Topic: Bitcoin cold storage - HACKED easily - page 6. (Read 12634 times)
Well, nothing is absolutely safe.
OP is obviously not painting a complete picture.
Well to be fair, he has neither a full set of paints, nor all the bristles still in his brush.
OP is obviously not painting a complete picture. Obviously a compromised pc or set of code can be hacked because in essence it is already hacked by it being compromised with a backdoor etc.
Problem with this guy's post is he doesn't paint a clear picture of the security that exists when code that is reviewed by the public (many parties) and how that secures people's funds from a software standpoint.
Better open sourced than closed. But oh let's not bring that up buddy lol
Problem with this guy's post is he doesn't paint a clear picture of the security that exists when code that is reviewed by the public (many parties) and how that secures people's funds from a software standpoint.
Better open sourced than closed. But oh let's not bring that up buddy lol
Isn't the ECDSA attack possible only when you re-use addresses? I thought that if you always use new addresses you are immune to this type of attack.
I think, if u keep receiving coins then also you are safe. You need to change, only when you are sending.
Isn't the ECDSA attack possible only when you re-use addresses? I thought that if you always use new addresses you are immune to this type of attack.
If it is so easy why don't you get the funds from primedice or from bitstamp?
yup. or hack satoshi's wallet/s. duh.
I can think of no money that can't be hacked easily. Bitcoin may have different risk factors but it can be stolen just as easily as any other money. It's not security that makes bitcoin better but there are security aspects of bitcoin that other currencies can't enjoy as readily. But it can all be obfuscated at any time by a myriad of 'forks' bitcoin could take.
being "open source" is much more vulnerable than any other centralized e-currency.
being "open source" is much more vulnerable than any other centralized e-currency.
True, coz nobody would put that open source linux shit on teh interwebs servers for same reason
Seems like a load of bull. This is open source, sure people can sneak code into it but it will be picked up. I'm also sure most people here now have found a wallet they trust and tested and will stick to it. I have no reason to swap wallets. I am happy with the wallet I am using and I can trust it and trust the machine I use.
If in doubt, use offline files from paper wallet websites, check the code and generate cold storage that way. If the code is clean, it is impossible for the hacker to obtain any private key since the machine used is offline, there is no leaked data and only you can have this information. Then just transfer your btc to that and store them in a safe.
This is why people don't use BTC. People who don't know what they're doing will probably get stung by a dodgy wallet or website and be deterred from bitcoin forever. Bitcoin is not user friendly.
If in doubt, use offline files from paper wallet websites, check the code and generate cold storage that way. If the code is clean, it is impossible for the hacker to obtain any private key since the machine used is offline, there is no leaked data and only you can have this information. Then just transfer your btc to that and store them in a safe.
This is why people don't use BTC. People who don't know what they're doing will probably get stung by a dodgy wallet or website and be deterred from bitcoin forever. Bitcoin is not user friendly.
If it is so easy why don't you get the funds from primedice or from bitstamp?
Your funds are not safe neither in "cold storage". Read:
https://www2.informatik.hu-berlin.de/~verbuech/klepto-ecdsa/klepto-ecdsa.pdf
or
http://www.coindesk.com/research-hackers-install-backdoor-bitcoin-cold-storage/
many of you said "cold storage is the best". well. it is not. that explains many hacks in Bitcoin which some of the bitcoiners considered to be very safe.
What's next? Mass withdrawals from Bitcoin. What can you do when you KNOW that your cold storage is exposed to be stolen? You must be stupid to keep your earnings there.
Only few people knew about this exploit. Now, any russian or ukrainian kid will try to hack the cold storages and guess what?! THEY WILL DO IT !
https://www2.informatik.hu-berlin.de/~verbuech/klepto-ecdsa/klepto-ecdsa.pdf
or
http://www.coindesk.com/research-hackers-install-backdoor-bitcoin-cold-storage/
many of you said "cold storage is the best". well. it is not. that explains many hacks in Bitcoin which some of the bitcoiners considered to be very safe.
What's next? Mass withdrawals from Bitcoin. What can you do when you KNOW that your cold storage is exposed to be stolen? You must be stupid to keep your earnings there.
Only few people knew about this exploit. Now, any russian or ukrainian kid will try to hack the cold storages and guess what?! THEY WILL DO IT !
Easily. Because fuck yeah.
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
I can think of no money that can't be hacked easily. Bitcoin may have different risk factors but it can be stolen just as easily as any other money. It's not security that makes bitcoin better but there are security aspects of bitcoin that other currencies can't enjoy as readily. But it can all be obfuscated at any time by a myriad of 'forks' bitcoin could take.
being "open source" is much more vulnerable than any other centralized e-currency.
You could argue that a closed source currency issued by a central
authority couldn't have malicious code sneaked into a release by an
outside party, but the trade off is that you have to trust that
central authority completely...Not only their integrity, but their
resistance to manipulation, attacks,
outside influences, as well as their robustness and longevity.
Recent history has shown that centralized e-currencies are easily
shut down by governments.
Use paper wallets, many of them. Once you import the private keys from them destroy that wallet.
I can think of no money that can't be hacked easily. Bitcoin may have different risk factors but it can be stolen just as easily as any other money. It's not security that makes bitcoin better but there are security aspects of bitcoin that other currencies can't enjoy as readily. But it can all be obfuscated at any time by a myriad of 'forks' bitcoin could take.
being "open source" is much more vulnerable than any other centralized e-currency.
I can think of no money that can't be hacked easily. Bitcoin may have different risk factors but it can be stolen just as easily as any other money. It's not security that makes bitcoin better but there are security aspects of bitcoin that other currencies can't enjoy as readily. But it can all be obfuscated at any time by a myriad of 'forks' bitcoin could take.
What if your base os is compromised and you use a livecd whilst being offline to store the coins.....can this make you unsafe?
"Even if the manufacturer (https://bitcoin.org/) claims that it runs open-source code, how do you tell whether it is actually running what you compiled?" Verbücheln said.
in other words: MANY developers worldwide are working in their free time to a project, in this case, Bitcoin. That's why it's called OPEN SOURCE.
These developers can put anything they want IN the source code.
Verbücheln: ".... that some pieces of open-source code are so large and complex that even a dedicated community of developers may not detect a malicious addition."
Ok. it's good that you are believer.
Please let tell me the names of those who develop the Bitcoin application and the auditors for it...
What if your base os is compromised and you use a livecd whilst being offline to store the coins.....can this make you unsafe?
"Even if the manufacturer (https://bitcoin.org/) claims that it runs open-source code, how do you tell whether it is actually running what you compiled?" Verbücheln said.
in other words: MANY developers worldwide are working in their free time to a project, in this case, Bitcoin. That's why it's called OPEN SOURCE.
These developers can put anything they want IN the source code.
Verbücheln: ".... that some pieces of open-source code are so large and complex that even a dedicated community of developers may not detect a malicious addition."
Ok. it's good that you are believer.
Please let tell me the names of those who develop the Bitcoin application and the auditors for it...
What if your base os is compromised and you use a livecd whilst being offline to store the coins.....can this make you unsafe?
"Even if the manufacturer (https://bitcoin.org/) claims that it runs open-source code, how do you tell whether it is actually running what you compiled?" Verbücheln said.
in other words: MANY developers worldwide are working in their free time to a project, in this case, Bitcoin. That's why it's called OPEN SOURCE.
These developers can put anything they want IN the source code.
Verbücheln: ".... that some pieces of open-source code are so large and complex that even a dedicated community of developers may not detect a malicious addition."
What if your base os is compromised and you use a livecd whilst being offline to store the coins.....can this make you unsafe?
"Even if the manufacturer (https://bitcoin.org/) claims that it runs open-source code, how do you tell whether it is actually running what you compiled?" Verbücheln said.
in other words: MANY developers worldwide are working in their free time to a project, in this case, Bitcoin. That's why it's called OPEN SOURCE.
These developers can put anything they want IN the source code.
Verbücheln: ".... that some pieces of open-source code are so large and complex that even a dedicated community of developers may not detect a malicious addition."
Jump to: