Wallet designs - dangerous path emerging

[NadimAJ]

I believe we are on a dangerous path if we continue to design PC and mobile based wallets in the same way that traditional desktop/mobile applications behave…..with high predictability. Hackers all over the world are studying how each wallet works and are developing hacks for them. Even a 10% success rate is bad news for the entire future of cryptocurrency.

I'm going to make an analogy here to get my point across. When an uninitiated thief breaks into the house of a security conscious homeowner, he has no idea where the valuables are kept. Experience will lead him to look through the usual places but the reality is that he has a near- infinite amount of places to search through in the short amount of time he has. The homeowner did not consult with a public body on where best to hide the valuables and neither did they purchase a “where to hide your valuables” blueprint from the local department store. All of which would’ve given the thief that extra edge. The homeowner used their own near-random selection processes to best determine how and where to hide the valuables. The homeowner not only wrapped the valuables up in a disguise (encryption) but determined the location and the steps taken to get to that location (.exe name, location, look and feel of the GUI interface). During his planning, the thief had no ability to determine the exact location of the valuables. Heck he didn’t even know what to look for because the valuables, would for sure be disguised. This is how we need to approach the design of digital wallets.

We need to introduce a concept whereby the end user effectively designs the name, address, look, functionality and behaviour of a wallet. Wallet hijacking is destined to become #1 most prolific type of online crime. I feel the best way we can combat this is to reduce the predictability factor. Empower the end user to design their own wallets by developing tools that make it easy (Studio concept)

[1715389375]

1715389375

[1715389375]

1715389375

[TimS]

You're wrong. Security through obscurity is not secure. You should assume that the enemy knows everything about your system except your private key.

When an uninitiated thief breaks into the house of a security conscious homeowner, he has no idea where the valuables are kept.

Actually, he probably knows where the valuables are kept, because the average person is stupid and predictable, even when they try to be clever (this is true of hiding places for valuables, and doubly so for passwords). It'd be much better if you could instead stick an unbreakable safe in the middle of your living room.

[BurtW]

Could you be a bit more specific about your concerns?  Here is an example of what I think you may be talking about:  everyone using the bitcoin-qt wallet stores their bitcoins, actually their private keys, in the file named "wallet.dat".  So a thief, upon finding a computer, only needs to scan for the file "wallet.dat" in order to find the private key file.

What you are suggesting is that the average user should be able to rename the file to something like "bitcoins.dat" and this ability of the customers to customize this (and other things) would somehow increase security?

I agree with the previous poster that in this example what we really need to do is to make sure everyone encrypts their wallet.dat file with a strong password and leave the name alone.  Encryption of the file is the correct answer to security, not being able to rename the file.

Forgive me if I did not fully understand your proposal/concern.

[NadimAJ]

This is less about brute forcing private keys and more about hijacking a wallet application. In 15 minutes I could write a macro that can learn and replicate mouse clicks and keyboard entries in relation to an established GUI design. Now I have all I need in order to hijack a wallet application and make a quick and highly automated payment. Why should I be able to write a macro/keylogger with the piece of mind that if it worked on my test rig it might work on the PCs of victims? We are concerned with securing the data yet we make no attempt to safeguard against something that could simply take control and drive the application in the wrong way? That was the point.

[BurtW]

This is less about brute forcing private keys and more about hijacking a wallet application. In 15 minutes I could write a macro that can learn and replicate mouse clicks and keyboard entries in relation to an established GUI design. Now I have all I need in order to hijack a wallet application and make a quick and highly automated payment. Why should I be able to write a macro/keylogger with the piece of mind that if it worked on my test rig it might work on the PCs of victims? We are concerned with securing the data yet we make no attempt to safeguard against something that could simply take control and drive the application in the wrong way? That was the point.

Ah, thanks for clearing that up.  You state "replicate mouse clicks and keyboard entries", so is it safe to say your concern generically is keylogging?

[Razick]

You're wrong. Security through obscurity is not secure. You should assume that the enemy knows everything about your system except your private key.

When an uninitiated thief breaks into the house of a security conscious homeowner, he has no idea where the valuables are kept.

Actually, he probably knows where the valuables are kept, because the average person is stupid and predictable, even when they try to be clever (this is true of hiding places for valuables, and doubly so for passwords). It'd be much better if you could instead stick an unbreakable safe in the middle of your living room.

Not to mention that unpredictability makes it more difficult to analyze a program's security. Also, it makes it harder to backup the user's wallet, and loss due to a lack of backups is more likely than theft. Encryption is your best bet.

[NadimAJ]

Yes, my concern is primarily key logging.

[shorena]

Yes, my concern is primarily key logging.

But that is independed of the wallet used. The hard part is getting the keylogger on the system, not fetching the password and sending it home. So your main obstacle is the OS and/or user not the wallet programm.

[RodeoX]

Yes, my concern is primarily key logging.

I think your concern is well founded. many have come here to announce that they have been "hacked" via a key logger. The good news is that there are many things you can do to offset the risk. Besides anti-malware software and avoiding installing anything suspicious, it is important to keep any large-ish balance offline. You can create a wallet offline and then print out the private key. Then delete the wallet and your good. The attacker has no path to your coins.

[btchris]

I'm going to generalize here, but it's not that far from reality.

Let's divide all Bitcoin users into two categories:

Computer knowledgeable: individuals who are either computer enthusiasts, professionals, or who are neither but have made a real effort to educate themselves on basic computer security.
Not computer knowledgeable: not trying to be condescending, but everyone else...

Likewise, let's divide malware into two categories.

Simple Trojans: written by beginner programmers typically in a scripting or bytecode-compiled language, such as AutoIt, Java, .Net, etc., and does simple things such as scan for wallet.dat files in well-known locations and uploads them to FTP servers; is thwarted by wallet encryption with anything but simple passwords.
Advanced malware: written by professional black-hats and sold on the black market to individual who customize and deploy the malware; is capable of exploiting one or more OS or application vulnerabilities, attempts to hide from anti-malware products and security sandboxes, and will patiently search for a variety of information to steal (or encrypt for later extortion) from a variety of locations (including typed passwords, screenshots of on-screen keyboards, and who knows what else).

User Type	Likely to be infected by advanced malware?	Likely to encrypt their wallets?	Likely to follow your advice?	Likely to be infected by simple malware?
Computer knowledgeable	Yes	Yes	Maybe, but they know it wouldn't do them much good.	No
Not computer knowledgeable	Yes	Maybe	No, even though it would help them.	Yes

In other words, I would argue that the type of user that this sort of security-through-obscurity would help (those who get infected by simple Trojans) is the same type who wouldn't know enough to implement this advice (or for that matter, to even encrypt their wallets in some cases which would help against simple Trojans).

[azeteki]

Consider that the ability to execute arbitrary code on a target machine is almost game over.

The possibilities are essentially unlimited and malware can operate silently.

Non exhaustive list:

Nabbing the wallet file and keylogging the encryption passphrase
Scanning memory for private keys that appear upon user unlock
Issuing RPC commands upon user unlock
Modifying the wallet binary
Replacing addresses in RAM (e.g. a donation address you see on a site, or a personal message someone sends you)
Breaking new key generation by limiting the entropy pool

And countless others I've missed.

I wouldn't quite call obfuscation 'security theater', but it's likely to have a much worse RoI than other measures.

[BurtW]

This is why I am moving most of my BTC to either cold storage or my Trezor.  Trezor is not affected by key logging.

https://bitcointalk.org/index.php?topic=122438.0