Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from <mh.in.england@gmail.com>) id 1XAche-0005OZ-Mk for bitcoin-development@lists.sourceforge.net; Fri, 25 Jul 2014 10:26:18 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.218.51 as permitted sender) client-ip=209.85.218.51; envelope-from=mh.in.england@gmail.com; helo=mail-oi0-f51.google.com; Received: from mail-oi0-f51.google.com ([209.85.218.51]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1XAchc-00056L-Uu for bitcoin-development@lists.sourceforge.net; Fri, 25 Jul 2014 10:26:18 +0000 Received: by mail-oi0-f51.google.com with SMTP id g201so3162763oib.38 for <bitcoin-development@lists.sourceforge.net>; Fri, 25 Jul 2014 03:26:11 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.182.52.197 with SMTP id v5mr2625554obo.85.1406283971414; Fri, 25 Jul 2014 03:26:11 -0700 (PDT) Sender: mh.in.england@gmail.com Received: by 10.76.35.234 with HTTP; Fri, 25 Jul 2014 03:26:11 -0700 (PDT) In-Reply-To: <CACq0ZD4nCJ+dzUG+KV+eCxE2My+T4Acr4qy-Y6A-dFvuRG=Eaw@mail.gmail.com> References: <53D1AF6C.7010802@gmail.com> <CACq0ZD56NuADphK-28zxR=dAPnZOPY4C0GO=zLdOhVxBpRKwoA@mail.gmail.com> <CAAS2fgSncktfkq0J23O04BWhtUD7V7OHCKAyuPbg7gJTKz-rTQ@mail.gmail.com> <CAG8oi1MNot6RruCu5cLSFAND5noZToPLvTqMP26bwKQGU_2C3g@mail.gmail.com> <CACq0ZD4nCJ+dzUG+KV+eCxE2My+T4Acr4qy-Y6A-dFvuRG=Eaw@mail.gmail.com> Date: Fri, 25 Jul 2014 12:26:11 +0200 X-Google-Sender-Auth: K7MgIZSySMUvkIJgc93InVEy-gQ Message-ID: <CANEZrP0pMA=LB=Mi9xj9YbJ83=0r6Xa4_6Ua+wpAtsg5OdS7Kw@mail.gmail.com> From: Mike Hearn <mike@plan99.net> To: Aaron Voisine <voisine@gmail.com> Content-Type: multipart/alternative; boundary=089e0158b0d891d09e04ff0200f7 X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (mh.in.england[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1XAchc-00056L-Uu Cc: "bitcoin-development@lists.sourceforge.net" <bitcoin-development@lists.sourceforge.net> Subject: Re: [Bitcoin-development] Time X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: <bitcoin-development.lists.sourceforge.net> List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe> List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development> List-Post: <mailto:bitcoin-development@lists.sourceforge.net> List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help> List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe> X-List-Received-Date: Fri, 25 Jul 2014 10:26:19 -0000 --089e0158b0d891d09e04ff0200f7 Content-Type: text/plain; charset=UTF-8 Given that the speed at which the block chain advances is kind of unpredictable, I'd think it might be better to just record the time to disk when a PIN attempt is made and if you observe time going backwards, refuse to allow more attempts until it's advanced past the previous attempt. On Fri, Jul 25, 2014 at 7:56 AM, Aaron Voisine <voisine@gmail.com> wrote: > It's based on the block height, not the block's timestamp. If you have > access to the device and the phone itself is not pin locked, then you > can jailbreak it and get access to the wallet seed that way. A pin > locked device however is reasonably secure as the filesystem is > hardware aes encrypted to a combination of pin+uuid. This was just an > easy way to prevent multiple pin guesses by changing system time in > settings, so that isn't the weakest part of the security model. > > Aaron Voisine > breadwallet.com > > > On Thu, Jul 24, 2014 at 8:21 PM, William Yager <will.yager@gmail.com> > wrote: > > On Thu, Jul 24, 2014 at 10:39 PM, Gregory Maxwell <gmaxwell@gmail.com> > > wrote: > >> > >> > >> Is breadwallet tamper resistant & zero on tamper hardware? otherwise > >> this sounds like security theater.... I attach a debugger to the > >> process (or modify the program) and ignore the block sourced time. > >> > > > > It's an iOS application. I would imagine it is substantially more > difficult > > to attach to a process (which, at the very least, requires root, and > perhaps > > other things on iOS) than to convince the device to change its system > time. > > > > That said, the security benefits might not be too substantial. > > > > > ------------------------------------------------------------------------------ > > Want fast and easy access to all the code in your enterprise? Index and > > search up to 200,000 lines of code with a free copy of Black Duck > > Code Sight - the same software that powers the world's largest code > > search on Ohloh, the Black Duck Open Hub! Try it now. > > http://p.sf.net/sfu/bds > > _______________________________________________ > > Bitcoin-development mailing list > > Bitcoin-development@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > > > > ------------------------------------------------------------------------------ > Want fast and easy access to all the code in your enterprise? Index and > search up to 200,000 lines of code with a free copy of Black Duck > Code Sight - the same software that powers the world's largest code > search on Ohloh, the Black Duck Open Hub! Try it now. > http://p.sf.net/sfu/bds > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > --089e0158b0d891d09e04ff0200f7 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">Given that the speed at which the block chain advances is = kind of unpredictable, I'd think it might be better to just record the = time to disk when a PIN attempt is made and if you observe time going backw= ards, refuse to allow more attempts until it's advanced past the previo= us attempt.</div> <div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">On Fri, Jul 2= 5, 2014 at 7:56 AM, Aaron Voisine <span dir=3D"ltr"><<a href=3D"mailto:v= oisine@gmail.com" target=3D"_blank">voisine@gmail.com</a>></span> wrote:= <br><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-lef= t:1px #ccc solid;padding-left:1ex"> It's based on the block height, not the block's timestamp. If you h= ave<br> access to the device and the phone itself is not pin locked, then you<br> can jailbreak it and get access to the wallet seed that way. A pin<br> locked device however is reasonably secure as the filesystem is<br> hardware aes encrypted to a combination of pin+uuid. This was just an<br> easy way to prevent multiple pin guesses by changing system time in<br> settings, so that isn't the weakest part of the security model.<br> <span class=3D"HOEnZb"><font color=3D"#888888"><br> Aaron Voisine<br> <a href=3D"http://breadwallet.com" target=3D"_blank">breadwallet.com</a><br= > </font></span><div class=3D"HOEnZb"><div class=3D"h5"><br> <br> On Thu, Jul 24, 2014 at 8:21 PM, William Yager <<a href=3D"mailto:will.y= ager@gmail.com">will.yager@gmail.com</a>> wrote:<br> > On Thu, Jul 24, 2014 at 10:39 PM, Gregory Maxwell <<a href=3D"mailt= o:gmaxwell@gmail.com">gmaxwell@gmail.com</a>><br> > wrote:<br> >><br> >><br> >> Is breadwallet tamper resistant & zero on tamper hardware? oth= erwise<br> >> this sounds like security theater.... I attach a debugger to the<b= r> >> process (or modify the program) and ignore the block sourced time.= <br> >><br> ><br> > It's an iOS application. I would imagine it is substantially more = difficult<br> > to attach to a process (which, at the very least, requires root, and p= erhaps<br> > other things on iOS) than to convince the device to change its system = time.<br> ><br> > That said, the security benefits might not be too substantial.<br> ><br> </div></div><div class=3D"HOEnZb"><div class=3D"h5">> ------------------= ------------------------------------------------------------<br> > Want fast and easy access to all the code in your enterprise? Index an= d<br> > search up to 200,000 lines of code with a free copy of Black Duck<br> > Code Sight - the same software that powers the world's largest cod= e<br> > search on Ohloh, the Black Duck Open Hub! Try it now.<br> > <a href=3D"http://p.sf.net/sfu/bds" target=3D"_blank">http://p.sf.net/= sfu/bds</a><br> > _______________________________________________<br> > Bitcoin-development mailing list<br> > <a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-d= evelopment@lists.sourceforge.net</a><br> > <a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-develo= pment" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitco= in-development</a><br> ><br> <br> ---------------------------------------------------------------------------= ---<br> Want fast and easy access to all the code in your enterprise? Index and<br> search up to 200,000 lines of code with a free copy of Black Duck<br> Code Sight - the same software that powers the world's largest code<br> search on Ohloh, the Black Duck Open Hub! Try it now.<br> <a href=3D"http://p.sf.net/sfu/bds" target=3D"_blank">http://p.sf.net/sfu/b= ds</a><br> _______________________________________________<br> Bitcoin-development mailing list<br> <a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo= pment@lists.sourceforge.net</a><br> <a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development= " target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment</a><br> </div></div></blockquote></div><br></div> --089e0158b0d891d09e04ff0200f7--