Pages:
Author

Topic: Why thefts and hackers stealing wallets is a good thing... (Read 1947 times)

newbie
Activity: 14
Merit: 0
The problem in the MtGox incident was not unsecure wallet.dat's with the users... it was unsecure MtGox's databases. So the trading sites should get some standard equal to a modern online banking site, and not md5-hashed or even plaintext passwords in some unsecured SQL database.
sr. member
Activity: 322
Merit: 251
FirstBits: 168Bc
Forget USB. I'd like to see an offline client produce a QR code transaction, that I can execute with my mobile telephone.
newbie
Activity: 10
Merit: 0
I think that humans are not able to produce 100% error free software. At least I never saw or heard of one. So there will always be a risk that an error you didn't even know about could hit the security of you application. You can only try to do your best to avoid such critical errors. The users on the other side should always try to minimize and manage the risks they take.
I even don't know if the official p2p bitcoin client is secure. Maybe one day someone will discover a fatal error in it and come up with a wallet stealing worm for the bitcoin network. That would cause real trouble I guess.

P.S.: In reply to my first message - I just saw that wallet encryption is already planned for bitcoin client 0.4.0, so there is hope Wink
sr. member
Activity: 350
Merit: 250
I never hashed for this...
As someone interested in developing web-based software for use with Bitcoin, the thought of making even a slight mistake while coding, leading to irreversible damage to my product scares the hell out of me.
newbie
Activity: 14
Merit: 0
I still think it would be great if there was a passcode associated with each account like a PIN for a bank card. This way even if someone steals your wallet, without your PIN it would still be meaningless.

A 4 digit pin has 10,000 possibilities, any computer could crack that hash instantly and have access to your wallet.
newbie
Activity: 38
Merit: 0
I still think it would be great if there was a passcode associated with each account like a PIN for a bank card. This way even if someone steals your wallet, without your PIN it would still be meaningless.
newbie
Activity: 10
Merit: 0
I guess the security in the bitcoin client will be improved over time as more and more stealing appears.
What I can't really understand today is, that the bitcoin network has some really strong cryptography in it, but the client somewhat lacks behind. I think the wallet.dat file should be at least saved to disk only in encrypted form and the user has to enter a password while doing transactions in the client to decrypt the wallet file (or parts of it). Maybe some ideas from the various available Password Safes (e.g. KeePass) could be applied to the bitcoin client. That would at least make simple file copying useless for hackers, they would then have to hack the bitcoin client process itself instead.


sr. member
Activity: 350
Merit: 251
I think as soon as we get a build of bitcoin with privatekey exporting and offline transaction authorization(a machine with no internet that you transfer data with via usb), there really should be no excuse for getting your wallet stolen aside from robbery.
donator
Activity: 826
Merit: 1060
Who here agrees with me and beleive whatever doesnt kill Bitcoin complete will only make it stronger?
I don't think wallet theft can ever be a "good thing", but I think one of the biggest effects of Bitcoin over the next few years will be to totally revolutionize computer security tools and techniques.
newbie
Activity: 14
Merit: 0
Security. Would you put your money in a bank that was getting robbed all the time?(ignoring any deposit insurance or anything like that)
That's the thing though, Bitcoin is not like a bank, where Mt. Gox is.  If I give my money to someone who isn't very secure about it, and then they lose my money that isn't a problem with the money (whether we are talking about Bitcoins, USD, or any other currency) it's a problem with the person holding your money.

When Mt. Gox fails that has nothing at all to do with the security of Bitcoins, it's a flaw with Mt. Gox.

Quote
Also, seeing monetary theft as good for you... well that my friend is antisocial thinking. That's all there is to it. Good for you till your wallet gets stolen. I've got mine, !@$% everyone else.
My wallet is encrypted, and on my computer and flash drive.  It is perfectly secure.

This is the equivalent of someone who ran down a bad neighborhood with a big wad of cash in their hands, getting it stolen, and telling someone with their cash in a safe "It could happen to you".

Some people learned the hard way that you have to be careful with money, that's too bad, but ultimately their fault and not a flaw with Bitcoins.

Quote
Also, computers are flawed(computers will always be hackable). Since bitcoin depends on computers, it is too flawed. However, I don't think anyone here or anywhere is expecting a flawless victory with any currency. EVERY currency has flaws. Less flaws is good. More is bad.

If the user has an up-to-date computer, and takes reasonable security measures, then they are safe.  People aren't hacked because "everything is insecure" but because they made a mistake, or were careless.
newbie
Activity: 46
Merit: 0
The easiness of stealing it *is* a flaw of cash USD. That's why we have banks and credit cards and checking accounts and stuff, rather than just carrying our life's savings in cash around with us all day...
member
Activity: 70
Merit: 10


Unless the network or economy tanks, your money is always safe, its the MEANS of storing it that it much more at risk at the moment... I think the community should focus on keeping the network/protocol secure and hardened, and secondarily ensure the economy stays liquid before worrying about the client software... If your that paranoid about losing your BitCoins, heck, hire your own programming team to audit the Client or have one written yourself...

I apologize I did not specify

I meant the trust in the money it self, that you trust that after working 10 hours that those pieces of paper they are giving you are going to be worth something to get something you need.  I agree the storing the money should be up to the individual imo same way not to keep your real life money in a bad bank or loan it to someone you dont trust.
member
Activity: 70
Merit: 10
Use an online service like mybitcoin.com I think, if you dont know how to secure your computer, it should be outsourced to someone who knows what their doing...
newbie
Activity: 37
Merit: 0
What are some easy ways for a noob to protect their wallet?   Grin
full member
Activity: 131
Merit: 100

Who here agrees with me and beleive whatever doesnt kill Bitcoin complete will only make it stronger?

I'll drink a shot of whiskey to that bro!
gno
newbie
Activity: 28
Merit: 0
I guess people trying to steal it suggests that it has value which is something that is trying to be established.  Maybe not the most desirable way to establish it...  Interesting thought though.
member
Activity: 70
Merit: 10
Security. Would you put your money in a bank that was getting robbed all the time?(ignoring any deposit insurance or anything like that)

Also note that people just don't carry cash around like they used to. One reason(other than convenience, although cash is not really all that inconvenient IMO.) is that carrying cash around isn't secure. When you lose your debit card or credit card, at least it can be cut off and the thief can't keep spending your money. You might even get it back. So yes, cash money IS flawed, because it's really NOT a good idea to have money just spilling out of your wallet all the time.

Also, seeing monetary theft as good for you... well that my friend is antisocial thinking. That's all there is to it. Good for you till your wallet gets stolen. I've got mine, !@$% everyone else.

Also, computers are flawed(computers will always be hackable). Since bitcoin depends on computers, it is too flawed. However, I don't think anyone here or anywhere is expecting a flawless victory with any currency. EVERY currency has flaws. Less flaws is good. More is bad.

I don't know that it will make it stronger, but it will certainly help define its place in the economy.



The good thing about BitCoin is everyone is like their own bank, if your worried about it happening to you theres always something you can do... Have multiple wallets, use online wallets too, backup/encrypt them, secure your pcs, use a firewalled netbook that is brand new for your main savings account that you hardly use, in a way to practically reduce the risk to 0... If you arent prepared to secure your BitCoints, my point is, you should find someone else (like an online wallet service) who is and they should get rewarded monetarily for it... That keeps the market healthy... I can imagine a service like MyBitcoin.com that is super secure and offers guarantees and SMS verification for every transaction and insures you against loss and theft... For a price...

"thefts and hackers stealing wallets is a good thing..."

...until it happens to you that is.

Im not afraid to be honist, I havent been robbed of cash in real life before because I take sensible precautions, and I intend to do that same for Bitcoins... One idea is to not keep all your cash in one place, if you are wealthy enough to have 5000 BTC, then surely you can buy 2 or 3 different computers each with 2 or 3 different wallets so if one gets compromised, the others are still there...

Because money in all reality is trust and if you do not trust its safe then you dont trust its worth.

Unless the network or economy tanks, your money is always safe, its the MEANS of storing it that it much more at risk at the moment... I think the community should focus on keeping the network/protocol secure and hardened, and secondarily ensure the economy stays liquid before worrying about the client software... If your that paranoid about losing your BitCoins, heck, hire your own programming team to audit the Client or have one written yourself...
member
Activity: 70
Merit: 10
Because money in all reality is trust and if you do not trust its safe then you dont trust its worth.
legendary
Activity: 1288
Merit: 1227
Away on an extended break
IMO, people should start treating bitcoins like cold hard cash - you'll lose it if you don't care for it like you would for cash. Like pickpockets you would encounter on rowdy streets, the internet has it equal share of virtual pickpockets waiting for you to let your guard down. But thefts and stealing do prove that bitcoins are coming of age like cash did decades ago, although I do agree that getting your wallets stolen sucks.
member
Activity: 67
Merit: 10
"thefts and hackers stealing wallets is a good thing..."

...until it happens to you that is.
Pages:
Jump to: