Security Notice

in #bitcoin7 years ago (edited)

Spectre 

We were asked if Spectre will effect ASICS in any way since all CPUs and Mobile chips have no protection yet for this monster, We assume its possible, but have not seen any evidence yet. ASICS are high-end cryptographic equipment that is impossible do decrypt once it's connected to the hive network. So creators have a different purpose for it while they were creating it.


If you do mine Electrum be aware:

 A vulnerability was found in the Electrum wallet software which potentially allows random websites to steal your wallet via JavaScript. The bug presumably also affects altcoin derivatives of Electrum such as Electron Cash. If you don't use Electrum or a derivative, then you are not affected and you can ignore this.

Action steps:

1. If you are running Electrum, shut it down right this second.
2. Upgrade to 3.0.4 (making sure to verify the PGP signature).You don't necessarily need to rush to upgrade.

In fact, in cases like this, it can be prudent to wait a while just to make sure that everything is settled. The important thing is to not use the old versions. If you have an old version sitting somewhere not being used, then it is harmless as long as you do not forget to upgrade it before using it again later.If at any point in the past you:

- Had Electrum open with no wallet passphrase set; and,
- Had a webpage openThen it is possible that your wallet is already compromised. 

Particularly paranoid people might want to send all of the BTC in their old Electrum wallet to a newly-generated Electrum wallet. (Though probably if someone has your wallet, then they already would've stolen all of the BTC in it...)This was just fixed hours ago. The Electrum developer (ThomasV on the forum, ecdsa on github) will presumably post more detailed info and instructions in the near future.Update 1: If you had no wallet password set, then theft is trivial. If you had a somewhat-decent wallet password set, then it seems that an attacker could "only" get address/transaction info from your wallet and change your Electrum settings, the latter of which seems to me to have a high chance of being exploitable further. So if you had a wallet password set, you can reduce your panic by a few notches, but you should still treat this very seriously.

#mining #security #electrum #spectre
7 years ago in #bitcoin by
$0.03
  • Past Payouts $0.03, 0.00 TRX
  • - Author $0.03, 0.00 TRX
  • - Curators $0.00, 0.00 TRX
3 votes
Reply 3
Sort:  
  • Trending
    • [-]
     6 years ago 

    Congratulations @decentralguy! You received a personal award!

    1 Year on Steemit

    Click here to view your Board of Honor

    Support SteemitBoard's project! Vote for its witness and get one more award!

    $0.00
      Reply
      [-]
       5 years ago 

      Congratulations @decentralguy! You received a personal award!

      Happy Birthday! - You are on the Steem blockchain for 2 years!

      You can view your badges on your Steem Board and compare to others on the Steem Ranking

      Vote for @Steemitboard as a witness to get one more award and increased upvotes!
      $0.00
        Reply

        Coin Marketplace

        STEEM 0.19
        TRX 0.16
        JST 0.030
        BTC 67190.56
        ETH 2617.59
        USDT 1.00
        SBD 2.67