Topic: I just got hacked - any help is welcome! (25,000 BTC stolen) - page 20. (Read 381810 times)

Jesus. (going blue in the face)

Just implement Unix file semantics on accounts and addresses: RECEIVE, SEND, OPERATE / VIEW (for accounts)

That's a good idea, but it doesn't help security if the network connected machine is compromised. The moment you copy over the wallet to send, it's compromised too. Also, you somehow have to be able to clean install the non-connected machine. If you do this by downloading an OS image, the download machine has to be clean to begin with etc. You can't really guarantee any of that, or expect the average user to do it.

A 'BTC bank' is one obvious solution, the question is whether you want to compromise the distributed idea by centralizing some aspects of it (similar to exchanges). I think the next big hero is whoever comes up with a decentralized version piggybacking off the existing blockchain network. Centralized versions could coexist of course, for if you want something like a 2 factor authentication method. A proper implementation could prevent unauthorized transactions from your wallet, even if your machine is compromised.

This is already in use: the bank generates a private/public keypair and puts the public key on a physical token (basically a little battery powered calculator), which is sent to you. When you first receive the token you must enter a pin code into it so noone else can use it after that (in other words the bank doesn't know it either). When you log in to the bank's site, you input the token's serial number so they know which private key to use. For every transaction the bank generates a code (hash) with this private key, which you input in your token, which generates a return code (hash) based on the key contained within the token. This code authenticates the transaction to the bank. Repeat for every transaction. The token switches off after a few seconds of inactivity, it can only be reactivated with your pin. The pin code can be 5 digits, the authentication codes 6, for example.

This means that a) the bank knows for sure who you are, because only your token has the correct key, and only you can activate your token (pin code) and b) a man in the middle will not be able to reuse your codes because every new transaction requires a new code. The entire transaction is encrypted via https for privacy and added security.

Of course this can still be circumvented by a dedicated attacker who has compromised your machine but only at the expense of major development investment (not only tailor make the attack for the particular website and keep up with any changes before user logs in again but also keep a double book of real and fake transactions to be presented to the user to avoid detection, at least long enough if you only care about one heist). This attack breaks down as soon as the user tries to access his balance from another, uncompromised host. Even this attack can be completely prevented by hashing the recipient address and amount into the authentication code to be put into the token. If an attacker tries to reroute payment the hash cannot match and is rejected.

The trick is doing this without a physical token and back end server (bank). The closest you could get is a separate smartphone app. But then you have the problem of protecting the smartphone (pin and key) in the face of attacks getting more and more prevalent there exactly because of this kind of use.

Looks like LulzSec^* found it more profitable to hack bitcoiners than Sony. The absolutely huge irony here is that bitcoin is supposed to be the next major step in crypto-currency...and the most important file is unencrypted by default. That's like Brinks leaving the gates to the armored car depot unlocked and unguarded.

BTW, MtGox is an unregulated exchange...I highly doubt that it is illegal for MT to repossess stolen bitcoins. In fact I doubt it is illegal for him to take everyone's bitcoins that are stored with him. Precisely which laws would he be violating again? You'd have better luck prosecuting someone for stealing your WOW gold. Or ISKs.

^*Not to say specifically that LulzSec did this hack, just any sophisticated group with knowledge of bitcoin.

It was /.


And did they research/install it themselves? Maybe the kid, but they learn fast Meanwhile I'm still explaining left from right mouse button clicks to family above 50.

You can easily see the received coins by using Bitcoin Block Explorer, so it's no problem that you don't see them in the GUI on the offline computer.

It's unfortunate that users 'download binaries', 'don't review the source' and 'don't understand cryptographic primitives'?

What you speak of is not a currency. It's programmer porn.

Tautology. People started in bitcoin with barter concept. Then GPUs came. Now people want to trade for services and prtoduc. It will be $100 when the ones with the balls want to take the time.


Someone already lost 65 coins via backup malfunction. One wallet, two accounts. Add receive, send, activate permission semantics.


Liabilities this early. Not gonna happen. Paypal policy has already caused people to distrust buyers more than sellers.


The image is not an issue. It's getting a cult following.

Unix file permissions - read, write, execute / search
execute for programs
search for directories

Bitcoin address permissions - receive, send, activate / view
activate for addresses
view for accounts

activate means to split or combine with other coin blocks

just to add some of my thoughts:

1. bitcoin is supposed to be a currency, one would not have bigger amounts of cash, neither at home NOR in a bank. one would invest it in something real.
2. I admit its charming to hold bitcoins to gamble. Nevertheless I claim it to be an efficient market. If it was very likely bitcoin will be worth 1000$, it alreay would be near there

3. nevertheless, I though about the following: separate in savings account and payment account and keep the savings account offline (encrypt->usb->delete unencrypted). when putting the savings-wallet.dat online, use a live system which is guaranteed not to be compromised.

4. there WILL be banks or some other payment providers, because there will be demand for it due to low-tech users
5. such a provider would need to be liable (real name, within some proper jurisdiction) and have features as the author of the thread suggested.

6. furthermore i think it is neccesary, bitcoins can be insured (which such an provider could do with the fees he gets), because if not, trust in bitcoin might vanish. this is somehow similar to credit cards, where you are insured in case of theft. nobody would (hopefully) use it, if this were not the case.
7. in the end, this is a bad day for bitcoin, because there only will be a small percentage of users, able to 100% secure their money, so this for sure is not the last case of theft and the bitcoin image is going to suffer...

?

address

Sounds good. What is it?  

We don't need banks. We need unix permission semantics.

What kind of bank would this be though? Why would I pay them a fee.

My bank pays ME a fee to deposit my money with them..... Of course we are assuming the bank will not lend out the bitcoin right? Cuz they wouldn't do that....

Someone suggested YAML. XML - yuck. JSON would be ideal, given that it's the RPC format.

Off-topic, but CSV is a horrible "format." I use quotes because there is no official standard for CSV, and there are so many half-baked implementations, each with its own quirks. It's better to use something which actually has documentation, like JSON, or even XML.

You can see them if you want. You just need to save the chain to some storage media and move it over and probably rescan.

Unfortunately, you are correct.  

The fact of the matter is that whether I believe you or not (I do, FWIW), it's still a criminal act for anyone (e.g. MtGox adminis) to steal these coins from whoever has them now on the basis of your claims without hard evidence, even if they personally believe your claims to be true.

As it's impossible for you to provide hard evidence (in all circumstances), this remains in all cases a side-effect of the way bitcoin works.

Is it unfortunate that the wallet.dat file is not encrypted?  No.  The security of your keys is your responsibility.

Is it unfortunate that coins can't be "marked stolen"?  No.  Bitcoins are digital cash.

Is it unfortunate that transactions can't be reversed?  No - in fact, this is a good thing.

What is truly unfortunate are the sheer quantity of bitcoin users who have jumped in, downloaded precompiled binaries without a) understanding the protocol, b) reviewing the source, c) or even basic cryptographic primitives, and are now making all sorts of demands and claims about what should or should not be priorities to the developers.

http://www.activism.net/cypherpunk/manifesto.html

Consider for a moment that most people who's lives will be changed by bitcoin will never run the bitcoin client, any more than most Facebook users are familiar with Apache, or bank customers know how to send transactions to Fedwire.

You called yourself an early adopter, and you truly are, if bitcoin is destined for what we all now probably believe it is (tens or hundreds of millions of users worldwide).  It's time to start acting like one, and educate yourself.  Beta software (and currencies) come with caveats, and it's nobody's fault but your own when you get bitten by them.  I'm sorry for your loss, but I really didn't know there were still people with clue running Windows in 2011 (or maybe there aren't).

-sneak

PS: To everyone talking about encrypted wallets: It is possible to generate a receiving address on a computer that has NEVER been connected to the internet and never will be.  That address can receive coins (though they will obviously not appear in the GUI on the offline computer).  The computer and its (hopefully backed-up) keys can remain offline forever until it must sign a transaction transferring the coins elsewhere.  You could then transfer the wallet to an internet-connected workstation, send out whatever transactions are necessary, and then send the remaining coins back to a new address you've created on your "offline-forever" machine.  There is absolutely no need for a computer holding a destination address key to be connected to the network ever.

Flat file packed formats are non-portable to other interfaces.


The format in memory I could care less about.


File format makes it unusable from any other software. For example, a bitcoin micropartition with receive, send, and activate permission semantics. Separation of policy from data.

-sneak


Packed file formats are for those do not comprehend openness. Did you write this post by screeching into the telephone?

wait, what ?

"normal joe" cant read and follow basic instructions found at the Bitcoin wiki ?
https://en.bitcoin.it/wiki/Main_Page
https://en.bitcoin.it/wiki/Securing_your_wallet

"all steps" as in all these steps ?

• open truecrypt
• Make & select a file any location you want
• create volume
• mount it
• copy wallet in it
• unmount it

BAM! You are fully protected, so long as you remove the wallet.dat copy from you computer and use another address(es) to mine... even if you hand the thief the encrypted archive file. From there you can use a usb stick, cd, dvd, hell even a floppy to store another copy of that encrypted archive in a safe place.

My 64 year old mother uses it for her investment and banking information and my 10 year old son uses it for his bitcoin wallet.

http://www.truecrypt.org/

Its Free by the way.

You can have as many alternate BTC addresses that you want, which means you can have as many "Bank Accounts" as you want. Log term savings, regular savings, checking, and working miner account.

We do not need BTC Banks. We need people to use their brains, open their eyes and read whats in front of them, and most importanly, act accordingly utilizing personal responsibility.