Why wouldn't they just test the frequency of words from the wordlist in entirety?
On Jan 17, 2018 5:10 PM, "Weiwu Zhang via bitcoin-dev" < [email protected]> wrote: > 2018-01-09 19:20 GMT+08:00 Ronald van der Meer via bitcoin-dev > <[email protected]>: > > After reviewing some bitcoin improvement proposals, I noticed that one > of the words that can be found on the BIP39 English wordlist is “satoshi”. > > I suggest removing this word from the list so it’s less obvious that > it’s a bitcoin seed when found by a malicious third party. > > If a malicious third party discovers a word list that look like a > seed, they would try using it as Bitcoin seed first anyway, with or > without finding the word 'satoshi' in it. The security threat is that > a malicious third party may index what they found and test every > occurrence of 'satoshi' for a lead to a seed. > > For example, a hard-disk recycling service would add this word to > their salvage tools. Any successfully hacked gmail account will be > 'satoshi' tested too. > > So I see this as a reasonable improvement:) > _______________________________________________ > bitcoin-dev mailing list > [email protected] > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev >
_______________________________________________ bitcoin-dev mailing list [email protected] https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
