Security of "Average Joe" Wallet

Acedian

Member
Mar 17, 2017
243
71
88
Dash Address
XeMABbcebB5yeZH2HxsV7yLNJA9hbzMgpz
I am concerned that as we approach mass adoption Dash theft will hurt our progress.

What are the developers adding to reduce the risk to user's funds?

A suggestion I would make is to add additional encryption security similar to VeraCrypt's PIM to user's wallets to help protect users with less secure encryption keys.

Also, as part of our advertising campaigns, I think people should be informed about the risk of using external wallets.

Unfortunately there is a lot of scum out there looking to steal whatever they can. Our first priority has to be to protect the vulnerable.
 

tungfa

Grizzled Member
Dash Core Team
Moderator
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,902
6,735
1,283
mass adoption ? where ?

security
biggest problem is that people ether do not encrypt their wallet or do so and lose their password as they do NOT use a password manager as suggested
security is fine - nobody ever lost any coins as of a security breach on wallet encryption level !
obviously we are adjusting as technology enhances

3rd part wallets ... as always - inhouse (Dash) wallets are suggested but if people wanna use multicoin wallets as jaxx or whatever u can not stop them !
(laziness winns - security loses :rolleyes: )
 

Acedian

Member
Mar 17, 2017
243
71
88
Dash Address
XeMABbcebB5yeZH2HxsV7yLNJA9hbzMgpz
biggest problem is that people ether do not encrypt their wallet or do so and lose their password as they do NOT use a password manager as suggested
Force them to add an encryption key and make a "poor" password safer by implementing updated encryption.

security is fine - nobody ever lost any coins as of a security breach on wallet encryption level !
Force the user to backup the wallet then.

3rd part wallets ... as always - inhouse (Dash) wallets are suggested but if people wanna use multicoin wallets as jaxx or whatever u can not stop them !
I don't see this along side advertising campaigns.
 

jimbursch

Well-known Member
Mar 5, 2017
837
501
163
56
Different people have different threat profiles and different use cases. Nobody should be "forced" to do anything. Core's primary responsibility is to secure the network and the protocol for wallet functionality. Once that is done, then the market (including open source projects) can provide education and reputable services built on top of that, including a variety of wallets that address different threat profiles and use cases. Right now the Dash wallet offering is sucky. I think that is going to change dramatically when the DAPI is up and running and devs can start building on it.

Just my humble opinion.
 

Acedian

Member
Mar 17, 2017
243
71
88
Dash Address
XeMABbcebB5yeZH2HxsV7yLNJA9hbzMgpz
You are forced to use a wallet, in one form or another, if you want to use Dash? You have to have a password for every other account in the world.
The problems with the current standard of crypto's "optional security" have to be addressed if we want mass adoption.
 

tungfa

Grizzled Member
Dash Core Team
Moderator
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,902
6,735
1,283
You are forced to use a wallet, in one form or another, if you want to use Dash? You have to have a password for every other account in the world.
The problems with the current standard of crypto's "optional security" have to be addressed if we want mass adoption.

the options are in place !
passwords and security are key - if u do not use it it is up to u !
u can not enforce any of this same as 2fa - being your own bank brings the responsibility of it - but enforcing is the wrong approach
users (should be ) old enough to make proper decisions

remember when that guy did the video about security and encouraged people not to use passwords ;)
same old
 

Acedian

Member
Mar 17, 2017
243
71
88
Dash Address
XeMABbcebB5yeZH2HxsV7yLNJA9hbzMgpz
People are idiots and need protecting from themselves. They are lazy and stupid.
This means if you don't make them use the security available they won't.
They will however bad mouth Dash when they get their Dash stolen.
If stupid people losing money isn't important to Dash, Dash will fail in it's attempt at greatness.
 

tungfa

Grizzled Member
Dash Core Team
Moderator
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,902
6,735
1,283
People are idiots and need protecting from themselves. They are lazy and stupid.
This means if you don't make them use the security available they won't.
They will however bad mouth Dash when they get their Dash stolen.
If stupid people losing money isn't important to Dash, Dash will fail in it's attempt at greatness.
and then they lose their password / encryption and are still bitching at us that they lost it themselves !
chicken - egg - chicken - .... :rolleyes:
 

Acedian

Member
Mar 17, 2017
243
71
88
Dash Address
XeMABbcebB5yeZH2HxsV7yLNJA9hbzMgpz
As they are adding the password you inform them, on no uncertain terms, that if they lose the password no one can help them.
Alternatively, create a password recovery system. To be a PayPal rival this will be needed. I have no idea how to implement this...
 

tungfa

Grizzled Member
Dash Core Team
Moderator
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,902
6,735
1,283
As they are adding the password you inform them, on no uncertain terms, that if they lose the password no one can help them.
Alternatively, create a password recovery system. To be a PayPal rival this will be needed. I have no idea how to implement this...
recovery system will always end up in a centralised way
and then u are not your 'own back' anymore

back to chicken and egg and chicken .... :rolleyes:
 

Acedian

Member
Mar 17, 2017
243
71
88
Dash Address
XeMABbcebB5yeZH2HxsV7yLNJA9hbzMgpz
Why does it have to be centralised?