Bitcoin Forum
November 19, 2024, 03:49:11 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 [4] 5 6 7 8 9 10 11 12 13 »  All
  Print  
Author Topic: New, simple online wallet: www.instawallet.org - no signup required  (Read 28913 times)
jerfelix
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250


View Profile
May 24, 2011, 02:53:54 PM
 #61

@JAV, You may also have to worry about Toolbar programs (like Alexa toolbar, Ask toolbar, Bing tool bar, Yahoo Tool Bar, Google Toolbar, lots of Firefox plugins).  I believe that some of these send URLs back to the "mother ship" to help with page rankings and site analytics.

Thx for the heads up, but how do you propose I should deal with them? It seems to me, that if people want to send their private data to a cloud service, it's up to them whether they trust that provider. I'm not the only service that uses secret URLs. You can, for example, create YouTube videos that can only be accessed through a private link. As far as I know, these services also don't deal specifically with toolbars. But I will mention it in the upcoming FAQ.


Yup. You are right - lots of people do it.  I think a warning in your FAQ or terms and conditions is sufficient. 

I think the difference is that you are dealing with money, while YouTube is just dealing with videos.  (Not that personal videos can't be a lot more valuable than the 1 BTC that someone might have in their instawallet,...) 

Although you are only dealing with small amounts of Bitcoins, I can imagine the temptation at one of the suppliers to be great, in that a rogue Google / Alexa / Yahoo employee can attack ALL of the tiny stored amounts, and potentially get a lot of cash.  Or worse, maybe one of these sites publishes to the internet "Frequently accessed pages on the site instawallet.com" and lists a bunch of them.  Then a random stranger on the internet could rob the bank of many pennies.

I think someone can use Yahoo API to find the 1000 most popular pages on a website, which might be exactly the hack needed.

I'm not saying you shouldn't go forward with the project.  I love the idea.  But it's something to think about.  Maybe some security experts can give their opinion.

---

Here's another attack that may or may not be an issue.  There's a tricky way for one site to access your browser history - specifically, it can see whether you have or have not visited a specific page.  I don't THINK that will be a problem for you (as they'd have to guess the exact page), but it popped into my head as I was typing this.   See http://infinity-infinity.com/2009/06/sniffing-browser-history-with-css/ which is the page that also mentioned that Yahoo API can give you the 1000 most popular pages on a site.

Anyway... as long as people treat it like "disposable money" to play with, then no biggie.  But your site could lose credibility or you may need to shut down, if you get hacked in one of these fashions, so it's something to consider. 

Hope I'm being helpful in pointing out things that you may figure out preventions for!
jav (OP)
Sr. Member
****
Offline Offline

Activity: 249
Merit: 251


View Profile
June 10, 2011, 03:10:34 PM
 #62

I just rolled out a small update to support balances of less than 0.01 BTC. I was hoping to also include the ability to send transaction smaller than 0.01 BTC, but with the current state of the RPC interface regarding fee handling and the rules surrounding "dust spam" this is still somewhat problematic. I have a more detailed post about the issues and a proposal for a more flexible solution over in the Development board: http://forum.bitcoin.org/index.php?topic=14571.0 .

Hive, a beautiful wallet with an app platform for Mac OS X, Android and Mobile Web. Translators wanted! iOS and OS X devs see BitcoinKit. Tweets @hivewallet. Donations appreciated at 1HLRg9C1GsfEVH555hgcjzDeas14jen2Cn.
jav (OP)
Sr. Member
****
Offline Offline

Activity: 249
Merit: 251


View Profile
June 23, 2011, 04:27:24 PM
 #63

Another update: I deprecated the whole cookie thing. Instawallet will no longer make any attempts at trying to remember you. Please note: This means that it's now up to you to make sure you have a bookmark or similar to find your way back.

I thought it was a nice convenience function, but I have reconsidered this decision. Mostly I was worried about the possible confusion that can happen when people visit a specific Instawallet linked somewhere, then later return to the site and don't notice that they are redirected to an "old" Instwallet instead of a "fresh" one.

So starting from now on no new cookies will be set. But old cookies will continue to work until they expire (will take a while) or you clear them manually.



Hive, a beautiful wallet with an app platform for Mac OS X, Android and Mobile Web. Translators wanted! iOS and OS X devs see BitcoinKit. Tweets @hivewallet. Donations appreciated at 1HLRg9C1GsfEVH555hgcjzDeas14jen2Cn.
Insti
Sr. Member
****
Offline Offline

Activity: 294
Merit: 252


Firstbits: 1duzy


View Profile
June 24, 2011, 06:09:02 AM
 #64

Another update: I deprecated the whole cookie thing. Instawallet will no longer make any attempts at trying to remember you.

+1.

Good improvement.
Capitan
Member
**
Offline Offline

Activity: 112
Merit: 10


View Profile
June 24, 2011, 06:37:48 AM
 #65

PSA guys, technically this isn't any more secure than encrypting your own wallet. If a hacker/malware were on your system and found the "secret" link in your browser bookmarks or saved somewhere on your system, the hacker could just use that URL to transfer the funds to their own wallet.

Yeah, it's one more thing for the writers of malware to have to search for the secret link, but it's not out of question. Look at all the hacks and stuff that have come up. WHere there are security holes these hackers will find a way to get in and steal stuff. It didn't take them long at all to make the malware to steal wallet.dat. The level of effort it would take to adapt that malware to also search for this secret URL is trivial.

Or am I missing something?
johanatan
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
June 24, 2011, 06:38:28 AM
 #66

Quote
Yeah, this seems rather nifty, but I'd want a lot more details about how the unique URL is generated, what protections there are against people trying to brute-force URLs to stumble upon money, and how the server/wallets are secured before using it for anything serious.

The URL contains 16 bytes of random data. I hope an attacker will do the math before wasting his and my bandwidth. Right now there isn't any sophisticated throttling implemented. Let's see how long until I have to deal with some trouble maker.

This is a serious issue if someone under the control of a botnet points it at your site.  They could implement throttling on their end (so as to avoid DDOS) and yet still hit you from so many IPs.  This service's security is mere obscurity (which would be fine as *one* layer--but not the only).  You should think about at least extending the random URL out to the max size allowed (or near it).  There's no downside to that.

1GjRUzZfDCBHeCyJk6av3pXYS9VKjCvQTQ
Oldminer
Legendary
*
Offline Offline

Activity: 1022
Merit: 1001



View Profile
June 24, 2011, 06:41:33 AM
 #67

Thanks for the update. Will continue to use this service Smiley

If you like my post please feel free to give me some positive rep https://bitcointalk.org/index.php?action=trust;u=18639
Tip me BTC: 1FBmoYijXVizfYk25CpiN8Eds9J6YiRDaX
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 3920
Merit: 2349


Eadem mutata resurgo


View Profile
June 24, 2011, 06:56:08 AM
 #68

PSA guys, technically this isn't any more secure than encrypting your own wallet. If a hacker/malware were on your system and found the "secret" link in your browser bookmarks or saved somewhere on your system, the hacker could just use that URL to transfer the funds to their own wallet.

Yeah, it's one more thing for the writers of malware to have to search for the secret link, but it's not out of question. Look at all the hacks and stuff that have come up. WHere there are security holes these hackers will find a way to get in and steal stuff. It didn't take them long at all to make the malware to steal wallet.dat. The level of effort it would take to adapt that malware to also search for this secret URL is trivial.

Or am I missing something?

You could encrypt the bookmark link to your instawallet ... or continually create new ones and move the money around ... get creative.

And I don't think anyone ever said it was for large holdings just your spending money when you are out and about on the net .... so you don't have to fire up the big kahuna with your savings wallet in it just to buy some socks and blow ....

Meni Rosenfeld
Donator
Legendary
*
Offline Offline

Activity: 2058
Merit: 1054



View Profile WWW
June 24, 2011, 07:57:12 AM
 #69

Mostly I was worried about the possible confusion that can happen when people visit a specific Instawallet linked somewhere, then later return to the site and don't notice that they are redirected to an "old" Instwallet instead of a "fresh" one.
How about creating a cookie only when a user visits the main site without a specific wallet? This should solve this problem. I think deprecating the cookies will be a significant decrease in convenience and cause many lost wallets.

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
netrin
Sr. Member
****
Offline Offline

Activity: 322
Merit: 251


FirstBits: 168Bc


View Profile
June 24, 2011, 03:47:40 PM
 #70

Am I missing something?

Code:
https://www.instawallet.org/w/tnwghY1sfQip3ia64mR2Jj

Sure it's HTTPS which encrypts the payload, but anyone can get access to the URL. Then, if I understand the implementation, the attacker (neighbor) can drain the entire account, no?

Greenlandic tupilak. Hand carved, traditional cursed bone figures. Sorry, polar bear, walrus and human remains not available for export.
Capitan
Member
**
Offline Offline

Activity: 112
Merit: 10


View Profile
June 24, 2011, 04:27:51 PM
 #71

Am I missing something?

Code:
https://www.instawallet.org/w/tnwghY1sfQip3ia64mR2Jj

Sure it's HTTPS which encrypts the payload, but anyone can get access to the URL. Then, if I understand the implementation, the attacker (neighbor) can drain the entire account, no?

Correct.
jav (OP)
Sr. Member
****
Offline Offline

Activity: 249
Merit: 251


View Profile
June 24, 2011, 05:45:09 PM
 #72

PSA guys, technically this isn't any more secure than encrypting your own wallet.

Absolutely. It's most likely less secure than "encrypting your own wallet". I never advertised this as a secure way to store lots of Bitcoins. In fact, I specifically mention in the FAQ and will repeat it here: Please _do not_ store significant amount of money at Instawallet. Instawallet is all about lowering the barrier of entry and getting people started with Bitcoin quickly. It's not meant as a vault to keep your Bitcoin wealth.

Quote
The URL contains 16 bytes of random data. I hope an attacker will do the math before wasting his and my bandwidth. Right now there isn't any sophisticated throttling implemented. Let's see how long until I have to deal with some trouble maker.

This is a serious issue if someone under the control of a botnet points it at your site.  They could implement throttling on their end (so as to avoid DDOS) and yet still hit you from so many IPs.  This service's security is mere obscurity (which would be fine as *one* layer--but not the only).  You should think about at least extending the random URL out to the max size allowed (or near it).  There's no downside to that.

Just for the fun of it, here is what I mean by "doing the math": 16 bytes of random data is 128 bits, which means there are 2^128 = 340282366920938463463374607431768211456 possible Instawallet URLs. Let's say there are 10000 Instawallets in use (in reality the number is nowhere this large, but let's be optimistic and assume that Instawallet will grow). So you have a chance of 10000 to 2^128 to find a wallet with coins if you just guess once. To bring your chances to 50% of finding at least one wallet with coins, you need to guess about 2.359 * 10^34 times (some probability math applied here, I can elaborate if you like). Let's say you want to complete your search within one year. A year has about 3.154 * 10^16 nanoseconds. This means my server needs to serve roughly 7.48 * 10^17 requests per nanosecond to the attacker/botnet.

Do you think my server can handle this? I think we can safely wait until a few more upgrades in processing speed and bandwidth before I have to make the URLs any longer.

How about creating a cookie only when a user visits the main site without a specific wallet? This should solve this problem. I think deprecating the cookies will be a significant decrease in convenience and cause many lost wallets.

That's an interesting alternative, yes, I will keep it in mind. I am wondering whether this change will result in lost wallets. Are people really going to send money without making sure they can access it again? Maybe, I don't know... on the other hand, I can also construct cases where the cookie results in lost wallets: People start to rely on the site remembering them and then suddenly they get a new laptop or somehow clear their cookies and are caught by surprise that the site doesn't remember them anymore. But I will keep this issue in mind.

Am I missing something?

Code:
https://www.instawallet.org/w/tnwghY1sfQip3ia64mR2Jj

Sure it's HTTPS which encrypts the payload, but anyone can get access to the URL. Then, if I understand the implementation, the attacker (neighbor) can drain the entire account, no?

Everything besides the host name is encrypted when you use HTTPS, including the URL.

Hive, a beautiful wallet with an app platform for Mac OS X, Android and Mobile Web. Translators wanted! iOS and OS X devs see BitcoinKit. Tweets @hivewallet. Donations appreciated at 1HLRg9C1GsfEVH555hgcjzDeas14jen2Cn.
smartcardguy
Newbie
*
Offline Offline

Activity: 14
Merit: 0



View Profile
June 24, 2011, 05:56:57 PM
 #73

A very well done site, I like it.
nux
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile
June 24, 2011, 06:11:07 PM
 #74

Does google get a new wallet each time it visits - or are these possibly users wallets that had their data reported to google via the toolbar, or possibly to alexa or any other similar company?

http://www.google.com/search?q=site:instawallet.org&hl=en&prmd=ivns&filter=0&biw=1576&bih=636&num=100
smartcardguy
Newbie
*
Offline Offline

Activity: 14
Merit: 0



View Profile
June 24, 2011, 06:12:02 PM
 #75

@JAV, You may also have to worry about Toolbar programs (like Alexa toolbar, Ask toolbar, Bing tool bar, Yahoo Tool Bar, Google Toolbar, lots of Firefox plugins).  I believe that some of these send URLs back to the "mother ship" to help with page rankings and site analytics.

But Instawallet is a very nice looking site!

See http://www.google.com/privacy/faq.html#toc-terms-urls

URLs and embedded information

Some of our services, including Google Toolbar and Google Web Accelerator, send the uniform resource locators (“URLs”) of web pages that you request to Google. When you use these services, Google will receive and store the URL sent by the web sites you visit, including any personal information inserted into those URLs by the web site operator. Some Google services (such as Google Toolbar) enable you to opt-in or opt-out of sending URLs to Google, while for others (such as Google Web Accelerator) the sending of URLs to Google is intrinsic to the service. When you sign up for any such service, you will be informed clearly that the service sends URLs to Google, and whether and how you can opt-in or opt-out.

For example, when you submit information to a web page (such as a user login ID or registration information), the operator of that web site may “embed” that information – including personal information – into its URL (typically, after a question mark (“?”) in the URL). When the URL is transmitted to Google, our servers automatically store the URL, including any personal information that has been embedded after the question mark. Google does not exercise any control over these web sites or whether they embed personal information into URLs.



So does IE and I think Chrome does as well, in the case of IE its with user consent (do you want to help improve our products?).
anybodyelseNOW
Newbie
*
Offline Offline

Activity: 11
Merit: 0


View Profile
June 24, 2011, 06:24:36 PM
 #76

very nice idea. loads very slow for me
johanatan
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
June 24, 2011, 07:36:20 PM
 #77

Quote
Just for the fun of it, here is what I mean by "doing the math": 16 bytes of random data is 128 bits, which means there are 2^128 = 340282366920938463463374607431768211456 possible Instawallet URLs. Let's say there are 10000 Instawallets in use (in reality the number is nowhere this large, but let's be optimistic and assume that Instawallet will grow). So you have a chance of 10000 to 2^128 to find a wallet with coins if you just guess once. To bring your chances to 50% of finding at least one wallet with coins, you need to guess about 2.359 * 10^34 times (some probability math applied here, I can elaborate if you like). Let's say you want to complete your search within one year. A year has about 3.154 * 10^16 nanoseconds. This means my server needs to serve roughly 7.48 * 10^17 requests per nanosecond to the attacker/botnet.

Do you think my server can handle this? I think we can safely wait until a few more upgrades in processing speed and bandwidth before I have to make the URLs any longer.

Actually, with a URL such as:
https://www.instawallet.org/w/tnwghY1sfQip3ia64mR2Jj

You have 62 (26*2 + 10) choose 22; i.e., 62^22 = 2.70 * 10^39 possibilities.  Or, at least, this is the math that the hacker would've had to do had you not told us that it was only 16 bytes.  :-)  And, is 10,000 a realistic figure for the number of expected active accounts?

Still though, with luck involved, anything can happen.  The hacker could get lucky and find a wallet on his very first attempt.  It's a neat idea though.  I suppose it'd be safe for a very small amount of coins exposed for a very small time (however, even then, why take on any risk if you don't have to)?  I know it's for the noobs and all, but if they're seriously going to be able to use it as a wallet, then they would want to be able to store a significant chunk for significant length of time (and I wouldn't recommend that).

Looks like this would be best used as a laundry service for advanced users (who do not mind the tiny risk for tiny amounts of time).

1GjRUzZfDCBHeCyJk6av3pXYS9VKjCvQTQ
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1010


View Profile
July 11, 2011, 07:10:30 AM
 #78

I have been toying with the idea of providing an API. It will probably happen at some point, but I can't promise anything right now, there are still lots of other things in the queue.

Thanks for providing this (API functionality)!
  - http://forum.bitcoin.org/index.php?topic=26910.0

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


marcus_of_augustus
Legendary
*
Offline Offline

Activity: 3920
Merit: 2349


Eadem mutata resurgo


View Profile
July 11, 2011, 08:30:01 AM
 #79


Hi jav,

any plans to include a namecoin Instawallet?

cheers,  Smiley

Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1010


View Profile
July 11, 2011, 09:35:23 AM
 #80

While there is no immediate resolution to the "can't send less than 0.01 BTC" using InstaWallet, how about allowing those small transfers from one Instawallet to another to be allowed  (i.e., the transfer is allowed if the target address is also on InstaWallet)?

MyBitcoin, for instance, allows internal transfers to an address for another MyBitcoin account can be an amount as low as 1 satoshi or something to that effect.

These transactions would have the additional benefit of clearing instantaneously, since they are internal to InstaWallet and not announced to the block chain.

With the API now available, I can think of a couple of uses where this would be handy.

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


Pages: « 1 2 3 [4] 5 6 7 8 9 10 11 12 13 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!