Hacked and stolen - page 2. | Bitcointalksearch.org

lexxus

sr. member

Activity: 309

Merit: 250

Quote from: Mike Christ on May 17, 2013, 09:50:43 AM

You may disagree, and say something like, "Well if the devs would FORCE you to use encryption, it couldn't have happened!", but lets be honest, nobody likes to be forced, and if you wanted to use an unencrypted wallet, for whatever reason, you should have the right. The devs shouldn't be responsible for stupidity.

I never talked about forcing someone to use encryption. There must be an option for advanced users to turn it off. But by default it must be on.
Compare 2 options:

1. banks sending out credit cards with the same default PIN 1111 and allow you to change it
2. banks sending out credit cards with random default PIN and allow you to change it to 1111

I hope this shows the difference.

warpio

member

Activity: 110

Merit: 10

This whole debate is stupid, you shouldn't rely on the bitcoin client's encryption anyway. It could have bugs or backdoors or who knows what. The only way to truly be safe is to generate your transactions offline.

lexxus

sr. member

Activity: 309

Merit: 250

Quote from: 1PFYcabWEwZFm2Ez5LGTx3ftz on May 17, 2013, 09:50:08 AM

If you want to use a car safely, you need to know how a car is made and how it works.
If you want to use a door and a lock safely, you need to know how doors, locks and keys are made and how they work.
If you want to use bitcoin safely, you need to know how it works.

It is pretty much common sense.

I fully agree that you must know something about Bitcoin before using them. But it's too much to ask for a user to be a IT security expert just to send a payment. At least if you want a mainstream adoption.

I seriously doubt that many people know how locks work in their doors. Still they manage to use it.
I seriously doubt that many people know how engines work in their car. Still they manage to use it.

Mike Christ

legendary

Activity: 1078

Merit: 1003

Quote from: lexxus on May 17, 2013, 09:46:40 AM

Quote from: Mike Christ on May 17, 2013, 09:43:52 AM

A fool and his money are soon parted. We can hand-hold and point the finger at the devs all day long, but there's a good reason why the PIN on my debit card isn't 1111.

Yes! And you know why your pin is not 1111? It's because your bank won't allow this.
In any good bank, changing your default pin to 1111 is prohibited. And even default PIN generation process is tuned to avoid this kind of PINs. You cannot even get pin 1111 by chance.
Do you know see the difference?

See, here's the thing: people should already know that setting their debit card to 1111 is a stupid idea. The guy who does try it should be allowed to have his PIN as 1111, or else he'll never understand why it's a bad combo.

The reason is obviously not because "the bank won't allow this." The reason is, literally, because it's extremely easy to guess. As I said, hand-holding, and it needs to stop. Bill needs to be robbed of every last of his BTC for being dumb enough not to use encryption. You may disagree, and say something like, "Well if the devs would FORCE you to use encryption, it couldn't have happened!", but lets be honest, nobody likes to be forced, and if you wanted to use an unencrypted wallet, for whatever reason, you should have the right. The devs shouldn't be responsible for stupidity.

1PFYcabWEwZFm2Ez5LGTx3ftz

full member

Activity: 120

Merit: 100

Quote from: lexxus on May 17, 2013, 09:44:22 AM

Then using Bitcoin is like learning how to make doors, locks, keys before you can pay.

If you want to use a car safely, you need to know how a car is made and how it works.
If you want to use a door and a lock safely, you need to know how doors, locks and keys are made and how they work.
If you want to use bitcoin safely, you need to know how it works.

It is pretty much common sense.

lexxus

sr. member

Activity: 309

Merit: 250

Quote from: Mike Christ on May 17, 2013, 09:43:52 AM

A fool and his money are soon parted. We can hand-hold and point the finger at the devs all day long, but there's a good reason why the PIN on my debit card isn't 1111.

Yes! And you know why your pin is not 1111? It's because your bank won't allow this.
In any good bank, changing your default pin to 1111 is prohibited. And even default PIN generation process is tuned to avoid this kind of PINs. You cannot even get pin 1111 by chance.
Do you know see the difference? This exactly what I mean when I say that default security must be in-place for a mainstream users.

lexxus

sr. member

Activity: 309

Merit: 250

Quote from: 1PFYcabWEwZFm2Ez5LGTx3ftz on May 17, 2013, 09:41:21 AM

It is the same as blaming a door manufacturer, because you didn't lock your door and got robbed.

Then using Bitcoin is like learning how to make doors, locks, keys before you can pay.

prezbo

sr. member

Activity: 430

Merit: 250

Quote from: bronan on May 17, 2013, 09:23:00 AM

But i sincerely would like to see some kinda secure system or a bank where you can put the coins for safe keeping with some kind of protection if it is being hacked.

Something like an offline/paper wallet, perhaps? Roll Eyes

Mike Christ

legendary

Activity: 1078

Merit: 1003

Quote from: lexxus on May 17, 2013, 09:35:37 AM

Quote from: Welsh on May 17, 2013, 09:19:54 AM

AGAIN, that is not BITCOIN itself, that's the users who mess up. Bitcoin can be stored safe on a paper wallet.

No, you are wrong. I already gave you an example that you ignored. The most popular bitcoin client comes with the encryption turned off by default. It's not users who mess up, it's bitcoin community and developes who mess up here.

Paper wallet is just for storage. If you want Gold 2.0 only, then it's fine. Let's tell people the truth then: the only secure way is to store BTC on the paper. Period. Don't use anything else. And please forget about wide adoption, payments, etc. in this case.

A fool and his money are soon parted. We can hand-hold and point the finger at the devs all day long, but there's a good reason why the PIN on my debit card isn't 1111.

warpio

member

Activity: 110

Merit: 10

Quote from: bronan on May 17, 2013, 09:40:18 AM

A good idea warpio that might work as well as long as it is able to be compatible with the current bitcoin clients
Which i think plays also also a small minor contribution into my drama.
I had to update the client/wallet so thats why the wallet was on my pc.
Ofcourse i should have put it back on the removable disc but i simply forgot to do it because of all kinda personal problems
Their is nothing i can do to change the events which have lead to this event.
Should i have not reported these botnetters to the pool owners ?, should i not have reported them to internet police ?

As far as I know, offline clients shouldn't need to be updated. Since the algorithm for creating private/public keys and transactions never changes. The only reason for updating the client would be if you need to check your balance on it, but that would be best done a different computer than where your wallet is stored.

1PFYcabWEwZFm2Ez5LGTx3ftz

full member

Activity: 120

Merit: 100

Quote from: lexxus on May 17, 2013, 09:36:05 AM

Internet in general doesn't put at risk your money. Bitcoin does.

It is the same as blaming a door manufacturer, because you didn't lock your door and got robbed.

bronan

hero member

Activity: 774

Merit: 500

Lazy Lurker Reads Alot

A good idea warpio that might work as well as long as it is able to be compatible with the current bitcoin clients
Which i think plays also also a small minor contribution into my drama.
I had to update the client/wallet so thats why the wallet was on my pc.
Ofcourse i should have put it back on the removable disc but i simply forgot to do it because of all kinda personal problems
Their is nothing i can do to change the events which have lead to this event.
Should i have not reported these botnetters to the pool owners ?, should i not have reported them to internet police ?

yvv

legendary

Activity: 1344

Merit: 1000

.

Quote from: Gabi on May 17, 2013, 09:33:56 AM

Quote from: yvv on May 17, 2013, 09:28:53 AM

Quote from: Gabi on May 17, 2013, 09:22:20 AM

The only safe way is to have an OFFLINE computer, create a transaction on it and then copy the transaction on the online computer.

Could you elaborate, please. This sounds interesting, but how do you copy a transaction? How do you sync the blockchain on offline computer?

There is no need to sync the blockchain to use bitcoin and make transactions! The two things are totally unrelated. The blockchain is required to check your balance and to check if you received transactions, and of course, since bitcoin is a p2p network, to relay blocks to other nodes, but not to make transactions. You just need the private key for that.

How to copy? You can for example display it as a qr-code and use a smartphone to read and send it to internet. This way no virus can enter the offline computer.

Thanks! I have too few btc to worry about safety now, but I am going to play with wallet which is permanently offline to be ready to become bitcoin millionaire in the future

warpio

member

Activity: 110

Merit: 10

Quote from: lexxus on May 17, 2013, 09:36:05 AM

Quote from: 1PFYcabWEwZFm2Ez5LGTx3ftz on May 17, 2013, 09:32:49 AM

Quote from: lexxus on May 17, 2013, 09:16:40 AM

More secure ways will and should appear. But now it's far from being ready for an ordinary user to use in terms of security.

The same could be said about the internet in general.

Internet in general doesn't put at risk your money. Bitcoin does.

no, the Internet + Bitcoin does. The internet is not required at all for Bitcoin storage.

virtualmaster

hero member

Activity: 504

Merit: 500

This post seems to me very contradictory.
- First he is asserting that he had a very good secured PC which was hacked and his BTCs where stolen. If this is true the attacker must be very professional or the BTC holder very beginner.
- On the other side he is saying that he was able to track the IP of the thief even if as stated it was used as relay an intermediary BTC address. Which presumes that he (the former BTC holder) was very professional (it is not easy to track the IP of a thief) or the thief was very stupid.

lexxus

sr. member

Activity: 309

Merit: 250

Quote from: 1PFYcabWEwZFm2Ez5LGTx3ftz on May 17, 2013, 09:32:49 AM

Quote from: lexxus on May 17, 2013, 09:16:40 AM

More secure ways will and should appear. But now it's far from being ready for an ordinary user to use in terms of security.

The same could be said about the internet in general.

Internet in general doesn't put at risk your money. Bitcoin does.

lexxus

sr. member

Activity: 309

Merit: 250

Quote from: Welsh on May 17, 2013, 09:19:54 AM

AGAIN, that is not BITCOIN itself, that's the users who mess up. Bitcoin can be stored safe on a paper wallet.

No, you are wrong. I already gave you an example that you ignored. The most popular bitcoin client comes with the encryption turned off by default. It's not users who mess up, it's bitcoin community and developes who mess up here.

Paper wallet is just for storage. If you want Gold 2.0 only, then it's fine. Let's tell people the truth then: the only secure way is to store BTC on the paper (unless you have a PhD in CS). Period. Don't use it for anything else. And please forget about wide adoption, payments, etc. in this case.

yvv

legendary

Activity: 1344

Merit: 1000

.

Quote from: ?? on ??

Quote from: yvv on May 17, 2013, 09:28:53 AM

Quote from: Gabi on May 17, 2013, 09:22:20 AM

The only safe way is to have an OFFLINE computer, create a transaction on it and then copy the transaction on the online computer.

Could you elaborate, please. This sounds interesting, but how do you copy a transaction? How do you sync the blockchain on offline computer?

I'll elaborate for him.

Armory.

https://bitcoinarmory.com/

Thanks!

Gabi

legendary

Activity: 1148

Merit: 1008

If you want to walk on water, get out of the boat

Quote from: yvv on May 17, 2013, 09:28:53 AM

Quote from: Gabi on May 17, 2013, 09:22:20 AM

The only safe way is to have an OFFLINE computer, create a transaction on it and then copy the transaction on the online computer.

Could you elaborate, please. This sounds interesting, but how do you copy a transaction? How do you sync the blockchain on offline computer?

There is no need to sync the blockchain to use bitcoin and make transactions! The two things are totally unrelated. The blockchain is required to check your balance and to check if you received transactions, and of course, since bitcoin is a p2p network, to relay blocks to other nodes, but not to make transactions. You just need the private key for that.

How to copy? You can for example display it as a qr-code and use a smartphone to read and send it to internet. This way no virus can enter the offline computer.

1PFYcabWEwZFm2Ez5LGTx3ftz

full member

Activity: 120

Merit: 100

Quote from: lexxus on May 17, 2013, 09:16:40 AM

More secure ways will and should appear. But now it's far from being ready for an ordinary user to use in terms of security.

The same could be said about the internet in general.

Topic: Hacked and stolen - page 2. (Read 4056 times)