Author

Topic: Braincontrol (Read 1154 times)

full member
Activity: 150
Merit: 100
February 24, 2014, 12:45:20 AM
#5
Accordong the  befuddled's comment  this wallet for me doesn't seem to be good one. Maybe in future the siruation will change
hero member
Activity: 536
Merit: 500
February 18, 2014, 03:45:31 AM
#4
too bad i cannot use braincontrol anymore.
member
Activity: 73
Merit: 10
February 09, 2014, 06:30:45 PM
#3
I just came here to post about this. I think it is brilliant.

Technically, it's a small step in that it's a twist on the brain wallet. The private keys are not stored anywhere. And yet it's so easy to use and almost foolproof.

In principle I guess it could be vulnerable to a key logger, except that entering the pin is done in the manner of clicking on buttons. I don't know if that's enough to defeat all possible key loggers or not. And the logger would have to be there when the salt is first typed in.

I'm a bit worried that if the particular website that hosts the html5 app goes away (braincontrol.me at the moment), then it would be a bit more work to get the coins back. You have to run the html5 app from the same URL as when you transferred the coins in, since the url is used to create the private key:



Not that you couldn't create your own script that hard codes the URL that was used when you transferred the coins in, so as to create the private keys when all the other factors are known.

To me this is starting to look like the secure storage your grandmother could use. Or maybe someone more knowledgable could point out what I'm missing.

Edit: Having read the Reddit thread, I see someone pointed out an obvious vulnerability that didn't occur to me. You have to trust that the html/javascript isn't malicious because it could record/compromise your private key. Doh. Not saying the website creator would do so, but the site could be hacked, obviously.

Maybe what we need is a browser plug-in that performs a checksum/signing on all html and javascript that gets executed so you can see if it changes. Though that might require some independent (trusted) agent to determine that the code is safe at time of signing.



legendary
Activity: 2212
Merit: 1199
February 09, 2014, 05:42:53 PM
#2
Just found this by following Reddit braincontrol.me

This wallet looks pretty cool and judges Apples stupid to what it is - stupid and senseless.
Very nice.

I hope this project will give a wallet to iphone users.
Apple sux this a lot
sr. member
Activity: 437
Merit: 255
February 09, 2014, 05:39:33 PM
#1
Just found this by following Reddit braincontrol.me

This wallet looks pretty cool and judges Apple's Bitcoin ban to what it is - stupid and senseless.
Jump to: