Topic: Password protecting Electrum (on startup) (Read 3516 times)

For Mac there's FileVault. It's not opensource, but neither is Bitlocker, so you have to trust Apple (or Microsoft) that it's a secure solution. Veracrypt looks like it might be interesting, and if it's a fork of TrueCrypt it should also support Mac.

About the only system where there isn't a full disk encryption solution (unless Veracrypt supports OSX) is a "Hackintosh", a PC running OSX through a bootloader that makes it think it's running on a Mac, since FileVault doesn't work on those systems. In fact, the only Windows, OSX or Linux machine I own that isn't using some form of full disk encryption is a Hackintosh.

[edit] I see Veracrypt does support OSX with an OSXFUSE filesystem driver, so that might be a solution for my Hackintosh.

Yes when you extract it you write an unencrypted copy of your wallet to the disk, even after you delete it it is possible to recover it. A better solution would be to use encfs, which doesn't write it to the disk. For Windows/Mac, there is http://www.getsafe.org/about on Linux you can use gnome-encfs-manager. In any case this isn't an ideal solution for the reasons Thomas mentioned.

hi all

I wanted to add I found a fairly simple workaround for this issue.  Initially I was using Bitlocker but it requires a minimum partition of several megabYtes, so I noticed on /r/bitcoin there was a post yesterday about TrueCrypt revival, and one of the comments someone mentioned 7Zip built in AES encryption.

So I downloaded 7-Zip and encrypted my wallet with AES in a 7zip file, it only takes about 2kb of space and pretty easy, so I think this is the solution I am going to use for now.  However I am a bit worried about the extraction process leaving ghost trails of my wallet maybe in temporary files when it extracts that could easily be dug up.

thats it for now

-Z

Bitlocker is available for free for certain versions of Windows.  Veracrypt is a pretty well maintained fork of the old truecrypt codebase, I believe it has FDE. There are also many commercial alternatives, symantec has a well known FDE product. Also EFS is supported by all versions of Windows that use NTFS and will let you encrypt certain directories.

I'd say the only people who don't have access to many FDE options are Mac users. There are plenty for Windows/Linux.


Nope, because if you had your wallet open and someone got hold of your PC, they can grab the password from your RAM and spend your money. This can be done even if the attacker only has access to your PC for a few seconds. The first and second passwords MUST be completely different and you shouldn't rely on the first password to provide any kind of protection. It's purpose should be to prevent against casual snooping ONLY and NOT to secure your funds, and the user should be made aware of that.


I agree with ThomasV that if used wrong by a user it will make them significantly less safe, but I do think it is a useful feature nonetheless.

The software should check to make sure the first and second passwords are different. It should show a message informing the user that the first password should be ONLY relied on to protect privacy (casual snooping), and the second password is the one that actually protect your funds and warn the user to use two completely different passwords.

It should also be possible to recover the funds using only the second password in case the first one is forgotten. This could be done by encrypting the seed and private keys with the second password, and encrypting labels, transaction history and previously used addresses with the first. If the user forgot their first password, they would be able to access their wallet with the only the second password but would lose their labels.

I think an implementation like this would be a good compromise. Maybe someone could implement this in a plugin or something.

If you don't like Truecrypt, there are plenty of other tools to encrypt your wallet.

Truecrypt is discontinued/no longer supported.

Thomas:
I agree with you & your reasons.
Please, Don't add extra encryption for the addresses/transactions.
Keep it simple & streamlined.
BTW, Thanks for all your work on Electrum.

zanza:
I understand your concern for address/transaction privacy.
You can just run it inside a Truecrypt container, to accomplish this.   

Do you not understand the concept that if your computer is on it is unencrypted?  Also FDE is not available to a lot of the Electrum users, basically it only helps Linux users.

Even if users used the same outer/inner password, it would still be equivalent security to the current version (ie: if your 1 password is taken someone can access your wallet and steal your coins).  The only difference is that if someone does not have your password they cannot view your transactions/addresses.

It offers the protection of keeping your public address and tx history private for those people who use their computer for things other than simply hosting a bitcoin wallet.  (I think a lot of people opposed to this assume people only use their computer for a Bitcoin wallet?)

I could probably guarantee that at least 20% of wallet users would use this feature if it was available.  You don't lose anything, you simply gain additional privacy it's really a no loss situation.  It would even be fairly simple to implement in, just encrypt the public/tx files, and add in a password prompt (if enabled) at startup to input the key to unlock the files. 

No, it would not be a good idea.

A lot of users would use only the outer password, and no inner password at all.
See the FAQ: https://electrum.orain.org/wiki/Frequently_Asked_Questions#Why_can_I_open_the_wallet_without_entering_my_password.3F

Some users would use the same password for both
Finally, having 2 password to remember instead of one multiplies the probability of losing/forgetting them.


if you want to protect your privacy, better encrypt your whole disk.

thanks!  there it was lol

I'd like to see this too, something like a 2FA password on startup or a password to be asked on starting electrum. I know Electrum 2.0 beta has 2FA using Trusted Coin's API for transactions I think and we have to pay a fee for this. Is it possible to build a plugin or something?

wow this forum sucks, just completely lost my last message due to some draft crap.  Ok, ill retype briefly

Do we know for sure he didn't have password on his wallet?  This seems to be rule #1 that every bitcoin beginner even knows for a hotwallet.
1) Feds got his laptop and his Wallet password was recovered somehow from this (reused password, open Keypass file, written in plaintext in a file)
2) FBI/NSA/Google helped, they have pretty advanced methods once they actually access your computer unenrypted so they have used some super secret govt' method we don't know about to scan his RAM or cache or idk
3) He willingly gave it up, keep in mind US Marshall auction was just to liquidate the coins in declining market and Ross is still owner of the coins/liquidation value.  If he loses his trial he will most likely lose these funds but if he wins he may keep it.

So I wouldn't be so sure his wallet was unencrypted

The main problem here is that to do this someone would need access to your account on your PC, which you should never allow. If you care about computer security you should be locking your screen when you are away from it and whenever a friend needs to use your PC you should only let them use the guest account.

However I do agree that this would be a useful feature and it should be implemented. Occasionally I sometimes leave my PC unlocked (for example, when watching a movie with friends) and don't want anyone snooping on my transactions. I have a really hacky python script that I quickly made that AES encrypts my wallet, and when I start electrum it asks me for a password to decrypt it, though my script is very unsafe as it writes the unencrypted wallet to the drive and attempts to securely overwrite it when electrum shuts down.

You can always use something like encfs to encrypt your wallet and implement this feature yourself.


You are right. If he had used such a feature yes, but the fact that he didn't even encrypt his wallet (he relied on FDE to protect his wallet) I doubt he would've used such a feature.

I think it would be a good idea (and fairly simple) to add an option to encrypt your entire Electrum program requiring password on startup (similar to Thunderbird and many other programs).  So, you would run Electrum, and immediately a password prompt would appear, and if you don't have the password you would get nowhere.

This would prevent if someone access your computer
1) viewing of public keys
2) viewing of labels/notes
3) transaction history

Note: If Electrum had this type of setup Ross Ulbricht wallet would most likely have been safe and they would not have easily been able to trace his accounts.  Having access to public keys is important information due to the pseudonymous nature of Bitcoin, therefore some people would find it useful to not have their wallet accessible even if someone gains access to their computer.

This would not replace the existing password used for encrypting private keys and sending, this would still exist as it did before but having an option to encrypt Electrum completely would add a nice safeguard that some people would find valuable to protect transaction history/public keys.

So as a flowchart, the bolded section is the only thing new otherwise to how Electrum currently functions.

Start/Run Electrum program -> (optional password if enabled) -> program starts and shows address's and history/labels (just as before)-> Send Bitcoins -> (requires separate password if enabled, just like previous versions) -> Bitcoin send



I know this isn't for everyone but I think it definitely has a useful purpose to warrant investigation.