Bitcoin Forum
April 20, 2018, 04:53:12 PM *
News: Latest stable version of Bitcoin Core: 0.16.0  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: [2014-08-07] CD - RushWallet Delivers Fast, Frictionless and Login-Free Bitcoin  (Read 2164 times)
Kprawn
Legendary
*
Online Online

Activity: 1456
Merit: 1027



View Profile
August 07, 2014, 01:47:57 PM
 #1

http://www.coindesk.com/rushwallet-delivers-fast-frictionless-login-free-bitcoin-wallets/

My concerns ----> "Created in 2011, Instawallet had over 1 million accounts and was once lauded by bitcoin developers for its ability to quickly create and use bitcoin addresses. But, a 2013 hack saw it fraudulently relieved of all user funds.
 
Hackers were able to gain access to users’ secret URLs, which were stored online. Instawallet later replaced most users’ balances after a 90-day claims process."

1524243192
Hero Member
*
Offline Offline

Posts: 1524243192

View Profile Personal Message (Offline)

Ignore
1524243192
Reply with quote  #2

1524243192
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1524243192
Hero Member
*
Offline Offline

Posts: 1524243192

View Profile Personal Message (Offline)

Ignore
1524243192
Reply with quote  #2

1524243192
Report to moderator
1524243192
Hero Member
*
Offline Offline

Posts: 1524243192

View Profile Personal Message (Offline)

Ignore
1524243192
Reply with quote  #2

1524243192
Report to moderator
southern
Newbie
*
Offline Offline

Activity: 10
Merit: 0


View Profile
August 07, 2014, 02:26:04 PM
 #2

http://www.coindesk.com/rushwallet-delivers-fast-frictionless-login-free-bitcoin-wallets/

My concerns ----> "Created in 2011, Instawallet had over 1 million accounts and was once lauded by bitcoin developers for its ability to quickly create and use bitcoin addresses. But, a 2013 hack saw it fraudulently relieved of all user funds.
 
Hackers were able to gain access to users’ secret URLs, which were stored online. Instawallet later replaced most users’ balances after a 90-day claims process."


Doesnt seem very secure to me, but looks good.
elliwilli
Sr. Member
****
Offline Offline

Activity: 307
Merit: 250


et rich or die tryi


View Profile WWW
August 07, 2014, 03:53:59 PM
 #3

Looks sexy as hell but it has a bad history, i will probably use it for a small hot wallet as i love the UI but i wont hold anything big in it.

betafall
Full Member
***
Offline Offline

Activity: 130
Merit: 100


View Profile
August 08, 2014, 02:30:12 AM
 #4

Instawallet and Rushwallet have nothing to do with each other expect for being instant wallets. I think you misunderstood that they are related in some way beyond that.

RushWallet is a product of KryptoKit and is more secure than InstaWallet in two specific ways:

1. Funds are stored client side, not server-side.
2. The private key is stored in the URL after the hashtag. By HTTP standards, that part of the URL is not sent to the server when you make a request; it remains purely client-side, so the server never sees what any of the private keys are.

Kprawn
Legendary
*
Online Online

Activity: 1456
Merit: 1027



View Profile
August 08, 2014, 07:00:51 AM
 #5

" The private key is stored in the URL after the hashtag. By HTTP standards, ...."

There is no way, that this is secure enough to hold any of my coins. One "Screen capture" and you have the private key. No other hacking / bruteforcing passwords or keyloggers needed.

Nope, sorry .... I will not use this for "store value" It's a toy to be used for education on how not to store your coins.

CIYAM
Legendary
*
Offline Offline

Activity: 1876
Merit: 1000


Ian Knowles - CIYAM Lead Developer


View Profile WWW
August 08, 2014, 07:08:58 AM
 #6

" The private key is stored in the URL after the hashtag. By HTTP standards, ...."

There is no way, that this is secure enough to hold any of my coins. One "Screen capture" and you have the private key. No other hacking / bruteforcing passwords or keyloggers needed.

I'd have to agree that this seems like a very bad idea when it comes to securing bitcoins.

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
LiteCoinGuy
Legendary
*
Offline Offline

Activity: 1148
Merit: 1001


In Satoshi I Trust


View Profile WWW
August 08, 2014, 10:24:38 AM
 #7

could be okay for pocket money

medicine
Hero Member
*****
Offline Offline

Activity: 696
Merit: 500



View Profile WWW
August 08, 2014, 02:57:57 PM
 #8

I had an Instawallet back in the day and I would like a much more detailed explanation of the security before I used Rush Wallet.
Does anyone have a link to the details explaining the cryptography and hashing/private key movement?

Thanks

btc: 1GhVNYuPskEjX79oECB8KF53uvcKMhpNHW
Bitfinex referral code: KvlvfZYCdQ
Seoul Bitcoin Meetup
rushwallet
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
August 09, 2014, 12:54:56 PM
 #9

http://www.coindesk.com/rushwallet-delivers-fast-frictionless-login-free-bitcoin-wallets/

My concerns ----> "Created in 2011, Instawallet had over 1 million accounts and was once lauded by bitcoin developers for its ability to quickly create and use bitcoin addresses. But, a 2013 hack saw it fraudulently relieved of all user funds.
 
Hackers were able to gain access to users’ secret URLs, which were stored online. Instawallet later replaced most users’ balances after a 90-day claims process."


Please know that RushWallet is not in any way related to Instawallet.

RushWallet is more secure than InstaWallet in two specific ways:

Funds are stored client side, not server-side. Meaning that RushWallet neither holds, nor has access to users wallets or bitcoin.

The private key is stored in the URL after the hashtag. By HTTP standards, that part of the URL is not sent to the server when you make a request; it remains purely client-side, so the server never sees what any of the private keys are.

You can add an encrypted password in the URL should you so choose meaning that you'd have to enter a password every time you open your wallet.

Check out this reddit post http://www.reddit.com/r/Bitcoin/comments/2cvr33/rushwallet_by_kryptokit_finally_an_easy_way_to/

And here's the official BitcoinTalk thread. https://bitcointalk.org/index.php?topic=730490.0
bryant.coleman
Legendary
*
Offline Offline

Activity: 1764
Merit: 1006


LanceChain


View Profile
September 17, 2014, 09:55:03 AM
 #10

Never trust these people. I lost a few mBTCs when Instawallet closed down. I am not falling in to these sort of traps ever again. For me, the only reliable online wallet is Blockchain.info. That said, I am only keeping less than 1% of my stash with online wallets. The remainder is safely stored in various offline wallets, including paper wallets and USB sticks.



      ███  ███
    ███      ███
  ███          ███
███              ███

███              ███
  ███          ███
    ███      ███
      ███  ███


LANCECHAIN

║▮
║▮
║▮

▮║
▮║
▮║

║▮
║▮
║▮

▮║
▮║
▮║




                      ▄▄████
                ▄▄▄████████▌
          ▄▄▄███████▀▄█████
     ▄▄█████████▀▀ ▄██████▌
▄▄███████████▀  ▄█████████
 ▀▀▀█████▀    ▄██████████▌
       ██   █████████████
        █▄ █████████████▌
        ▐█▄███▀▀████████
         ███▀    ▀▀████▌
                    ▀▀█



                 ▄████▄▄    ▄
██             ████████████▀
████▄         █████████████▀
▀████████▄▄   █████████████
▄▄█████████████████████████
██████████████████████████
  ▀██████████████████████
   █████████████████████
    ▀█████████████████▀
      ▄█████████████▀
▄▄███████████████▀
   ▀▀▀▀▀▀▀▀▀▀▀



    ▄▄▄▄▄▄▄▄
  ▄█████████
 █████▀▀▀▀▀▀
▐████
▐████
████████████
████████████
▐████
▐████
▐████
▐████
▐████
adamas
Legendary
*
Offline Offline

Activity: 1011
Merit: 1002


VIS ET LIBERTAS


View Profile WWW
September 17, 2014, 10:57:35 AM
 #11

I couldn't figure out how to create a password protected brainwallet.
I believe there is a checkbox when you first visit the site and are creating a random number with your mouse.
  Yes, but how to create a passsword protected brainwallet with an own passphrase?
  www.rushwallet.com/#*my pass phrase*!password

"Es ist kein Zeichen geistiger Gesundheit, gut angepasst an eine kranke Gesellschaft zu sein."
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!