Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Security

A Lost Bitcoin Wallet Passcode Helped Uncover a Major Security Flaw 22

Posted by msmash from the PSA dept.
After a tech entrepreneur and investor lost his password for retrieving $100,000 in bitcoin and hired experts to break open the wallet where he kept it, they failed to help him. But in the process, they discovered a way to crack enough other software wallets to steal $1 billion or more. From a report: On Tuesday, the team is releasing information about how they did it. They hope it's enough data that the owners of millions of wallets will realize they are at risk and move their money, but not so much data that criminals can figure out how to pull off what would be one of the largest heists of all time.

Their start-up, Unciphered, has worked for months to alert more than a million people that their wallets are at risk. Millions more haven't been told, often because their wallets were created at cryptocurrency websites that have gone out of business. The story of those wallets' vulnerabilities underscores the enormous risk in experimental currencies, beyond their wild fluctuations in value and fast-changing regulations. Many wallets were created with code containing profound flaws, and the companies that used that code can disappear. Beyond that, it is a sobering reminder that underneath software infrastructure of all kinds, even ones explicitly dedicated to securing funds, are open-source programs that few or no people oversee. "Open-source ages like milk. It will eventually go bad," said Chris Wysopal, a co-founder of security company Veracode who advised Unciphered as it sorted through the problem.
This discussion has been archived. No new comments can be posted.

A Lost Bitcoin Wallet Passcode Helped Uncover a Major Security Flaw More

A Lost Bitcoin Wallet Passcode Helped Uncover a Major Security Flaw

Comments Filter:
  • Guess the real passphrase was 'OpenSesameForSecurityFlaws' all along. We've gone from 'forgot my password' to 'found a billion-dollar bug.' Maybe we should start a support group: 'Hello, my name is [Insert Name], and I too have lost bitcoins and accidentally exposed major security flaws.
    • I'm waiting for the new scam involving this. 'Hello, I'm from Unciphered and we've discovered a flaw in your bitcoin wallet. It's vulnerable to hackers who may be able to steal all your bitcoin. Please click this link to secure your wallet from this.'

      • Since going retro is all the rage these days, I fully expect those bitcoin "hackers" to be recognized Nigerian royalty.

        You'll sell clicks like vinyl albums that way.

  • This doens't sound legit (Score:5, Insightful)

    by linuxguy ( 98493 ) on Tuesday November 14, 2023 @03:38PM (#64005529) Homepage

    > They hope it's enough data that the owners of millions of wallets will realize they are at risk and move their money, but not so much data that criminals can figure out how to pull off ..

    In other words, "Your money is at risk. We can tell you a little bit about why. But can't tell you a whole lot. Just know that we are the only ones who can help you secure it. We are trying to get the word out, because we are the good guys with honest intentions."

    Anybody else see a problem here?

  • Ages like milk (Score:5, Insightful)

    by nanoakron ( 234907 ) on Tuesday November 14, 2023 @03:42PM (#64005539)

    Open source ages like milk, it will eventually go bad

    Implies closed source does neither of those things...

  • Random numbers are really hard (Score:5, Interesting)

    by FeelGood314 ( 2516288 ) on Tuesday November 14, 2023 @03:57PM (#64005577)
    I was the security expert that failed OpenSSL's FIPS 140 certification back in 2003. They passed every test but when I examined the source code the random number generator didn't match any on the approved list. The output seemed random based on all my tests but I really couldn't tell if it truly was or if it had some bias. My guess here is the random number generator only has 32 bits of entropy and is generating 256 bit elliptic curve private keys . Looking at the keys they would look random until you generate about 5 billion of them and start seeing repeats. Looking at the wallet addresses though might not reveal this weakness though as other entropy probably creeps in.

    If I was going to be malicious in putting a back door in a product the random number generator is the first place I would compromise. In fact there were errors in every non black berry (RIM) device that passed the FIPS 140 certifications back in 2003-2004. Vendors actually had to put the weakness in to pass the tests. Only RIM refused to do it.

    • Already, exists, CVE-2023-39910

      The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer 3.0.0 through 3.6.0 is weak, aka the Milk Sad issue. The use of an mt19937 Mersenne Twister PRNG restricts the internal entropy to 32 bits regardless of settings.

      • Uh ya, no shit, no one should be using mt19937 PRNGs for anything involving money. They are not cryptographically secure. Mersenne Twisters are linear recursion algorithms, and all linear recursion-based algos generate random sequences that can be predicted if you have access to a sufficiently long sequence.
        I see the crypto bros are as incompetent as ever.

    • Re: (Score:2)

      by Toad-san ( 64810 )

      I was trying to write a random number generator back in the day, part of a data / file encryption scheme. But I wasn't sure how to test the output, to see if it really was random or not. (And we didn't have the Internet back then to look up answers.)

      I decided to (1) generate a small block of data (like 256 bytes); (2) start up a stream of "encrypted" data; (3) check every 256 bytes against my test block to see if there were any matches. (I'd found a really fast data comparison algorithm; forget its name

  • Uh, Ok (Score:5, Informative)

    by organgtool ( 966989 ) on Tuesday November 14, 2023 @04:13PM (#64005613)

    "Open-source ages like milk. It will eventually go bad," said Chris Wysopal, a co-founder of security company Veracode who advised Unciphered as it sorted through the problem.

    That's an awfully broad statement with absolutely nothing to back it up. If he's referring to abandoned projects, then of course they'll go bad and that is not unique to open source software at all. If he's suggesting that open source is inherently less secure than closed source, then a quick comparison of the track records of Windows and OpenBSD would clearly demonstrate the ridiculousness and ignorance of that statement.

  • Open AND close-source code ages like a garden (Score:3, Insightful)

    by davidwr ( 791652 ) on Tuesday November 14, 2023 @04:25PM (#64005639) Homepage Journal

    If you don't maintain it, it eventually goes bad.

    The difference is that with open-source, anyone with the skills and interest can help maintain it.

    With closed-source, if the owners choose not to maintain it, it goes bad and everyone using it is out of luck.

  • And destroy the ponzi scheme once and for all.

    • Re: (Score:2)

      by HBI ( 10338492 )

      I noticed the shills have moved on to AI stuff now. The blood is in the water.

  • “Open-source ages like milk. It will eventually go bad,” said Chris Wysopal [washingtonpost.com], a co-founder of security company Veracode who advised Unciphered as it sorted through the problem.

Slashdot Top Deals

Never ask two questions in a business letter. The reply will discuss the one you are least interested, and say nothing about the other.

Close