Topic: Can Bitcoin be hacked and what will be the result if it happens? (Read 2652 times)

Yea. Wee still passing the buck, though. "Developed weren't strungent". YaDa yada yada. Point being that random numbers are only as random as the computer has random inputs; virtual machines are terrible entropy wise.

Yes, implemented correctly, Bitcoin is very strong. But an attaxker wnt attack the strongest point, they'll attack the weakest; I'd wager that any implementation running on a VM is going to have a lot more potential vulnerabilities, whether it's memory dumps or recreating the pool of entropy sources in order to "back into" the private keys.

That goes for services running in VM's, VMs that people create as pseudo cold storage devices or even (and ill have to read up more) keys generated on Tails live Cd's now that electrum is included.

It's easy to look at the reference white papers and say "implemented correctly, Bitcoin is as close to 100% secure as is possible", but know that no attacker will attack the strongest point. We need to review examine and discuss all of the weakest links and see how vulnerable those point are, and bring those to peoples attention so they know to avoid those.

The android RNG flaw for example; everyone assumed that Googke wouldn't release shoddy code like that, so android was trusted, people only looked above that later, it was inly after a lot of coins went missing that people realized that the platform itself was the problem.

I think this is a pretty good summary.  Sites like directory.io, which creep me out even though it has been discredited, suggests there's some potential issues that we haven't seen yet.  But overall Bitcoin is pretty solid.

Cryptographically secure random numbers are used in a wide variety of computer security systems.  It really isn't rocket science to do it correctly.  The developers in question simply didn't do their job correctly.  If you'd like to be even more stringent, there are several deterministic wallet solutions that use real-world (physical) entropy for the random seed.  

Bitcoin within itself cannot be hacked, theoretically yes, practically no. What can be hacked tho, is people's computer if they don't take care of it. That's how Bitcoins get stolen. The system itself is bulletproof.

I understand a lot of things. Like that public key encryption depends on random number generators. And that random number generators can either be hardware or in software. A VM, without a paravirtualized driver to access a hardware RNG, needs to depend on a software RNG. And entropy can be a real issue for virtual machines.

Your video explains how secure bitcoin can be by virtue of the large keyspace, where a random number generator helps you generate a key from anywhere within that keyspace. But it doesn't address my question, where keys are generated on a platform that might not have access to true random numbers.

From: http://log.amitshah.net/2013/01/about-random-numbers-and-virtual-machines/


Weak random numbers were the cause of the thefts from Android generated wallets a couple of years ago. And it sounds like there are still issue with generating random numbers in virtual machines.

My question is still open.

Nope. Cryptocurrencies can. Bitcoin — just first and so far most popular and "big" product of technology with its own strengths and weaknesses

Thats why I always say to trust only your self with your Bitcoin, its only a matter of time till Coinbase or Circle gets hacked.

the protocol itself is pretty safe

all the third parties running on it, not so much

The generation of a private key is not related with the "machine" itself, so also if you can recrete that exact instance you will not be able to get that "key" a second time. I hope you have seen this video :

- https://www.youtube.com/watch?v=ZloHVKk7DHk

I think you will understand a lot of things.

Is the 51% attack where someone gains control over most of the network? How would that work

For attacking any given key, you needs far far far more time than 100 years. If it was just 100 years, with moores law doubling power every 2, Youd probably only be looking at 10 or 12 years tops (I know the math isn't difficult, I'm just on my phone not bothering to look it up).

I've been curious about the effort to attack a private key that was generated in a controlled environment that you can recreate; say if a key was generated in a VM, if one recreated that VM in its entirety, platform, OS, any serial numbers, MAC address, system time, etc, would that shorten the time taken to attack a private key? Like, what sources does a VM have or use for generating random numbers, since everything, even hardware RNGs is then virtualized.

Can anyone give insight on that?

So it is safe with sha256 algorithm, good, but I'm sure many people are working towards trying to hack it, many things what people thought impossible when later people achieved by finding simple solutions, I think it is just a matter of when and I think it will rarely ever happen during our life times 

You shouldnt care so much about bitcoin hacked but about your smartphone or notebook hacked. It contains your wallet most probably and if a hacker could get into your computer then he might be able to steal from you. Thats why solutions like armory exist where you can hold your wallet away from internet.

If you have your coins in an online wallet website then you have risks of they stealing it or hackers stealing from the website.

While im at it... make backups of your wallet. You dont want to wake up, finding that your harddisc is broken and that you lost your coins on the way.

If the actual developers take the wrong path that nobody accepts, we can fork Bitcoin.
Remember that its the people that chooses or not to upgrade their clients and daemons to the new release.

The bitcoin code is hacked every day and the result is some new shitcoin. Yes, it can be hacked and is hacked all the time but there is no successful exploit.

Yes of course, if someone will break the sha256 algorithm I am sure the first target will be the bank system and not the bitcoin. Most people will think that the actual banks are safe but they are wrong.

This is a serious understatement. Are you trying to do this on purpose or is it the lack knowledge?


Exactly. Everything can be hacked. If we stood united during/after the hack we would easily recover. The development would definitely speed up.

There is no way for you to find out the private key just by knowing the public key but you can certainly brute force. However the probability using this method to find a private key that actually holds bitcoin is low. To hack the network you will need considerable hash rate to do so, thus overall in general very much unlikely.

Lots of service depends on SHA256 algorithm, if it was hacked, the effect is not only for bitcoin.

There are no 100% secure system. However hacking bitcoin needs munch more effort then the value you can get in return.