Bitcoin Forum

OK - Sorry to start a second thread, but I feel like I won't get the answer I'm looking for in the last.

Right now I have 2 bitcoin. I have 2 options for tonight, I would prefer not to Invest anymore money into an offline computer or a trezor, as its only 2 btc. There has to be a esay and secure way to store the damn things lol.

What is better? Blockchain.info with Really long random password + 2fa

-OR-

A Asus A7 laptop that was wiped just 5 minutes ago and is currently running Linux Mint. This computer will be connected to the internet, but will only be accessing one single site per day, which is a trusted site. All other internet browsing and downloads, youtubing, or anything else will be done on my windows laptop. I'm considering running Multibit or Armory with Password protection + paper back ups.



ok - Ignoring 3rd party risk with Blockchain.info - Which is safest from being hacked between the 2?

and again, sorry for starting another thread, I was just getting way too many conflicting opinions and I'm almost more confused than I was to begin with haha.

Eventually, I will buy a Trezor or the other one for $35, but atm I just don't have enough coins to justify purchasing a Rasberry Pi or Trezor to hold a few Bitcoin.



If I never access anything but am just connected to the internet, and only visit one website, never downloaded anything, and never used the computer for anything other than bitcoin transactions, would I hypothetically be safe to store bitcoins on that wallet for longer than a year? Or am I better off with Blockchain.info for this?

I'd hate to store it with them, and then they go out of business haha, but I've always used Blockchain in the past and have nothing but good things to say.

I will say the laptop will be your best choice if you have proper security setup on it.

If you do not plan on using the coins in the near future you can also opt for a safe paper wallet. Just do a search here on the forum for details on how to setup a safe paper wallet.

With Multibit you will be in full control of your wallet (all private keys) as well as your security and will not be dependant on a third party.

In regards to the wallet, Armory is rock solid but it will mean that you will have to download the blockchain so I will go with MultiBit. Electrum is my personal choice though but that is because I use a Trezor with multiple accounts in my wallet and Multibit do not pickup the multiple accounts.

Personally, I'd choose Blockchain.info. It isn't the most secure method, but it's never been hacked before (apart from a key generating bug, which was patched and all BTC was returned). No BTC is stored with them, all encryption is completed in your browser.

Your laptop is probably the safer method, because your OS can get hacked (not blockchain.info).

Ok Nomad, Thanks bro, I appreciate that. I am leaning that direction too. I believe Multibit is probably the safest.

I know how to navigate around a computer fairly easy, I don't typically infect my computers with viruses because I am super picky about the things I click or access. I figured as long as I am super smart about what I do on the computer, even though it will be actively connected to the internet, I should be ok right?

I am downloading Multibit now andsetting up a Password protection.

Thank you sir for your help.

Interesting haha, ok, wait I am confused though I am sorry,

On the last part " Your laptop is probably the safer method, because your OS can get hacked (not blockchain.info)", are you saying that Blockchain.info is still the safer method there? or are you saying that the Laptop is safer?

Thank you, sorry.

If someone says an online wallet is safer than a local wallet. You should ignore his opinion IMHO.

Blockchain.info is a very buggy client. You should never store Bitcoins unless you are fine if it is stolen.

This is really bad advice, if you truely believe Blockchain.info to be the safest then you need to do some serious reading on this forum.

Trezor is fine according to me if you are to have it safe and sound all the time with you as you can use it anytime you want, and that it won't need internet to have your coins stored in it.

a fresh pc if you know how to do that properly.


or a hardware wallet:

https://bitcointalk.org/index.php?topic=899253.0

blockchain.info is too insecure even with 2fa.

check ninkip2p - they offer multisig addresses and 2fa, which is more secure than blockchain.info. desktop + mobile wallet of course

I would definitely go for multbit on a computer. Desktop wallets are generally already safer than online wallet even with 2FA. Since you want to ignore the third party risk which is a central point of failure, a desktop wallet with enough security precautions can be near to be as safe as cold storage. Linux are generally safer than Windows hence it would be a great choice already. Even though multibit is a SPV client and they only verify block headers hence exposing the risk of accepting invalid blocks, blockchain.info broadcast transactions which are invalid. Given Blockchain.info's bad security track record, not only bad RNG, it occured serveral times and it shows that blockchain.info can't be bothered to even test it for vulnerabilities before releasing the update.

dedicated computer for you bitcoin client, without the need to install anything on it or browsing anything, is the most secure online wallet, and probably on par with an offline wallet, as long as you use it ONLY to spend your coins and nothing else

Of course Multibit is safer.
Bitcoin Core > 3rd party Bitcoin clients > online wallets
As you can see, online wallets are the worst decision for storing Bitcoin.

the best option in my opinion is creating a live linux on a USB disk and installing the bitcoin wallet of your choice there (i use electrum).
this way:
1) you have an offline wallet which you can spend from (sign offline and broadcast elsewhere)
2) you spend the lowest amount of money in making it (only the cost of a USB disk)

i used this topic as a reference: https://bitcointalk.org/index.php?topic=853288.0

Your comparison is wrong! Bitcoin Core = Other clients in matter of safety.

OK, I am the one that advised you to get a Trezor in a 1st thread, now I see and I agree with you that for 2 BTCs you shouldn't be getting a Trezor. My rule of thumb is to invest 5% of your money to protect it, so with this calculation, anybody that has 10 BTCs or more is justified to get a Trezor.

As for your current situation, I would keep a dedicated computer. That's a very safe way. Install a keyloger, even a free version is OK, get a decent anti-virus and a Multibit and you will be fine.

Stay away from online wallets including blockchain.info.

Private key control is the only thing that matters to keep your coins secure.

Trusting a third party with your key is not something you want to do. I'd rather go with MultiBit.

You could use Blockchain.info and export the private keys, but nothing stops them from transferring your funds using your private key before you realise it.

Good start. Fresh install of linux Mint.
 
If your laptop has the resources install VirtualBox. Then run another linux guest OS. Something lightweight like Peppermint or LinuxLite.  Use your guest OS just for the wallet. Vbox also gives you the option of encrypting the guest OS for extra security.

The un-sacred succulent is right. It all comes down to owning your keys and the way you store them.
Personally I dislike multibit, it has many glitches AND I would not store any notable size of coins with blockchain.info either.
I prefer COLD storage and out of the two, multibit would be the only option that offers a cold storage method.

Trezor is more or less, I would say providing the same security as a paperwallet/offline computer/dedicated one. Anti keyloggers won't protect you against all the attack methods and anti virus can't identify all the viruses.
Blockchain.info is opensourced, no unencrypted private keys are sent to the server. The decryption happens on your browser so they have no way to access your address.

i think Blockchain.info with 2fa and a long secured password is still a better option to store your coins because blockchain didn't ever got hacked if I was not wrong...I will advice you blockchain but decide by viewing others too

While it is true that blockchain.info never got hacked before, it is nearly impossible as they don't store unencrypted keys on the server. They do not need your consent to update their script which can introduce an exploit and they don't bother much about pentesting their script.

Bitcoin core verifies blocks individually to ensure that they follow the network rules. SPV clients have been proven to be quite insecure as demonstrated in the 4th July 2015 fork. Even though Bitcoin Core V 0.9.4 and below can be exposed to this threat, the risk can be migrated after upgrading.

No, of course not. It's impossible to put Bitcoin Core with other 3rd party clients to equality. Even they are open source you can't %100 trust them as you do yourself.

If you're storing a significant amount of Bitcoin, just invest in an offline Raspberry Pi to store your Bitcoins. It is only about $30-$35 to buy, and with it being offline your coins have no risk of being stolen through a hack of malware.

However, to answer your original question, Multibit is probably the best option with a secure password. I have stored my Bitcoin on my main computer for several years and, while being very careful of what I download and open, I have never had my Bitcoins stolen.

Even though I agreed that Bitcoin Core is more secure, I would have to say that your point is not solid. Bitcoin Core can easily be changed just like any other SPV clients, the developers can easily push an update to change some of the things. Opensourced doesn't really help unless you review the source code yourself and compile it. If you do, any client should be as safe as Bitcoin Core.

i believe blockchain wallet is more safer thats why i use it to store all my funds even though i dont have a lot

I guess that you haven't read this whole thread and also a thread that the OP has opened a day or two ago, so you don't know exactly what he needs.

He needs a way to move his coins very fast from his wallet to the exchanges, since he wants to trade alts. While doing this, he wants to be as safe as possible. He also doesn't have enough BTCs to invest into Trezor.

So he has decided for a clean, erased machine where he will install Multibit and he will use this machine only for Bitcoin operations. In this case, a decent anti-virus and a keylogger will just add protection to his clean machine.

Also yes, Trezor is the same as paper wallets, but with Trezor, you can move funds in a blink of an eye, safely, and very often. Paper wallets don't offer you this convenience.

Cheers!

completely wrong. blockchain.info has quite the history of having coins stolen from their site, heres a few examples.
http://www.coindesk.com/good-samaritan-blockchain-hacker-returned-255-btc-speaks/
https://bitcointalk.org/index.php?topic=875805.0
the forum link is particularly pertinent to this, 60+ btc hacked from a BC.i wallet with 2FA enabled.

Are you sure they are not storing unencrypted private keys on their server? They can easily change the code to whatever they like and that makes it us to trust them completely.

I'd choose blockchain.info. It's very safe and trustful.

blockchain.info is not safe. read the comment by "subSTRATA" on top of what you said first.

i mean it is one of the good online wallets out there but it definitely is not the safest option to store your bitcoins. it is an easy way to make a quick bitcoin wallet and only for storing very small amounts that you might wanna spend easily without going into your cold wallet.

If the computer was compromised, neither would be safe.

As you can see OP, security is a hot topic with many layers and depth to cover just as there are so many opinions. You can spend forever learning all the various angles and arguing this n that.
You are running Linux, that's a plus, and you are taking precautions and scoping stuff out. I'd say, if your just looking for temporary security before you go even more secure, do the multi it with a ridiculously complex password that is handwritten on paper. Then avoid browsing the web on that computer until you can get a hardware wallet.
If you aren't surfing and keying in that pw then you have nothing to fear.
In the mean time get yourself a ledger hardware wallet. They are cheap, easy to use, and safe as milk.
Then you can relax and use your computer like normal.

Keep the multi it as your hot wallet.

Frankly, hacks are fairly rare. We just hear all about them cause people like to shout

you can go for the online blockchain.info wallet with 2fa security and if you think you are safe with only visiting a site then you can also try the other method but hackers can still steel your data by hacking that site or infected that site with malware codes EXAMPLE=redress attack

It depends if you want to bother or not.
A Desktop client is secure enough if you take good security measures (wallet encryption, encrypted backup) and don't download shady softwares.
But some people who are really not used to Bitcoin or simply lazy, can use Circle or Coinbase with 2FA. They are normally insured against hack that is not your fault but the downside is that they can freeze your money like Paypal etc. So if you gamble or re-sell your bitcoins, you need to go elsewhere.
Blockchain.indo is quite controversial. Some people love it, some people hate it because of bugs and several problems. I think it's a good wallet for daily spendings, not to store a big stash.

I personally choose a fresh PC with good security system, read this thread (https://bitcointalk.org/index.php?topic=203876.0) for tips to keep your system updated and stay secure.
For the wallet i choose Electrum, or you can go buy a hardware wallet like trezor if you have a budget and you can use paper wallet, it's cheap.

i would personally choose multibit rather than blockchain.info, even my wallet on blockchain.info have 2fa
main reason is i can completely have own access on my wallet, which is nobody does have.