h a l f b a k e r yThink of it as a spell checker that insults you, as well.
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
A website that will restore your lost bitcoin private key, upon
verified evidence that you are the authentic owner of that key.
Marked-For-Category (please tell me of a more appropriate
category or move it there yourself
Please log in.
If you're not logged in,
you can see what this page
looks like, but you will
not be able to add anything.
Annotation:
|
|
How do you stop the site running away with your dosh? |
|
|
Dang it pomloc, don't give away his business model! |
|
|
The website allows you to store a series of questions and answers that it uses to generate an encryption key, client side. Things like birthday, public key, dog's name etc. |
|
|
You enter your private key and it's encrypted using this key, still client side. |
|
|
The website then uploads your questions, and encrypted key to its server (never seeing the answers or the private key). |
|
|
To retrieve, it would present you with the list of questions and the encrypted key. |
|
|
On the client side it would reconstruct the original private key using the answers given, along with the encrypted key it stored. |
|
|
This way the site never has an unencrypted copy of the private key on its server. |
|
|
I've no idea if this would actually work... and for me, encrypting the key using winzip then emailing myself might be easier. |
|
|
Explicitly storing keys in a dedicated site is just inherently
weak. It's too tempting a target. |
|
|
If outside hackers don't break it, then inside laziness or
blind points (we all have them) will leave things exposed.
Or, insiders get social-engineered to give away keys. |
|
|
Just stuff your keys into the bottom of a JPG file, & upload
those files to any server, along with your other family
photos that no hacker would ever care about. |
|
|
Security through obscurity. |
|
|
Why not just store your Bitcoin keys in your LastPass
vault with the rest of your passwords? Strong client-side
encryption, cloud storage, multiple options
for multi-factor authentication. Seems perfect. |
|
|
There's a book Microsoft put out in the 90's about computer
jokes. It had a guy wearing a big badge with the word
REAGAN, and the caption read: "Always wear your passwords
out in the open" |
|
| |