phantomcircuit [ARCHIVE] on Nostr: 📅 Original date posted:2011-06-16 🗒️ Summary of this message: Experts suggest ...
📅 Original date posted:2011-06-16
🗒️ Summary of this message: Experts suggest air-gapped wallets to improve Bitcoin wallet security, but an insecure PC remains a major vulnerability. Scratch off branch with email and password is a better solution.
📝 Original message:On 06/16/11 20:18, Luke-Jr wrote:
> On Thursday, June 16, 2011 1:59:56 PM Jeff Garzik wrote:
>>> 2) Wallet security.
>> Agreed, though security professionals (and luke-jr) are already
>> pointing out the wallet crypto mainly eliminates a bit of bad PR,
>> rather than being a major crime deterrent.
>>
>> zooko on IRC had a pretty good suggestion: introduce a built-in
>> facility for air-gapped wallets (multiple wallets), so that loss of
>> your everyday transactional wallet does not mean loss of everything.
> Even if you do this, a cracker can still simply send your encrypted wallet to
> himself, secure-delete your local one, kill your client, and demand you
> publish your password if you want some portion of your coins back.
>
> I'm not sure there's *any* defense for an insecure PC. Maybe Bitcoin will end
> up forcing people to reconsider their priorities when it comes to security...
Jeff's scratch off branch modified to use email (as unique salt) and
password would eliminate the need for a static wallet.dat for 99% of the
userbase. This seems like a much better solution than encryption.
(Although obviously it's still vulnerable to key loggers).
Published at
2023-06-07 01:38:31Event JSON
{
"id": "f271b329dc22ff57d307d783164370f9fde812a47a7c3b29525cc449f5e4452a",
"pubkey": "a9675d2609003504a2d580ac9f4b8bcabbd3147facf794e550385c0957280478",
"created_at": 1686101911,
"kind": 1,
"tags": [
[
"e",
"210b9203240ad106b92714cbc619bb3695fd79f3063e1a4523dba8506c0f7178",
"",
"root"
],
[
"e",
"f870e3b3ca58405a6a351fbe839adc24a62ef87d37bf0b17b715e37eb1c23254",
"",
"reply"
],
[
"p",
"6ac6a519b554d8ff726a301e3daec0b489f443793778feccc6ea7a536f7354f1"
]
],
"content": "📅 Original date posted:2011-06-16\n🗒️ Summary of this message: Experts suggest air-gapped wallets to improve Bitcoin wallet security, but an insecure PC remains a major vulnerability. Scratch off branch with email and password is a better solution.\n📝 Original message:On 06/16/11 20:18, Luke-Jr wrote:\n\u003e On Thursday, June 16, 2011 1:59:56 PM Jeff Garzik wrote:\n\u003e\u003e\u003e 2) Wallet security.\n\u003e\u003e Agreed, though security professionals (and luke-jr) are already\n\u003e\u003e pointing out the wallet crypto mainly eliminates a bit of bad PR,\n\u003e\u003e rather than being a major crime deterrent.\n\u003e\u003e\n\u003e\u003e zooko on IRC had a pretty good suggestion: introduce a built-in\n\u003e\u003e facility for air-gapped wallets (multiple wallets), so that loss of\n\u003e\u003e your everyday transactional wallet does not mean loss of everything.\n\u003e Even if you do this, a cracker can still simply send your encrypted wallet to \n\u003e himself, secure-delete your local one, kill your client, and demand you \n\u003e publish your password if you want some portion of your coins back.\n\u003e\n\u003e I'm not sure there's *any* defense for an insecure PC. Maybe Bitcoin will end \n\u003e up forcing people to reconsider their priorities when it comes to security...\nJeff's scratch off branch modified to use email (as unique salt) and\npassword would eliminate the need for a static wallet.dat for 99% of the\nuserbase. This seems like a much better solution than encryption. \n(Although obviously it's still vulnerable to key loggers).",
"sig": "24310e1210b7a72e169d2574f904f71eb6793aa771218d1ba199126688fbb0e414dc39005cee74ca2025791683fa1ee087406963691e15e55d621a1c5bafd286"
}