Can blockchain steal our bitcoins? | Bitcointalksearch.org

Outlander

legendary

Activity: 1218

Merit: 1000

Quote from: BitMaxz on December 25, 2015, 06:32:14 PM

No it will not steal your bitcoins even a decades but if your account password get by stealers or hacker
your account will be hack and your bitcoins will gone. So place your private key to your brain or some folder with lock
Your wallet will be secured..

You are not reading the posts.

Quote from: DarkStar_ on December 25, 2015, 05:00:05 PM

Did you even read the previous posts?
Blockchain.info relies on javascript in your browser to decrypt your wallet.
Most users (probably 99.999%) don't check the javascript for blockchain everytime they log in.
And for the users that do it, they probably are so security conscious they wouldn't use an online wallet in the first place.
What you said is true though other than the No they can't.
Blockchain encrypts your keys so they can't read them, but they can easily change the javascript and send the password to their server. Then they can decrypt it there.

Blockchain.info wouldn't do that otherwise their reputation will be ruined. No one will use their wallet. The previous flaws detected in blockchain.info was code bugs, which was explored by the hackers.

BitMaxz

legendary

Activity: 3374

Merit: 3095

Playbet.io - Crypto Casino and Sportsbook

No it will not steal your bitcoins even a decades but if your account password get by stealers or hacker
your account will be hack and your bitcoins will gone. So place your private key to your brain or some folder with lock
Your wallet will be secured..

DarkStar_

legendary

Activity: 2772

Merit: 3284

Quote from: BTCBinary on December 25, 2015, 02:29:03 PM

No they can't. Blockchain.info provides the customer an online wallet but the customer is always the one who as full control over the wallet and the only one with access to the secret key.

Did you even read the previous posts?
Blockchain.info relies on javascript in your browser to decrypt your wallet.
Most users (probably 99.999%) don't check the javascript for blockchain everytime they log in.
And for the users that do it, they probably are so security conscious they wouldn't use an online wallet in the first place.
What you said is true though other than the No they can't.
Blockchain encrypts your keys so they can't read them, but they can easily change the javascript and send the password to their server. Then they can decrypt it there.

BTCBinary

hero member

Activity: 504

Merit: 500

No they can't. Blockchain.info provides the customer an online wallet but the customer is always the one who as full control over the wallet and the only one with access to the secret key.

Amadues

hero member

Activity: 924

Merit: 1001

Quote from: Curious8 on December 23, 2015, 12:29:43 PM

Is Blockchain.info safe ? for 15 BTC + ?

Can you edit the subject because it's correct "Can blockchain.info steal our bitcoins?"

By the way I think they don't have any earning from this.

twister

hero member

Activity: 672

Merit: 502

Quote from: bitcoinmar on December 25, 2015, 11:26:38 AM

If you are using this all as correctly and controlling your Private keys then they cannot steal your bitcoins I am in this field for 3 years and I never have any issue like this so its very safe to work with them

I think they can if they wanted to, they do say that they don't know the keys and that they're generated completely on the user side but I don't believe that. And they did somethings wrong before which got them removed from the "Choose your Wallet" list, so that should be enough to make people understand to not use their wallet or if they must, just keep as minimal funds there as possible.

bitcoinmar

hero member

Activity: 812

Merit: 500

If you are using this all as correctly and controlling your Private keys then they cannot steal your bitcoins I am in this field for 3 years and I never have any issue like this so its very safe to work with them

Patatas

legendary

Activity: 1750

Merit: 1115

Providing AI/ChatGpt Services - PM!

Yeah obviously man! Haven't you seen their stats page ? They have more than 10 btc transferred like every minute I guess.I have been using blockchain for about a while now and never had any issues with them except the technical issues they keep on having during their updates .

HarryKPeters

hero member

Activity: 896

Merit: 1000

Live Stars - Adult Streaming Platform

Quote from: Amph on December 24, 2015, 07:33:29 AM

there were some holes in the past but many of them are fixed, now, what can really steal your coins is a infected computer, nothing else

so remember that when your coins has been stolen, it was 100% your fault if use a local wallet, and let's say 50/50 if you use a web wallet...

With those knowledge I can only advice to use your webwallet for small and fast transaction.
Your offline wallet should be used to store large amounts of bitcoin.
Remember to back it up every week or so.

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: pedrog on December 24, 2015, 06:17:28 AM

Quote from: DarkStar_ on December 23, 2015, 03:35:11 PM

Quote from: pedrog on December 23, 2015, 12:44:16 PM

Are you referring to blockchain.info?

If so, no, they can't.

They can easily feed you malicious javascript when you are logging in so your password goes to them instead of decrypting it in your browser.
So, yes, they could.

In that case, any wallet provider can do that, including Bitcoin Core.

Yes. HOWEVER, Blockchain.info is an online wallet. It downloads resources from a third party source. Unless you audit the code every single time you try to log in, there is no sure way. Bitcoin Core on the contrary, requires users to download the malicious code in order for them to steal the Bitcoins.

There is another possibility however. Unless you are using a strong password, they can easily bruteforce your wallet backup based on a dictionary wordlist. I'm not sure of the encryption used, that is a problem if its weak.

That being said, Blockchain.info being an online wallet can also:
Weaken the RNG such that private keys are predictable[1][2]

[1] https://blog.blockchain.com/2014/12/08/blockchain-info-security-disclosure/
[2] http://arstechnica.com/security/2015/05/crypto-flaws-in-blockchain-android-app-sent-bitcoins-to-the-wrong-address/

Curious8

full member

Activity: 215

Merit: 100

im going to read you comments now

pedrog

legendary

Activity: 2786

Merit: 1031

Quote from: ab8989 on December 24, 2015, 06:50:33 AM

Quote from: pedrog on December 24, 2015, 06:17:28 AM

Quote from: DarkStar_ on December 23, 2015, 03:35:11 PM

Quote from: pedrog on December 23, 2015, 12:44:16 PM

Are you referring to blockchain.info?

If so, no, they can't.

They can easily feed you malicious javascript when you are logging in so your password goes to them instead of decrypting it in your browser.
So, yes, they could.

In that case, any wallet provider can do that, including Bitcoin Core.

Yes. However there is an additional question.
Can they get away with it with nobody being able to prove they did it and have 1000 users even proving that they did not do it?
And is it possible that only one possibly some shop floor level server operator can do the stealing with nobody else even some higher up from the company knowing about the theft and who did it.

For an online wallet the answer is yes, trivially.
All they need to do is for one time feed the malicious javascript to one user only which they have selected to be the one they want to steal from. The probability that everybody inspects their javascript EVERY TIME they use the online wallet is just ridiculous.
Clean up the server and nobody knows what happened with no proof available to anybody and blame a keylogger in the victims computer.
Have 1000 users inspecting THEIR javascript to "prove" that the javacsript from the company is safe with no backdoors.
Has that happened already? You betcha.

For bitcoin core the answer is no.
The proof about the malicious code remains out there forever and traces about who put it in there.

Again, in that case any wallet can be used, including Bitcoin Core.

notaek

legendary

Activity: 1268

Merit: 1009

Quote from: Curious8 on December 23, 2015, 12:29:43 PM

For running bitcoin casino for example, what is the best way to keep your funds safe?

In this case, you can chose your preferred wallet after studying the various security measures it can enhance while keeping your funds safe.

One pro-tip for running a Bitcoin casino; use two different wallets, one as a cold wallet for reserving 70-75% of your bankroll and another one as a hot wallet for running your games.

robelneo

legendary

Activity: 3416

Merit: 1225

I doubt if they can do that you own the key to that it goes up on how you manage that properly I have read that many people lost their bitcoin but not because of blockchain but because of their negligence you can do a cold storage if you want to really keep your bitcoin in a very safe place

Amph

legendary

Activity: 3248

Merit: 1070

there were some holes in the past but many of them are fixed, now, what can really steal your coins is a infected computer, nothing else

so remember that when your coins has been stolen, it was 100% your fault if use a local wallet, and let's say 50/50 if you use a web wallet...

HarryKPeters

hero member

Activity: 896

Merit: 1000

Live Stars - Adult Streaming Platform

Quote from: pedrog on December 24, 2015, 06:17:28 AM

Quote from: DarkStar_ on December 23, 2015, 03:35:11 PM

Quote from: pedrog on December 23, 2015, 12:44:16 PM

Are you referring to blockchain.info?

If so, no, they can't.

They can easily feed you malicious javascript when you are logging in so your password goes to them instead of decrypting it in your browser.
So, yes, they could.

In that case, any wallet provider can do that, including Bitcoin Core.

With bitcon core it would be very hard. So many geeks are using those wallets, scanning them etc. etc. theyr suprise back door or virus will be hot news within a few hours.
Blockchain.info is 'watched' by far less many geeks. But I don't expect them to do something like that.

However, i never hold more then 1 BTC with either blockchain or coinbase.

ab8989

full member

Activity: 209

Merit: 101

FUTURE OF CRYPTO IS HERE!

Quote from: pedrog on December 24, 2015, 06:17:28 AM

Quote from: DarkStar_ on December 23, 2015, 03:35:11 PM

Quote from: pedrog on December 23, 2015, 12:44:16 PM

Are you referring to blockchain.info?

If so, no, they can't.

They can easily feed you malicious javascript when you are logging in so your password goes to them instead of decrypting it in your browser.
So, yes, they could.

In that case, any wallet provider can do that, including Bitcoin Core.

Yes. However there is an additional question.
Can they get away with it with nobody being able to prove they did it and have 1000 users even proving that they did not do it?
And is it possible that only one possibly some shop floor level server operator can do the stealing with nobody else even some higher up from the company knowing about the theft and who did it.

For an online wallet the answer is yes, trivially.
All they need to do is for one time feed the malicious javascript to one user only which they have selected to be the one they want to steal from. The probability that everybody inspects their javascript EVERY TIME they use the online wallet is just ridiculous.
Clean up the server and nobody knows what happened with no proof available to anybody and blame a keylogger in the victims computer.
Have 1000 users inspecting THEIR javascript to "prove" that the javacsript from the company is safe with no backdoors.
Has that happened already? You betcha.

For bitcoin core the answer is no.
The proof about the malicious code remains out there forever and traces about who put it in there.

pedrog

legendary

Activity: 2786

Merit: 1031

Quote from: DarkStar_ on December 23, 2015, 03:35:11 PM

Quote from: pedrog on December 23, 2015, 12:44:16 PM

Are you referring to blockchain.info?

If so, no, they can't.

They can easily feed you malicious javascript when you are logging in so your password goes to them instead of decrypting it in your browser.
So, yes, they could.

In that case, any wallet provider can do that, including Bitcoin Core.

~Bitcoin~

legendary

Activity: 994

Merit: 1000

No if you are referring to blockchain.info they are safe and secure till now and i don't think they will steal in future too.
If you feel unsecure make cold storage address on blockchain.info and put all of the coins there, don't forget to print out the cold wallet paper you get there as .pdf file.

bitbaby

hero member

Activity: 812

Merit: 1000

Quote from: DarkStar_ on December 23, 2015, 03:35:11 PM

Quote from: pedrog on December 23, 2015, 12:44:16 PM

Are you referring to blockchain.info?

If so, no, they can't.

They can easily feed you malicious javascript when you are logging in so your password goes to them instead of decrypting it in your browser.
So, yes, they could.

^This. They haven't until now (or maybe they have?) does not mean that it safe or that they can't/wont in future. If you must use blockchain.info's wallet then just use it for petty cash for day to day activities, if you use it for larger amount of funds then you're just asking to get robbed and it might happen one day.

Topic: Can blockchain steal our bitcoins? (Read 1466 times)