Bitcoin Forum
October 17, 2017, 03:42:37 PM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 [5] 6 7 8 9 10 11 »  All
  Print  
Author Topic: Bitcoin cold storage - HACKED easily  (Read 12027 times)
Envrin
Sr. Member
****
Offline Offline

Activity: 298


Flixxo - Watch, Share, Earn!


View Profile
January 17, 2015, 05:05:41 AM
 #81


Don't use wallet software provided by someone who goes by a name like l33tHaxorKid, and you'll be fine.


X       ▄▄█████████▄▄
    ▄██▀▀         ▀▀██▄
  ▄██▀              ▀██▄
 ▄██     ██▄▄          ██▄
▄██      █████▄▄        ██▄
██       ████████▄▄      ██
██       ███████████▄    ██
██       ██████████▀     ██
▀██      ███████▀       ██▀
 ▀██     ████▀         ██▀
  ▀██▄   █▀          ▄██▀
    ▀██▄▄         ▄▄██▀
       ▀▀█████████▀▀
.flixxo    X▄████████████████████▄
██████████████████████
██████████████████████
████████████▀▀███████
█████▀████░░░░░░▄████
█████░░░░░░░░░░▄█████
█████▄░░░░░░░░░░██████
██████░░░░░░░░░███████
███████░░░░░░▄████████
████▄▄░░░░▄▄██████████
██████████████████████
██████████████████████
▀████████████████████▀
▄████████████████████▄
██████████████████████
█████████▀█▀██████████
██████▀▀▀▀▀████████
██████▄▄░░▄▄▄░░███████
████████░░███░░███████
████████░░░░░░▀███████
████████░░███▄░░██████
██████▀▀░░▀▀▀░░░██████
██████▄▄▄▄▄▄███████
█████████▄█▄██████████
██████████████████████
▀████████████████████▀
X[[]]X
1508254957
Hero Member
*
Offline Offline

Posts: 1508254957

View Profile Personal Message (Offline)

Ignore
1508254957
Reply with quote  #2

1508254957
Report to moderator
1508254957
Hero Member
*
Offline Offline

Posts: 1508254957

View Profile Personal Message (Offline)

Ignore
1508254957
Reply with quote  #2

1508254957
Report to moderator
1508254957
Hero Member
*
Offline Offline

Posts: 1508254957

View Profile Personal Message (Offline)

Ignore
1508254957
Reply with quote  #2

1508254957
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1508254957
Hero Member
*
Offline Offline

Posts: 1508254957

View Profile Personal Message (Offline)

Ignore
1508254957
Reply with quote  #2

1508254957
Report to moderator
rio3232
Full Member
***
Offline Offline

Activity: 224


View Profile
January 17, 2015, 05:13:53 AM
 #82


Don't use wallet software provided by someone who goes by a name like l33tHaxorKid, and you'll be fine.



haha who is he dude ?
scammer people ?
mayax
Legendary
*
Offline Offline

Activity: 1008


View Profile
January 17, 2015, 12:12:53 PM
 #83

What if your base os is compromised and you use a livecd whilst being offline to store the coins.....can this make you unsafe?


"Even if the manufacturer (https://bitcoin.org/) claims that it runs open-source code, how do you tell whether it is actually running what you compiled?" Verbücheln said.

in other words: MANY developers worldwide are working in their free time to a project, in this case, Bitcoin. That's why it's called OPEN SOURCE.

These developers can put anything they want IN the source code.

Verbücheln: ".... that some pieces of open-source code are so large and complex that even a dedicated community of developers may not detect a malicious addition."
ranochigo
Legendary
*
Offline Offline

Activity: 1232

In the midst of an exam, will be very inactive.


View Profile WWW
January 17, 2015, 12:27:46 PM
 #84

What if your base os is compromised and you use a livecd whilst being offline to store the coins.....can this make you unsafe?


"Even if the manufacturer (https://bitcoin.org/) claims that it runs open-source code, how do you tell whether it is actually running what you compiled?" Verbücheln said.

in other words: MANY developers worldwide are working in their free time to a project, in this case, Bitcoin. That's why it's called OPEN SOURCE.

These developers can put anything they want IN the source code.

Verbücheln: ".... that some pieces of open-source code are so large and complex that even a dedicated community of developers may not detect a malicious addition."

This is pretty much impossible. I believe only selected, trusted and knowledgeable members are able to commit, they probably are reviewed by a lot of people before changes can be committed. It is not possible for anyone to just insert changes without the approval of core developers and those changes are usually fairly small.














 

 

█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
BitBlender 

 













 















 












 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
mayax
Legendary
*
Offline Offline

Activity: 1008


View Profile
January 17, 2015, 05:53:50 PM
 #85

What if your base os is compromised and you use a livecd whilst being offline to store the coins.....can this make you unsafe?


"Even if the manufacturer (https://bitcoin.org/) claims that it runs open-source code, how do you tell whether it is actually running what you compiled?" Verbücheln said.

in other words: MANY developers worldwide are working in their free time to a project, in this case, Bitcoin. That's why it's called OPEN SOURCE.

These developers can put anything they want IN the source code.

Verbücheln: ".... that some pieces of open-source code are so large and complex that even a dedicated community of developers may not detect a malicious addition."

This is pretty much impossible. I believe only selected, trusted and knowledgeable members are able to commit, they probably are reviewed by a lot of people before changes can be committed. It is not possible for anyone to just insert changes without the approval of core developers and those changes are usually fairly small.

Ok. it's good that you are believer. Smiley

Please let tell me the names of those who develop the Bitcoin application and the auditors for it...
MrTeal
Legendary
*
Offline Offline

Activity: 1274


View Profile
January 17, 2015, 08:06:59 PM
 #86

What if your base os is compromised and you use a livecd whilst being offline to store the coins.....can this make you unsafe?


"Even if the manufacturer (https://bitcoin.org/) claims that it runs open-source code, how do you tell whether it is actually running what you compiled?" Verbücheln said.

in other words: MANY developers worldwide are working in their free time to a project, in this case, Bitcoin. That's why it's called OPEN SOURCE.

These developers can put anything they want IN the source code.

Verbücheln: ".... that some pieces of open-source code are so large and complex that even a dedicated community of developers may not detect a malicious addition."

This is pretty much impossible. I believe only selected, trusted and knowledgeable members are able to commit, they probably are reviewed by a lot of people before changes can be committed. It is not possible for anyone to just insert changes without the approval of core developers and those changes are usually fairly small.

Ok. it's good that you are believer. Smiley

Please let tell me the names of those who develop the Bitcoin application and the auditors for it...
https://github.com/bitcoin/bitcoin/graphs/contributors
grendel25
Legendary
*
Offline Offline

Activity: 910



View Profile
January 17, 2015, 08:18:01 PM
 #87

I can think of no money that can't be hacked easily.  Bitcoin may have different risk factors but it can be stolen just as easily as any other money.  It's not security that makes bitcoin better but there are security aspects of bitcoin that other currencies can't enjoy as readily.  But it can all be obfuscated at any time by a myriad of 'forks' bitcoin could take.

mayax
Legendary
*
Offline Offline

Activity: 1008


View Profile
January 17, 2015, 09:47:10 PM
 #88

I can think of no money that can't be hacked easily.  Bitcoin may have different risk factors but it can be stolen just as easily as any other money.  It's not security that makes bitcoin better but there are security aspects of bitcoin that other currencies can't enjoy as readily.  But it can all be obfuscated at any time by a myriad of 'forks' bitcoin could take.

being "open source" is much more vulnerable than any other centralized e-currency.
spazzdla
Legendary
*
Offline Offline

Activity: 1330


View Profile
January 17, 2015, 10:14:11 PM
 #89

Use paper wallets, many of them.  Once you import the private keys from them destroy that wallet.
jonald_fyookball
Legendary
*
Offline Offline

Activity: 1218


Core dev leaves me neg feedback #abuse #political


View Profile
January 17, 2015, 10:38:29 PM
 #90

I can think of no money that can't be hacked easily.  Bitcoin may have different risk factors but it can be stolen just as easily as any other money.  It's not security that makes bitcoin better but there are security aspects of bitcoin that other currencies can't enjoy as readily.  But it can all be obfuscated at any time by a myriad of 'forks' bitcoin could take.

being "open source" is much more vulnerable than any other centralized e-currency.


You could argue that a closed source currency issued by a central
authority couldn't have malicious code sneaked into a release by an
outside party, but the trade off is that you have to trust that
central authority completely...Not only their integrity, but their
resistance to manipulation, attacks,
outside influences, as well as their robustness and longevity.

Recent history has shown that centralized e-currencies are easily
shut down by governments.


rax
Member
**
Offline Offline

Activity: 85


View Profile
January 18, 2015, 12:09:29 AM
 #91

Easily. Because fuck yeah.

tokeweed
Legendary
*
Offline Offline

Activity: 1554


Love, Life and Laughter...


View Profile
January 18, 2015, 12:17:12 AM
 #92

Your funds are not safe neither in "cold storage". Read:

https://www2.informatik.hu-berlin.de/~verbuech/klepto-ecdsa/klepto-ecdsa.pdf  

or

http://www.coindesk.com/research-hackers-install-backdoor-bitcoin-cold-storage/


many of you said "cold storage is the best". well. it is not. that explains many hacks in Bitcoin which some of the bitcoiners considered to be very safe. Smiley

What's next? Mass withdrawals from Bitcoin. What can you do when you KNOW that your cold storage is exposed to be stolen? You must be stupid to keep your earnings there.

Only few people knew about this exploit. Now, any russian or ukrainian kid will try to hack the cold storages and guess what?! THEY WILL DO IT !    Grin


.BitDice.               ▄▄███▄▄
           ▄▄██▀▀ ▄ ▀▀██▄▄
      ▄▄█ ▀▀  ▄▄█████▄▄  ▀▀ █▄▄
  ▄▄██▀▀     ▀▀ █████ ▀▀     ▀▀██▄▄
██▀▀ ▄▄██▀      ▀███▀      ▀██▄▄ ▀▀██
██  ████▄▄       ███       ▄▄████  ██
██  █▀▀████▄▄  ▄█████▄  ▄▄████▀▀█  ██
██  ▀     ▀▀▀███████████▀▀▀     ▀  ██
             ███████████
██  ▄     ▄▄▄███████████▄▄▄     ▄  ██
██  █▄▄████▀▀  ▀█████▀  ▀▀████▄▄█  ██
██  ████▀▀       ███       ▀▀████  ██
██▄▄ ▀▀██▄      ▄███▄      ▄██▀▀ ▄▄██
  ▀▀██▄▄     ▄▄ █████ ▄▄     ▄▄██▀▀
      ▀▀█ ▄▄  ▀▀█████▀▀  ▄▄ █▀▀
           ▀▀██▄▄ ▀ ▄▄██▀▀
               ▀▀███▀▀
        ▄▄███████▄▄
     ▄███████████████▄
    ████▀▀       ▀▀████
   ████▀           ▀████
   ████             ████
   ████ ▄▄▄▄▄▄▄▄▄▄▄ ████
▄█████████████████████████▄
██████████▀▀▀▀▀▀▀██████████
████                   ████
████                   ████
████                   ████
████                   ████
████                   ████
████▄                 ▄████
████████▄▄▄     ▄▄▄████████
  ▀▀▀█████████████████▀▀▀
        ▀▀▀█████▀▀▀
▄▄████████████████████████████████▄▄
██████████████████████████████████████
█████                            █████
█████                            █████
█████                            █████
█████                            █████
█████                     ▄▄▄▄▄▄▄▄▄▄
█████                   ▄█▀▀▀▀▀▀▀▀▀▀█▄
█████                   ██          ██
█████                   ██          ██
█████                   ██          ██
██████████████████▀▀███ ██          ██
 ████████████████▄  ▄██ ██          ██
   ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ██          ██
             ██████████ ██          ██
           ▄███████████ ██████▀▀██████
          █████████████  ▀████▄▄████▀
[/]
rz20
Hero Member
*****
Offline Offline

Activity: 798



View Profile
January 18, 2015, 12:19:39 AM
 #93

If it is so easy why don't you get the funds from primedice or from bitstamp?

                ▄▄████▄▄
            ▄▄███▀▀  ▀▀███▄▄
        ▄▄███▀▀          ▀▀███▄▄
    ▄▄███▀▀                  ▀▀███▄▄
 ▄███▀▀                          ▀▀███▄
██▀        ▄█████▄    ▄▄████▄▄       ▀██
██      ▄▄█▀▀   ▀▀██▄█▀▀▀  ▀▀██▄      ██
██     ██▀          ▀          ██▄    ██
██    ██▀        ▄              ██    ██
██    ███       ███             ██    ██
██▄▄▄▄▄██▄   ▄▄████ ▄█████     ▄█▀    ██
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ▀█▄█▀       ▄██▀     ██
                  ██▀      ▄██▀       ██
             ▄▄▄         ▄██▀         ██
              ▀██▄     ▄██▀           ██
▀██▄▄           ▀██▄ ▄██▀          ▄▄██▀
  ▀▀███▄▄         ▀███▀        ▄▄███▀▀
      ▀▀███▄▄             ▄▄███▀▀
          ▀▀███▄▄      ▄▄███▀▀
              ▀▀██▄▄▄███▀▀
                 ▀▀█▀▀
simplyvital health
██
██
║║║║
║║║║
██
██
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
.
.Powering True Care Coordination.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
██
██
║║║║
║║║║
██
██
██
██
║║║║
║║║║
██
██
██
██
║║║║
║║║║
██
██
SargeR33
Member
**
Offline Offline

Activity: 112

★Bitin.io★ - Instant Exchange


View Profile
January 18, 2015, 12:25:23 AM
 #94

Seems like a load of bull. This is open source, sure people can sneak code into it but it will be picked up. I'm also sure most people here now have found a wallet they trust and tested and will stick to it. I have no reason to swap wallets. I am happy with the wallet I am using and I can trust it and trust the machine I use.

If in doubt, use offline files from paper wallet websites, check the code and generate cold storage that way. If the code is clean, it is impossible for the hacker to obtain any private key since the machine used is offline, there is no leaked data and only you can have this information. Then just transfer your btc to that and store them in a safe.

This is why people don't use BTC. People who don't know what they're doing will probably get stung by a dodgy wallet or website and be deterred from bitcoin forever. Bitcoin is not user friendly.

Flashman
Hero Member
*****
Offline Offline

Activity: 518


Hodl!


View Profile
January 18, 2015, 12:28:35 AM
 #95

being "open source" is much more vulnerable than any other centralized e-currency.

True, coz nobody would put that open source linux shit on teh interwebs servers for same reason  Roll Eyes

TL;DR See Spot run. Run Spot run. .... .... Freelance interweb comedian, for teh lulz >>> 1MqAAR4XkJWfDt367hVTv5SstPZ54Fwse6

Bitcoin Custodian: Keeping BTC away from weak heads since Feb '13, adopter of homeless bitcoins.
Rum152
Full Member
***
Offline Offline

Activity: 147

www.secondstrade.com - 190% return Binary option


View Profile
January 18, 2015, 12:33:09 AM
 #96

I can think of no money that can't be hacked easily.  Bitcoin may have different risk factors but it can be stolen just as easily as any other money.  It's not security that makes bitcoin better but there are security aspects of bitcoin that other currencies can't enjoy as readily.  But it can all be obfuscated at any time by a myriad of 'forks' bitcoin could take.

being "open source" is much more vulnerable than any other centralized e-currency.
This is not true. Having something open source means that many people can and will audit the code to ensure that it is secure. When you have something closed source and centralized you have one central point of failure and do not get this kind of testing - at least not until it is too late

tokeweed
Legendary
*
Offline Offline

Activity: 1554


Love, Life and Laughter...


View Profile
January 18, 2015, 12:35:15 AM
 #97

If it is so easy why don't you get the funds from primedice or from bitstamp?

yup.  or hack satoshi's wallet/s.  duh.

.BitDice.               ▄▄███▄▄
           ▄▄██▀▀ ▄ ▀▀██▄▄
      ▄▄█ ▀▀  ▄▄█████▄▄  ▀▀ █▄▄
  ▄▄██▀▀     ▀▀ █████ ▀▀     ▀▀██▄▄
██▀▀ ▄▄██▀      ▀███▀      ▀██▄▄ ▀▀██
██  ████▄▄       ███       ▄▄████  ██
██  █▀▀████▄▄  ▄█████▄  ▄▄████▀▀█  ██
██  ▀     ▀▀▀███████████▀▀▀     ▀  ██
             ███████████
██  ▄     ▄▄▄███████████▄▄▄     ▄  ██
██  █▄▄████▀▀  ▀█████▀  ▀▀████▄▄█  ██
██  ████▀▀       ███       ▀▀████  ██
██▄▄ ▀▀██▄      ▄███▄      ▄██▀▀ ▄▄██
  ▀▀██▄▄     ▄▄ █████ ▄▄     ▄▄██▀▀
      ▀▀█ ▄▄  ▀▀█████▀▀  ▄▄ █▀▀
           ▀▀██▄▄ ▀ ▄▄██▀▀
               ▀▀███▀▀
        ▄▄███████▄▄
     ▄███████████████▄
    ████▀▀       ▀▀████
   ████▀           ▀████
   ████             ████
   ████ ▄▄▄▄▄▄▄▄▄▄▄ ████
▄█████████████████████████▄
██████████▀▀▀▀▀▀▀██████████
████                   ████
████                   ████
████                   ████
████                   ████
████                   ████
████▄                 ▄████
████████▄▄▄     ▄▄▄████████
  ▀▀▀█████████████████▀▀▀
        ▀▀▀█████▀▀▀
▄▄████████████████████████████████▄▄
██████████████████████████████████████
█████                            █████
█████                            █████
█████                            █████
█████                            █████
█████                     ▄▄▄▄▄▄▄▄▄▄
█████                   ▄█▀▀▀▀▀▀▀▀▀▀█▄
█████                   ██          ██
█████                   ██          ██
█████                   ██          ██
██████████████████▀▀███ ██          ██
 ████████████████▄  ▄██ ██          ██
   ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ██          ██
             ██████████ ██          ██
           ▄███████████ ██████▀▀██████
          █████████████  ▀████▄▄████▀
[/]
RoadStress
Legendary
*
Offline Offline

Activity: 1610


View Profile
January 18, 2015, 12:57:10 AM
 #98

Isn't the ECDSA attack possible only when you re-use addresses? I thought that if you always use new addresses you are immune to this type of attack.

iCEBREAKER is a troll! He and cypherdoc helped HashFast scam 50 Million $ from its customers !
H/w Hosting Directory & Reputation - https://bitcointalk.org/index.php?topic=622998.0
newIndia
Legendary
*
Offline Offline

Activity: 1302


View Profile
January 18, 2015, 01:00:17 AM
 #99

Isn't the ECDSA attack possible only when you re-use addresses? I thought that if you always use new addresses you are immune to this type of attack.

I think, if u keep receiving coins then also you are safe. You need to change, only when you are sending.

smoothie
Legendary
*
Offline Offline

Activity: 2044


LEALANA Monero Physical Silver Coins


View Profile
January 18, 2015, 01:07:45 AM
 #100

OP is obviously not painting a complete picture. Obviously a compromised pc or set of code can be hacked because in essence it is already hacked by it being compromised with a backdoor etc.

Problem with this guy's post is he doesn't paint a clear picture of the security that exists when code that is reviewed by the public (many parties) and how that secures people's funds from a software standpoint.

Better open sourced than closed. But oh let's not bring that up buddy lol

███████████████████████████████████████

            ,╓p@@███████@╗╖,           
        ,p████████████████████N,       
      d█████████████████████████b     
    d██████████████████████████████æ   
  ,████²█████████████████████████████, 
 ,█████  ╙████████████████████╨  █████y
 ██████    `████████████████`    ██████
║██████       Ñ███████████`      ███████
███████         ╩██████Ñ         ███████
███████    ▐▄     ²██╩     a▌    ███████
╢██████    ▐▓█▄          ▄█▓▌    ███████
 ██████    ▐▓▓▓▓▌,     ▄█▓▓▓▌    ██████─
           ▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌          
           ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌          
    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─  
     ²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩    
        ▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀       
           ²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀`          
                   ²²²                 
███████████████████████████████████████

. ★☆ WWW.LEALANA.COM        My PGP fingerprint is A764D833.        SMOOTHIE'S HEALTH AND FITNESS JOURNAL          History of Monero development Visualization ★☆ .
LEALANA  PHYSICAL MONERO COINS 999 FINE SILVER.
 
Pages: « 1 2 3 4 [5] 6 7 8 9 10 11 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!