BitCoin is a distributed crypto-currency. General questions about bitcoin, other crypto-currencies and their environment not directly relating to security are better suited for bitcoin.stackexchange.com
Questions tagged [bitcoin]
87 questions
2
votes
2 answers
Best practices for operating a Bitcoin-Qt client regarding netwok privacy?
As privacy is part of security, I know there is a Bitcoin SE here but they couldn't answer my question so I hope it's appropriate to ask it here.
I don't ask about how to secure my wallet on my drive, but purely from a privacy and hence security…
superuser
- 1,141
- 5
- 11
- 16
2
votes
1 answer
Is hardware wallet such as Ledger safe from being hacked by its manufacturer?
Ledger is hardware wallet which assumed to be secured from remote hackings or hackings by malwares, but how about Ledger company itself? How difficult for the company to get access to our confidential information in the ledger wallets? Is it secured…
fronthem
- 133
- 5
2
votes
1 answer
Is it possible to "steal" someone else's ransomware bitcoin payment?
I'm not too sure if this belongs on security.SE, so feel free to close or migrate to a different SE.
It seems that many ransomwares use Bitcoin as currency (for good reason), and tell you to send X BTC to address A. In order to verify that you have…
Kevin
- 123
- 5
2
votes
1 answer
What are likely outcomes of being infected by cryptocurrency miner malwares (like Adylkuzz)?
This week, most media spent a lot of time talking about the very famous WannaCry attack. However, another malware infected a lot of computers using the same vulnerability, and was less mediatized : Adylkuzz.
As far as I understand it, that malware…
Kaël
- 352
- 2
- 10
2
votes
0 answers
Attacking Bitcoin's blockchain?
The blockchain is a shared public ledger on which the entire Bitcoin network relies. All confirmed transactions are included in the block chain.
Because the integrity and the chronological order of the blockchain are enforced with cryptography it is…
user34445
- 503
- 2
- 12
1
vote
0 answers
Let users sign in with eIDs - do I need government authorisation? (scope: all nation-states)
I've decided to launch a crypto-basic income system.
Crypto UBIs are pretty popular now.
For me, it seems like an open nation-state ID should exist by now (2015). However, Mike Hearn, Bitcoin core-developer and a long time software engineer,…
J. Doe
- 19
- 2
1
vote
1 answer
Can a Bitcoin miner generate SHA2 hashes on arbitrary data?
I'm not asking about bitcoin's design...but am interested in the hashing capacity of a bitcoin miner.
To be short: do bitcoin miners(or some of them) accept customizable inputs and hash them in bulk(instead of accepting some more high-level…
Lucifer Orichalcum
- 715
- 1
- 5
- 11
1
vote
1 answer
Implement GPG Verification (Bitcoin-OTC)
I'm looking to implement a "Verify with Bitcoin-OTC" feature for my web app. The general idea is the user would prove he owns a particular account on the external site Bitcoin-OTC and my app would accept/deny him based on his rating there.
Here's…
Maros
- 113
- 6
1
vote
1 answer
Keeping signatures valid even after the private key has been compromised
If I understand the topic of digital signatures correctly, you sign a message via hashing+encrypting it using your private key.
Then, if a private key is compromised by an attacker, she could sign stuff pretending she's you.
This way, any…
Giuseppe Crinò
- 113
- 5
1
vote
2 answers
How would you set up a ‘cold’ netbook for master-key signing, large Bitcoin transactions, etc?
I've just ordered a cheap-o netbook on Amazon, with the intention of installing a Linux distro, and turning it into a permanently-offline high-security machine for sensitive tasks.
However, I'm no security professional, and I need some advice and…
ELLIOTTCABLE
- 275
- 2
- 9
1
vote
1 answer
Is a government entity capable of establishing a secure virtual currency system?
After reading about BitCoins, I can't help but contemplate the idea of the a government withdrawing paper money and bringing all currency transactions digital, via a bitcoin-like method where every unit (1 cent, US, for example) has an id and an…
user47733
1
vote
1 answer
Can I use crypto.getRandomValues to create a private key?
In the window.crypto spec:
http://www.w3.org/TR/WebCryptoAPI/#RandomSource-interface
It says explicitly:
"Do not generate keys using the getRandomValues method. Use the generateKey method instead."
but generateKey does not support secp256k1/ECDSA…
ematiu
- 95
- 1
- 6
1
vote
1 answer
Minimum SHA256'd UTF8 encoded passphrase length not stored anywhere
For a passphrase that is UTF8 encoded and then SHA256'd, what is the minimum length to achieve a practically collision free result?
The implementation is for a 32 byte cryptocurrency ed25519 seed thus will not be stored anywhere by the…
user36556
1
vote
1 answer
Building an VM with Vagrant and connecting with ssh+2FA to protect a bitcoin wallet?
I would like to try to build a Virtualbox image to use with Vagrant. This is the features:
Login with SSH + 2FA (Google Auth)
No X
No internet connection
Copy unsigned transaction, sign it and broadcast from the external host
(Possible with the use…
Jonas Oestman
- 113
- 4
1
vote
1 answer
Multiple outbound TCP/8333 connections containing the EICAR test string
An IPS / IDS / UTM detects 50 connections from a single client containing Virus/Worm Eicar test string within half an hour. The destinations are IP addresses all around the world on port TCP/8333.
A real infection shouldn't send EICAR test files,…
Esa Jokinen
- 16,100
- 5
- 50
- 55