Author Topic: Does an running client weaken security? (Read 49 times)

achim · « **on:** December 09, 2013, 09:21:32 PM »

I have a really long and strong password for the NXT client. What possibilities does a hacker have to still steal my coins?

If he managed to have a keylogger running on my machine, he could probably read my password, ut that would also be possible with the bitcoin client.

What happens if I leave the client open for mining? If he gained control over my machine, he wouldn't even have to enter a password to do a transaction, right?

I'm sure the devs thought this through, so what didn't I get? Or is the second scenario improbable anyway?

Come-from-Beyond · « **Reply #1 on:** December 09, 2013, 09:25:59 PM »

If u webpage is closed then only scanning java process memory can retrieve ur passphrase. For rootkits this is not a problem at all.

opticalc · « **Reply #2 on:** December 09, 2013, 11:17:39 PM »

Quote from: Come-from-Beyond on December 09, 2013, 09:25:59 PM

If u webpage is closed then only scanning java process memory can retrieve ur passphrase. For rootkits this is not a problem at all.

unless the rootkit has a keylogger

Come-from-Beyond · « **Reply #3 on:** December 09, 2013, 11:20:34 PM »

Rootkits live in ring 0, they have access to the whole memory, no need to log keypresses.

opticalc · « **Reply #4 on:** December 09, 2013, 11:52:03 PM »

Quote from: Come-from-Beyond on December 09, 2013, 11:20:34 PM

Rootkits live in ring 0, they have access to the whole memory, no need to log keypresses.

sorry, i misread the intent of your previous message

Author Topic: Does an running client weaken security? (Read 49 times)

achim

Does an running client weaken security?

Come-from-Beyond

Re: Does an running client weaken security?

opticalc

Re: Does an running client weaken security?

Come-from-Beyond

Re: Does an running client weaken security?

opticalc

Re: Does an running client weaken security?