and boot up again having given themselves access.

The question is whether they can keep it secure. Good passwords, token based authentication, minimal number of users with access, fine-grained permissions properly applied, etc. Not to mention blatantly obvious things like only allowing access from certain IP addresses. Not doing so is inviting disaster, as per Linode.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
kano
Legendary
*
Offline Offline

Activity: 1918


Linux since 1997 RedHat 4


View Profile
March 01, 2012, 10:57:36 PM
 #66

...
No central authority whatsoever. I mentioned competing external entities
that record and make public thefts and the addresses the coins end up at.

Whether you choose to trust and use what they'd publish is your choice.
i.e. trust a "central authority".
As soon as a large % of Bitcoin people trusted such a central authority I would sell my bitcoins and go find a true decentralised secure currency.
Bitcoin would no longer be that.

Quote
Let me explain what I have in mind with an example:

Right now, we know with a certain amount certainty (based on slush's rep)
that the coins in this transaction http://blockexplorer.com/tx/34b84108a142ad7b6c36f0f3549a3e83dcdbb60e0ba0df96cd48f852da0b1acb
were stolen.
...
And right there you have pointed out the obvious flaw in the whole idea.

Pool: https://kano.is BTC: 1KanoiBupPiZfkwqB7rfLXAzPnoTshAVmb
CKPool and CGMiner developer, IRC FreeNode #ckpool and #cgminer kanoi
Help keep Bitcoin secure by mining on pools with Stratum, the best protocol to mine Bitcoins with ASIC hardware
Red Emerald
Hero Member
*****
Offline Offline

Activity: 742



View Profile WWW
March 01, 2012, 11:06:54 PM
 #67

I'd probably even say that just having an administrative "backdoor" into their system that they put in place means you should not trust them.
QFT
It isn't possible to design large automated systems with no kind of management built in. It just can't be done. Certainly it would be possible for Amazon or any other provider to do something similar - shut down the VPS, modify /etc/shadow, and boot up again having given themselves access.

The question is whether they can keep it secure. Good passwords, token based authentication, minimal number of users with access, fine-grained permissions properly applied, etc. Not to mention blatantly obvious things like only allowing access from certain IP addresses. Not doing so is inviting disaster, as per Linode.
It is possible to keep your wallet outside of those large automated systems though.  I don't put my wallet on a system that anyone but me has a access to. Problem solved.

Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
March 01, 2012, 11:10:08 PM
 #68

Can you say "Linode employee"?

That's your perp...

kano
Legendary
*
Offline Offline

Activity: 1918


Linux since 1997 RedHat 4


View Profile
March 01, 2012, 11:18:21 PM
 #69

...
No central authority whatsoever. I mentioned competing external entities
that record and make public thefts and the addresses the coins end up at.

Whether you choose to trust and use what they'd publish is your choice.
i.e. trust a "central authority".
As soon as a large % of Bitcoin people trusted such a central authority I would sell my bitcoins and go find a true decentralised secure currency.
Bitcoin would no longer be that.



You're fairly thick aren't you ?

Which part of "this will happen whether you like it or not" didn't you hear ?

As a matter of fact, it's already been pulled off - see the stackexchange post.
It is now just a matter of making it available through a website.
I'm glad you've decided that your predictions are infallible.

As I said:
Quote
As soon as a large % of Bitcoin people trusted such a central authority I would sell my bitcoins and go find a true decentralised secure currency.
Bitcoin would no longer be that.


Quote
Quote
Quote
Let me explain what I have in mind with an example:

Right now, we know with a certain amount certainty (based on slush's rep)
that the coins in this transaction http://blockexplorer.com/tx/34b84108a142ad7b6c36f0f3549a3e83dcdbb60e0ba0df96cd48f852da0b1acb
were stolen.
...
And right there you have pointed out the obvious flaw in the whole idea.

The fact that Slush is trustworthy and not feeding everyone here BS
about having been robbed? I would suggest you go get an education
on the notion of prior probability.
Just coz you have an idea - doesn't mean is isn't flawed - step back and read it again.
I'll explain it if you really can't see it.

Pool: https://kano.is BTC: 1KanoiBupPiZfkwqB7rfLXAzPnoTshAVmb
CKPool and CGMiner developer, IRC FreeNode #ckpool and #cgminer kanoi
Help keep Bitcoin secure by mining on pools with Stratum, the best protocol to mine Bitcoins with ASIC hardware
fergalr
Newbie
*
Offline Offline

Activity: 15


View Profile
March 01, 2012, 11:21:07 PM
 #70

Of course everyone has the ability to track down the path of the coins and then possibly confront the perpetrator and request them to return the coins.

A while ago I decided to track down the 'allinvain' stolen coins and see where they ended up.  It turned out that by mid February they were distributed to over 100,000 different addresses, including 8 of my own addresses.  I'm guessing somebody did a very good job of laundering them.  Either that, or this is just the natural way that bitcoins are passed around.

http://bitcoin.stackexchange.com/a/2900/659 is where I posted my findings.

Did some work on this before:
http://anonymity-in-bitcoin.blogspot.com/2011/07/bitcoin-is-not-anonymous.html


Have you seen this SVG we made, linked to from that page?  
https://sites.google.com/site/btcanalysis/AllegedTheftBlogVersion.svg?attredirects=0&d=1

You'll need to open it in something that renders SVGs well - I use Google Chrome.

If you mouse over the graphics, you can see the addresses.

The node: 104741, as we number them (this corresponds to http://blockexplorer.com/address/12RyZB4odBmdenN6TPukb1ZR29DHKgMHuJ - the nodes in the SVG have clickable links to blockexplorer) (the node is in the top-middle of our diagram; but chrome etc will let you search the SVG to find it, by the number 104741), is where those coins you found, break off the main flow of funds, which we continued to track.  We only rendered the principal flow of coins; our code follows the 2K of coins, and ignores the flow of ~20coins that break off, that you mention; 10 or so hops later, that small flow arrives at the address you mention.

If you are interested in this sort of thing, check that diagram out.
I'm biased, but I think it does a pretty good job of allowing us to unravel bitcoin flows.
Krakonos
Member
**
Offline Offline

Activity: 60


View Profile
March 01, 2012, 11:22:21 PM
 #71

Hey slush, I'm sorry this happened. I'm sending a few coins to you, for your hard work and the decision to cover the losses!

Tip jar: 1MWj8Etpt3ayLG5AvXwhtEU42szJD2m97z
dooglus
Legendary
*
Offline Offline

Activity: 1988



View Profile
March 01, 2012, 11:23:44 PM
 #72

What that means is the amount that is currently stashed on 1NRy8GbX56MymBhDYMyqsNKwW9VupqKVG7
is stained with a weight = amountStolen/(amountStolen + amountStoredThereBefore)

Once some coins on that address get spent, they will go and taint the amount stored
on the address they land on, using the same formula.

Just a small detail, but:

If I send tainted coins to an address which is already holding clean coins, the two transaction outputs don't "mix".  They stay separate - some tainted, some clean.  The mixing only happens when I combine several outputs to make a new transaction, then each of the outputs is tainted with:

output_taint = sum(input_n * input_n_taint) / sum(input_n)

kronosvl
Full Member
***
Offline Offline

Activity: 134


View Profile
March 01, 2012, 11:26:34 PM
 #73

Is just an idea but maybe offering to the miners the option to donate a percent of their choice from their earnings for the next x days/weeks to help the pool recover would also help

Donations are accepted @: 19Uk8zVhdgfrRo5Z6wH9yghWxZUtdiNtX9
OTC: http://bitcoin-otc.com/viewgpg.php?nick=kronosvl
Bitcoin Oz
Hero Member
*****
Offline Offline

Activity: 700


Wat


View Profile WWW
March 01, 2012, 11:35:57 PM
 #74

Linode knows about bitcoin because we spoke to an employee from there about witcoin  months ago. They had asked us to take down a particular post about their policy of shutting down a site for content they didnt agree with. They are fully aware of it. I hate to say it but "rogue employee" comes to mind. Boycott unless they fix it.

stick_theman
Sr. Member
****
Offline Offline

Activity: 372


View Profile
March 01, 2012, 11:56:56 PM
 #75

Thank you Slush for being so man-up about the situation.  Also, I think Linode should be responsible for a portion of the lost.  We should send Linode this thread.   Definitely "Rogue Employee" come to mind at Linode.
kano
Legendary
*
Offline Offline

Activity: 1918


Linux since 1997 RedHat 4


View Profile
March 02, 2012, 12:23:43 AM
 #76

I'd probably even say that just having an administrative "backdoor" into their system that they put in place means you should not trust them.
QFT
It isn't possible to design large automated systems with no kind of management built in. It just can't be done. Certainly it would be possible for Amazon or any other provider to do something similar - shut down the VPS, modify /etc/shadow, and boot up again having given themselves access.

The question is whether they can keep it secure. Good passwords, token based authentication, minimal number of users with access, fine-grained permissions properly applied, etc. Not to mention blatantly obvious things like only allowing access from certain IP addresses. Not doing so is inviting disaster, as per Linode.
No, I did use the term "backdoor" for a reason Smiley

They didn't acknowledge the access that had been through their "backdoor" until later.
It didn't show up in the logs or slush's information he had.
The first reply from Linode, didn't acknowledge the "administrative" access at all. (re: slush's pastebin)
i.e. they hide the access ...

That's why
I'd probably even say that just having an administrative "backdoor" into their system that they put in place means you should not trust them.

Pool: https://kano.is BTC: 1KanoiBupPiZfkwqB7rfLXAzPnoTshAVmb
CKPool and CGMiner developer, IRC FreeNode #ckpool and #cgminer kanoi
Help keep Bitcoin secure by mining on pools with Stratum, the best protocol to mine Bitcoins with ASIC hardware
fergalr
Newbie
*
Offline Offline

Activity: 15


View Profile
March 02, 2012, 12:27:54 AM
 #77

Don't bother -- your site can't even exist, Kano has decreed that the whole thing wasn't possible.

Seriously though, if the thief is willing to go through enough trouble, he can launder the coins, but
that suggests a certain amount of understanding and sophistication on the part of the thief, and it's
quite possible they won't bother, which makes the tracking efforts worth a try IMO.

I agree that if a thief is willing to go through the trouble, they could launder bitcoins, so as to make them very hard to track; possibly even impractically hard to track.


I don't have a strong opinion on whether 'marking' coins - basically, trying to keep some record of which 'coins' were stolen (or rather, which fraction of the balance at a particular address was 'stolen') would have the effect of reducing the incentive to steal bitcoins.


I do like the idea that even if a small fraction of bitcoin users will refuse to accept 'marked' bitcoins, then this instantly decreases the value of 'marked' bitcoins; and this can possibly have a knock on effect; so that 'marking' doesn't have to be total, or centralised, for it to have an impact.

But I also see the argument that it would be very difficult to know who to trust to maintain lists of marked bitcoins; there seems to be some centralization inherent in the idea of lists of bad coins.

And there would be conflicts of interest; the more bitcoins that get marked as 'stolen', the more valuable non-stolen bitcoins become; anyone with a lot of bitcoins would be incentivised to have other bitcoins 'marked'.

There is also the fundamental difficulty of establishing whether bitcoins that are alleged to be stolen, were actually stolen, or not.  I'm not talking about any specific case here.
If its possible to pay for goods, with Bitcoins, and then later declare the bitcoins used in the payment to be stolen, and hence marked, you mess with the way bitcoin handles non-repudiation.
It would also totally change the setup of services, which have user accounts layered on top of the bitcoin protocol - they don't have a direct mapping from individual users, to bitcoin addresses - while they can be considered to be outside the bitcoin system, in some sense, 'marking' would not work well with them, in practice.

Like all these economic things, it's very hard to reason about the effects of such a system, so I've no strong opinion on it.

The fact that the complete history of a balance is stored, and publicly available, allows you to think about doing interesting things like this, in a way thats hard in other setups.
It might be interesting, if, instead of balances, there were specific 'coins' in the protocol (at the moment, balances lose their individual identities, when they pass through a transaction) - that would allow 'marking' to be done properly - maybe such a system could support 'marking' in some decentralised fashion, and be more resistant to theft.  I don't know, but interesting to think about.
bitcoinsarefun
Member
**
Offline Offline

Activity: 98



View Profile
March 02, 2012, 12:39:21 AM
 #78

While I think that a marked coin or tainted coin might be harder to spend with some users, there is still a whole segment of users that don't care either way, so the spice will still flow.

muyuu
Donator
Legendary
*
Offline Offline

Activity: 924



View Profile
March 02, 2012, 12:55:35 AM
 #79

Just sad that some criminal made 10k quid from your honest work just like that.

By the looks of it the attack was directed. A random hacker who happens to run into a wallet most probably wouldn't have known what to do about it immediately.

It was very likely a Linode employee who knew about your operation...

I'd look into running servers with hot wallets to .onion sites so hackers don't even know where and how is it stored at all. When I was looking into the betting business I was told of colocation services with flat insurance for intrusion... but it was a nightmare of regulations and very limiting, and expensive as well. Running a server from home with a good redundant connection would probably be a sensible solution considering the amount of money at stake. At worst... well your hot wallet is offline for a while.

GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
bitcoinBull
Legendary
*
Offline Offline

Activity: 826


rippleFanatic


View Profile
March 02, 2012, 12:56:49 AM
 #80

Another takeaway is that bitcoin services hosted remotely should keep their on-line wallets encrypted.  Then they can't be stolen after a reboot because the server will require manual entry of encryption password.

College of Bucking Bulls Knowledge
Pages: « 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 15 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!