Pages:
Author

Topic: we need a comprehensive guide for making SAFE bitcoin apps!! (Read 2519 times)

legendary
Activity: 1652
Merit: 2311
Chief Scientist
Starting with OWASP is good advice.

But if you are holding other people's bitcoins, just securing the app is not enough. You need people who have experience securing money telling you how to create processes to make sure you're not the victim of embezzlement, that you are complying with legal requirements, keeping adequate records, keeping customers' funds separate from the funds used to pay expenses, that regular audits are done to detect problems early, and so on.

The Bitcoin Protocol is innovative but financial institutions on the other hand have been around for a very long time.
+1
sr. member
Activity: 420
Merit: 250
member
Activity: 86
Merit: 13
Hi Paulie,

the advice you want people to use already exists,

the Open Web Application Security Project

https://www.owasp.org/index.php/Main_Page

you will find professional people, who are very good at what they do.  These people may even be persuaded to work on bitcoin - that place is like a repository of web app security.  if  a company does not follow thier advice...

go check it out. get some people interested...

bitcoin is a blockchain and interaction with this chain.  it is not securing web apps.

sorry to be a miserable git.

steve
hero member
Activity: 743
Merit: 500
oh, great start! i see that it was started in may.
may we use this as the base, and expand it as discussed?
Mike Hearn was the author
https://bitcointalksearch.org/topic/m.904743
newbie
Activity: 22
Merit: 0
Don't know what you're goal is, but anything can be hacked with time. Using proper security techniques help, but anything can be by-passed. I.E 2-factor auth, dont use same passwords etc... Simple, logical things...

Tip, Don't believe everyone that says they are a security expert without any proof... I.E Patrick from Bitconica...
sr. member
Activity: 420
Merit: 250
folks,
start putting together a wiki guide for making secure bitcoin apps, from web to desktop to mobile.

who is competent enough to make one? maybe start to collaboratively put that together? it's really important that everyone's knowledge on the subject of security start being pooled and guided so that new people coming into the community with an enthusiasm for making great apps, don't end up like bitcoinica!

so how about it?

https://en.bitcoin.it/wiki/Securing_online_services

oh, great start! i see that it was started in may.

may we use this as the base, and expand it as discussed?
legendary
Activity: 980
Merit: 1020
I meant people seem to think hot wallets are the reason bitcoins are vulnerable, but wallets are only one potential vulnerability. This latest theft was due to sloppy password handling, and 40K USD was stolen in addition to 40K BTC.

You're right, I guess. Even if the bitcoin were offline, the thief could have wait and wait until the balances were loaded into mtgox and use to pay customers or the site start operating.
full member
Activity: 210
Merit: 100
+1 for this initiative

I like the whole idea of Standard Operating Procedures (SOP), Transparency, Disclosures, Best Practices, etc for sites that take custody of customers funds. Not so much as a requirement for starting the site but as a way for potential/current customers to evaluate the risk involved when dealing with them.

The Bitcoin Protocol is innovative but financial institutions on the other hand have been around for a very long time.

Caveat emptor
hero member
Activity: 743
Merit: 500
folks,
start putting together a wiki guide for making secure bitcoin apps, from web to desktop to mobile.

who is competent enough to make one? maybe start to collaboratively put that together? it's really important that everyone's knowledge on the subject of security start being pooled and guided so that new people coming into the community with an enthusiasm for making great apps, don't end up like bitcoinica!

so how about it?

https://en.bitcoin.it/wiki/Securing_online_services
legendary
Activity: 1050
Merit: 1002
It does. Having a balance with mtgox is effectively a hot wallet.

I meant people seem to think hot wallets are the reason bitcoins are vulnerable, but wallets are only one potential vulnerability. This latest theft was due to sloppy password handling, and 40K USD was stolen in addition to 40K BTC.
legendary
Activity: 980
Merit: 1020

It depends on amount of volume. A site like MtGox having the majority of bitcoin exchange probably does, because manually processing transactions would be labor intensive.

They just need automation.

Quote
But remember it's possible to secure a hot wallet, and this latest theft had nothing to do with a hot wallet all.

It does. Having a balance with mtgox is effectively a hot wallet.
legendary
Activity: 1050
Merit: 1002
Do trading sites like MtGox, BTC-E, BitStamp, Intersango, bitFloor, GLBSE, etc need a hot wallet at all?

It depends on amount of volume. A site like MtGox having the majority of bitcoin exchange probably does, because manually processing transactions would be labor intensive.

But remember it's possible to secure a hot wallet, and this latest theft had nothing to do with a hot wallet all.
full member
Activity: 210
Merit: 100
Do trading sites like MtGox, BTC-E, BitStamp, Intersango, bitFloor, GLBSE, etc need a hot wallet at all?
sr. member
Activity: 420
Merit: 250
imho those kinds of threads should be collected and organized into a wiki per this thread:

https://bitcointalk.org/index.php?topic=93115.0;topicseen
legendary
Activity: 1050
Merit: 1002
high tech is not the solution to the problems in your previous emails, but my comment was a bit of a sidetrack (that i wish to drop from this thread after this point is made):

i was strictly talking about an idea of how to hide a hot wallet server, disconnected from your previous points. the above, provided some basic precaution on part of the developer, would not reveal a means into the wallet server.

Oh, gotcha Smiley

Yes, securing hot wallets has been discussed, but I don't know the thread off hand.
sr. member
Activity: 420
Merit: 250
Quote
Again, you're thinking a lack of high tech solutions is the problem. It's not. In the example about the cleaning lady there are other ways to go about finding the location to commit the crime. For example, if it was me I would start collecting information on the target. I'd do several things first:

1. Do a WHOIS lookup on the member's domain name; unless intentionally obscured this will provide the member's real name or company name...
2. Click the forum member's profile, see what else I can learn about him, like an email address (which I might try to phish email)
3. Do a forum search of all the member's posts; did he ever mention where he was located?

Only after starting with the above would I even get into tracking down IP addresses. See? Low tech is often FAR more effective.

high tech is not the solution to the problems in your previous emails, but my comment was a bit of a sidetrack (that i wish to drop from this thread after this point is made):

i was strictly talking about an idea of how to hide a hot wallet server, disconnected from your previous points. the above, provided some basic precaution on part of the developer, would not reveal a means into the wallet server.
legendary
Activity: 1050
Merit: 1002
Quote
I'm not against a guide. I just think the focus should be less about the technical, and more about common sense.

During one of the last hack discussions a forum member posted that he properly secured his server, citing various technical precautions. He mentioned he did this to protect the X amount of funds stored on the server, and he was glad for the high bandwidth line to his office allowing him to have the server there.

Another poster said er it's probably not a good idea to tell people where your server holding these funds is at. For example, one could look up where you are located and pay the cleaning lady 10K to look the other way.  That would be worth it for a theft worth say 60K plus.

Low tech security precautions shouldn't be ignored in favor of high tech ones.

i wonder if it would be possible to 'hide' the hot wallet server by putting it on its own box, and only allowing tor hidden service connections in.

that way, the IP at least would never be known...

Again, you're thinking a lack of high tech solutions is the problem. It's not. In the example about the cleaning lady there are other ways to go about finding the location to commit the crime. For example, if it was me I would start collecting information on the target. I'd do several things first:

1. Do a WHOIS lookup on the member's domain name; unless intentionally obscured this will provide the member's real name or company name...
2. Click the forum member's profile, see what else I can learn about him, like an email address (which I might try to phish email)
3. Do a forum search of all the member's posts; did he ever mention where he was located?

Only after starting with the above would I even get into tracking down IP addresses. See? Low tech is often FAR more effective.

sr. member
Activity: 420
Merit: 250
Quote
I'm not against a guide. I just think the focus should be less about the technical, and more about common sense.

During one of the last hack discussions a forum member posted that he properly secured his server, citing various technical precautions. He mentioned he did this to protect the X amount of funds stored on the server, and he was glad for the high bandwidth line to his office allowing him to have the server there.

Another poster said er it's probably not a good idea to tell people where your server holding these funds is at. For example, one could look up where you are located and pay the cleaning lady 10K to look the other way.  That would be worth it for a theft worth say 60K plus.

Low tech security precautions shouldn't be ignored in favor of high tech ones.

i wonder if it would be possible to 'hide' the hot wallet server by putting it on its own box, and only allowing tor hidden service connections in.

that way, the IP at least would never be known...
legendary
Activity: 1050
Merit: 1002
i think it's perfectly sensible to start such a guide with this kind of stuff, although i would drop the conspiratorial tone (even if it proves to be true).

How to make a secure bitcoin application.

CHAP 1: Why is security crucial when making bitcoin applications?
CHAP 1A: Security anecdotes from bitcoin's history (aka Stupid Mistakes)
CHAP 2: Basic server security
CHAP 3: Hot wallets vs Cold Wallets

etc

I'm not against a guide. I just think the focus should be less about the technical, and more about common sense.

During one of the last hack discussions a forum member posted that he properly secured his server, citing various technical precautions. He mentioned he did this to protect the X amount of funds stored on the server, and he was glad for the high bandwidth line to his office allowing him to have the server there.

Another poster said er it's probably not a good idea to tell people where your server holding these funds is at. For example, one could look up where you are located and pay the cleaning lady 10K to look the other way.  That would be worth it for a theft worth say 60K plus.

Low tech security precautions shouldn't be ignored in favor of high tech ones.
sr. member
Activity: 420
Merit: 250
i think it is also important to have a chapter/section about your personal security habits as a developer, and why one hole in the security chain causes the whole thing to crumble (again, anecdotes would be a Good Thing).

is anyone actually going to make this? i think we need it. i would do it myself if i felt technically competent enough (and i really don't).
Pages:
Jump to: