Re: Bitcoins hosted on Blockchain.info safe from government freezing of funds?
BC.i knows the complete mapping of bitcoin addresses to accounts (and emails if provided). With this information they technically have the capability to target specific users and replace their JS code at sign-on with new code that intercepts the private keys. With the private keys in hand the coins could be diverted out of your control.
If you happen to not log in after such targeting begins and instead use an email backup of your wallet, then the only exposure is brute forcing the wallet encryption though the encryption strengthening is not very strong, there are apparently GPU crackers that can test on the order of 1M keys per second, and most users are not capable of choosing keys which can withstand a strong attack (even or especially if they believe they are capable).
If you happen to not log in after such targeting begins and instead use an email backup of your wallet, then the only exposure is brute forcing the wallet encryption though the encryption strengthening is not very strong, there are apparently GPU crackers that can test on the order of 1M keys per second, and most users are not capable of choosing keys which can withstand a strong attack (even or especially if they believe they are capable).
Can you elaborate or point me at a thread discussing this topic? I ran across something regarding this the other day and lost the tab. If we're talking about the same thing, that is. A BCT user was discussing his GPU implementation where he was demonstrating that different sections of the secp256k1 curve (and presumably similar curves) were more susceptible to some form of brute-force weakening. Is this what you're talking about? This is in the back of my mind as an issue to keep a close eye on.
Regarding BCi, that is why *if you're worried about this* you should use them as a watch-only service, as I do. (Though I'm more worried presently about exploits and other flaws, than government seizure, but I guess in a sense that is the same thing.)
EDIT: To elaborate, I just realized an additional implication of your reply. You propose the case where BCi is compromised (or coerced), but for the end user it would behave normally; even for a watch-only wallet, in your scenario, rather than spend the funds, your keys are swept (or the funds are spent to somewhere else than you'd intended).
What do you suppose the danger of that really is? I mean, I guess it is up there above "all internet goes down" in security issues for bitcoin spendability. I can't say that I'd be worried about this unless I had a very large sum of money or was a Snowden-sized target for personal reasons. Thank you for proposing the possibility, however. They certainly aren't decentralized; it's entirely *POSSIBLE* (again, that's a large place) that their servers could be mirrored and be hosted by a government and local users would be unable to tell. GoDaddy and their SSL certs, etc. etc...
In any case, I guess should you feel you may be exposed to such a threat, you should attempt to only make use of BCi for watching, and perform sends from a local client (using the best practices for that).
As an aside, a brainchild of mine uses cryptographic code obfuscation to probably prevent even this sort of attack vector, but it's far from ready. (It may never be; I have a lot of projects and have had no luck cloning myself
)