Altcoins Talks - Cryptocurrency Forum
Cryptocurrency Ecosystem => Bitcoin Forum => Bitcoin News & Updates => Topic started by: babo on May 30, 2024, 11:08:00 AM
-
https://www.msn.com/en-us/money/technology/hacker-defies-the-odds-unlocks-3-million-bitcoin-wallet-locked-since-2013/ar-BB1nhoaK
find the complex password and unlock a wallet, the link is not in Italian but I will explain it to you in simple words
a guy had made his own nice cute little wallet with a password
he had taken the password and saved it on a truecrypt volume
everything is beautiful, everything is fantastic, but the volume somehow got ruined
goodbye money, complex password generated by software
then a hacker comes to help, first he says no and then he says yes to doing the job
the password generator was software that had a bug
they get to work on the 2013 version of this software, find the bug and manage to figure out HOW TO GENERATE passwords that are the same as at the time
they were not random
they start generating a mountain of passwords and in the end obviously thanks to the password generator bug they catch it
wallet unlocked, money back up
happy ending
there are some things to learn from this story, they are homework
-
I've already read the story and watched the video on BTT and it's nice to have a story with a happy ending for a change. I have to admit that the guys who worked on "hacking" are really masters of their work, because they were persistent and obviously very well motivated to investigate every possible attack vector on that software.
The lesson of the story would certainly be that you should never give up in case you find yourself in a similar situation - because even locked wallets have a chance to be unlocked in the future as technology advances.
-
obviously everyone has something to learn, I have learned that it can happen that an IT security system can fail
so better to have some sort of fallback in the non-computing real world
even in the real computer world maybe you have a piece of paper hidden in your house fine, but the house catches fire and you're screwed
for me you need to have both systems
-
@babo, whoever wants to prevent unwanted situations simply has to think outside the box - because that's the only way to reduce all possible risks. Most people use paper as a backup, but it is no secret that paper is something that is not resistant to fire, water, chemicals, physical damage... although there are special types of paper that can have some improved properties.
That's why there are metal plates made of steel on which any important information can be engraved, and when stored in this way, we can save what is important to us. Of course, this is not the ultimate solution, because any backup is subject to theft or loss, and therefore it is necessary to have at least two backups in different locations if possible.
-
@babo, whoever wants to prevent unwanted situations simply has to think outside the box - because that's the only way to reduce all possible risks. Most people use paper as a backup, but it is no secret that paper is something that is not resistant to fire, water, chemicals, physical damage... although there are special types of paper that can have some improved properties.
That's why there are metal plates made of steel on which any important information can be engraved, and when stored in this way, we can save what is important to us. Of course, this is not the ultimate solution, because any backup is subject to theft or loss, and therefore it is necessary to have at least two backups in different locations if possible.
exactly Lucius I was thinking exactly about that, titanium plates that you can engrave with the tools that they make available to you
when I think physical backup I actually mean that, something long-lasting that nothing can scratch and destroy, otherwise it would be a big problem, of course
there are some nice ones among other things
-
~snip~
there are some nice ones among other things
When you buy something like that, you shouldn't pay too much attention to how something looks, but how resistant it is to all the things it can face. Jameson Lopp made a test that includes the exposure of metal seed storage to heat, corrosion and crush, and only in these tests can we see how good/bad some products are. Some of these products are not really worth anything because they have shown that they cannot protect the backup in case they are exposed to high temperature or chemicals.
Anyone who is interested in more can view the tests at this link -> Metal Bitcoin Seed Storage Reviews (https://jlopp.github.io/metal-bitcoin-storage-reviews/)
-
When you buy something like that, you shouldn't pay too much attention to how something looks, but how resistant it is to all the things it can face. Jameson Lopp made a test that includes the exposure of metal seed storage to heat, corrosion and crush, and only in these tests can we see how good/bad some products are. Some of these products are not really worth anything because they have shown that they cannot protect the backup in case they are exposed to high temperature or chemicals.
Anyone who is interested in more can view the tests at this link -> Metal Bitcoin Seed Storage Reviews (https://jlopp.github.io/metal-bitcoin-storage-reviews/)
well true, but it also depends on where you keep it
thanks for the link I see you really are very expert in the subject well done
what did you buy if it is permissible to ask? very important is to share your experiences as you did, so we can take advantage of your knowledge and your experience in the subject
thank you for the site... +1 karma
-
I wonder what is the thing about Truecrypt volumes that just make them fail so suddenly. Maybe it's the fact that the underlying hard disk got a few read errors which had corrupted the volume?
I don't know if having a truecrypt partition requires the underlying hard disk drive to be spotless for proper operation, but these kind of things are what make me shy away from using them as a single backup.
-
I wonder what is the thing about Truecrypt volumes that just make them fail so suddenly. Maybe it's the fact that the underlying hard disk got a few read errors which had corrupted the volume?
I don't know if having a truecrypt partition requires the underlying hard disk drive to be spotless for proper operation, but these kind of things are what make me shy away from using them as a single backup.
anything can happen, especially if you don't have a backup.. if you have an important file (like a truecrypt or veracrypt volume) the important thing should be to make backups of it
you understand that it is something that only a few crazy people would do, it is not a solution that can be proposed for the masses
for me better is:
- real stuff backup (bitfold, cryptosteel capsule, etc)
- virtual backup (like truecrypt)
-
When you buy something like that, you shouldn't pay too much attention to how something looks, but how resistant it is to all the things it can face. Jameson Lopp made a test that includes the exposure of metal seed storage to heat, corrosion and crush, and only in these tests can we see how good/bad some products are. Some of these products are not really worth anything because they have shown that they cannot protect the backup in case they are exposed to high temperature or chemicals.
Anyone who is interested in more can view the tests at this link -> Metal Bitcoin Seed Storage Reviews (https://jlopp.github.io/metal-bitcoin-storage-reviews/)
well true, but it also depends on where you keep it
thanks for the link I see you really are very expert in the subject well done
what did you buy if it is permissible to ask? very important is to share your experiences as you did, so we can take advantage of your knowledge and your experience in the subject
thank you for the site... +1 karma
I honestly didn't buy any of that, because it is possible to do the same thing at home - all you need is a suitable metal plate made of quality material and a hammer + steel punches. You can buy all of this in a store and pay in cash, which means that you can preserve your privacy and protect yourself from data leaks. For those who are even more "cautious", the option will be to buy all the components separately so as not to draw any attention to themselves.
-
I honestly didn't buy any of that, because it is possible to do the same thing at home - all you need is a suitable metal plate made of quality material and a hammer + steel punches. You can buy all of this in a store and pay in cash, which means that you can preserve your privacy and protect yourself from data leaks. For those who are even more "cautious", the option will be to buy all the components separately so as not to draw any attention to themselves.
or you can buy it and have it sent to where you work, with work email
this always works, in my opinion it's a good compromise and I often had personal things sent to me at work
now not anymore since I prefer lockers, I go when I have time and desire and they are there
and I don't have to give my address to anyone
-
The lesson of the story would certainly be that you should never give up in case you find yourself in a similar situation - because even locked wallets have a chance to be unlocked in the future as technology advances.
Just wait and maybe in the future, there will be more advanced technology that will provide faster solutions.
But some people who panic too much mess things up, make their own decisions to disassemble and learn to do flashing, cracking, and the like even though they don't understand the mechanics of hardware wallets.
Now that technology is getting more sophisticated, in the future, of course, AI will be a good assistant to help solve challenges like this.
But of course not to be abused.
-
I read the story. It is really beautiful and inspiring. It attracted me to the end. It contains many benefits about determination to achieve a goal and the steps that were followed to reduce the possibilities to a minimum, such as using reverse engineering to understand the workings of the program used to create the password, which enabled them to find the correct word in the end.
A truly inspiring success story, and the reward is worthy. $3 million in Bitcoin would have been lost in a locked wallet, but it is not clear from the article how much reward the hacker received.
Also I don't understand why you wrote in the title: (but is a trick)?
-
I read the story. It is really beautiful and inspiring. It attracted me to the end. It contains many benefits about determination to achieve a goal and the steps that were followed to reduce the possibilities to a minimum, such as using reverse engineering to understand the workings of the program used to create the password, which enabled them to find the correct word in the end.
A truly inspiring success story, and the reward is worthy. $3 million in Bitcoin would have been lost in a locked wallet, but it is not clear from the article how much reward the hacker received.
Also I don't understand why you wrote in the title: (but is a trick)?
I put it there for that very reason, to inspire
but I also put it there to reflect, everyone can find their own interpretation
- who understands that the software is not really secure
- who understands that cryptographic security is not infallible (damaged file)
- who understands that even an offline and non-computer copy helps
many interpretations and many layers
in the title i write is a trick, because is a trick -- because not crack something, understand? he just hack the password recreating another one from bugged software
-
I put it there for that very reason, to inspire
but I also put it there to reflect, everyone can find their own interpretation
- who understands that the software is not really secure
- who understands that cryptographic security is not infallible (damaged file)
- who understands that even an offline and non-computer copy helps
many interpretations and many layers
in the title i write is a trick, because is a trick -- because not crack something, understand? he just hack the password recreating another one from bugged software
Yes thank you I think I understand you now
At first, when I read the title (but is a trick) for the first time, it occurred to me that the hacker tricked the owner of the wallet and stole Bitcoin after they were able to open it. This is what came to my mind. :-[
But now I understand what you want to say, it is a really deep lesson thank you
-
Yes thank you I think I understand you now
At first, when I read the title (but is a trick) for the first time, it occurred to me that the hacker tricked the owner of the wallet and stole Bitcoin after they were able to open it. This is what came to my mind. :-[
But now I understand what you want to say, it is a really deep lesson thank you
don't worry, I actually wrote in an incomprehensible way and therefore it was not possible to understand well
consequently it was my duty to explain better
cases like this happen every day, clearly less folkloristic, it makes it clear that with commitment and study you can do almost anything
-
The lesson of the story would certainly be that you should never give up in case you find yourself in a similar situation - because even locked wallets have a chance to be unlocked in the future as technology advances.
So he (the owner) kept the wallet (which was locked) and did not delete it, as if he would have deleted it, and then reinstalled it, he has to two option, create a new wallet or import the previous one, and I assume he might not have the seed phrase to the wallet as well. Please correct me if I am understanding it right as I don't know how a roboform password generator works. I assume it generate the wallet password that we usual use to encrypt our wallet.
First we make wallet and get a seed phrase, he might not have it? And keep the wallet unlocked and when the hackers (whitehat) reverse engineered the roboform they get the password not the seed phrase right? If its the case then the owner was smart enough, I am glad he get his funds back. And yeah it really give us hope that we should never give up.