They did a brute force on private keys starting at 0x00...00 and increasing and found some BTC. They did a brute force on some brain wallets using common words as a private key generator and found some BTC.
They did a brute force on some "random" brain wallets that they were using JavaScript's Math.random(). Because JS generates a random number with a seed based on what time it is, they were able to generate past and future private keys and found some more BTC.
They also expanded on this ECDSA vulnerability explaining that once they found one bad address, they could use what they found there to expose other bad addresses. I thought it was an interesting talk, even though all of these "vulnerabilities" have been known for a while and are all because of bad client side code, aka in wallets.
Congratulations @olivo! You have received a personal award!
Happy Birthday - 1 Year
Click on the badge to view your own Board of Honor on SteemitBoard.
For more information about this award, click here
Following you!
Congratulations @olivo! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Vote for @Steemitboard as a witness to get one more award and increased upvotes!
Beautiful post