interoperability of wallets/clients and third-party
services (if users choose to use them).
Brian Erdelyi
--
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed
trying to find methods to
help verify those transactions (if a user deems it to be high-risk enough)
before the transaction is completed. The balance is trying to devise something
that users do not find too burdensome.
Brian Erdelyi
There are a couple of attack vectors to consider:
* The recipient's machine is compromised
* The sender's machine is compromised
Excellent point of the recipient being compromised.
--
Dive into the World of
where you were intending
to send it. You can then not provide the second signature.
Brian Erdelyi
On Feb 2, 2015, at 4:57 PM, Joel Joonatan Kaartinen
joel.kaarti...@gmail.com wrote:
If the attacker has your desktop computer but not the mobile that's acting as
an independent second factor
Transaction initiated and signed on device #1. Transaction is sent to device
#2. On device #2 you verify the transaction and if authorized you provide the
second signature.
Brian Erdelyi
Sent from my iPhone
On Feb 2, 2015, at 5:09 PM, Pedro Worcel pe...@worcel.com wrote:
Where would you
We're way ahead of you guys ;)
https://www.bitcoinauthenticator.org/ https://www.bitcoinauthenticator.org/
- does this already, currently in alpha
I’m just late to the party I guess. Thanks for the links.
--
are thinking about this too.
Brian Erdelyi
--
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel
Another concept...
It should be possible to use multisig wallets to protect against malware. For
example, a user could generate a wallet with 3 keys and require a transaction
that has been signed by 2 of those keys. One key is placed in cold storage and
anther sent to a third-party.
It is
think these are practical approaches and just doing a sanity check. Thanks
for the vote of confidence.
Brian Erdelyi
Sent from my iPad
On Feb 2, 2015, at 1:54 PM, Martin Habovštiak martin.habovst...@gmail.com
wrote:
Good idea. I think this could be even better:
instead of using third
is compromised, you're already screwed. Trezor
should help, but I'm not sure if it supports BIP70.
The reason for OOB verification is if the entire computer is compromised.
Again, this may only be possible with a trusted intermediary or a web wallet.
Brian Erdelyi
money with
web based wallets.
Brian Erdelyi--
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel
that would
produce the same 8 digit code. Curious to know how long this brute force would
take? Or perhaps, before converting to 8 digits there is some other hashing
function that is performed.
Brian Erdelyi--
Dive
produce the same 8 digits of the legitimate bitcoin address?
Brian Erdelyi
signature.asc
Description: Message signed with OpenPGP using GPGMail
--
Dive into the World of Parallel Programming. The Go Parallel Website
13 matches
Mail list logo