Bitcoin Forum
October 20, 2017, 12:15:52 AM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 [4] 5 6 7 8 9 10 11 »  All
  Print  
Author Topic: Bitcoin cold storage - HACKED easily  (Read 12047 times)
sgravina
Sr. Member
****
Offline Offline

Activity: 450



View Profile
January 16, 2015, 07:09:24 PM
 #61

If it is easy then give it a try.

This attach won't work if the input address is not reused.  It gives the hacker the input private key but if that address is spent in the transaction and not reused then it can't be spent again by the attacker.

A simpler version of this attack would be to give the user a wallet which generates knowable private keys.  The attacker then watches all of addresses he has victims generate until he finds bitcoins.  This would work with any wallet the attacker was able to distribute.  Has this been attempted before?
1508458552
Hero Member
*
Offline Offline

Posts: 1508458552

View Profile Personal Message (Offline)

Ignore
1508458552
Reply with quote  #2

1508458552
Report to moderator
1508458552
Hero Member
*
Offline Offline

Posts: 1508458552

View Profile Personal Message (Offline)

Ignore
1508458552
Reply with quote  #2

1508458552
Report to moderator
1508458552
Hero Member
*
Offline Offline

Posts: 1508458552

View Profile Personal Message (Offline)

Ignore
1508458552
Reply with quote  #2

1508458552
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1508458552
Hero Member
*
Offline Offline

Posts: 1508458552

View Profile Personal Message (Offline)

Ignore
1508458552
Reply with quote  #2

1508458552
Report to moderator
1508458552
Hero Member
*
Offline Offline

Posts: 1508458552

View Profile Personal Message (Offline)

Ignore
1508458552
Reply with quote  #2

1508458552
Report to moderator
1508458552
Hero Member
*
Offline Offline

Posts: 1508458552

View Profile Personal Message (Offline)

Ignore
1508458552
Reply with quote  #2

1508458552
Report to moderator
ChuckBuck
Hero Member
*****
Offline Offline

Activity: 560



View Profile
January 16, 2015, 07:21:50 PM
 #62

it was proved that the COLD wallet can be hacked. once you are hacked, you cannot recover the bitcoin.

Yup, and normal people can easily pick up a handful of moondust, provided NASA takes them to the moon first.


or they can think : why would I use Bitcoin when I have fiat currency and other payment processors?

Yes, I can use Bitcoin to speculate a bubble but nothing more. Smiley

Now you're cooking!

Why use Bitcoin when you can use fiat.



Oh...you can get robbed at gunpoint...nevermind.


Oh yea, but we can use payment processors like credit cards AMEX, VISA, and Mastercard right?

Maybe go shopping at Target and...WHAT?!!?







Man that shit's no joke.

Damn I though you had a compelling reason, mayax, but just like this thread, very misleading...

██
█║█
║║║
║║║
█║█
██

                    ▄██▄
                  ▄██████▄
                ▄██████████
              ▄██████████▀   ▄▄
            ▄██████████▀   ▄████▄
          ▄██████████▀    ████████▄
         ██████████▀      ▀████████
         ▀███████▀   ▄███▄  ▀████▀   ▄█▄
    ▄███▄  ▀███▀   ▄███████▄  ▀▀   ▄█████▄
  ▄███████▄      ▄██████████     ▄█████████
  █████████    ▄██████████▀    ▄██████████▀
   ▀█████▀   ▄██████████▀    ▄██████████▀
     ▀▀▀   ▄██████████▀    ▄██████████▀
          ██████████▀    ▄██████████▀
          ▀███████▀      █████████▀
            ▀███▀   ▄██▄  ▀█████▀
                  ▄██████▄  ▀▀▀
                  █████████
                   ▀█████▀
                     ▀▀▀
e i d o o
██


                    ▄██▄
                  ▄██████▄
                ▄██████████
              ▄██████████▀   ▄▄
            ▄██████████▀   ▄████▄
          ▄██████████▀    ████████▄
         ██████████▀      ▀████████
         ▀███████▀   ▄███▄  ▀████▀   ▄█▄
    ▄███▄  ▀███▀   ▄███████▄  ▀▀   ▄█████▄
  ▄███████▄      ▄██████████     ▄█████████
  █████████    ▄██████████▀    ▄██████████▀
   ▀█████▀   ▄██████████▀    ▄██████████▀
     ▀▀▀   ▄██████████▀    ▄██████████▀
          ██████████▀    ▄██████████▀
          ▀███████▀      █████████▀
            ▀███▀   ▄██▄  ▀█████▀
                  ▄██████▄  ▀▀▀
                  █████████
                   ▀█████▀
                     ▀▀▀
██
█║█
║║║
║║║
█║█
██
jonald_fyookball
Legendary
*
Offline Offline

Activity: 1218


Core dev leaves me neg feedback #abuse #political


View Profile
January 16, 2015, 08:37:26 PM
 #63

OP mostly FUD but good that people are aware of all the attack vectors.  
Can't be too careful when it comes to large amounts of money.

If you are using electrum, I have published several utility
scripts in the electrum sub forum that you can use
to verify if the addresses and keys from your copy
of electrum are legit.


 how can normal people use such script? Smiley  the normal people wants something safe and simple.

it was proved that the COLD wallet can be hacked. once you are hacked, you cannot recover the bitcoin.



I don't have all the answers...  I assume that in the future, as
cryptocurrency becomes more popular, people will know how
to do basic things like run python scripts, similar to how most
people know how to check the oil in their car... Either that
or hire a trusted security consultant.

 

girb16
Jr. Member
*
Offline Offline

Activity: 36


View Profile
January 16, 2015, 09:04:32 PM
 #64

Very tired of the vilification of Russian everywhere! The hackers and enemies of Bitcoin live in the good old US of A!
Flashman
Hero Member
*****
Offline Offline

Activity: 518


Hodl!


View Profile
January 16, 2015, 10:57:09 PM
 #65

Very tired of the vilification of Russian everywhere! The hackers and enemies of Bitcoin live in the good old US of A!

Do you deny they invented Tetris? Well then, hackers everywhere  Wink

TL;DR See Spot run. Run Spot run. .... .... Freelance interweb comedian, for teh lulz >>> 1MqAAR4XkJWfDt367hVTv5SstPZ54Fwse6

Bitcoin Custodian: Keeping BTC away from weak heads since Feb '13, adopter of homeless bitcoins.
iGotSpots
Legendary
*
Offline Offline

Activity: 1442



View Profile WWW
January 16, 2015, 11:34:44 PM
 #66

There seems to be a lot of confusion in this thread about what is actually cold storage

██████████████
██████████████████████
████████████████████████████
████████████████████████████████
████████████████████████████████████
██████████████████████████████████████
██████████████████████████████████████████
████████████████████████████████████████████
█████████████████████████████████████████
██████████████████████████████████████
███████████████████████████████████████████████
███████████████████████████████████████████
███████████████████████████████████████████████
████████████████████████████████████████████████
████████████████████████████████████████████████
████████████████████████████████████████████████
███████████████████████████████████████████████
████████████████████████████████████████████
██████████████████████████████████████████████
████████████████████████████████████████████
████████████████████████████████████████████
████████████████████████████████████████████
████████████████████████████████████████████
██████████████████████████████████████████
█████████████████████████████████████
████████████████████████████████████
████████████████████████████████
████████████████████████████
██████████████████████
██████████████
   .HealthyWormCoin.   |     Twitter
Explorer
   |       YouTube
Worm Shop
The worms need your help to grow!
infobel
Jr. Member
*
Offline Offline

Activity: 42


View Profile
January 16, 2015, 11:41:04 PM
 #67

Idiotic article/thread...

You can't actually call a not-"cold" storage, a cold storage.

Don't buy Trezor! Not an Open Source project anymore!
infobel
Jr. Member
*
Offline Offline

Activity: 42


View Profile
January 16, 2015, 11:46:38 PM
 #68

it was proved that the COLD wallet can be hacked. once you are hacked, you cannot recover the bitcoin.

Yup, and normal people can easily pick up a handful of moondust, provided NASA takes them to the moon first.


or they can think : why would I use Bitcoin when I have fiat currency and other payment processors?

Yes, I can use Bitcoin to speculate a bubble but nothing more. Smiley


Or, I can use Bitcoin just because I can, without making some old fat fart very reach for processing my Western Union transfer and taking tons of money as a fee for transferring some bytes of data over the internet.
Stop being so stubborn. I just bought 2 Steam Gift Cards with Bitcoin, just because I can, and I'm not giving my credit card information or personal information all over the internet for some small thing like those.

YOU on the other hand are the one using Bitcoin just to speculate, right now you're also very angry cause you're not rich already.

You should try using Bitcoin, it feels nice.


Don't buy Trezor! Not an Open Source project anymore!
deployuser
Newbie
*
Offline Offline

Activity: 2


View Profile
January 17, 2015, 01:02:12 AM
 #69

What steps should people take to make sure you are 100% safe when dealing with cold storage?
cryptworld
Hero Member
*****
Offline Offline

Activity: 658



View Profile
January 17, 2015, 01:10:37 AM
 #70

I'd like to get a word from a person with knowledge,  is this really dangerous for bitcoin, or is just a theoretic xploit impossible to make real?
rio3232
Full Member
***
Offline Offline

Activity: 224


View Profile
January 17, 2015, 01:12:07 AM
 #71

What steps should people take to make sure you are 100% safe when dealing with cold storage?

get an offline wallet maybe with good antivirus and security.
only this can u do ?
jonald_fyookball
Legendary
*
Offline Offline

Activity: 1218


Core dev leaves me neg feedback #abuse #political


View Profile
January 17, 2015, 01:13:19 AM
 #72

What steps should people take to make sure you are 100% safe when dealing with cold storage?

No such thing as "100% safe" in computer security, but this gets you close as possible IMO.

1. Only use hardware that has never been connected to the internet and never will be.

2a. Only use trusted wallet software

2b. even safer:  ...that you compiled yourself from source and compared the executable hash to PGP signed executables

2c. safer still: ...that you also code reviewed.

3. bonus paranoid security:  use dice, coins, or cards to generate the entropy yourself rather than relying on the computer for randomness.


Q7
Sr. Member
****
Offline Offline

Activity: 448


View Profile WWW
January 17, 2015, 01:32:59 AM
 #73

I think it makes complete sense to use only wallet that you trust is safe. If you are using android system and just a quick browse on google play using "bitcoin wallet" keyword, you will find a long list of wallets. Some are yet to be submitted to github, so that is the first warning bell.

Sarthak
Hero Member
*****
Offline Offline

Activity: 532

Error 404: there seems to be nothing here.


View Profile
January 17, 2015, 03:32:00 AM
 #74

Thanks For sharing This!
If cold storage isn't safe then where do we store our coins securely? Huh

R2D221
Hero Member
*****
Offline Offline

Activity: 658



View Profile
January 17, 2015, 03:34:50 AM
 #75

Thanks For sharing This!
If cold storage isn't safe then where do we store our coins securely? Huh

0 Kelvin storage, of course

An economy based on endless growth is unsustainable.
Sarthak
Hero Member
*****
Offline Offline

Activity: 532

Error 404: there seems to be nothing here.


View Profile
January 17, 2015, 03:37:31 AM
 #76

Quote
0 Kelvin storage, of course

What's 0 Kelvin Storage? Never Heard of it before!

R2D221
Hero Member
*****
Offline Offline

Activity: 658



View Profile
January 17, 2015, 03:38:34 AM
 #77

What's 0 Kelvin Storage? Never Heard of it before!

Well, it's sarcastic. 0 Kelvin is the coldest temperature posible:

http://en.wikipedia.org/wiki/Absolute_zero

An economy based on endless growth is unsustainable.
Sarthak
Hero Member
*****
Offline Offline

Activity: 532

Error 404: there seems to be nothing here.


View Profile
January 17, 2015, 03:40:05 AM
 #78

What's 0 Kelvin Storage? Never Heard of it before!

Well, it's sarcastic. 0 Kelvin is the coldest temperature posible:

http://en.wikipedia.org/wiki/Absolute_zero


Lol i thought it was some wallet system and googled it  Tongue

ranochigo
Legendary
*
Offline Offline

Activity: 1232

In the midst of an exam, will be very inactive.


View Profile WWW
January 17, 2015, 03:40:15 AM
 #79

The chances of a cold storage getting hacked is fairly low if you compile it yourself, use trusted wallet software's and don't download any suspicious software. Remember to review source code and download from the trusted source and you will be fine.














 

 

█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
BitBlender 

 













 















 












 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
rio3232
Full Member
***
Offline Offline

Activity: 224


View Profile
January 17, 2015, 04:04:49 AM
 #80

What's 0 Kelvin Storage? Never Heard of it before!

Well, it's sarcastic. 0 Kelvin is the coldest temperature posible:

http://en.wikipedia.org/wiki/Absolute_zero


haha nice one man lel.
celcius fahrenheit bla bla bla.
Pages: « 1 2 3 [4] 5 6 7 8 9 10 11 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!