remotemass (OP)
Legendary
Offline
Activity: 1122
Merit: 1017
ASMR El Salvador
|
|
July 31, 2014, 05:36:47 PM Last edit: July 31, 2014, 06:13:35 PM by remotemass |
|
I think all we bitcoiners must become more aware of the dangers of USB, after reading this article: http://www.wired.com/2014/07/usb-security/?mbid=social_fb
|
{ Imagine a sequence of bits generated from the first decimal place of the square roots of whole integers that are irrational numbers. If the decimal falls between 0 and 5, it's considered bit 0, and if it falls between 5 and 10, it's considered bit 1. This sequence from a simple integer count of contiguous irrationals and their logical decimal expansion of the first decimal place is called the 'main irrational stream.' Our goal is to design a physical and optical computing system system that can detect when this stream starts matching a specific pattern of a given size of bits. bitcointalk.org/index.php?topic=166760.0 } Satoshi did use a friend class in C++ and put a comment on the code saying: "This is why people hate C++".
|
|
|
Buffer Overflow
Legendary
Offline
Activity: 1652
Merit: 1016
|
|
July 31, 2014, 05:55:30 PM |
|
Interesting article. Also a bit worrying.
|
|
|
|
djjacket
|
|
July 31, 2014, 06:00:16 PM |
|
Thanks for linking that article. Very interesting to see what they release at BlackHat and how the USB community reacts.
|
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
July 31, 2014, 06:01:51 PM |
|
This is why you use a HDD or SSD as cold storage. I always figured that something used so widely would cause a lot of problems if an vulnerability was found in it.
|
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion)
|
|
|
ponzigo
Member
Offline
Activity: 92
Merit: 10
|
|
July 31, 2014, 06:19:37 PM |
|
But what kind of usb has that? Just to be aware.
|
Don't bring to bitcointalk your shitty scams. I'll try them and tell the truth.
|
|
|
h0lybyte
|
|
July 31, 2014, 06:23:21 PM |
|
The problem here is that you shouldnt be plugin random usb drives that you find haha. Isnt there a "USB" condom out there that we could use to prevent this type of crap from happening?
|
|
|
|
keithers
Legendary
Offline
Activity: 1456
Merit: 1001
This is the land of wolves now & you're not a wolf
|
|
July 31, 2014, 06:25:14 PM |
|
The problem here is that you shouldnt be plugin random usb drives that you find haha. Isnt there a "USB" condom out there that we could use to prevent this type of crap from happening?
That would actually be a really good invention...like some sort of adapter that you plug the usb drive into before plugging it into your computer (to run it in sandbox or whatever)
|
|
|
|
franky1
Legendary
Offline
Activity: 4382
Merit: 4752
|
|
July 31, 2014, 06:29:18 PM |
|
duplicate thread. someone else beat you to it by 3 hours https://bitcointalk.org/index.php?topic=718817.0but its old news as of 2006-2008.. http://seattletimes.com/html/microsoft/2004379751_msftlaw29.htmlso dont panic shouting about new threat and the world ending as of today.. as this is just making people aware of an old threat. so calm down and just be more careful with your computer, the world is not ending, tomorrow is just another day, same as yesterday
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
ChuckBuck
|
|
July 31, 2014, 06:52:54 PM |
|
Dangit, now we gotta worry about USB Ebola viruses! I use 3 different USB devices to backup my wallet.dat too. Next thing you know our PC's are going to be acting like "Infected" like "The Last of Us" or walkers from "The Walking Dead"... Start DDoS'ing and phishing like a muthafucka...
|
|
|
|
JohnFromWIT
Member
Offline
Activity: 112
Merit: 10
|
|
July 31, 2014, 07:05:00 PM |
|
Watching this thread for sure.
|
|
|
|
ForgottenPassword
|
|
July 31, 2014, 07:30:05 PM Last edit: July 31, 2014, 08:15:00 PM by ForgottenPassword |
|
This is why you use a HDD or SSD as cold storage. I always figured that something used so widely would cause a lot of problems if an vulnerability was found in it.
Everything described in this article is possible to do with a HDD or SDD. And this problem isn't just limited to storage devices, it encompasses ALL of your computer hardware. Similar attacks have been done by modifying a motherboards BIOS, firmware on network cards, and this has been known for a LONG time. http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/Think about it: even your mouse could have a tiny wireless receiver in it that would allow an attacker to move it remotely, or be pre-programmed with a macro that executes when you're not using it. Or how about your Trezor (hardware Bitcoin wallet)? Even the NSA leaks showed us that the NSA intercepts computer hardware in the mail going to "targets" and make modifications to it: http://www.theverge.com/2013/12/29/5253226/nsa-cia-fbi-laptop-usb-plant-spyHow do you prevent it? If you feel that an adversary would try these kind of attacks on you, source all your hardware from reputable sources that you trust and if you know how, check it hasn't been modified in any obvious way - just like you should do with software you install on your machine.
|
|
|
|
TookDk
Legendary
Offline
Activity: 1960
Merit: 1062
One coin to rule them all
|
|
July 31, 2014, 07:32:54 PM |
|
Interesting reading, thanks for sharing.
|
Cryptography is one of the few things you can truly trust.
|
|
|
Beliathon
|
|
July 31, 2014, 07:37:07 PM |
|
Personally I've got nothing to worry about until USB can plug into my brain.
|
|
|
|
ForgottenPassword
|
|
July 31, 2014, 07:40:12 PM |
|
Personally I've got nothing to worry about until USB can plug into my brain.
What about when you go to spend your brainwallet? You remember and verify all of the blockchain data in your head? and you do all the ECC math to sign transactions in your head?
|
|
|
|
Beliathon
|
|
July 31, 2014, 07:43:45 PM |
|
Personally I've got nothing to worry about until USB can plug into my brain.
What about when you go to spend your brainwallet? The BTC in my brain is for long term storage. By the time I need to spend it, there will be wearable tech that detects my unique heartbeat (we all have unique heartbeats) to secure my transactions. Ask me again in 5-10 years and I'll let you know if it's a problem.
|
|
|
|
|
serje
Legendary
Offline
Activity: 1232
Merit: 1002
|
|
July 31, 2014, 07:45:12 PM |
|
Let the paranoia begin!!!!!! I'm not afraid of this because I don't use USB ports .... they are disabled from BIOS Yeah I know I'm a Bad Mother Fucker!
|
Space for rent if its still trending
|
|
|
ForgottenPassword
|
|
July 31, 2014, 07:47:00 PM |
|
The BTC in my brain is for long term storage. By the time I need to spend it, there will be wearable tech that detects my unique heartbeat (we all have unique heartbeats) to secure my transactions.
Oh no! your wearable tech contains a backdoor that transmits your heartbeat data to an attacker each time your heart beats. Bye bye BTC... I'm not afraid of this because I don't use USB ports .... they are disabled from BIOS Until your BIOS has a backdoor that enables them or just steals the BTC itself. BTC gone. Unlike the above one these are actually not uncommon. http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/PS. I know I'm being silly but everything I said is not that difficult to do in the grand scale of things. In reality an attacker who wants to get your BTC/data that bad will just drug you and hit you with a wrench until you give it up.
|
|
|
|
oceans
|
|
July 31, 2014, 08:13:05 PM |
|
This is very worrying to say the least but with something that is used worldwide quite frequently something like this was bound to happen in the end. It's a lot safer to use hard drives I feel to be honest than it is to use USB pendisks, making a constant check on anything you use as well is something that can help prevent any problems occurring.
|
|
|
|
keithers
Legendary
Offline
Activity: 1456
Merit: 1001
This is the land of wolves now & you're not a wolf
|
|
July 31, 2014, 11:20:07 PM |
|
Technology is almost advancing too quickly for our own good. If you really think about it, the amount of technological advances in the last 20 years alone, is probably more than the past 100 years combined...
|
|
|
|
|