Topic: 2012-12-19 archive.org - My adventure in donating bitcoins to the Internet Archi (Read 1526 times)

It doesn't need to be that complex... the virus could just send the encrypted file to the attacker, patiently waits for the user to start his client and from this point on log everything the user types and send it to the attacker. The attacker could manually look for the password, it shouldn't be that hard I guess.

But anyway, yes, it adds complexity.

I'm pretty sure most people don't even see the clients link on the page, since the links for bitcoin-qt downloads are so obvious (I recently met a guy that had a good understanding of bitcoin but had no idea clients apart from bitcoin-qt even existed). Just replacing those with the link to the clients page would help a lot, I think. Judging by how many threads there are in the newbie section about users not understanding blockchain sync, I think this is long overdue. And honestly, bitcoin-qt should probably not be the clients bitcoin newcomers should be using.

Well, security is about raising the bar. If you assume all attackers have infinite skill and time then yes, it's purposeless. In practice the perfect crime is quite rare.

Encryption at rest is good enough to change wallet stealing from "read a file at a well known path and post it to a web server" to "install and run a background app that the user won't notice, and which can inject itself into the Bitcoin process, find the encryption handling code and then intercept the passphrase, and then hope the user unlocks their wallet before the virus is discovered and added to AV signature lists" ... which is a much harder programming problem. Novices can tackle the first. The latter needs more experienced people. Those people are, in turn, more likely to have well paying jobs in the white market that aren't worth risking for an uncertain payoff and possible jail time.

Real two-factor coins are even better of course. That's why Gavin is pursuing it as one of his main goals. The payment protocol work is an important first step.

Meh, wallet encryption is purposeless against trojans, the only protection it may offer is against an attacker with physical access to your computer, like a dishonest roommate or something. And if you use ubuntu, your home dir may be encrypted natively, so wallet encryption becomes more of a placebo feature than anything.


Nice.

Hadn't noticed that welcome addition to the bitcoin.org site .... note those are all GUI clients ... why is bitcoind CLI client not listed there I wonder?

bitcoinj doesn't currently support encrypted wallets. It's being worked on by Jim but isn't there yet. Also it has a few important missing features in other areas - for instance, no compressed pubkeys and a missing fee calculation algorithm.

I'm hopeful that we can get bcj to the point where I'll be unconditionally recommending it for end users some time by EOQ1.

BitcoinJ with its SVP model certainly ticks performance, privacy and decentralization boxes, at least when compared to alternatives. The only box you mention where some doubt could remain is "security"... since you're the lead developer of BitcoinJ, I must say this last comment of yours sounded suspicious... you don't trust BitcoinJ's security?

Er, no, that's not the lesson. The lesson is if you deal with financial institutions you have to ID verify. Also - US banks suck.

The reason Mt Gox is doing this isn't just AML/KYC, it's also to handle phished bank accounts that try to cash out via Bitcoin. This is a much bigger deal for inbound wires from US banks because US banking security is piss poor and fraudulent wire transfers are a bigger problem there. We have seen multiple times what happens if that isn't done - the exchange accounts get blacklisted by the banks and they'll refuse to process wires to them (see: InterSango), which is an even bigger fail than requiring ID verification.

When I have interacted with Mt Gox I didn't have any of these problems because

a) UBS has good security around wire transfers (you sign the destination IBAN with a dedicated hardware device)
b) UBS knows how to wire money to other countries without doing currency exchange in the process

ie, my bank does not suck. Neither of these things are exactly rocket science, but many US banks can't handle it.

So while the blog post is painful to read, I'm glad Mt Gox has these policies in place. The problems he's having with wiring money to Mt Gox are problems he'd have with any form of online currency exchange, it's not unique to Bitcoin.

The issue with which client to recommend is of course well discussed already. The sad fact is there are no "good" clients right now that tick every box we might wish to have (security, performance, privacy, decentralization, etc). It will get resolved with time.

The "part 2" problem could be "solved" if bitcoin.org did not link directly to bitcoin-qt.

Before downloading bitcoin-qt, everybody should be exposed to the fact that it will download the entire transaction history, and index it locally, what's a very costly operation. People should be prevented that, if they want to avoid that, they can download a lightweight client like MultiBit or Electrum.

What I mean is that I think the direct links on bitcoin.org should be removed and everybody should have to pass through this page (or an equivalent) before downloading anything.

This is a smart man. At least he learnt something with it:

Posted in another thread:

Agreed, Mt. Gox is a big FU in many ways ... let's not revisit that. He should have gone localbitcoins.com (or similar) for the "full" off-the-grid bitcoin experience.

I found this comment interesting for its insight into psychology of a noob ...

and in a way he is correct. He has joined a club, of people that are technically competent enough to set themselves up as their own banks.

Lets see if he can hang onto his monies ... 

Fascinating to see the damage MtGox is doing themselves by the way they communicate(or rather - fail to) their AML procedures.


Surprisingly the author still maintains an upbeat tone after this rigmarole... Ah well, we all know there is a fair way to go in terms of convenience/usability.