What reports are you referring to here and why should you expect scientific predictions (which are usually couched in error bars and scenarios) to stay constant in the face of new evidence or better modelling? And your appeal for raw data is particularly laughable, given that it's the usual gambit that deniers throw out as if it's all some vast conspiracy and if only scientists would spend every waking moment satisfying specious FOIA requests this conspiracy would be revealed.
That's more or less it. What they can't roll back is confidence in the system and I wouldn't be surprised if the exchange rate takes a huge dump when they reopen. People's investments will be wiped out.
It's worth nothing that this 'price crash' was completely artificial, the result of a malicious act, and only really affects the Mt.Gox exchange site. I suppose it probably also affects any sites that set their exchange rate by Mt.Gox, but many don't do that on a real-time basis anyway. I use Bitcoin Market, another trading site, and their prices are unaffected.
Artificial is one way of saying it, dress rehearsal is another. If a panic sets in amongst investors then the number of sellers will exceed the number of buyers and the price will collapse. I'd add that seeing a massive theft and the largest exchange go down in the space of a week are hardly confidence inspiring acts. If I were an investor I'd be looking to cash out right now. For a real currency, not a yoyo currency.
I think yours is a double edged argument. The money transferred out of the exchange is gone and MtGox IS going to eat the losses, and do a proper rollback.
How are they going to eat the losses? Do they have a reserve of bitcoins to dip into? Why didn't the hackers steal that while they were at it? Or perhaps they'll financially compensate people in real money? Putting aside the hypocrisy of doing that, do they have the reserves to compensate people in USD and what value should that compensation be when the entire exchange rate has been fucked by a single hack.
The point of this (as if it wasn't obvious for months) is Bitcoin is a fragile, unregulated system with technical, human and legislatory weakpoints. There is no oversight, no federal guarantees on savings, some incredibly naive assumptions about human nature, and it has proven incredibly sensitive to thefts and hacks.
It has been boosted no end by early adopters but there is no evidence that it is anything more than a shell game. If I were someone still in possession of a large number of bitcoins I'd be selling up right now. Get the hell out. Collapse is imminent, the number of sellers will massively outstrip the buyers so now is the time to leave. Right now.
It's not the fact they're encrypted bits which makes them worthless. It's the stupid "currency" they belong to and the shell game being played with rubes that buy them that makes them worthless.
No security would prevent a keylogger but there are measures such as I suggest which would prevent drivebys and minimize the window of opportunity even if someone infiltrated your network. And yes Bitcoin should probably offer a file picker when it launches so you can choose some file that's situated on another drive. It means when Bitcoin is not running a trojan has no idea where the wallet is assuming it is encrypted. But the measures I suggested would still protect users.
As for 12345, that's the user's problem but it doesn't excuse software which doesn't lift a finger to help protect financial data.
Of course someone could make a more secure client but the reality is most people use the default one, the one advertised on the bitcoin site. The one riddled with holes. Internet Explorer wouldn't be absolved of security problems (e.g. ActiveX scripting issues) just because users have a choice of another browser and neither should the same apply to bitcoin.
Stop being so absurd. Seriously. You're trying to make out that a moribund dead project which accomplished fucking nothing in 20 years is pragmatic? Hiding behind a microkernel is no excuse for the godawful mess of nothing that was Hurd. I was programming QNX around the same time, a real time OS that used a microkernel that was knocked together by a relatively small company. It wasn't the only microkernel either with Coherent & Minix being other examples. If a few guys could manage to produce a dist in the absence of tools like gcc, bash etc., Hurd sure as hell had no excuse.
okay, then in real life, people halfway across the world can't steal my paper cash money electronically through my computer just because I went to a dodgy website with an insecure web browser
captcha: "taxable". hahahahahahaha
Not only that they can't steal hundreds of people's money simultaneously. The problem with bitcoin zealots is whenever a vuln is found they always strive to make a comparison to a real world analog as if that somehow makes it all right or the comparison is even valid.
I don't think encryption alone will help. It only protects you when your PC is not on or when bitcoin is not running. Once bitcoin is running, the trojan only needs to find the memory space the program is using to steal your wallet.dat info.
Not necessarily. Bitcoin by default might hold incoming transactions as plaintext in a receivables tray but transfer them to savings tray when the user enters a password. After 5 minutes the password is dropped and the old behaviour resumes. I expect for most people this means their exposure is reduced from 24/7 down to 5 minutes a week or similar. The wallet could still show them some meta info about their savings (e.g. transaction history & amounts) but it would protect the coins themselves.
The trojan might have to sit around for days or weeks for someone to need to unlock the wallet and in the meantime the chances of it being detected are that much greater.
How does this Infostealer.Coinbit trojan get on to the infected computer?
Well the easiest way would be to package it up as a bitcoin miner. People who install miners are by definition bitcoin users and greed could lower their guard enough that they would install the thing if it promised better performance than other miners. There are enough miner apps around with source code that the trojan could actually mine for a while before flipping into robbery mode. Miners also imply bitcoin is running in server mode where it has the potential to subvert the application even if its running on a separate box.
It's not cheap to crack a strong password and if I had substantial investment in bitcoin you could be damned certain I would choose an extremely strong password. And a key on the disk would help too simply because some hacks might use driveby attacks so putting an unguessable key in the same directory (which could even be xor'd with the password hash) would make it virtually impossible to decrypt a wallet even if someone developed a remote exploit to lift it.
Encryption! (Sorry, couldn't resist - and I know it's not)
But honestly, if you're using this system for any sort of money handling, then leaving it, the equivilent of lying around, is not a good idea. Secure your money properly, use common sense. Also I believe it's even on BitCoin's good practise list of recommendations. Encrypt your wallet and keep a backup elsewhere incase a nasty trojan erases it. Good data retention practise applies to everything.
If Bitcoin knows it's good practice, then why can't it be implemented in software? The simple fact is if Apple did this or Microsoft or Google then people would (and do) shit on them from a great height. The problem here is the Bitcoin client used by the majority of users is insecure by default. It's making it easy for the bad guys to rip people off.
If someone has access to your user session then encrypting your wallet it is only going to make the attackers life slightly harder since you will need to supply the software with a password to decrypt it at some point.
Encryption protects the data as it resides on disk so unless the trojan is keylogging and captures the exact moment you enter a password (which you may only do once in a blue moon) it has nothing to work with. That increases the chances you'll detect the trojan before it can steal any data. Encryption also protects you from drivebys, e.g. a web browser exploit that allows someone to lift a file off your disk.
Of course crypto may not protect from someone who owns your machine and has the time to log keystrokes but the simple fact is the Bitcoin client is doing NOTHING at the moment. It's shoddy security.
Well it's not a text file, it's a Berkeley DB file but same difference. It's shoddy design and it would have been apparent to anyone who spent a few minutes looking at the state of the source code.
Even if it were $20 there is no reason they have to include that cost in all devices, sell the thing as an app on the store that users must purchase to enable the functionality. Simple. And I doubt they'd even pay $20 these days given that you can buy an upconverting DVD player with HDMI and AC-3 for $24 from Walmart. If it were $20 that would leave $4 to manufacturer, ship and profit from the thing which seems rather unlikely.
Also, it's entirely likely the Wii U would have to licence codecs for other reasons anyway (e.g. for sending audio / video to the remote device) so enabling DVD may not be as bad as you think.
Well that's the point. They were trying to be perfectionists, not pragmatists and got nowhere fast. If they set aside some of their more ambitious goals they would have made more headway. In doing so Hurd would have become useful for something, attracted more users and some of those users may have been motivated to fix the things that were bypassed on the first iteration.
That's why Linux succeeded. The Linux 0.01 kernel made a beeline straight for a functioning x86 kernel and fleshed out from there. People joined the project because where there was no way to run a Unix like OS on x86 for nothing before, now there was. Stuff like multiple architecture support, networking, filesystems etc. came later when critical mass was achieved for development. Pragmatism made it successful. This is highlighted in other ways the project has proceeded from choice of source control to the licence it uses.
Passphrase implies a password of any length. And if I had $500k in a wallet you'd be damned sure I'd choose a strong password which would reasonably withstand attacks for longer than mattered.
Even a file based key would have some use. Bitcoin could generate a randomly named keyfile, next to the wallet. In the absence of a passphrase it encrypts with that. The random name would prevent drivebys from guessing the path for the key meaning they'd have to root the box to get it. If the user did passphrase protect their wallet, the passphrase hash could be xored with the key effectively supersalting it so even a weak password like "abc" would be uncrackable unless the attacker could also lay their hands on the.key file.
No, I was specifically hilighting flaws in an implementation of software. Changing the subject with some lame parody concerning some random other thing doesn't make the problems go away. It is a non response.
As for whether the vulns were responsible for the attack, at some level yes they absolutely were. If the wallet is plain text then someone can lift a copy of it and do what they like with it. That is the fundamental issue here. The actual attack may have involved a driveby or a trojan or a badly configured network share but none of it short of full rooting of the PC & keylogging would have succeeded if the file was protected. It demonstrates a naivety of implementation which makes one think what other flaws are lurking there. If this were some esoteric client it wouldn't matter, but it's THE bitcoin client. It's used by the majority of users meaning they are all vulnerable.
It's not an appropriate rebuttal at all. It's a lame "I know you are but what am I" non response. I made some points about the security of a software application so evading those and changing the subject to real life wallets is ridiculous.
The problem is not transactions pending while you are offline, it's transactions as they're stored in your wallet when you receive them. It's plaintext (a plain Berkley DB), it's discoverable, it's not protected. Someone just has to take a copy of that wallet and they're good to go. That's just terrible design and I'm suggesting a manner in which the app could be made more secure by default.
I realise you could probably manually screw around with it in various ways to secure money but it really shouldn't be like that in the first place. The mantra should be secure by default.
egcs is another example where people got frustrated with the gcc development process being too slow, too dictatorial, too strung out and forked the thing. In that instance egcs was so successfull that it became the basis for gcc 3.0 demonstrating forks don't have to stay forked forever.
What reports are you referring to here and why should you expect scientific predictions (which are usually couched in error bars and scenarios) to stay constant in the face of new evidence or better modelling? And your appeal for raw data is particularly laughable, given that it's the usual gambit that deniers throw out as if it's all some vast conspiracy and if only scientists would spend every waking moment satisfying specious FOIA requests this conspiracy would be revealed.
That's more or less it. What they can't roll back is confidence in the system and I wouldn't be surprised if the exchange rate takes a huge dump when they reopen. People's investments will be wiped out.
It went from $18 to $17, that is not a crash. That will probably have an impact, but more on MtGox reputation than on the BTC price.
The market is effectively suspended. Wait until it reopens and see what happens. It won't be pretty.
It's worth nothing that this 'price crash' was completely artificial, the result of a malicious act, and only really affects the Mt.Gox exchange site. I suppose it probably also affects any sites that set their exchange rate by Mt.Gox, but many don't do that on a real-time basis anyway. I use Bitcoin Market, another trading site, and their prices are unaffected.
Artificial is one way of saying it, dress rehearsal is another. If a panic sets in amongst investors then the number of sellers will exceed the number of buyers and the price will collapse. I'd add that seeing a massive theft and the largest exchange go down in the space of a week are hardly confidence inspiring acts. If I were an investor I'd be looking to cash out right now. For a real currency, not a yoyo currency.
I think yours is a double edged argument. The money transferred out of the exchange is gone and MtGox IS going to eat the losses, and do a proper rollback.
How are they going to eat the losses? Do they have a reserve of bitcoins to dip into? Why didn't the hackers steal that while they were at it? Or perhaps they'll financially compensate people in real money? Putting aside the hypocrisy of doing that, do they have the reserves to compensate people in USD and what value should that compensation be when the entire exchange rate has been fucked by a single hack.
The point of this (as if it wasn't obvious for months) is Bitcoin is a fragile, unregulated system with technical, human and legislatory weakpoints. There is no oversight, no federal guarantees on savings, some incredibly naive assumptions about human nature, and it has proven incredibly sensitive to thefts and hacks.
It has been boosted no end by early adopters but there is no evidence that it is anything more than a shell game. If I were someone still in possession of a large number of bitcoins I'd be selling up right now. Get the hell out. Collapse is imminent, the number of sellers will massively outstrip the buyers so now is the time to leave. Right now.
It's not the fact they're encrypted bits which makes them worthless. It's the stupid "currency" they belong to and the shell game being played with rubes that buy them that makes them worthless.
As for 12345, that's the user's problem but it doesn't excuse software which doesn't lift a finger to help protect financial data.
Of course someone could make a more secure client but the reality is most people use the default one, the one advertised on the bitcoin site. The one riddled with holes. Internet Explorer wouldn't be absolved of security problems (e.g. ActiveX scripting issues) just because users have a choice of another browser and neither should the same apply to bitcoin.
Stop being so absurd. Seriously. You're trying to make out that a moribund dead project which accomplished fucking nothing in 20 years is pragmatic? Hiding behind a microkernel is no excuse for the godawful mess of nothing that was Hurd. I was programming QNX around the same time, a real time OS that used a microkernel that was knocked together by a relatively small company. It wasn't the only microkernel either with Coherent & Minix being other examples. If a few guys could manage to produce a dist in the absence of tools like gcc, bash etc., Hurd sure as hell had no excuse.
okay, then in real life, people halfway across the world can't steal my paper cash money electronically through my computer just because I went to a dodgy website with an insecure web browser
captcha: "taxable". hahahahahahaha
Not only that they can't steal hundreds of people's money simultaneously. The problem with bitcoin zealots is whenever a vuln is found they always strive to make a comparison to a real world analog as if that somehow makes it all right or the comparison is even valid.
I don't think encryption alone will help. It only protects you when your PC is not on or when bitcoin is not running. Once bitcoin is running, the trojan only needs to find the memory space the program is using to steal your wallet.dat info.
Not necessarily. Bitcoin by default might hold incoming transactions as plaintext in a receivables tray but transfer them to savings tray when the user enters a password. After 5 minutes the password is dropped and the old behaviour resumes. I expect for most people this means their exposure is reduced from 24/7 down to 5 minutes a week or similar. The wallet could still show them some meta info about their savings (e.g. transaction history & amounts) but it would protect the coins themselves.
The trojan might have to sit around for days or weeks for someone to need to unlock the wallet and in the meantime the chances of it being detected are that much greater.
How does this Infostealer.Coinbit trojan get on to the infected computer?
Well the easiest way would be to package it up as a bitcoin miner. People who install miners are by definition bitcoin users and greed could lower their guard enough that they would install the thing if it promised better performance than other miners. There are enough miner apps around with source code that the trojan could actually mine for a while before flipping into robbery mode. Miners also imply bitcoin is running in server mode where it has the potential to subvert the application even if its running on a separate box.
It's not cheap to crack a strong password and if I had substantial investment in bitcoin you could be damned certain I would choose an extremely strong password. And a key on the disk would help too simply because some hacks might use driveby attacks so putting an unguessable key in the same directory (which could even be xor'd with the password hash) would make it virtually impossible to decrypt a wallet even if someone developed a remote exploit to lift it.
Encryption! (Sorry, couldn't resist - and I know it's not) But honestly, if you're using this system for any sort of money handling, then leaving it, the equivilent of lying around, is not a good idea. Secure your money properly, use common sense. Also I believe it's even on BitCoin's good practise list of recommendations. Encrypt your wallet and keep a backup elsewhere incase a nasty trojan erases it. Good data retention practise applies to everything.
If Bitcoin knows it's good practice, then why can't it be implemented in software? The simple fact is if Apple did this or Microsoft or Google then people would (and do) shit on them from a great height. The problem here is the Bitcoin client used by the majority of users is insecure by default. It's making it easy for the bad guys to rip people off.
If someone has access to your user session then encrypting your wallet it is only going to make the attackers life slightly harder since you will need to supply the software with a password to decrypt it at some point.
Encryption protects the data as it resides on disk so unless the trojan is keylogging and captures the exact moment you enter a password (which you may only do once in a blue moon) it has nothing to work with. That increases the chances you'll detect the trojan before it can steal any data. Encryption also protects you from drivebys, e.g. a web browser exploit that allows someone to lift a file off your disk.
Of course crypto may not protect from someone who owns your machine and has the time to log keystrokes but the simple fact is the Bitcoin client is doing NOTHING at the moment. It's shoddy security.
Well it's not a text file, it's a Berkeley DB file but same difference. It's shoddy design and it would have been apparent to anyone who spent a few minutes looking at the state of the source code.
Also, it's entirely likely the Wii U would have to licence codecs for other reasons anyway (e.g. for sending audio / video to the remote device) so enabling DVD may not be as bad as you think.
That's why Linux succeeded. The Linux 0.01 kernel made a beeline straight for a functioning x86 kernel and fleshed out from there. People joined the project because where there was no way to run a Unix like OS on x86 for nothing before, now there was. Stuff like multiple architecture support, networking, filesystems etc. came later when critical mass was achieved for development. Pragmatism made it successful. This is highlighted in other ways the project has proceeded from choice of source control to the licence it uses.
Even a file based key would have some use. Bitcoin could generate a randomly named keyfile, next to the wallet. In the absence of a passphrase it encrypts with that. The random name would prevent drivebys from guessing the path for the key meaning they'd have to root the box to get it. If the user did passphrase protect their wallet, the passphrase hash could be xored with the key effectively supersalting it so even a weak password like "abc" would be uncrackable unless the attacker could also lay their hands on the .key file.
As for whether the vulns were responsible for the attack, at some level yes they absolutely were. If the wallet is plain text then someone can lift a copy of it and do what they like with it. That is the fundamental issue here. The actual attack may have involved a driveby or a trojan or a badly configured network share but none of it short of full rooting of the PC & keylogging would have succeeded if the file was protected. It demonstrates a naivety of implementation which makes one think what other flaws are lurking there. If this were some esoteric client it wouldn't matter, but it's THE bitcoin client. It's used by the majority of users meaning they are all vulnerable.
It's not an appropriate rebuttal at all. It's a lame "I know you are but what am I" non response. I made some points about the security of a software application so evading those and changing the subject to real life wallets is ridiculous.
That's an incredibly weak excuse. If Hurd had been goal oriented and pragmatic it is likely it would be what Linux is today.
I realise you could probably manually screw around with it in various ways to secure money but it really shouldn't be like that in the first place. The mantra should be secure by default.
egcs is another example where people got frustrated with the gcc development process being too slow, too dictatorial, too strung out and forked the thing. In that instance egcs was so successfull that it became the basis for gcc 3.0 demonstrating forks don't have to stay forked forever.
That being the case, Linus' real "other gift" is providing proof to the world that RMS' idea was valid and possible.
It's valid and possible if you put pragmatism before politics. This explains why Linux is everywhere and Hurd isn't.