Bitcoin cold storage - HACKED easily

[qwk]

what you it seems that you do not understand or you do not want to say is that :
[...]
These developers can put anything they want INTO  the source code: ".... that some pieces of open-source code are so large and complex that even a dedicated community of developers may not detect a malicious addition."
So, COLD Storage can be easily hacked.

You seem to have little to zero experience with large collaborative software projects.
The specific attack we're talking about would require changing the code of a subroutine that's probably not been touched for years, since it's basically part of the fundamental core of the system.
With version control systems, such things don't go unnoticed.

It's like waving a red flag with the words "hey, I'm going to do something incredibly stupid and/or important" and hoping no one will notice.

[Meuh6879]

These developers can put anything they want INTO  the source code: ".... that some pieces of open-source code are so large and complex that even a dedicated community of developers may not detect a malicious addition."

False, very false ... we have revision display system to view the only added code (followed by name of author and reputation).
And even with this, the contribution are not allowed "like easy added" on the bitcoin core.

[ebliever]

what you it seems that you do not understand or you do not want to say is that :

"Even if the manufacturer (https://bitcoin.org/) claims that it runs open-source code, how do you tell whether it is actually running what you compiled?" Verbücheln said.

with other words: MANY developers worldwide are working in their free time to a project, in this case, Bitcoin. That's why it's called OPEN SOURCE.

These developers can put anything they want INTO  the source code: ".... that some pieces of open-source code are so large and complex that even a dedicated community of developers may not detect a malicious addition."


So, COLD Storage can be easily hacked.

You don't seem to understand that the hack has to be performed on the software the Bitcoin user uses to generate private keys. It can't be done after the fact. So you are entirely wrong and sensationalist in claiming that everyone's cold wallets are at risk. They are only at risk if they did in fact create their wallet using a criminal's hacked code. This is a risk, but not in the way you are shouting.

[ebliever]

What if your base os is compromised and you use a livecd whilst being offline to store the coins.....can this make you unsafe?

The only risk from what I see in the article is that if you use software to originally set up your wallet that actually originated from a criminal trying to steal your coins with this method, they could steal any coins you subsequently deposit.

They cannot hack a wallet that is secure. They can only put a backdoor in it when it was first created. And only if you use software that is not open-source and vetted by anyone besides the criminal.

[Flashman]

I'm shocked and horrified, next you'll be telling me that opening stuff in my spam folder "Your friend Joe, attachment:Photo.exe" isn't safe.

Then, oh horrors of the slippery slope, next they'll say that if I leave my front door open just a very small crack, I'll get random strangers taking my stuff, where does it all end?

[mayax]

what you it seems that you do not understand or you do not want to say is that :

"Even if the manufacturer (https://bitcoin.org/) claims that it runs open-source code, how do you tell whether it is actually running what you compiled?" Verbücheln said.

with other words: MANY developers worldwide are working in their free time to a project, in this case, Bitcoin. That's why it's called OPEN SOURCE.

These developers can put anything they want INTO  the source code: ".... that some pieces of open-source code are so large and complex that even a dedicated community of developers may not detect a malicious addition."


So, COLD Storage can be easily hacked.

That is true for any open source project, even the Linux kernel.

TRUE. Also, remember Heartbleed bug and the vulnerability in the "bash" shell for Linux and Unix, Shellshock

[Rich Tsunami]

This is so obvious...of course if someone has modified the code of a wallet and you downloaed it without verfiying where it came from and if its actually safe by checking its pgp then you are going to lose your coins thats pretty obvious...thats why you always make sure the check sum or pgp is exact.

[mayax]

What if your base os is compromised and you use a livecd whilst being offline to store the coins.....can this make you unsafe?

The only risk from what I see in the article is that if you use software to originally set up your wallet that actually originated from a criminal trying to steal your coins with this method, they could steal any coins you subsequently deposit.

They cannot hack a wallet that is secure. They can only put a backdoor in it when it was first created. And only if you use software that is not open-source and vetted by anyone besides the criminal.

Please re-read : "Even if the manufacturer (https://bitcoin.org/) claims that it runs open-source code, how do you tell whether it is actually running what you compiled?"

[bornil267645]

I think this theory is only applicable when your next door neighbor is peeping through your window to get a peek at your password or been compromised in that sort of way.

other than that, cold storage is still the safest bet. I hope so.

[RKZ72]

sorry for being dumb but if someone has modifed the code and you run it in a offline computer how does the hacker gain your information? how is it sent to him becase there is no internet connection to send the data or he cant remote control your computer because theres no internet access.

[ropbat]

I think op was trying to scare everyone and people would start panic selling again..nice try mate.

[MrTeal]

What if your base os is compromised and you use a livecd whilst being offline to store the coins.....can this make you unsafe?

The only risk from what I see in the article is that if you use software to originally set up your wallet that actually originated from a criminal trying to steal your coins with this method, they could steal any coins you subsequently deposit.

They cannot hack a wallet that is secure. They can only put a backdoor in it when it was first created. And only if you use software that is not open-source and vetted by anyone besides the criminal.

Please re-read : "Even if the manufacturer (https://bitcoin.org/) claims that it runs open-source code, how do you tell whether it is actually running what you compiled?"

bitcoin.org is added by you. The article was talking about hardware wallets like Trezor or Bitsafe, and that is a valid concern.
If you're concerned about the precompiled binaries on bitcoin.org not matching the source, just compile it yourself.

[ebliever]

What if your base os is compromised and you use a livecd whilst being offline to store the coins.....can this make you unsafe?

The only risk from what I see in the article is that if you use software to originally set up your wallet that actually originated from a criminal trying to steal your coins with this method, they could steal any coins you subsequently deposit.

They cannot hack a wallet that is secure. They can only put a backdoor in it when it was first created. And only if you use software that is not open-source and vetted by anyone besides the criminal.

Please re-read : "Even if the manufacturer (https://bitcoin.org/) claims that it runs open-source code, how do you tell whether it is actually running what you compiled?"

And maybe my smartphone has secret code from the CIA that is recording all my conversations and has super-secret hardware that can perform a keystroke log on any computer within 5' of it, so they have access to all my accounts and activities and can haul me off for thinking bad thoughts at any moment. Sometimes you just have to accept that the world is not an absolute locked-down perfect place no matter how hard you try to make it.

It remains the case that the hack can't be performed after the fact, which is what you've been shouting.

[SaltyRainbow]

Your funds are not safe neither in "cold storage". Read:

https://www2.informatik.hu-berlin.de/~verbuech/klepto-ecdsa/klepto-ecdsa.pdf  

or

http://www.coindesk.com/research-hackers-install-backdoor-bitcoin-cold-storage/


many of you said "cold storage is the best". well. it is not. that explains many hacks in Bitcoin which some of the bitcoiners considered to be very safe.

What's next? Mass withdrawals from Bitcoin. What can you do when you KNOW that your cold storage is exposed to be stolen? You must be stupid to keep your earnings there.

Only few people knew about this exploit. Now, any russian or ukrainian kid will try to hack the cold storages and guess what?! THEY WILL DO IT !    

Where do you keep your Bitcoin? Blockchain.info? Cold storage is the safest and always will be.

[MrTeal]

What if your base os is compromised and you use a livecd whilst being offline to store the coins.....can this make you unsafe?

The only risk from what I see in the article is that if you use software to originally set up your wallet that actually originated from a criminal trying to steal your coins with this method, they could steal any coins you subsequently deposit.

They cannot hack a wallet that is secure. They can only put a backdoor in it when it was first created. And only if you use software that is not open-source and vetted by anyone besides the criminal.

Please re-read : "Even if the manufacturer (https://bitcoin.org/) claims that it runs open-source code, how do you tell whether it is actually running what you compiled?"

And maybe my smartphone has secret code from the CIA that is recording all my conversations and has super-secret hardware that can perform a keystroke log on any computer within 5' of it, so they have access to all my accounts and activities and can haul me off for thinking bad thoughts at any moment. Sometimes you just have to accept that the world is not an absolute locked-down perfect place no matter how hard you try to make it.

It remains the case that the hack can't be performed after the fact, which is what you've been shouting.

Don't laugh. The whole reason phones have pulse oximeters now isn't for measuring heartrate. It's so that the CIA can track your thoughts. I read it on the internet.

[ebliever]

sorry for being dumb but if someone has modifed the code and you run it in a offline computer how does the hacker gain your information? how is it sent to him becase there is no internet connection to send the data or he cant remote control your computer because theres no internet access.

The idea is that you downloaded software from the hacker and use it to generate your wallet. Since he designed it to produce specified outputs, it generates private keys that he can recognize in the blockchain. So it doesn't matter that your cold wallet generating system is offline.

[ChuckBuck]

To the OP,

You should change the thread title to Bitcoin cold storage -   HACKED DIFFICULTLY WHERE ATTACKER NEEDS ACCESS TO AIR GAPPED PC OR WALLET AND HAS TO INSTALL BACKDOOR WALLET VERSION ONE COLD WALLET AT A TIME

The original post and title very misleading, and causes FUD to the Noobs.

Thanks,

Bitcointalk Community


P.S. - You keep saying the manufacturer and link to Bitcoin.org....reread the article, dude.  The context is if hardware wallet manufacturers like say Trezor or Ledger have the compromised software installed.  Not software wallets like Bitcoin Core or Electrum or Armory.

[Flashman]

I think op was trying to scare everyone and people would start panic selling again..nice try mate.

Yah, he's been in alarm and despair mode for the last week, just trying a little "too" hard now for us to continue to regard him as genuine.

[MrTeal]

Ok, back to serious questions to knowledgeable people.

Am I correct in reading that this vector only allow the attacker to determine the private key of an address that has been used to sign a transaction? IE, if you use all the inputs of an address in the transaction and not reusing any addresses even a compromised ECDSA module would only net the attacker your now empty address.

Of course more broadly one would have to assume that if you're D/Ling a precompiled binary with compromised ECDSA, the key generation module would also be compromised.

[qwk]

Am I correct in reading that this vector only allow the attacker to determine the private key of an address that has been used to sign a transaction? IE, if you use all the inputs of an address in the transaction and not reusing any addresses even a compromised ECDSA module would only net the attacker your now empty address.

Well, the paper isn't really published yet, but as far as I can tell, this seems to be the case.
Honestly, the whole issue is interesting, but not much more.

All it really shows is that you can actually use the transaction signing part of cold storage to get information out of an otherwise sealed system.
Then again, that's more or less Captain Obvious speaking