Topic: Remember: Wallet encryption is only good if you don't have keyloggers! (Read 2137 times)

That is why you should never run Java and that is why you should use caution when storing your coins. Why put them all in one place?

Wallet encryption is good but is not intended to protect against keyloggers.
You most use for your transactions a clean computer, best a linux, and not one where you try all games from the internet.
But if you cannot avoid to use an insecure computer for bitcoin then at least you should use some keylogger protection when you type in the password.
( http://www.aplin.com.au/ - Neo's SafeKeys for windows)

Java itself isn't a huge problem, as long as you only use Java applications that you trust. The problem is the Java browser plugin. Just disable it.

Most "defense" software (anti virus, anti malware) work on signatures.  It is a constant battle between hackers exploiting new vulnerabilities and anti-malware software adding those new malware to their detection libraries.  No defense software is 100% effective against 0-day threats.  Never had and never will be.  Now you should still use it but it should be the last line of defense not the first.

Regarding java.  Yes it is horribly horribly insecure.  If you run an untrusted java app the attacker can do just about anything he could do if logged in directly on your computer.  If you have java uninstall it completely now.

I do all my web browsing, pdf&word file opening, etc. from inside a Virtualbox virtual machine.  I recommend the same for all hot wallet users.

I know Java is considered unsafe, but damn, it can steal files from your hard drive?

Another question, isn't virus/malware protection supposed to prevent keyloggers and malicious Java apps from running? I guess there are always exceptions that can work around those, but as a general rule?

Well one thing running Java on any platform not just Windows has the same or very close the same exploits, seeing Java was designed to be cross platform.

One of the most secure things you can do now is to uninstall Java unless you absolutely need it. If installed make sure you use the disable Java from running in the browser option.

Agreed I have long since given up on Java.  I won't install it on any machine and won't use any site/app which requires it.  Until Oracle starts taking security seriously it is too much of a vulnerability.  Java + bitcoin = "please steal my coins".


The encryption method is AES with a 256 bit symetric key.  The key is derived from the password by hashing the password with SHA512 a dynamic number of times (~10,000 on average 2012 computer system) using the EVP_BytesToKey function from the OpenSSL library. The number of iterations varies because the wallet will do a quick benchmark first a pick a high number of rounds that can still be completed in <1 second.  The faster your computer the more rounds are used in the key derivative function.  Every time you change the password the wallet will run the benchmark again.  This ensure the algorithm will keep up with the effects of Moore's law.  If you get a new faster system for maximum security change your password.

just what is a Windows user to do?

it is annoying as heck having to constantly update Java for fear of an exploit.  linux devs need to enable those of us using proprietary Windows programs to run them on linux.  no, virtual box doesn't do the trick.  nor Wine...

Well one thing is using Java (not java script) is a cesspool of hacks/exploits/everything in the middle. If you want to get hacked please keep running  Java. Java is constantly being updated/hacked  on a daily basis.
Also what is the encryption method being used to secure the wallet.dat file in Bitcon QT?

Anyone know the cipher key size 128 bit/256 bit? And the method being used for the encryption?
 

Good points all!  I'm changing the title.

Interesting.

My immediate thought is that this user backed up his wallet right after installing bitcoin-qt (which is common), to somewhere on the operating system hard drive.  And that he did so before encrypting it (which is also common) - and that the backup wallet was not re-named to some name other than 'wallet' (which is also very common) - so if this javascript searched his drive the unencrypted backup wallet could be found easily.

My next thought is to wonder if it was a fresh install - or an upgrade from an unencryptable version of bitcoin, like 0.3.21.  Backups from the original installation could still be on his hard drive.

My last thought is that this could easily be intentional FUD.  I've noticed that the longer I've been involved with bitcoin, the less charitable I've become in that regard.

Not necessarily.  The QT client only prompts for password when performing an action which requires access to the private keys (normally signing a message or sending bitcoins).  This is intentional to reduce scope where password can be grabbed.  Launching the client to check your balance for example doesn't require access to the private keys and thus the client won't prompt to decrypt the wallet.

Cold storage. Nobody ever said bitcoin-qt was secure via encryption; it is still susceptible to key loggers etc.

There is no backdoor to the encryption.

So there are a couple of possibilities:
a) user's wallet was not encrypted or was unlocked (recent transaction) - unlikely but possible
b) user's wallet had a weak password
c) user's computer was infected with malware keylogger
d) user re-used password on another site (which was compromised)
e) user re-used password on another site and it was stored in a password utility like lastpass which itself wasn't encrypted

I am thinking c is the most likely but without specific details we may never know.

I do think it would be a good idea if the bitcoin program directory (not to be confused w/ datadir) had a file (say paths.conf) with two options:

This would allow someone for example to put the datadir (everything but wallet.dat) in one location and the wallet.dat in another location (like removable usb drive).  

These values should also be able to set from the GUI. 

A cautious user could physically remove the usb drive when not conducting transactions.  This would require some refactoring of the QT client such that it can "run" (connect to network, download blocks, relay transactions, etc) without access to the wallet.dat.  When access to wallet.dat is restored (user inserts usb drive) the client would need to be smart enough to recheck recent blocks in an intelligent manner.

somethings fishy about that post.  from the OP:

"I didn't enter my password when I opened my wallet..."

that isn't possible if his wallet was encrypted. 

No wallet that is connected to a computer with internet access is safe from hacking. Wallet encryption is only slightly better than no protection at all.

Be careful out there...

http://www.reddit.com/r/Bitcoin/comments/1cokps/java_exploit_stole_all_my_btc/