Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
Re: Bitcoinica lost 43,554 BTC from Linode compromise, suspicious TXIDs publicized
by
btc_artist
on 02/03/2012, 04:44:51 UTC
Quote from: smickles on March 02, 2012, 04:42:35 AM
Quote from: btc_artist on March 02, 2012, 04:41:13 AM
Quote from: smickles on March 02, 2012, 04:38:02 AM
Quote from: bitcoinBull on March 02, 2012, 04:34:11 AM
Quote from: bearbones on March 02, 2012, 04:26:43 AM
Quote from: cablepair on March 02, 2012, 04:23:08 AM
i mean seriously, could not this whole thing been prevented if the wallet was just encrypted?

Obviously the software running against the hot wallet has to have access to it. This means that if someone roots the server, they'll be able to have the same access to the hot wallet. Encryption would not have entered into it.

Zhou, good on you for covering this! I'm having a hard enough time covering the BTCinch theft; I can only imagine how pissed you are at linode.

In this case, encryption would have protected the wallet because the attacker was only able to get root access after a reboot.
why would a reboot stop the attacker from seeing the wallet being unencrypted during the next use?
You have to enter the wallet password/passphrase after rebooting/restarting bitcoin.
am i missing something here? wouldn't that entry be exactly what the attacker would be waiting for?
Yes, an attack like that could also be done, although it would have to be slightly more sophisticated than today's attack. Likely you would modify bitcoind to log the passphrase to a file somewhere.