If you used Brainwallet.org - MUST READ! - Security Breach! - page 2.

proudhon

legendary

Activity: 2198

Merit: 1311

Quote from: BurtW on November 12, 2013, 04:08:11 PM

Quote from: proudhon on November 12, 2013, 04:04:58 PM

I know I'm late to the party, but you know what's really annoying...when people post about how this or that service is compromised, but then don't post the password they used. That's all I have to say.

They used "stfu!", see here:

https://bitcointalksearch.org/topic/m.2668158

Good lord

BurtW

legendary

Activity: 2646

Merit: 1137

All paid signature campaigns should be banned.

Quote from: proudhon on November 12, 2013, 04:04:58 PM

I know I'm late to the party, but you know what's really annoying...when people post about how this or that service is compromised, but then don't post the password they used. That's all I have to say.

They used "stfu!", see here:

https://bitcointalksearch.org/topic/m.2668158

proudhon

legendary

Activity: 2198

Merit: 1311

I know I'm late to the party, but you know what's really annoying...when people post about how this or that service is compromised, but then don't post the password they used. That's all I have to say.

MayDee

member

Activity: 84

Merit: 10

Quote from: CIYAM on November 12, 2013, 12:35:07 PM

Why would anyone care about your passphrase if they have already got your bitcoins?

Also usefull to know if you are planning to make 10 brainwallets with strong passphrases by themselves, but with very similar passphrases that can link them together.

BurtW

legendary

Activity: 2646

Merit: 1137

All paid signature campaigns should be banned.

Quote from: LiteCoinGuy on November 12, 2013, 12:42:55 PM

Quote from: mechs on July 06, 2013, 02:01:13 AM

I don't think you can download the script from the site. Regardless, whether it is the website author or a hacker, the site is compromised. I don't think it had anything to do with my wallet.dat password being compromised - it is a very long, secure password and I do not believe there are any trojans on my system.

I think the same. Never use a third party for security.

Dude, you are quoting the third post in this thread and your response is totally out of context. Are you a posting bot?

EDIT: reported as possible posting bot.

MayDee

member

Activity: 84

Merit: 10

Quote from: BurtW on November 12, 2013, 12:40:06 PM

But assuming they have the private key to your standard brain wallet and have already taken all of the BTC in that wallet they might think to themselves "Self, if we can get this bozo's passphrase we may be able to clear out his MtGox, Bitstamp and other accounts if he used the same passphrase."

So there is some reason to do this. Now in a standard brain wallet the private key is the SHA256 of the passphrase and it is basically impossible to go from the hash back to the passphrase.

So, although all of the BTC in your brain wallet have been lost your other accounts using the same passphrase are probably safe in this hypothetical scenario.

Thank you

LiteCoinGuy

legendary

Activity: 1148

Merit: 1011

In Satoshi I Trust

Quote from: mechs on July 06, 2013, 02:01:13 AM

I don't think you can download the script from the site. Regardless, whether it is the website author or a hacker, the site is compromised. I don't think it had anything to do with my wallet.dat password being compromised - it is a very long, secure password and I do not believe there are any trojans on my system.

I think the same. Never use a third party for security.

BurtW

legendary

Activity: 2646

Merit: 1137

All paid signature campaigns should be banned.

Quote from: CIYAM on November 12, 2013, 12:35:07 PM

Quote from: MayDee on November 12, 2013, 12:26:39 PM

Does anyone know how difficult it is to find your passphrase if they know your private key?

Why would anyone care about your passphrase if they have already got your bitcoins?

This ^^^

But assuming they have the private key to your standard brain wallet and have already taken all of the BTC in that wallet they might think to themselves "Self, if we can get this bozo's passphrase we may be able to clear out his MtGox, Bitstamp and other accounts if he used the same passphrase."

So there is some reason to do this. Now in a standard brain wallet the private key is the SHA256 of the passphrase and it is basically impossible to go from the hash back to the passphrase.

So, although all of the BTC in your brain wallet have been lost, your other accounts using the same passphrase are probably safe in this hypothetical scenario.

MayDee

member

Activity: 84

Merit: 10

Quote from: Rampion on November 12, 2013, 12:31:26 PM

Quote from: MayDee on November 12, 2013, 12:26:39 PM

Does anyone know how difficult it is to find your passphrase if they know your private key?

It depends on the passphrase Cheesy

LOL

Let's say it is a supa dupa hard one Wink

CIYAM

legendary

Activity: 1890

Merit: 1078

Ian Knowles - CIYAM Lead Developer

Quote from: MayDee on November 12, 2013, 12:26:39 PM

Does anyone know how difficult it is to find your passphrase if they know your private key?

Why would anyone care about your passphrase if they have already got your bitcoins?

Rampion

legendary

Activity: 1148

Merit: 1018

Quote from: MayDee on November 12, 2013, 12:26:39 PM

Does anyone know how difficult it is to find your passphrase if they know your private key?

It depends on the passphrase Cheesy

MayDee

member

Activity: 84

Merit: 10

Does anyone know how difficult it is to find your passphrase if they know your private key?

foo

sr. member

Activity: 409

Merit: 250

I agree with what others have posted already, add a "rounds" parameter to the site. Asking the site owner to do this is much more productive than trying to burn him at the stake...

People can use their birth year as the rounds number and they will easily remember it. The rainbow table computers will have to do much more work, if they compute all rounds from 1900 to 2000 they will have to do 196,950 hashes per password instead of 1! (http://www.wolframalpha.com/input/?i=1900%2B...%2B2000)

Anon136

legendary

Activity: 1722

Merit: 1217

Quote from: justusranvier on July 06, 2013, 02:15:46 AM

Quote from: jl2012 on July 06, 2013, 02:08:39 AM

Is your passphrase just too simple?

Any passphrase you can memorize is almost too simple by definition.

na not really. you just combine a long low entropy password with a short high entropy password plus something in the public record. you can remember the former because it uses real words and sentences and the latter because it isn't too long and the public record element adds security for almost no cost (in terms of effort to memorize remember it since all you have to remember is its location). combined you get the best of both worlds. they arnt going to crack it with a dictionary attack or a brute force and some sort of hybrid technique would not be very effective.

Financisto

hero member

Activity: 633

Merit: 768

BTC⇆⚡⇄BTC

an appropiate thread title might be:

"If you used Brainwallet.org - MUST READ! - weak passphrases!"

mises

sr. member

Activity: 352

Merit: 250

Quote from: mechs on July 06, 2013, 01:30:17 AM

I decided to mess around and make a brain wallet. I used the website www.brainwallet.org. Supposively, this javascript is client side only. Anyway, I made a brain wallet and decided to test it. I moved my spare change (I keep most of my BTC in cold storage) about 0.178 BTC to the new brain wallet I made "15WjmFwpZ1mp3fG55JGoGv3p5y9jtehEB2". Literally within seconds, it was moved to a new bitcoin address not owned by me "1Lp3S4PajwhuFCyrAXSFdVGxLuqTsXtVQC" https://blockchain.info/address/15WjmFwpZ1mp3fG55JGoGv3p5y9jtehEB2

I am very security conscience and am certain my wallet file was not compromised. My only thought is the brainwallet website has been compromised instead and some bot is stealing the private keys generated there and then instantly transfering any funds deposited to these compromised wallets to their own bitcoin addresses. DO NOT USE www.brainwallet.org and if you have used it, then immediately move your funds to a new location ASAP.

I am not complaining though, I only lost 0.178BTC - it could have been much worse.

That's unfortunate! Thanks for letting us know OP.

VTC

member

Activity: 84

Merit: 14

Why write custom scripts and remember various variables when you can just make your brainwallet a bit longer.
Add your name and ID/passport number before your complex passphrase, easier to remember, increase entropy by a lot.

gmaxwell

staff

Activity: 4200

Merit: 8441

It's run by "Joric". As was the similar wallettools.appspot stuff which predated it in the role of helping fools and their Bitcoin split ways.

I have some pretty fun IRC logs surrounding the creation of Brainwallet.org... e.g. Joric searching for guessable sha256 keys and redeeming them.

He was really resistant to using a strong KDF. Not because he's malicious, as far as I can tell, but simply because anything worthwhile is going to be slow in javascript.

BurtW

legendary

Activity: 2646

Merit: 1137

All paid signature campaigns should be banned.

Quote from: Financisto on November 08, 2013, 09:57:12 PM

Is it manageable watching the balances of thousands/millions of generated wallets like that everyday (with today's tech resources)?

Very easy.

Financisto

hero member

Activity: 633

Merit: 768

BTC⇆⚡⇄BTC

Quote from: justusranvier on July 06, 2013, 12:04:10 PM

I don't think you understand what a rainbow table is.

Somebody generated the exact same brainwallet you did, long before you ever thought of using that passphrase.

They've actually generated millions of brainwallets, and they're just waiting for someone naive enough to use the same weak passprases and deposit money into one of their addresses.

[..]

Is it manageable watching the balances of thousands/millions of generated wallets like that everyday (with today's tech resources)?

Quote from: AliceWonder on July 06, 2013, 11:51:35 PM

Another thing you can do is repeat hash hundreds and hundred of times. And use a salt - with the original phrase and added to each hash. You can even have a simple formula that changes the salt each hash.

57899@##$% as me salt.
"I like big butts" as my passphrase.

Each hash I change the salt according to the number performed and add it to the previous hash, changing the salt so it grows each time, resulting in a huge salt by last hash.

Reapeat, say, 722 times.

All I have to remember is the salt (write it down), the pass phrase, and the algorythm I used to alter the salt each iteration.
[...]

Is that simple to do by command line (Linux Terminal)?

Topic: If you used Brainwallet.org - MUST READ! - Security Breach! - page 2. (Read 52768 times)