Bitcoin Forum
November 18, 2017, 02:47:42 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Poll
Question: Will you support Gavin's new block size limit hard fork of 8MB by January 1, 2016 then doubling every 2 years?
1.  yes
2.  no

Pages: « 1 ... 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 [1075] 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 ... 1558 »
  Print  
Author Topic: Gold collapsing. Bitcoin UP.  (Read 2008956 times)
molecular
Donator
Legendary
*
Offline Offline

Activity: 2408



View Profile
February 23, 2015, 09:49:18 PM
 #21481

Why would you need multiple trezors?

The seed is the key, the trezor is like a blank that can be loaded with any key, wiped then loaded with a different key.

In fact having loaded trezors around is riskier than having an empty one with seeds stored elsewhere, off-site, divided up etc.

it gets even more complicated than this.

turns out, you can have multiple wallets loaded into the Trezor all based off of one seed.  to do this, you click "Enable Passphrases" in advanced settings.  each time it asks you for the passphrase, enter in a different one, and you will generate multiple wallets.  a different passphrase acts like an additional 25th word of the original 24 word seed thus creating a new wallet.  you could deposit all your cold storage savings in one wallet then deposit 1-2 BTC in another.  then if someone rubber hoses you simply reveal the passphrase to the 1-2 BTC wallet for plausible deniability.  it's a clever little device.

now that you've posted this your denial is implausible, so I will use monkey wrench attack until I get at least 5 passwords from you (or you die). (sorry to put it that drastically. this is not really my plan, of course, just making a point)

If you want your money safe against such attack, you better have a component involved that you really "don't know" and that isn't "on you", like a seed in a safe somewhere. Shamirs secret sharing sounds like a good idea.

In the end, an attacker can always abduct a loved one and extort coins from you, no matter which way you have secured them.

There's nothing better for safety than a world in which everyone participates sufficiently in prosperity.

PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
1511016462
Hero Member
*
Offline Offline

Posts: 1511016462

View Profile Personal Message (Offline)

Ignore
1511016462
Reply with quote  #2

1511016462
Report to moderator
Coinlancer is Disrupting the Freelance marketplace!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511016462
Hero Member
*
Offline Offline

Posts: 1511016462

View Profile Personal Message (Offline)

Ignore
1511016462
Reply with quote  #2

1511016462
Report to moderator
1511016462
Hero Member
*
Offline Offline

Posts: 1511016462

View Profile Personal Message (Offline)

Ignore
1511016462
Reply with quote  #2

1511016462
Report to moderator
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
February 23, 2015, 10:45:46 PM
 #21482

Why would you need multiple trezors?

The seed is the key, the trezor is like a blank that can be loaded with any key, wiped then loaded with a different key.

In fact having loaded trezors around is riskier than having an empty one with seeds stored elsewhere, off-site, divided up etc.

it gets even more complicated than this.

turns out, you can have multiple wallets loaded into the Trezor all based off of one seed.  to do this, you click "Enable Passphrases" in advanced settings.  each time it asks you for the passphrase, enter in a different one, and you will generate multiple wallets.  a different passphrase acts like an additional 25th word of the original 24 word seed thus creating a new wallet.  you could deposit all your cold storage savings in one wallet then deposit 1-2 BTC in another.  then if someone rubber hoses you simply reveal the passphrase to the 1-2 BTC wallet for plausible deniability.  it's a clever little device.

now that you've posted this your denial is implausible, so I will use monkey wrench attack until I get at least 5 passwords from you (or you die). (sorry to put it that drastically. this is not really my plan, of course, just making a point)

If you want your money safe against such attack, you better have a component involved that you really "don't know" and that isn't "on you", like a seed in a safe somewhere. Shamirs secret sharing sounds like a good idea.

In the end, an attacker can always abduct a loved one and extort coins from you, no matter which way you have secured them.

There's nothing better for safety than a world in which everyone participates sufficiently in prosperity.


Nowhere did I say I am  doing this. I'm just quoting from their help documents what is possible.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
February 23, 2015, 11:22:03 PM
 #21483

Why would you need multiple trezors?

The seed is the key, the trezor is like a blank that can be loaded with any key, wiped then loaded with a different key.

In fact having loaded trezors around is riskier than having an empty one with seeds stored elsewhere, off-site, divided up etc.

it gets even more complicated than this.

turns out, you can have multiple wallets loaded into the Trezor all based off of one seed.  to do this, you click "Enable Passphrases" in advanced settings.  each time it asks you for the passphrase, enter in a different one, and you will generate multiple wallets.  a different passphrase acts like an additional 25th word of the original 24 word seed thus creating a new wallet.  you could deposit all your cold storage savings in one wallet then deposit 1-2 BTC in another.  then if someone rubber hoses you simply reveal the passphrase to the 1-2 BTC wallet for plausible deniability.  it's a clever little device.

now that you've posted this your denial is implausible, so I will use monkey wrench attack until I get at least 5 passwords from you (or you die). (sorry to put it that drastically. this is not really my plan, of course, just making a point)

If you want your money safe against such attack, you better have a component involved that you really "don't know" and that isn't "on you", like a seed in a safe somewhere. Shamirs secret sharing sounds like a good idea.

In the end, an attacker can always abduct a loved one and extort coins from you, no matter which way you have secured them.

There's nothing better for safety than a world in which everyone participates sufficiently in prosperity.


hey molecular,

next time you come over, look in the Altoid tin:



D05GTO
Sr. Member
****
Offline Offline

Activity: 406


View Profile
February 23, 2015, 11:35:58 PM
 #21484

Man, that would suck if someone threw away your altoids.   Use a Trezor myself.  Really impressed with it so far.  Only have one little gripe.. the usb cable that came with it was flaky but I have at least 10 micro usb cables laying around.



 
 
           ▄████▄
         ▄████████▄
       ▄████████████▄
     ▄████████████████▄
    ████████████████████      ▄█▄                 ▄███▄                 ▄███▄                 ▄████████████████▀   ▄██████████

  ▄▄▄▀█████▀▄▄▄▄▀█████▀▄▄▄     ▀██▄             ▄██▀ ▀██▄             ▄██▀ ▀██▄             ▄██▀                   ██
▄█████▄▀▀▀▄██████▄▀▀▀▄█████▄     ▀██▄         ▄██▀     ▀██▄         ▄██▀     ▀██▄         ▄██▀        ▄█▄          ▀██████████████▄
████████████████████████████       ▀██▄     ▄██▀         ▀██▄     ▄██▀         ▀██▄     ▄██▀          ▀█▀                        ██
 ▀████████████████████████▀          ▀██▄ ▄██▀             ▀██▄ ▄██▀     ▄█▄     ▀██▄ ▄██▀                                       ██
   ▀████████████████████▀              ▀███▀                 ▀███▀       ▀█▀       ▀███▀      ▄███████████████████████████████████▀
     ▀████████████████▀
       ▀████████████▀
         ▀████████▀
           ▀████▀
║║


║║
.
.

║║
██
║║
.
.

║║
██
║║
.
║║


║║
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
February 23, 2015, 11:47:05 PM
 #21485

After 1000s of Years Enjoying Gold Standard now Welcome to the Bitcoin Standard

http://blog.btcxindia.com/after-1000s-of-years-enjoying-gold-standard-now-welcome-to-the-bitcoin-standard/
justusranvier
Legendary
*
Offline Offline

Activity: 1400



View Profile WWW
February 24, 2015, 12:43:35 AM
 #21486

i foresee the Trezor replacing the offline wallet and its pc and being more secure since the offline wallets can be susceptible to a USB malware attack.  as far as i know, there is no way to get privkeys off a Trezor so in that sense it is safer
I think this is a dangerous assumption to make.

Trezor has a larger attack surface than an offline laptop, since you have to plug it in directly to a potential hostile machine every time you use it.

You can reduce your attack surface with an offline laptop by using CD-R media instead of USB drives, or maybe by using the audio cable transfer method.
Kupsi
Legendary
*
Offline Offline

Activity: 1191


9.9.2012: I predict that single digits... <- FAIL


View Profile
February 24, 2015, 12:55:03 AM
 #21487

The main question is if you have just the private key for one or more addresses in a deterministic wallet, are the other addresses at risk or are they secure.

A full Armory wallet is just

1x Root Private Key
1x Root Public Key
1x Chaincode


A watching-only Armory wallet is just

1x Root Public Key
1x Chaincode

So basically watching-only wallets don't have any private key data at all, and the chain code is just a constant that is carried through all the calculations.  With the priv key + chaincode, you can compute all private keys.  With public key + chain, you can compute all public keys that match the private keys produced on the full/offline wallet.

The chaincode and public key are not security-sensitive.  Someone getting them is a breach of privacy, not security.  All internet security is based on the fact that the public key is widely distributed (i.e. "public") and that the scheme maintains full security as long as no one else has the private key.


How about any derived private key, which is not the root key? How serious a leak would that make? Does it compromise all the other private keys as well, if the attacker knows the chain code? (which I assumed is the same for both, private and public chains).


You should always assume that revealing a private key from a deterministic wallet will reveal all siblings.   In Armory wallets, if private key x is revealed with the chaincode, all private keys >= X+1 are revealed.

But I don't spend much time worrying about this.  We do not support or claim to support any use cases where private keys are intentionally revealed.  And if your wallet is unintentionally compromised, they will all be revealed anyway. 
Kupsi
Legendary
*
Offline Offline

Activity: 1191


9.9.2012: I predict that single digits... <- FAIL


View Profile
February 24, 2015, 12:57:24 AM
 #21488

i foresee the Trezor replacing the offline wallet and its pc and being more secure since the offline wallets can be susceptible to a USB malware attack.  as far as i know, there is no way to get privkeys off a Trezor so in that sense it is safer
I think this is a dangerous assumption to make.

Trezor has a larger attack surface than an offline laptop, since you have to plug it in directly to a potential hostile machine every time you use it.

You can reduce your attack surface with an offline laptop by using CD-R media instead of USB drives, or maybe by using the audio cable transfer method.

Trezor & Offline Armory multisig FTW Smiley
Adrian-x
Legendary
*
Offline Offline

Activity: 1372



View Profile
February 24, 2015, 01:31:00 AM
 #21489



How about any derived private key, which is not the root key? How serious a leak would that make? Does it compromise all the other private keys as well, if the attacker knows the chain code? (which I assumed is the same for both, private and public chains).


You should always assume that revealing a private key from a deterministic wallet will reveal all siblings.   In Armory wallets, if private key x is revealed with the chaincode, all private keys >= X+1 are revealed.

But I don't spend much time worrying about this.  We do not support or claim to support any use cases where private keys are intentionally revealed.  And if your wallet is unintentionally compromised, they will all be revealed anyway. 

Thanks for that just to clear up my understanding it is bad practice to distribute private keys from a deterministic wallet.

However is it still true one would need the chaincode and a private key from that chaincode to reveal the resulting private keys of the children keys?


Thank me in Bits 12MwnzxtprG2mHm3rKdgi7NmJKCypsMMQw
megadeth
Full Member
***
Offline Offline

Activity: 236

bagholder since 2013


View Profile
February 24, 2015, 02:01:54 AM
 #21490

"It's the Blockchain, not Bitcoin that's the real killer app." Debunked
http://www.joecoin.com/2015/02/crypto-20-and-other-misconceptions.html

bagholder since 2013
My sig space is not for sale.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
February 24, 2015, 02:43:52 AM
 #21491



How about any derived private key, which is not the root key? How serious a leak would that make? Does it compromise all the other private keys as well, if the attacker knows the chain code? (which I assumed is the same for both, private and public chains).


You should always assume that revealing a private key from a deterministic wallet will reveal all siblings.   In Armory wallets, if private key x is revealed with the chaincode, all private keys >= X+1 are revealed.

But I don't spend much time worrying about this.  We do not support or claim to support any use cases where private keys are intentionally revealed.  And if your wallet is unintentionally compromised, they will all be revealed anyway. 

Thanks for that just to clear up my understanding it is bad practice to distribute private keys from a deterministic wallet.

However is it still true one would need the chaincode and a private key from that chaincode to reveal the resulting private keys of the children keys?


cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
February 24, 2015, 02:52:10 AM
 #21492

"It's the Blockchain, not Bitcoin that's the real killer app." Debunked
http://www.joecoin.com/2015/02/crypto-20-and-other-misconceptions.html

nice find:

"As established above, any so-called feature that allows Bitcoin to play nice with competing tokens only serves to make it more vulnerable to being usurped.

The argument that Sidechains will promote a vibrant innovative cryptocurrency ecosystem is misguided at best and disingenuous at worst. Thus far, I've yet to see any charges of treason being discussed by Bitcoin's collective mind of core developers and mining pool decision makers. We'll see if it becomes wise before it's too late."


what am i?  chopped liver?
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
February 24, 2015, 03:28:21 AM
 #21493

i foresee the Trezor replacing the offline wallet and its pc and being more secure since the offline wallets can be susceptible to a USB malware attack.  as far as i know, there is no way to get privkeys off a Trezor so in that sense it is safer
I think this is a dangerous assumption to make.

Trezor has a larger attack surface than an offline laptop, since you have to plug it in directly to a potential hostile machine every time you use it.

You can reduce your attack surface with an offline laptop by using CD-R media instead of USB drives, or maybe by using the audio cable transfer method.

Trezor & Offline Armory multisig FTW Smiley

yeah, this would be.
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 2436



View Profile
February 24, 2015, 05:06:18 AM
 #21494

http://www.zerohedge.com/news/2015-02-23/ex-plunge-protection-team-whistleblower-governments-control-markets-there-no-price-d

Bitcoin discussed as modern version of desire to escape fiat currencies (21min in)

molecular
Donator
Legendary
*
Offline Offline

Activity: 2408



View Profile
February 24, 2015, 06:19:58 AM
 #21495

"It's the Blockchain, not Bitcoin that's the real killer app." Debunked
http://www.joecoin.com/2015/02/crypto-20-and-other-misconceptions.html

The piece contains a pretty cool description of Bitcoin:

Quote
Private keys that represent some sort of token are an obvious solution, and when we combine them with two cups of economic scarcity, a Merkle tree root, a spoonful of clever bootstrapping, and a dash of HashCash, we end up with, you guessed it, Bitcoin!

PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
Zangelbert Bingledack
Legendary
*
Offline Offline

Activity: 1036


View Profile
February 24, 2015, 09:16:36 AM
 #21496



The lack of understanding continues right up to the eve of Ethereum's planned release. No comprehension of the ledger, still thinking in terms of "tokens" and "blockchain tech is the important thing, not the money."
hdbuck
Legendary
*
Offline Offline

Activity: 1274



View Profile
February 24, 2015, 09:23:49 AM
 #21497



The lack of understanding continues right up to the eve of Ethereum's planned release. No comprehension of the ledger, still thinking in terms of "tokens" and "blockchain tech is the important thing, not the money."

well he has to sell his own 'tokens'.. not that +20 millions $ has 'funded' his ethereum ting.. XD
tabnloz
Legendary
*
Offline Offline

Activity: 962


View Profile
February 24, 2015, 09:46:57 AM
 #21498


pretty interesting few minutes with Schall probing about golds role in a new international currency system and malmgren basically saying that bitcoin is now pushing to be the 'outside of fiat / outside of government store of value' that gold once was.

"the public is leaning towards bitcoin as a modern version of holding old fashioned gold"
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
February 24, 2015, 11:28:49 AM
 #21499

Gold threatening to fall below 1200 again; and quite possibly, for good.
uki
Legendary
*
Offline Offline

Activity: 1176


cryptojunk bag holder


View Profile
February 24, 2015, 11:33:40 AM
 #21500

here also very good read, the blog of the current Greek finance minister and his view on Bitcoin:
http://yanisvaroufakis.eu/2013/04/22/bitcoin-and-the-dangerous-fantasy-of-apolitical-money/

Very interesting, especially in terms of the discussion we had here about the new supply of gold coming from asteroids, is Section 2 on Bitcoin as an emulation of a precious metal (gold).

Just a food for thought: similarly to being able to mine the gold from the asteroids, what if, one day the limitation of 21 million total supply of Bitcoin is lifted up to some bigger number in a hard fork?

this space is intentionally left blank
Pages: « 1 ... 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 [1075] 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 ... 1558 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!