what is the "scratch"? it's FUD or truth?

[Gabi]

Copying a file on a computer is not Bitcoin weakness. It's user fault for having an infected computer.

If my computer is infected everything is weak, i type a password and the virus read it for example.

[1715199569]

1715199569

[1715199569]

1715199569

[triplehelix]

Copying a file on a computer is not Bitcoin weakness. It's user fault for having an infected computer.

If my computer is infected everything is weak, i type a password and the virus read it for example.

the fact that the official bitcoin client stores the wallet in a vulnerable manner by default is indeed a weakness.

[rjk]

Copying a file on a computer is not Bitcoin weakness. It's user fault for having an infected computer.

If my computer is infected everything is weak, i type a password and the virus read it for example.

the fact that the official bitcoin client stores the wallet in a vulnerable manner by default is indeed a weakness.

So since the password for an encrypted wallet can be grabbed by a keylogger, that is a vulnerability caused by the core dev team in the official client? Honestly, you bore me.

[triplehelix]

Copying a file on a computer is not Bitcoin weakness. It's user fault for having an infected computer.

If my computer is infected everything is weak, i type a password and the virus read it for example.

the fact that the official bitcoin client stores the wallet in a vulnerable manner by default is indeed a weakness.

So since the password for an encrypted wallet can be grabbed by a keylogger, that is a vulnerability caused by the core dev team in the official client? Honestly, you bore me.

i'm sure you can see the difference between offering no protection, and offering the best protection you can reasonably be expected to offer.

inorder for the keylogger to be effective, it would have to remain undetected on the infected system until the person used their private key.  the fact that not everyone inputs their private key often, would allow time for detection and sanitation.  i'm sure many of the wallets that were stolen would have been saved if encryption was in place by default.

i'm sorry if expecting the most security possibly from a piece of financial software is a bore to you.

[rjk]

i'm sorry if expecting the most security possibly from a piece of financial software is a bore to you.

Actually, it is already available - run it in Linux, where viruses are statistically less prevalent, and you are automagically protected against several attack vectors. If you can't detect the keylogger until it grabs your password, it is already too late.

[triplehelix]

i'm sorry if expecting the most security possibly from a piece of financial software is a bore to you.

Actually, it is already available - run it in Linux, where viruses are statistically less prevalent, and you are automagically protected against several attack vectors. If you can't detect the keylogger until it grabs your password, it is already too late.

maybe you can explain the justification for not encrypting the wallet by default?

and while i understand what your saying, the worm was identified and antivirus definitions updated to deal with it.  if you hadn't input your password between infection and identification/update, then you wouldn't have lost any coins.

[Gavin Andresen]

maybe you can explain the justification for not encrypting the wallet by default?

Here's the thinking:

Joe Random User finds out about bitcoin, and decides "what the heck, I'll check it out."

They run it.  First thing it does is ask him for a passphrase, with tons of "DO NOT FORGET YOUR PASSPHRASE" and/or "CHOOSE A LONG PASSPHRASE" warnings.  What does he do?  Many users will either:

1. Type "passphrase".

or

2. Bang on the keyboard to create a long, random passphrase: "b;lkaj425[09234kjvfda,nvfd;nkj34toht4"

He gets a little coin from the Faucet, writes me an email asking when they will arrive (because he hasn't yet downloaded the entire blockchain and didn't bother to read the information about that on the Faucet's "Sent!" page), and then shuts down the client.

Time passes.  Eventually the Faucet coins show up.

He decides Bitcoin really doesn't suck as much as he first thought, so he decides to buy some Bitcoin on Mt. Gox.

Time passes while Dwolla verifies his bank account and stuff.

Then he buys Bitcoin, and manages to send them and see them show up in his running Bitcoin.

Yay!

Time passes.  He decides he wants to spend the Bitcoin, and now he has to enter the passphrase that he set a week or three ago.  But back then, wallet security wasn't at all important to him.  He didn't have an Bitcoins to keep secure.

So either he forgot that his passphrase is "passphrase" or he remembers that he typed a bunch or random letters just so he could get past that annoying "enter passphrase" dialog box so he could just try the damn thing.

In short: wallet encryption is not the default because the right time to enter a passphrase to encrypt the wallet is when you KNOW that the wallet is valuable, and will take the steps necessary to protect it.

[triplehelix]

thank your for the thorough response.

when confronted with a classic conflict in programming, between security and user convenience, you chose convenience.

there are merits to both choices.  users are very used to entering passwords, and somehow manage to stay on top of them.  if they choose a crappy one and it gets cracked, or if they choose a crazy one and forget it, thats on the user, not on bitcoin.  my only comment is that bitcoin is not offering the most secure implementation it can.  the fact that its a conscious decision doesn't change that.

[Gavin Andresen]

my only comment is that bitcoin is not offering the most secure implementation it can.  the fact that its a conscious decision doesn't change that.

Ummm...

You know when you choose "About Bitcoin-Qt" and it says "Version 0.something BETA" ?

When we've got an implementation that is safe and secure (both from hackers and from accidental loss) out of the box that will change to say "Bitcoin Version 1.something".

Unfortunately, I don't know how to launch Bitcoin in an alternate universe where it will be attacked by highly motivated black-hats and then bring back the battle-tested source code to this universe to be launched as a perfectly secure Version One.

So, to repeat myself:  Bitcoin is experimental software. Do not invest time or money in it that you cannot afford to lose.

[triplehelix]

so in your opinion, no merchants should be using it until it reaches 1.something?

you seem to be getting a bit agitated, or at least that's how i'm reading the sarcastic part of your response about alternate universes, and i'm not sure why.  aren't these the type of conversations that happen in open source projects, within the community, that strengthen the project?  i make no qualms about the fact that i'm still new to bitcoin and learning.  maybe this doesn't have the same dynamic as many of the more successful open source projects?

you put a lot of time and effort into bitcoin.  i understand and appreciate that, but bitcoin belongs to  the community.  some individuals, like yourself, are more important to bitcoin then others, like myself, but without community support and involvement, its just a bunch of fancy math.

[rjk]

you put a lot of time and effort into bitcoin.  i understand and appreciate that, but bitcoin belongs to  the community.  some individuals, like yourself, are more important to bitcoin then others, like myself, but without community support and involvement, its just a bunch of fancy math.

No, it really belongs to the people that bother to put time and effort into it. If you cared, you would put a lot more of your time and effort into it.

No code, no UI, no API is perfect from the beginning, and will never be perfect, ever. If you have specific enhancements available or ideas on how to implement a better way, I am certain that the dev team, or indeed everyone, would love to hear about them. I have yet to hear you utter a workable solution to the problems that we have been discussing.

What Gavin meant by alternate worlds was that the BETA project can only be tested on the open, in production, because there is no collection of users and hackers available privately to make it "perfect" before public launch. If you don't like this, you aren't required to use it, and are welcome to throw all your time and skill into improving it. Improvements are always a good thing, whether to the UI and usability, or whether to security and interoperability.

As is commonly stated in open-source projects, "Pull requests are welcome".

[triplehelix]

wow.  so its your opinion that bitcoin belongs to a select few?  i must have really really misunderstood what bitcoin is all about. 

and your familiar with my efforts?  are furthering the adoption and developing business around bitcoin a valuable contribution?  is there a chart i can refer to or is an individuals non technical contribution evaluated by the select few on a case by case basis?

i understand nothing is perfect...ever.  the specific enhancement i suggested was to have the wallet encrypted from the get go.  gavin explained he thought the average user couldn't handle remembering the password they set it up with, so the decision was made to make it easier, but less secure.

i disagree with that decision.

i am still left confused by the hostility in the responses to a suggestion to increase security.

[rjk]

By time and effort, I didn't necessarily mean coding, although that helps.

Since you didn't come up with an answer, I just thought it up for you. Here is my proposal:

1. On wallet creation, it is unencrypted as it is currently.
2. Encryption will be suggested to the user once:
  a. The blockchain has fully downloaded and
  b. The wallet balance exceeds 0
3. If encryption was enabled prior to blockchain download completion, or prior to the balance exceeding 0, no popup/prompt will occur.
4. The popup/prompt will have an option to disable future notices:
  a. When checked, no further notices will be created, although
    1. A reminder will be written to the log
  b. If left unchecked, the reminder will be shown any time the wallet's balance is incremented or decremented.
5. There will be an easily accessible help link within the notification.

How does this sound? What needs added to this proposal is the following:

a. The suggested format of the notification:
  1. Tray notification
  2. Modal popup (application specific, not system modal)
  3. Text notification in the same format as remote system messages
b. The suggested text of the notification
 1. Including the text of the help link
c. A decision on whether the help link is local or whether it goes to the wiki

This will increase security, although it still does not address the keylogger issue. (On-screen keyboard anyone? Yeah I thought not.)

[julz]

i understand nothing is perfect...ever.  the specific enhancement i suggested was to have the wallet encrypted from the get go.  gavin explained he thought the average user couldn't handle remembering the password they set it up with, so the decision was made to make it easier, but less secure.

The broader picture of security includes user behaviour. Coins lost through mistakes made jumping security hurdles are just as lost as stolen coins.
I'd argue that the chosen path as explained by Gavin is superior from this perspective, and it would be better to pursue improvements along the lines of striking visual cues that the wallet remains unencrypted.

[triplehelix]

see rjk, now the conversation is taking a more productive direction, which is, you know, more productive then taking things personal and/or being condescending.  i wasn't making any personal attacks, and am still genuinely confused why i got such a negative response.

i used to be a project manager for an iphone dev company.  i don't have the technical skills to give specific procedural suggestions, but i worked hand in hand with the designers to the programers.  there was a flow of ideas, and while it was down to the more technically capable members of the team to implement, everyone's thoughts and ideas were valued.  different perspectives from people with different skill sets lead to a stronger finished product.  best job i ever had btw.

as for the keylogger, as i said, i was referring to bitcoin doing all it could do to be secure.  obviously a user has responsibilities.  there is only so much that can be done to secure software installed on end user machines.  i just think its best practices to do some simple things like having the wallet encrypted (by whichever procedures and at whatever specific time in the installation/update process is deemed appropriate by those more technically inclined) to increase security.

julz, i can see some kind of nag screen pushing a user to encrypt the wallet being a better compromise between the two.  i just don't think a screen telling someone to enter a password and make sure they remember it, or having a password to begin with is such a show stopper.  i think the general population is very much used to entering passwords and remembering them for their bank account, their utility providers, email, netflix, facebook, etc.  i also don't think entering a password is more difficult or off putting than waiting for the blockchain to download.

[rjk]

see rjk, now the conversation is taking a more productive direction, which is, you know, more productive then taking things personal and/or being condescending.  i wasn't making any personal attacks, and am still genuinely confused why i got such a negative response.

i used to be a project manager for an iphone dev company.  i don't have the technical skills to give specific procedural suggestions, but i worked hand in hand with the designers to the programers.  there was a flow of ideas, and while it was down to the more technically capable members of the team to implement, everyone's thoughts and ideas were valued.  different perspectives from people with different skill sets lead to a stronger finished product.  best job i ever had btw.

as for the keylogger, as i said, i was referring to bitcoin doing all it could do to be secure.  obviously a user has responsibilities.  there is only so much that can be done to secure software installed on end user machines.  i just think its best practices to do some simple things like having the wallet encrypted (by whichever procedures and at whatever specific time in the installation/update process is deemed appropriate by those more technically inclined) to increase security.

julz, i can see some kind of nag screen pushing a user to encrypt the wallet being a better compromise between the two.  i just don't think a screen telling someone to enter a password and make sure they remember it, or having a password to begin with is such a show stopper.  i think the general population is very much used to entering passwords and remembering them for their bank account, their utility providers, email, netflix, facebook, etc.  i also don't think entering a password is more difficult or off putting than waiting for the blockchain to download.

I think we got fired up by your comment of vulnerability where there really wasn't one. As someone that developed applications for iFail devices, I am sure you have had your share of thick/stupid/newb/etc users, and figure you would appreciate the reasoning that Gavin put forth.

A virus doesn't get blocked by AV vendors unless something bad happens to someone and they report it. So it is inevitable that someone would lose their wallet(s) to a keylogger, even if they only enter their password once a week, since someone has to figure out that something is wrong to start with. Nevermind that the virus was probably acquired by visiting some shady site on the net, users will be users and there isn't much you can do about that.

Unfortunately, my experience with users has been very similar to the situation that Gavin laid out - if they are prompted to enter their passphrase, it is pretty much a guarantee that they would enter a lame dictionary word of 6 characters or less, and then promptly forget it as if they were being paid to forget things. Damn users.

[triplehelix]

yeah, i have stories from users that still wake me up in the middle of the night.

generally though, the ones that curl your hair are a smaller percentage of the user base (from my experience anyway), and i personally believe in designing for the majority, and i think the majority of people would remember their password.  i don't think its that hard to include a passphrase strength indicator.  if someone wants to be a dipstick and use 123456, and the bitcoin client tells them its a near worthless password, then bitcoin has done all it can reasonably be expected to do, and nobody is to blame but the user who is lazy.

i don't think i have the most correct answer.  i just think that security isn't as hardened as it could be, and there is at least one area where it could be relatively easily strengthened, and an open discussion would probably be beneficial.

[Raoul Duke]

Well... I've told this to every person who I introduced to Bitcoin:

Would you leave your wallet unattended in a table on the middle of a shopping mall? With Bitcoin you also have to be careful, just like with your pocket wallet. They seem to get it...

[istar]

maybe you can explain the justification for not encrypting the wallet by default?

Here's the thinking:

Joe Random User finds out about bitcoin, and decides "what the heck, I'll check it out."

They run it.  First thing it does is ask him for a passphrase, with tons of "DO NOT FORGET YOUR PASSPHRASE" and/or "CHOOSE A LONG PASSPHRASE" warnings.  What does he do?  Many users will either:

1. Type "passphrase".

or

2. Bang on the keyboard to create a long, random passphrase: "b;lkaj425[09234kjvfda,nvfd;nkj34toht4"

He gets a little coin from the Faucet, writes me an email asking when they will arrive (because he hasn't yet downloaded the entire blockchain and didn't bother to read the information about that on the Faucet's "Sent!" page), and then shuts down the client.

Time passes.  Eventually the Faucet coins show up.

He decides Bitcoin really doesn't suck as much as he first thought, so he decides to buy some Bitcoin on Mt. Gox.

Time passes while Dwolla verifies his bank account and stuff.

Then he buys Bitcoin, and manages to send them and see them show up in his running Bitcoin.

Yay!

Time passes.  He decides he wants to spend the Bitcoin, and now he has to enter the passphrase that he set a week or three ago.  But back then, wallet security wasn't at all important to him.  He didn't have an Bitcoins to keep secure.

So either he forgot that his passphrase is "passphrase" or he remembers that he typed a bunch or random letters just so he could get past that annoying "enter passphrase" dialog box so he could just try the damn thing.

In short: wallet encryption is not the default because the right time to enter a passphrase to encrypt the wallet is when you KNOW that the wallet is valuable, and will take the steps necessary to protect it.

Brainstorm:

If the user have zero in his wallet, do not warn that it doesnt have password.

If the user have X amount advice the user to chose a long password they will never forget.
And some advice on how to chose such a password.

If the user have Huge amount of Bitcoins give warnings to encrypt right away?

Question is, what is considered huge and for one user 5 Btc can be much, for another 500 is much.

[Gavin Andresen]

i don't think i have the most correct answer.  i just think that security isn't as hardened as it could be, and there is at least one area where it could be relatively easily strengthened, and an open discussion would probably be beneficial.

You mean like:

https://bitcointalk.org/index.php?topic=34562.0
  or
https://bitcointalk.org/index.php?topic=19080.80
  or
http://gavinthink.blogspot.com/2011/06/why-arent-bitcoin-wallets-encrypted.html
  or
https://bitcointalk.org/index.php?topic=2574.0

It has been a while since I wrote a "State of Bitcoin Development" update (too busy...), but wallet security was my second priority, behind network stability, the last time I did one. It is still right at the top of my priority list.