-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I thought I should shortcut my research by asking a direct question here.
As I understand it, the blockchain actually provides an extra piece of
reliable data that is not being exploited by applications.
Which data? The time. In this case 'the
The upcoming release of breadwallet uses the height of the blockchain to
enforce timed pin code lockouts for preventing an attacker from
quickly making multiple pin guesses. This prevents them changing the
devices system time to get around the lockout period.
Aaron
On Thursday, July 24, 2014,
Miners are free to set the block's timestamp to whatever they please,
within a certain +/- time window. Time might even go backwards a tiny
bit from the last block to the next block.
On Thu, Jul 24, 2014 at 9:14 PM, Ron OHara ron.ohar...@gmail.com wrote:
-BEGIN PGP SIGNED MESSAGE-
On Thu, Jul 24, 2014 at 7:35 PM, Aaron Voisine vois...@gmail.com wrote:
The upcoming release of breadwallet uses the height of the blockchain to
enforce timed pin code lockouts for preventing an attacker from quickly
making multiple pin guesses. This prevents them changing the devices system
On Thu, Jul 24, 2014 at 10:39 PM, Gregory Maxwell gmaxw...@gmail.com
wrote:
Is breadwallet tamper resistant zero on tamper hardware? otherwise
this sounds like security theater I attach a debugger to the
process (or modify the program) and ignore the block sourced time.
It's an iOS
It's based on the block height, not the block's timestamp. If you have
access to the device and the phone itself is not pin locked, then you
can jailbreak it and get access to the wallet seed that way. A pin
locked device however is reasonably secure as the filesystem is
hardware aes encrypted to
6 matches
Mail list logo
