Author Topic: An urgent need to increase the security of bts wallet login and payment  (Read 13067 times)

0 Members and 1 Guest are viewing this topic.

Offline mf-tzo

  • Hero Member
  • *****
  • Posts: 1725
    • View Profile
wow.. I have tried the multisig thing with a couple of accounts and I can say I did not manage to do it...Also it seems now that I get error messages and I can no longer transfer funds from these accounts..I tried all that with very few funds so I don't mind but I would advise to people who don't know like myself what they do to be EXTREMELY CAREFUL WITH THAT AND DO NOT TRANSFER A LOT OF BTS IF YOU DON'T KNOW HOW TO DO IT!!

I will explain what I did:

Account XXX went to permissions ==> Active Permissions
Threshold: 52

Add account YYY weight 50
Add account ZZZ weight 50
The public key was there by default with weight 1 so I left it as it was.

Publish changes ==>
Transfer funds ==> Transaction not processed with a string in red with error messages.

Now I can no longer do anything with this account. Or can I?

On another XXX I did:

Threshold 51
Account YYY weight 50
Account ZZZ weight 50
Removed the defaulted public key.

Tried to transfer and I get an error that not beeing able to sign no private key. Again have I lost access to that account as well?

All in all, not very user friendly...

 

Offline pc

  • Hero Member
  • *****
  • Posts: 1530
    • View Profile
    • Bitcoin - Perspektive oder Risiko?
  • BitShares: cyrano
Quote
If a decentralized solution is not yet possible, I think it is fine for me to use a centralized service to do this to secure my wallet (but not google's 2FA since it is not accessible from China) for now.

This is a shittiest solution one can propose. How this would help bitcrab? His trading account was hacked, where he ran his trading bots. Was he supposed to authorize each trade trough google? This is ridiculous.

It's not at all shitty. A centralized 2FA service may not be ideal, but it's much better than not having 2FA at all.

IIRC bitcrab said that he accessed the account on a windows machine through a web wallet and/or light wallet. Accounts can be set up so that a robot can use it with a single key, while at the same time a desktop wallet with a different key can only use it together with a 2FA provider.

I think @xeroc had plans to set up a 2FA provider for BTS, but AFAIK it doesn't exist yet.
Bitcoin - Perspektive oder Risiko? ISBN 978-3-8442-6568-2 http://bitcoin.quisquis.de

Offline yvv

  • Hero Member
  • *****
  • Posts: 1186
    • View Profile
Quote
I too got wrecked (lost btc) in 2014 due to horrible 2FA / security from Google (Gmail) and Blockchain.info.

https://bitsharestalk.org/index.php/topic,25039.msg311168.html#msg311168

Offline yvv

  • Hero Member
  • *****
  • Posts: 1186
    • View Profile
hmm... sorry for that bad advise I proposed that could not help the bitcrab's situation as yvv said, but I am also wondering how multisignature can help secure bts wallet in this bot scenario, and how it can be improved for non-tech people. I also doubt if a hardware wallet like trezor can help in such bot situation.  Or else, what is the correct way using a bot to ensure security?

This is a very good question. You want the bot to manage your trading account without your attendance, but you don't want a hacker to do the same. How to combine these two requirements?

Offline yvv

  • Hero Member
  • *****
  • Posts: 1186
    • View Profile
I understand multisignature protection in different computers but I may have misunderstood something so please advise.

If one has a pc where all his bts wallets a are in this pc (hence all his bts accounts as well) an attacker who gains access to that pc can equally easily have access to all wallets and accounts right? 

So what is the point of multisignature as protection in this case? Would it be difficult to hack 2 different accounts with 2 different passwords as long both are on the same pc or since he gains access to the pc he can hack easily all passwords?

In this case what is the best way one can protect himself? Should we have for example 1 web wallet and 1 light wallet with i.e 1 account to each of this wallets that in order to take a transaction both have to sign 50-50 permissions? Or something else?

The point of multi-signature account is to have 3 different wallets on 3 different devices with 3 different private keys stored in each wallet which control the same account. Two devices may be yours and one belong to someone you trust, or all three may be yours, or one yours and two belong to different people you trust.  You could set up this account such that you need 2 signatures out of 3 to unlock it. This way, if someone hacks one of your devices, your funds are safe, because they can't unlock your account without the other device.  If you lose one of devices, your funds are also safe. You just use another two devices to replace the compromised or lost key.

I have a multi-signature byteball account on desktop, phone and tablet, which works really great for me. Never tried to set up one in bitshares, perhaps I should try this asap and recommend everybody to try.


Offline renkcub

  • Full Member
  • ***
  • Posts: 143
    • View Profile
I too have suffered a horrible, horrible hack in the past (and slowly recovered via hardware wallets).

I really don't safe with the current Bitshares "scheme". In my past hack, an attacker gained access to my PC. It seems to me they'd be able to empty my BTS in that case, if they also had access to my password.

For this reason I've been keeping my password completely offline. I manually type it in to trade/move funds.

Still doesn't feel safe if I were to be properly keylogged, as I was in the past, besides using "misdirection" techniques when entering the pass. I wish there was some kind of 2FA. Hardware wallets or OmniWallet with 2FA are the only safe schemes I've found for active funds (non-cold storage).
« Last Edit: September 28, 2017, 05:29:28 pm by renkcub »

Offline 麥可貓

  • Sr. Member
  • ****
  • Posts: 267
    • View Profile
hmm... sorry for that bad advise I proposed that could not help the bitcrab's situation as yvv said, but I am also wondering how multisignature can help secure bts wallet in this bot scenario, and how it can be improved for non-tech people. I also doubt if a hardware wallet like trezor can help in such bot situation.  Or else, what is the correct way using a bot to ensure security?
PTS: PmRVDPymZqSAZEXauHZSewrUrE66af7epT
BTSX: michaelcat
Delegate Team: x1.sun  x2.sun

Offline mf-tzo

  • Hero Member
  • *****
  • Posts: 1725
    • View Profile
I understand multisignature protection in different computers but I may have misunderstood something so please advise.

If one has a pc where all his bts wallets a are in this pc (hence all his bts accounts as well) an attacker who gains access to that pc can equally easily have access to all wallets and accounts right? 

So what is the point of multisignature as protection in this case? Would it be difficult to hack 2 different accounts with 2 different passwords as long both are on the same pc or since he gains access to the pc he can hack easily all passwords?

In this case what is the best way one can protect himself? Should we have for example 1 web wallet and 1 light wallet with i.e 1 account to each of this wallets that in order to take a transaction both have to sign 50-50 permissions? Or something else?


« Last Edit: September 28, 2017, 03:21:12 pm by mf-tzo »

Offline yvv

  • Hero Member
  • *****
  • Posts: 1186
    • View Profile
We need to know how exactly bitcrab account was compromised first of all.

Quote
If a decentralized solution is not yet possible, I think it is fine for me to use a centralized service to do this to secure my wallet (but not google's 2FA since it is not accessible from China) for now.

This is a shittiest solution one can propose. How this would help bitcrab? His trading account was hacked, where he ran his trading bots. Was he supposed to authorize each trade trough google? This is ridiculous.

A good multi-factor authorization solution is already implemented in BTS wallet: multi-signature permissions, just start using it. Perhaps, it could be somewhat improved to make it easier to use by non-tech people. Again, I don't see how this can help to secure account which is controlled by a trading bot.


Offline fav

  • Hero Member
  • *****
  • Posts: 4278
  • No Pain, No Gain
    • View Profile
    • Follow Me!
  • BitShares: fav
find a dev to finish and maintain trezor integration. Pretty sure we can get worker funds now

Offline 麥可貓

  • Sr. Member
  • ****
  • Posts: 267
    • View Profile
As many of you may have known, that recently bitcrab lost a significant (to me) amount of assets, and similar events happened once in a while.  In wechat group, we discussed a lot of potential solutions (e.g., buy a mac, install Linux in a virtual machine or not, use and change strong passwords regularly). But even as a Linux user, I realize that we need a simple, feasible solution for all platforms including Windows to make bts popular.

Then it comes to me to realize that even telegram is currently more secure than bts wallet; to log in, telegram ask confirmation from a second device, but once your desktop is compromised your balance in bts wallet could return to zero in late midnight.

I think we urgently need some way to secure our bts wallet.  At least, we can imply just what telegram, as a non-profit service, do to introduce confirmation from a second device for login and transaction.  If a decentralized solution is not yet possible, I think it is fine for me to use a centralized service to do this to secure my wallet (but not google's 2FA since it is not accessible from China) for now.
PTS: PmRVDPymZqSAZEXauHZSewrUrE66af7epT
BTSX: michaelcat
Delegate Team: x1.sun  x2.sun