Author

Topic: Electrum LITECOIN wallet vulnerability (Read 147 times)

legendary
Activity: 1358
Merit: 1014
January 08, 2018, 11:03:55 AM
#6
Keeping an Electrum Litecoin wallet on a VM won't mitigate this vulnerability. The only 100% safe way to mitigate it is to keep your wallet offline until you can upgrade to an updated version.

This was a more general remark, not particular about this specific Electrum vulnerability.

Keeping things separated on (properly protected) VMs can mitigate some attack surface and potentially avoid issues compared to keeping all your wallets on the same host. Of course with Spectre+Meltdown everything is up in the air currently in regards to securing things. Best is to keep very important stuff offline, if possible, I guess.

There are exploits that could escape the security that a virtual machine could bring, there is no such thing as complete isolation unless you are using an airgapped computer physically removing wifi cards and anything else.

Specte+Meltdown is insane and proves all computers are compromised by default... generation of private keys in completely offline computer was always the only way to keep your bread safe.
newbie
Activity: 58
Merit: 0
January 08, 2018, 10:58:22 AM
#5
Keeping an Electrum Litecoin wallet on a VM won't mitigate this vulnerability. The only 100% safe way to mitigate it is to keep your wallet offline until you can upgrade to an updated version.

This was a more general remark, not particular about this specific Electrum vulnerability.

Keeping things separated on (properly protected) VMs can mitigate some attack surface and potentially avoid issues compared to keeping all your wallets on the same host. Of course with Spectre+Meltdown everything is up in the air currently in regards to securing things. Best is to keep very important stuff offline, if possible, I guess.
sr. member
Activity: 266
Merit: 251
January 07, 2018, 11:43:07 AM
#4
This is serious. I wonder what other vulnerabilities lurk in all those source codes of the various altcoin forks. I keep my stuff on separate VMs already to mitigate some attack surface.

Keeping an Electrum Litecoin wallet on a VM won't mitigate this vulnerability. The only 100% safe way to mitigate it is to keep your wallet offline until you can upgrade to an updated version.
member
Activity: 69
Merit: 10
January 07, 2018, 11:27:16 AM
#3
i hope my exchanger can update it soon
i dont save my coin on hardware wallet, everything in exchanger
too bad if something happen with them, but i'm sure bittrex, hitbtc, cryptopia can handle this issue sooner
if not, i must withdraw all of them immediately
newbie
Activity: 58
Merit: 0
January 07, 2018, 11:23:44 AM
#2
This is serious. I wonder what other vulnerabilities lurk in all those source codes of the various altcoin forks. I keep my stuff on separate VMs already to mitigate some attack surface.
member
Activity: 84
Merit: 10
January 07, 2018, 11:14:47 AM
#1
Just Checked on electrum-ltc.org and saw that same vulnerability affecting the bitcoin wallet is present in the Litecoin wallet as well and it hasn't updated as of January 7, 2018.

Here is the webpage with the announcement basically saying don't use litecoin wallet until an update is released

https://electrum-ltc.org/

UPDATENew version is now available for the litecoin wallet.
Jump to: