Topic: ALL of my bitcoins stolen (Around 60) . What the F*CK. - page 4. (Read 16780 times)

But then the virus would have to just wait longer until you type your password. I favor a "secure keypad" that you input your password via mouse clicks. Next question is how to trick viruses that may take screenshots?

Grandma will use mybitcoin.com and never touch a wallet.dat.  The client will never be friendly and secure enough for ordinary folk.  It's not play money for them and they don't want to have to match wits with the best hackers from China, the former Soviet bloc, and Silicon Valley just to buy a goddamn pair of socks.

I was thinking about trying namcecoin. Although I dont find it very interesting compaired to btc. Namecoin is now of my radar completely. Maybe someone could setup a honey pot to try and verify the namecoin cleint or the download mentioned in this tread. Interesting times.

Where is the security? One unencrypted desktop file compromised and, hey presto, your money is gone. This doesn't happen with internet banking.

Even a web client that you install to your own hosting would have been WAY better than a dumb desktop client.

how about we add a few bits and let people do wallet locks?  i think most of us at this time are hoarders who know bitcoisn will be worth 100,000$ per bitcoin one day

a wallet lock is something that only honest users would be interested in imho.. u can use a password to lock/unlock but not to send coins

the fact is.. yeah windows has exploits that pretty much allow hackers at anytime to own your system, they are in the wild before they're even patched and no windows  box is ever totally secure at any given time.. a 0-day hacker can always rape yer bitcoinZ

Is crossposting bad?

http://forum.bitcoin.org/index.php?topic=23085.0

I might look at making a bounty if I can afford one, others could think about adding a bounty too, esp if youve been a victim (I havent, but I want to see bitcoin succeed)

Encrypting the wallet will help, but it doesn't solve the problem. When the BitCoin client is running, it will have decrypted your private keys and they will likely be in the memory of your machine. If you have a virus on your machine, that virus can access memory and get your private keys. Even if the devs of BitCoin work real hard and keep your keys encrypted when in memory, at some point they have be decrypted so they can be used. They may only be in memory or machine registers for a few milliseconds, but if you have a smart enough virus, your keys (and your BTC) will be compromised.

Encryption will help when the Bitcoin client is not running and it will protect you against an attack against your backups or other offline copies of your data.

It is essential for security (and the safekeeping of your BTC) that you keep your machine virus and malware free. If you can get to your money on your machine, so can a virus.

There is lots of good advice out there on how to keep your machine virus free, but the basics are to keep your machine patched, use antivirus, and never, ever, under any circumstances, access the Internet when you are logged in with administrative, root, or any other kind of elevated privileges.

In the Windows world turn on auto updates and let them run every day. Use a current, supported version of windows (that means Windows 7, not XP.) The anti-virus software the Microsoft gives out for free is solid - there is no excuse to not have anti-virus protection. Make sure your login account is not an "administrator". Only log in as an administrator when you want to install software.

In the Linux world, make sure you apply security packages from your distribution frequently. Don't run as root.

I don't post this to taunt or scold the OP, just to provide advice to prevent it happening to others.

There is security in bitcoin, but it has to be YOU! Don't count on security by default...

I've been thinking and I've come to the conclusion that Satoshi and the dev team should have never released a bitcoin client for windows!!!

Then right now we'd all be a bunch of Linux geeks enjoying our geeky little currency and nobody would've had the opportunity to steal from us. Later on maybe once the security of the default client is vastly improved, then and only then release a windows version. Just my 2 cents.

 
Let me just put it this way. BTC was a system designed by coders for coders. It was meant to be an interesting experiment. I don't think the "elders of bitcoin" foresaw that it would grow into what it is today. They were caught off-guard.

Oh here we go..attack of the Linux nerds!

OMG OMG the default bitcoin cleint's security sucks..OMG unencrypted wallet.dat is such a good idea!

Anyways, this is the standard response most of you give...so yeah..moving on.

Encryption cannot protect wallets in use, because your legitimate client has to decrypt it anyway. Encryption is good for backups only.