Rethink your wallet (x-post r/netsec)

New info on how your brainwallet (a.k.a. Electrum) can be taken over. Just another leg down the ole OPSEX road.

OP

Edit: OPSex; I'm keeping it.

Edit: I know not what I speak of.


Comments


[5 Points] ziz1:

This is not about Electrum, this is about using sites like brainwallet.org (now dead).

https://www.reddit.com/r/Bitcoin/comments/3g9f1s/why_im_releasing_a_brainwallet_cracker_at_defcon/ctw4yrv

https://www.reddit.com/r/Bitcoin/comments/3g9upp/are_electrum_seeds_brain_wallets_still_safe/

Electrum is safe because it generates 12 or 13 words from a large word list using the computer's random number generator.

brainwallet.org used a phrase that you generated in your head, which was probably not long enough or random enough to protect you especially since the algorithm used only a single SHA256 operation (I think) to turn the passphrase into a bitcoin private key.


[2 Points] JesusdiedLOLOL:

I've always used a local wallet, just connect the pc when you need to transfer/update. It's crazy that people rely on online wallets.


[1 Points] sapiophile:

Electrum's seed is absolutely nothing like a brainwallet. There is literally zero vulnerability here, except against actual brainwallets, which everyone has known are a terrible idea for years, now.