📅 Original date posted:2018-01-17
📝 Original message:Why wouldn't they just test the frequency of words from the wordlist in
entirety?
On Jan 17, 2018 5:10 PM, "Weiwu Zhang via bitcoin-dev" <
bitcoin-dev at lists.linuxfoundation.org> wrote:
> 2018-01-09 19:20 GMT+08:00 Ronald van der Meer via bitcoin-dev
> <bitcoin-dev at lists.linuxfoundation.org>:
> > After reviewing some bitcoin improvement proposals, I noticed that one
> of the words that can be found on the BIP39 English wordlist is “satoshi”.
> > I suggest removing this word from the list so it’s less obvious that
> it’s a bitcoin seed when found by a malicious third party.
>
> If a malicious third party discovers a word list that look like a
> seed, they would try using it as Bitcoin seed first anyway, with or
> without finding the word 'satoshi' in it. The security threat is that
> a malicious third party may index what they found and test every
> occurrence of 'satoshi' for a lead to a seed.
>
> For example, a hard-disk recycling service would add this word to
> their salvage tools. Any successfully hacked gmail account will be
> 'satoshi' tested too.
>
> So I see this as a reasonable improvement:)
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20180117/ae8bb6fa/attachment.html>;
CryptAxe [ARCHIVE] /
npub12p…js309
2023-06-07 20:09:36
in reply to nevent1q…5g3l
Author Public Key
npub12p7jzesdg8kxdg8rujr20znnd868fgugczkwh4cyxwa6gnxj5sxsnjs309Published at
2023-06-07 20:09:36Event JSON
{
"id": "8dcac3107e47b6137adbb0604a8eb4e8d83f8dc45b59226ae3146e909d06fc5d",
"pubkey": "507d21660d41ec66a0e3e486a78a7369f474a388c0acebd70433bba44cd2a40d",
"created_at": 1686161376,
"kind": 1,
"tags": [
[
"e",
"af95054b4a9851c4be8011ad5ba948392ace95a3f2a3e739e6cb49fac5454419",
"",
"root"
],
[
"e",
"b5bb7cabeb52f26e241d9eaab9dcbe03ce2ddbc93926928ebfd1a5a113b7dae0",
"",
"reply"
],
[
"p",
"87ff94d0fb122c6eb89379a9d938e4813e505375a9791913438cc94e8cccce10"
]
],
"content": "📅 Original date posted:2018-01-17\n📝 Original message:Why wouldn't they just test the frequency of words from the wordlist in\nentirety?\n\nOn Jan 17, 2018 5:10 PM, \"Weiwu Zhang via bitcoin-dev\" \u003c\nbitcoin-dev at lists.linuxfoundation.org\u003e wrote:\n\n\u003e 2018-01-09 19:20 GMT+08:00 Ronald van der Meer via bitcoin-dev\n\u003e \u003cbitcoin-dev at lists.linuxfoundation.org\u003e:\n\u003e \u003e After reviewing some bitcoin improvement proposals, I noticed that one\n\u003e of the words that can be found on the BIP39 English wordlist is “satoshi”.\n\u003e \u003e I suggest removing this word from the list so it’s less obvious that\n\u003e it’s a bitcoin seed when found by a malicious third party.\n\u003e\n\u003e If a malicious third party discovers a word list that look like a\n\u003e seed, they would try using it as Bitcoin seed first anyway, with or\n\u003e without finding the word 'satoshi' in it. The security threat is that\n\u003e a malicious third party may index what they found and test every\n\u003e occurrence of 'satoshi' for a lead to a seed.\n\u003e\n\u003e For example, a hard-disk recycling service would add this word to\n\u003e their salvage tools. Any successfully hacked gmail account will be\n\u003e 'satoshi' tested too.\n\u003e\n\u003e So I see this as a reasonable improvement:)\n\u003e _______________________________________________\n\u003e bitcoin-dev mailing list\n\u003e bitcoin-dev at lists.linuxfoundation.org\n\u003e https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev\n\u003e\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20180117/ae8bb6fa/attachment.html\u003e",
"sig": "5e53df0aae46336ed8c462d2e22d300898ef35e4c37506dba22bd7868968ed8c47cb5d7a9a4c6432d90fceb609b6a55ec88f433ce592401a9d99aaca777f03e5"
}