You think you don't need to trust blockchain.info ? Think again

[hazek]

When I goto https://blockchain.info/wallet/ my wallet verifier extension gives the below message?

https://chrome.google.com/webstore/detail/kcapglakfcodkajgllmkiddclghogkic

Message: "*** Serious Error - Javascript inconsistencies found. Maybe malicious - Do not Login! Please contact support@pi.uk.com"

Since I switched back to firefox I haven't seen this massage yet but when I used chrome I did see this from time to time and usually if I refreshed the site the message went away. I know there's an explanation for this but I forgot what it is..

[1715507014]

1715507014

[thanke]

Why does blockchain's mywallet use a JS wallet and a browser plugin to verify it? Why not simply a browser plugin like lastpass? Wouldn't that be more secure?

[DeathAndTaxes]

Why does blockchain's mywallet use a JS wallet and a browser plugin to verify it? Why not simply a browser plugin like lastpass? Wouldn't that be more secure?

The advantage of having the encryption and signing done in javascript is the source is available.  Can you make a browser plugin in javascript?  If so then it likely isn't any more secure but it certainly isn't any less secure.  If the browser plugin is running opaque code then it is significantly less secure than using javascript.

[Vitalik Buterin]

Basically, that means that blockchain.info, strongcoin.com, {insert client-side JS wallet here} is inherently less safe than a standalone client, and not much safer than a hosted wallet.

Even if your claims on security are completely correct, I still somewhat disagree. The single worst disaster relating to hosted Bitcoin wallets that we have had in 2012, Bitcoinica, was not due to malicious action - it was due to inaction and a bad default. Of course, the thefts did precipitate the whole debacle, but the money that was actually stolen is only about a third of the sum that account holders actually had, and the reason why the other two thirds still haven't been returned is because the money sat in Bitcoinica's wallet and so when Patrick et al simply sat on the money for two months by default that money was not accessible to users. With a Blockchain-like setup (obviously a strictly blockchain-like setup can't really be used for a Bitcoinica-like application, as it needs access to the money to operate, but that's beside the point here), the default would instead have been for users to be able to instantly access and recover their funds from a backup. It's not inaction, but active theft, that would be the threshold required for customers to actually lose any money - a threshold which, if you break and are caught, will likely lead to you going to jail.

[hazek]

FYI the entire discussion in this thread will with the arrival of hardware wallets soon be irrelevant. I hope that even blockchain.info will make use of them.

[Red Emerald]

FYI the entire discussion in this thread will with the arrival of hardware wallets soon be irrelevant. I hope that even blockchain.info will make use of them.

OMG YES

[SirWilliam]

This is true for all wallets that advertise in-browser cryptography.

They are all vulnerable to code-poisoning when the central server gets compromised.

To properly do javascript cryptography you need to publish a signed browser extension that therefore doesn't get served dynamically and therefore is invulnerable to server-side code-poisoning.

Basically, that means that blockchain.info, strongcoin.com, {insert client-side JS wallet here} is inherently less safe than a standalone client, and not much safer than a hosted wallet.

Thoughts welcome !

Sorry to dredge up an old conversation, especially when I obviously don't understand what is being said as well as any of the posters in this thread, but I had a question about the security issue discussed. here.

Would the dangers you discuss, server-side poisoning, dishonest site owner using any of the methods you discuss, etc., still apply in the case of someone who carried out the procedure of creating a wach-only address by logging in, disconnecting internet, creating the address in private browsing mode, printing out the paper wallet for the new address, deleting all traces in the browser, then logging in and importing the new address as a new watch only address?

I mean to say that if this procedure was done so that the address and private key were created offline and then if the user NEVER sent bitcoins out of that address, therefore never entering the private key for the transaction, would the site owner or someone who poisoined the code still be able to derive the private key in some way? I mean if a user had a watch only address in their wallet and never even entered the private key to send coins then how could the private key be captured?

Thanks for any responses!

[jubalix]

I installed that javascipt checker mywallet 1.9 that tells me if the JS has had something injected into it....does this help much?

This is true for all wallets that advertise in-browser cryptography.

They are all vulnerable to code-poisoning when the central server gets compromised.

To properly do javascript cryptography you need to publish a signed browser extension that therefore doesn't get served dynamically and therefore is invulnerable to server-side code-poisoning.

Basically, that means that blockchain.info, strongcoin.com, {insert client-side JS wallet here} is inherently less safe than a standalone client, and not much safer than a hosted wallet.

Thoughts welcome !

[hamiltino]

Switched over from blockchain.info wallet to an offiline wallet.

I sleep better.

[piuk]

Since this old thread has been necro'd I might as well post an update.

Fully packaged browser extensions are now available for Chrome and Firefox, which addresses the concern in the original post:

Info:

https://blockchain.info/wallet/browser-extension

Chrome:

https://chrome.google.com/webstore/detail/blockchain/glaohkkooicollgefkkmndjcbblominl

Firefox:

https://addons.mozilla.org/en-US/firefox/addon/my-wallet/