Search content
Sort by
Showing 20 of 51 results by marbu1022
There are many ways of generating secure brain wallets. One would be by employing the use of a "live" and offline operating system using a reputable wallet, such as electrum. Once your wallet is generated, you can write down all of your public addresses, and memorize your seed, (you should develop a way to get at your seed in case you forget it) and then take the wallet offline where it can remain in cold storage for a very long time. This method would likely be very safe. The amount of security you should employ depends on the amount of funds that you are trying to protect. People will be willing to work a lot harder to get at something that is worth a lot to them. Keep in mind that the physical security of the device (e.g. computer, tablet, phone, hardware wallet, etc...) is very important.
this thread isn't really to warn you any longer. you're dead set on using brain wallets no matter how many others try to warn you off the idea.
brain wallets are not a safe way of storing your bitcoins. but no one's stopping you doing that.
but if you want best practices for keeping bitcoins safe then brain wallets, aren't it! 'nuff said. Its a warning to others, as you, marbu have your mind set on doing it.
its your life, marbu. i really hope that it works better for you than it did for me.
aerobatic,
First of, there have not been others, as you state that have warned me. It only has been you. Many people in this forum will tell you that brain wallets are safe if you know what you are doing. Based on what you have said, I strongly recommend that you read up on managing encryption keys and passwords, as not only brain wallets are vulnerable if you are not careful. Good luck to you.
I don't see how it's possible to crack such a sophisticated password as what you say you used. You are talking about a 256 bit + password. This password cannot be cracked in any practical amount of time.
marbu -
there's several attack vectors to worry about when using brain wallets, which aren't a worry when using other types of wallet.
for instance. every time you need to type it out, to get it converted back into the private key... it could be intercepted locally on your computer using spyware or a key logger. it could be intercepted using man in the middle attack on your internet connection or your wifi via a network sniffer or via a mitm ssl attack. it could be intercepted at the web site that you're using to generate the brain wallet key in the first place. or your java installation etc. it could be a corrupt brain wallet generator. or one with a weakened rng seed... etc. there's too many attack vectors to think that brain wallets are a safe way of storing your bitcoins. you are very reliant on a lot of things not being hacked, for you to continue to use a brain wallet. anytime, during creation or use, or even just doing nothing, can be a risk factor. Even Entropy checkers that are on the internet, could potentially be logging your passwords, and populating similar words into their dictionary with your entropy test results, so that the hackers have a better understanding on what kind of passwords people use (!)
i counted the letters in the brain wallet i was referring that got hacked, and to make a correction, it was less than the 40 chars i said it was - just to be accurate, it was 34 characters. sorry, i thought it was more.. but the point was, it was still a long string of letters and numbers, some of which were words, some caps, some punctuation, and it still got hacked. whether it was hacked with brute force from a cloud password generator or some other weak point in the brain wallet system, i really don't know. All i know is that the ONLY loss i have ever had from any bitcoin wallet... was from a brain wallet. Ive not even (touch wood) lost anything from web wallets like Blockchain.info (and nowadays I've migrated to a hardware wallet and cold storage, as i don't even trust paper wallets as they have some of the same attack vectors to brain wallets)
aerobatic,
Any time that you send btc from a wallet, you are subject to the possibility of someone stealing your private keys, which are what is necessary to take over the wallet and remove all funds. The use of any wallet involves the use of encryption. Encryption is a tool that must be used properly, or just like any other tool, you can end up hurting yourself or others. I suggest you read up on managing encryption passwords and keys.
The information that you provided, as far as the different attack vectors that brain wallets are subject to, also applies to other wallets. I dispute, however, your claim, that brain wallets should never be used.
Going back to your case scenario, where you stated, that you had a 34 character password with characters and symbols, one can only conclude, that your password was stolen by some means; a key logger, or a different type of malware. Again, it is highly unlikely that your password (as you describe it) was brute forced, therefore I have to conclude that you completely mismanaged your wallet.
There are many ways of generating secure, brain, and other types of wallets. One would be by employing the use of a "live" and offline operating system using a reputable wallet, such as electrum. Once your wallet is generated, you can write down all of your public addresses, memorize your seed, (you should develop a way to get at your seed in case you forget it) and then take the wallet offline, where it can remain in cold storage for a very long time. This method would likely be very safe. The amount of security you should employ depends on the amount of funds that you are trying to protect. People will be willing to work a lot harder to get at something that is worth a lot to them. Keep in mind that the physical security of the device you are using to store your wallet (e.g. computer, tablet, phone, hardware wallet, etc...) is very important.
2 - What example?
If I memorize the seed generated when wallet was created, would that be considered a brain wallet? Can you give other examples of brain wallets?
Also how can an attacker use a password to attack my wallet seed??? I thought passwords were used to protect (encrypt) private keys? If I have not exposed my private keys, how can my wallet be attacked by randomly guessing passwords?
I found this interesting article about the vulnerability of brain wallets that left me asking some questions. I personally think the author of the article deserves a sharp pain below the waist line. He actually attacks and insults brain wallet users, provides very vague information, and it appears, the article is written to make you worry about your brain wallet, or any type of wallet for that matter. Please read article below.
http://www.fastcompany.com/3056651/researchers-find-a-crack-that-drains-supposedly-secure-bitcoin-wallets
1> What I would like to know is, if when I generated my wallet, a seed was created for me to be able to restore my wallet at a later point in time, when I want to bring the wallet online again, how could my seed, and therefore my key be attacked??? There is nothing in the blockchain since there has never been any transactions. I don't understand what the author is really talking about? And even if I have conducted transactions to the wallet addresses, how could the presence of those public addresses in the blockchain be used to attack my wallet?
2> Is my above example a brain wallet, or is it something different??
Marbu -
never ever use a Brainwallet. theyre not safe. The big flaw is that they are human generated passwords - the worst kind. And the reward for cracking them is cold hard cash, so every hacker and thief has an incentive to crack them.
it can happen to anyone - including me - when i first started in bitcoin, i used a brain wallet along with regular wallets. i didnt have much in there because a cryptographer friend had already warned me they were unsafe but i i wasnt so sure as i had picked a very complex and long password and i thought that my one would be safe.
So instead of emptying my brain wallet, i left it with some funds but de-risked it and removed most of my coins - i had probably left just a couple in there. awhile later (a few months), i checked back and all my funds had of course been drained ages earlier. this was a very long (40+ characters) password. It had several real words inside it, but it also had numbers and punctuation marks and was longer and more complex than anything in the best dictionary. didnt take them long to crack it and steal my (albeit, small) reward. A month earlier and it wouldve been a lot more.
In short, there's nothing the human brain could think of that a brute force password cracking software in the cloud couldnt find, given a bit of time.
Bottom line: Dont do it. there's no sane reason to use a brain wallet. And if you do, expect to lose your funds. The hackers have infinite time to keep retrying your password. nothing stops them. they can do millions of tries a second and keep going for months til they crack it. Why let them!?
I don't see how it's possible to crack such a sophisticated password as what you say you used. You are talking about a 256 bit + password. This password cannot be cracked in any practical amount of time.
I found this interesting article about the vulnerability of brain wallets that left me asking some questions. I personally think the author of the article deserves a sharp pain below the waist line. He actually attacks and insults brain wallet users, provides very vague information, and it appears, the article is written to make you worry about your brain wallet, or any type of wallet for that matter. Please read article below.
http://www.fastcompany.com/3056651/researchers-find-a-crack-that-drains-supposedly-secure-bitcoin-wallets
1> What I would like to know is, if when I generated my wallet, a seed was created for me to be able to restore my wallet at a later point in time, when I want to bring the wallet online again, how could my seed, and therefore my key be attacked??? There is nothing in the blockchain since there has never been any transactions. I don't understand what the author is really talking about? And even if I have conducted transactions to the wallet addresses, how could the presence of those public addresses in the blockchain be used to attack my wallet?
2> Is my above example a brain wallet, or is it something different??
Let me put the question slightly different because I would also like an answer to this.
Lets just say I buy, sell and mine bitcoins and I am constantly converting btc to usd and sending to my bank account. At what point do I have to pay taxes on my us$ earning I have made from buying selling and mining bitcoins?
Lets just say I buy, sell and mine bitcoins and I am constantly converting btc to usd and sending to my bank account. At what point do I have to pay taxes on my us$ earning I have made from buying selling and mining bitcoins?
which digital currency would you say is the best to come out after bitcoin when it comes to useful attributes to the system.
Id be really interested whats a useful thing after bitcoin since i really got out of touch with all the new altcoins coming out.
Is NXT/MSC still a thing?
Id be really interested whats a useful thing after bitcoin since i really got out of touch with all the new altcoins coming out.
Is NXT/MSC still a thing?
There should not be a bitcoin successor. Other than minor changes to the blockchain, nothing can be improved upon from the view point of the consumer. Satoshi planned all of bitcoin's features ahead of time, and it is his design that made bitcoin a success. If there is a successor to bitcoin, it would be something issued by governments, as where each country would have their own digital currency. The latter is probably a bad idea, therefore bitcoin should be around for a long time to come, at least in the western world, where if it came down to it, courts would enforce its existence.
I just logged in. It was a little slow but what GHS plunge? The prices have been around these levels or heading that direction for weeks.
s5 has been on it's way down, i checked earlier today and it was at .000189, which is way down. I just sold 10 days ago for .0002899 because I had a bad feeling. Just a day ago it was hovering around .000200, it's trending down for sure.
Hey guys and gals,
I want to know if it is possible to mine dogecoin using my gpu on my linux box? FYI, I run Fedora with an Intel Haswell Mobile GPU. I have been searching the net, but so far I have found cudaminer, which requires an nvidia card, and cgminer, but from what I understand, the latest version does not support GPUs. Any suggestions or help would be greatly appreciated.
Hello to all.
I am interested in installing the dogecoin core 64 bit wallet on my fedora 23 system. I downloaded the tar.gz package. The linux instructions are sketchy. It instructs to install multidoge for linux, which is a seperate file from the dogecoin core 64 bit wallet. I downloaded multidoge file for linux, but the instructions don't work for me.
Do I need to install both packages? Can someone please explain how to install from terminal.
thanks a bunch.
Are you talking about their cloud mining or their antpool pool, it seems constant at 212 ph
I am referring to cloud mining on the antpool (hashnet)
Ghs is plunging on the antpool. Is this a good time to buy, jump ship, or stay put? What are you guys doing???
Is ghs plunging because of the upcoming difficulty level change?
your thoughts would be appreciated.
My dream for bitcoin is, that it puts banksters out of business, and that all world transactions are done with bitcoin including on the stock exchange, without a middle man. I would like it to turn into a p2p currency.
Quote
French president says on national TV that the Illuminati is attacking Paris.
https://www.youtube.com/watch?v=6z9y-FtskzYQuote
Did the Paris false flag terrorist attack make any global markets crash?
You ought to be ashamed of yourself for making such a comment! 129 people lost their lives becuase of a cowardly act commited by real terrorists. There were women, some pregnant hanging out the window of a few stories high building trying to save their lives!! You are a real scumbag! I don´t care if this causes me to lose my membership here.
Go to the settings tab and you should see a box titled "Google Auth" In there, there is a QR code which you scan with the google authenticator app on your phone. Then just enter the code for the site in the box and click verify.
I have done that, but for some reason, it is still not asking me for the code when I log in. I don´t get it. Is there anything else I am missing.
Just opened a ticket with them about the issue, I will report back with their response.
Go to the settings tab and you should see a box titled "Google Auth" In there, there is a QR code which you scan with the google authenticator app on your phone. Then just enter the code for the site in the box and click verify.
I have done that, but for some reason, it is still not asking me for the code when I log in. I don´t get it. Is there anything else I am missing.
Does anyone know how to set up two form factor authentication on hashnet? I prefer to have it send me a code to my phone, but google authenticator would work as well. Any help would be appreciated.
The same thing that happened last halving, nothing special, business as usual...
Did mining profits decrease?
Yes, they went from 50 BTC per block to 25 BTC per block.
LOL, that much I knew. I guess I should have asked the question differently.
How did miners compensate for the halving?