Pages:
Author

Topic: Inputs.io Security (Read 2638 times)

sr. member
Activity: 406
Merit: 250
November 08, 2013, 09:55:36 AM
#30
Maybe TradeFortress will be back making similar posts in 6 months.
he'll be running another lucrative long con within a year. i have completely lost faith in this community's resolve to root out scammers.

Bitcoin is perfect for criminals.  I really thought this community would have more umm... enforcers.
legendary
Activity: 4690
Merit: 1276
November 08, 2013, 04:49:00 AM
#29
legendary
Activity: 1372
Merit: 1008
1davout
November 08, 2013, 04:18:08 AM
#28
I'm honored.

It doesn't take much


Did you write about it somewhere ?

Here and there, no comprehensive how-we-roll kind of post yet though.
When it's published, some of the internally developed tools will be open-sourced too, talking is easy, actually implementing stuff is something else entirely
member
Activity: 98
Merit: 10
nearly dead
November 08, 2013, 12:06:09 AM
#27
Passwords are never communicated through cleartext in any circumstance. Your browser automatically hashes your password.
So the hash becomes the password, right?
If the hash is intercepted can it not be used to authorize bogus requests?
I mean if the server never sees the password in clear it can't check it in any way, if it checks the hash, and the hash is intercepted it can be used to forge requests.

We use bcrypt with a user unique salt.
Thumbs up. Isn't the salting already built right into bcrypt though?

We have decoy accounts which are populated by "real" user data from our other databases. The hot pocket server automatically dumps all coins to cold storage if it sees a payment request from a decoy account. We have methods that makes it very hard for an attacker to determine if an account is decoy or not, even with root access to the linode machine and listening to traffic.
If I was you I wouldn't underestimate the ability for an attacker to tell a decoy apart from a legitimate account given enough time, access to your traffic, access to blockchain data and access to basic taint-analysis tools of wallet fundings. But since I don't really know anything about your specifics I won't comment further.

The approach we'll outline is more systematic and doesn't use tricks such as decoys, honeypots and other traps, I think you'll like it when you read about it.

Now that we know all TF said was bullshit, can you be honest about your approach ? Did you write about it somewhere ?
sr. member
Activity: 644
Merit: 260
November 07, 2013, 08:16:26 PM
#26
Maybe TradeFortress will be back making similar posts in 6 months.
he'll be running another lucrative long con within a year. i have completely lost faith in this community's resolve to root out scammers.
full member
Activity: 237
Merit: 101
November 07, 2013, 08:10:54 PM
#25
Maybe TradeFortress will be back making similar posts in 6 months.
legendary
Activity: 4690
Merit: 1276
November 07, 2013, 06:44:05 PM
#24
I'd suggest

I have, as usual, no particular interest in your suggestions.

Enough to respond, apparently.  I'm honored.

legendary
Activity: 1372
Merit: 1008
1davout
November 07, 2013, 06:41:35 PM
#23
OK, so if I read this correctly:

Whether you read it correctly is irrelevant since it is factually incorrect.


I'd suggest

I have, as usual, no particular interest in your suggestions.
legendary
Activity: 4690
Merit: 1276
November 07, 2013, 06:24:59 PM
#22
This reminds me, have you published a debriefing about the technical details of your problems davout?  If so, can you point to it?

I have a comprehensive forensic audit report sitting in one of my drawers, made by a decent IT security firm.
There's no perceived interest on my side to share it with bitcointalk though.

Believe it or not I actually want the Instawallet hassles to be an understandable failure against a significant attack

Nobody cares about what you want.
It is however in our plans to publish some procedures at some point, maybe some security-related code too.


Ya, Bitcointalk.org does not seem like an appropriate place for such a thing.  A well constructed outline on your web site(s) somewhere makes more sense.  I'd suggest 'About Us', and under a sub-section along the lines of 'Why we are not as big a jack-offs as old timers remember.'

But anyway, do as you wish.  It's your business to run as you please.  I guess you needed to upgrade from your 'military grade' computers to something even more secure for your current operations?

legendary
Activity: 1022
Merit: 1033
November 07, 2013, 06:21:44 PM
#21
Designing your system to fail gracefully without financial consequences is far more important than designing it not to fail or get compromised.

OK, so if I read this correctly:

Quote
It is almost six months ago that Bitcoin Central, the main Bitcoin exchange in France, shut down after losing tens of thousands of dollars to an online attack. The attacker managed to get in by breaking into the exchange’s virtual private server, allowing them to access its online “hot wallet” and withdraw all of the funds. ... But now, after nearly five and a half months of downtime, Bitcoin Central is back online.

your utter incompetence cost company the content of hot wallet + 6 months of downtime.

And now you feel like you're in position to lecture anybody on security....

Dunning–Kruger at it's finest.

legendary
Activity: 1372
Merit: 1008
1davout
November 07, 2013, 06:13:07 PM
#20
This reminds me, have you published a debriefing about the technical details of your problems davout?  If so, can you point to it?

I have a comprehensive forensic audit report sitting in one of my drawers, made by a decent IT security firm.
There's no perceived interest on my side to share it with bitcointalk though.


For my part, I just have curiosity about things.

Well then, lurk some more I'd say, and comment if you have something interesting to add, instead of rehashing the same stuff over and over.


Believe it or not I actually want the Instawallet hassles to be an understandable failure against a significant attack

Nobody cares about what you want.
It is however in our plans to publish some procedures at some point, maybe some security-related code too.
legendary
Activity: 4690
Merit: 1276
November 07, 2013, 05:47:50 PM
#19
My point is that VPS should never be used to host projects which need to handle non-negligible amounts of users' bitcoins as virtual private servers have extra attack surface as compared to dedicated servers.

If your security model depends on not having one or more servers compromised it's probably flawed anyway.
A correct security model depends much more on thorough continuous auditing and business operations procedures than it does on technical considerations.

Designing your system to fail gracefully without financial consequences is far more important than designing it not to fail or get compromised.

This reminds me, have you published a debriefing about the technical details of your problems davout?  If so, can you point to it?

If not, do you have a plan to?  I would think that by now

 - enough time has passed to have re-constructed your procedures

 - any defects which made the attacks possible would be resolved and those mistakes would not be made again.

For my part, I just have curiosity about things.  Believe it or not I actually want the Instawallet hassles to be an understandable failure against a significant attack (vs. a bogus story invented to mop up unclaimed Instalwallet funds or some such.)  Also, I think it would help other system designers to understand the nature and capabilities of attackers.  If it helps others, great.  It is in no ones interest when hacks occur (except criminals, bankers, politicians, etc.)

legendary
Activity: 1372
Merit: 1008
1davout
November 07, 2013, 05:17:15 PM
#18
My point is that VPS should never be used to host projects which need to handle non-negligible amounts of users' bitcoins as virtual private servers have extra attack surface as compared to dedicated servers.

If your security model depends on not having one or more servers compromised it's probably flawed anyway.
A correct security model depends much more on thorough continuous auditing and business operations procedures than it does on technical considerations.

Designing your system to fail gracefully without financial consequences is far more important than designing it not to fail or get compromised.
legendary
Activity: 1022
Merit: 1033
November 07, 2013, 04:45:48 PM
#17
It's your own fucking problem.

Do you represent geniuses who were running Instawallet?

If so, you have already proven that you have no effing clue. No surprise here.

Drop the butthurt, start the thinking.

What are you talking about?

My point is that VPS should never be used to host projects which need to handle non-negligible amounts of users' bitcoins as virtual private servers have extra attack surface as compared to dedicated servers.

Which part of this you disagree with?

It's worth noting that I do not care about inputs.io or any crap like this, I'm just trying to warn people so that they'll have a chance to avoid obvious traps in future.
sr. member
Activity: 406
Merit: 250
November 07, 2013, 04:24:38 PM
#16
TradeFortress, you seem very very calm about losing a significant amount of the people's Bitcoins. Acting as if nothing has happened.

Because he just became BTC4100 richer.

No kidding!

Still not sure what the appeal of that website was anyways.  I'd never want to keep my bitcoins on the internet.
legendary
Activity: 1372
Merit: 1008
1davout
November 07, 2013, 04:24:08 PM
#15
It's your own fucking problem.

Do you represent geniuses who were running Instawallet?

If so, you have already proven that you have no effing clue. No surprise here.

Drop the butthurt, start the thinking.
legendary
Activity: 1022
Merit: 1033
November 07, 2013, 01:50:38 PM
#14
While we are here, a claim that it's OK to have a web-facing server on a VPS because it has no wallet on it is outrageous.

[...]

Physical dedicated servers are cheap. It isn't hard to set them up.

I failed to locate the slightest clue in your message.

It's your own fucking problem.

Do you represent geniuses who were running Instawallet?

If so, you have already proven that you have no effing clue. No surprise here.
legendary
Activity: 1372
Merit: 1008
1davout
November 07, 2013, 10:47:05 AM
#13
While we are here, a claim that it's OK to have a web-facing server on a VPS because it has no wallet on it is outrageous.

[...]

Physical dedicated servers are cheap. It isn't hard to set them up.

I failed to locate the slightest clue in your message.
legendary
Activity: 1022
Merit: 1033
November 07, 2013, 10:32:50 AM
#12
While we are here, a claim that it's OK to have a web-facing server on a VPS because it has no wallet on it is outrageous.

A compromised web-facing server can be used for a MitM attack no matter what other tricks you use.

MitM attack can be used to steal funds of users who are currently use the site.

So if person tells you that VPS is OK because it doesn't have a wallet in it, we can decipher it as this:

"Well, we know that attacker will be able to steal coins from our users via MitM attack, but we don't give a fuck; after all, without VPS we'd have to pay whopping $70/month for a real physical server, and it takes a whole hour to set it up. No fucking way we'll go through this just to prevent a pesky MitM attack."

This is outrageous... If somebody claims that, he is either a complete moron or scammer.

Of course, inputs.io is already dead... But if somebody else will try using VPS to handle non-negligible amount of bitcoins, he should get scammer-tag right away, before the thing gets compromised. There is simply no excuse for this stupidity.

Physical dedicated servers are cheap. It isn't hard to set them up.
hero member
Activity: 728
Merit: 500
November 07, 2013, 09:15:05 AM
#11
TradeFortress, you seem very very calm about losing a significant amount of the people's Bitcoins. Acting as if nothing has happened.

Because he just became BTC4100 richer.
Pages:
Jump to: