04 Sep '13, 12pm

Bitcoin 0.8.4 Update Offers Security Improvements

Bitcoin 0.8.4 Update Offers Security Improvements

In previous versions of bitcoin-qt RPC (remote procedure call) commonly used for servers, the password was verified by comparing the entered password to the stored password byte-by-byte . Effectively, the client would loop through the password letter by letter until there was a missmatch and return a failure. The closer a password was to being correct the longer it would take to return the failure. For example if the correct password was “andresen123”, it would take longer to verify “apple” than “bitcoin” or “chain,” so the attacker could feel comfortable that the start of apple was correct character. Similarly, “animal” would take longer than “apple” (since the “an” matches) and the attacker could continue to iterate through passwords until the correct one is brute forced.

Full article: http://thegenesisblock.com/bitcoin-0-8-4-update-provides-...

Tweets

Update to Bitcoin Client Fixes DoS Bug, Password Strength

Update to Bitcoin Client Fixes DoS Bug, Passwor...

threatpost.com 04 Sep '13, 7pm

The developers behind Bitcoin-QT, a software wallet used to protect and back up Bitcoin currency, have pushed out a new ve...

Inputs.io: a high-security #bitcoin web wallet

Inputs.io: a high-security #bitcoin web wallet

coindesk.com 01 Sep '13, 9am

A number of bitcoiners have become rather disenchanted with their web wallets recently, what with a bug in Blockchain.info...