This would be a shitty security method that would protect you only from the most noob script kiddie.
Two ways to hack it:
* the simple: wait for the window asking the password to appear and take the password (keyloggers)
I would hope the Bitcoin client uses a different method to receive your password like an on screen keyboard but this will open the client to a screen capture on mouse event. Still it is better then what we have now.Two ways to hack it:
* the simple: wait for the window asking the password to appear and take the password (keyloggers)
Quote
* the "a little harder": You know (by looking at the source, the client is open source, you know?) in which function the key is unencrypted, you wait for the exe of the client to be loaded (you are a trojan, you are resident in memory), put a breakpoint there and snoop the memory. Each time a new version of the client is created you lose half an hour to "expand" your library of possible breakpoints. Hackers do more complex things to games that are protected by latest generation protections. You think that an open source software that anyone can compile is more resistant? Encryption will only make the wallet.dat more resistant to "one shot" trojans that enter, steal and exit (or to trojans written by script kiddies that don't know assembly). This would steal one private key at a time, if the program is well written (but then, if you are already putting a bp in the code, you can directly steal the password).
If we make the client more resistant to fly by the night attacks this would cut down on the successful thefts on the Bitcoin wallets. There will be intelligent viruses and trojans that overcome all security methods but these would be more specialized. We need to make it more difficult for hackers to even want to steal the bitcoins and find some other low hanging fruit like the real banks.
Quote
The only "possible" way would be to make the program polymorphic, like the viruses, so it would be more difficult to put a breakpoint in memory, but it's quite complex... And it would protect only against the second method. And in the end the Trojan would simply replace your exe with another one that would only ask you the password and send it to the hacker.
I like your polymorphic moving target memory idea. Can you send the code to the developers. I understand what your are talking about but what do we do? Put our head in the sand and let Bitcoin go away or centralize and put our Bitcoins back in a digital bank that is insured by the FDIC and end back where we are now. I doubt I will lose my Bitcoins on my secure Linux box but everyone I work with that is not technical would not be able to run their own secure Linux box. They can not even secure Windows. I gave up supporting Windows for my family and friends. I only run Linux Systems at my home and I only support Linux for family and friends that are willing to go in a different direction and not use Windows.
Maybe we need a hardware device that is not on the Internet that holds our wallet private keys and uses an API over the local LAN to request that you send money. Then you have to walk over to this secure hardware widget and put in your password there. Of course this would put Bitcoin out of the hands of everyday users who would not want to spend any additional money to send and receive Bitcoins.
-Dukejer