Bitcoin Forum

I'd like to know peoples opinions on the risks of having my coins stolen in the following situation..

I purchase a new PC and only connect it to the internet to download/update Bitcoin-qt and to update the blockchain/send transactions.

The PC is not used for anything else.

I find it highly unlikely that the private keys could get compromised, but I may be missing something.

question: are you the only one you has access to the pc? password protected?

if yes: its a possibility but i would recommend not to leave your wallet on that computer.

It would be a lot cheaper to store your coins in a paper wallet!

Yes, I would be the only one with access.

Why would you recommend otherwise?

To do this I also need to purchase an uncompromised computer - if I have to do that anyway, then why not have a dedicated computer for Bitcoin?

i just thought: whats happens when someone steals that computer? wouldnt it be more clever to store it on several USB sticks in several locations?

when you are only talking about 500 USD in bitcoins okay, do it on the computer. but with an activity of over 700 you might have more than 500 USD in bitcoin...  ;)

Be sure you encrypt your wallet with a strong password and you should be fine.

However, for very large amounts I'd look into a trezor, cold storage etc.

The problem is a computer is a multi-purpose device. It's meant to run programs; and there are very many ways for external programs to eventually execute on your computer, not all of them benign. This is why very many computer users do experience malware at some point. Could you be sure nobody did any Internet browsing or inserted arbitrary flash drives on your computer over an extended time? For substantial amounts you might be stressed ever leaving your computer unattended.

If you're intent on this route, however, you can button down your computer as well as you can. Don't install anything and turn off absolutely everything, javascript, flash, browser plug-ins, everything. Also, as LiteCoinGuy points out be sure you have backups to the wallet which exist, ideally on printout as well as USB. Also remember it's not a good idea to keep every single coin you have at one single point of failure.

+10,000

Paper wallet is safer than electronic...especially if its somewhere safe like a deposit box and covered such that you need to tamper with a seal to gain access to a private key.  I wouldn't trust any computer at all. I would only use a thumbdrive for certain if I knew that it was being kept in similar conditions to a paper wallet.

In terms of unique access, the most important factor to me seems to be what operating system is being run.  Given the material released by Snowden, I would find it more likely than not that by Win-8 vintage it is possible for the NSA and whatever parties they choose to work with to access almost anything on a stock computer (including smart phones.)  That is not to say that they would probably make a habit of it though, and certainly not to snake a few BTC.  If/when they choose to do so, however, I would not anticipate encryption slowing them down excessively.

Even if one is simply worried about garden variety cyber-criminal ankle biters, the question of operating system is still an big part of the equation.  A brand new computer which has been treated carefully is probably fairly safe from this class of attackers until and unless they exploit holes arranged for higher category attackers.  I'm not aware of this being an issue at this time (though my Android seems to get hacked at will and from a fresh wipe.)

^ Yes, I expressed similar sentiments in a past post.

If you want to protect yourself from hackers see my above post. If you want to protect yourself from the NSA you need to start migrating to open source software.

How secure is this method that I used?

Use a factory reset android telephone to access bitddress.org

Then use an offline browser on the telephone and open bitaddress.org (offline) and run brain wallet.

Type in an impossibly large and random alpha numerique code.

Generate address

Take a screenshot of the private key and public key using screenshot function on android phone.

Disconnect PC from the internet

Transfer screenshot from android phone to a brand new and encrypted sha-256 usb drive

Print out paper wallet and store in envelope

Take photo with a digital camera of paper wallet and store on SD card.

Delete screenshot on android phone.

Remove encrypted usb drive from PC before reconnecting to internet.

Store SD card, encrypted USB drive and paper wallet in safe places.




 

Android's RNG is not random

I'm not an expert on computers but doesn't the brain wallet provide a unique output when somebody inputs random typing like......

3903450EFZDFZOJF3405340F9ZDFF034T038TGERPJEPRFP034FZEFZEF03450324534508ZEFZOFJZ ELFJ345


In other words it would be unlikely anybody else would type that exact code in and get the same brain wallet results?

Humans are notoriously EXTREMELY bad at being random.

If you want random input, you should REALLY consider using some source other than your brain or body for generating it.

As Dan said, humans are a bad source of randomness.

For example your string above fails on several levels
- you are using only a very small selection of characters from the available keyspace
- there are several repetitions of sequences

From the line above alone I can conclude you most likely use a keyboard with french layout. Your left hand was hovering slighty above qsdf, your right hand was hovering over the lower part of the numpad, you moved the right hand over to the alphanumeric keys twice (once in the middle of the string and once near the end), you were subconsciously typing on the right hand with a rhythm of thumb-ring finger-index finger (producing the oft repeated 034 sequence), similarily you subconsciously used a rhythm of ring finger - middle finger - index finger with the left hand (producing the ZEF sequence)

An idea I have had for a brain wallet that doesn't require too much memory...

Choose a particular book and make the private key from, say, the third letter of every fifth page, up to x

Then add the ISBN number in between each letter.   

I'd considered some permutation of that strategy.  I'll bet there are a lot of passwords out there that have characters taken from noteworthy and widely distrubuted texts like the Christian bible or U.S. constitution.  I never considered it enough to research how much disparity there may be between various re-prints and such.  I'm guessing that a rainbow table like construct could be pretty effective against such a strategy, but my math (and interest and knowledge of table methods) isn't strong enough to analyze it in detail.

Impressive deductions!  8)

If you are going to go this route, it might be wise to completely remove the wireless adapter drivers, and connect to the Internet via hard wire. That way, you know for a fact when it is going online.

That won't help. He wants to use a computer to store coins which is allowed to connect to the Internet at various times. If your computer is compromised it only takes milliseconds to transfer sensitive information somewhere else once a connection is given. That's why the strongest options are use something like Armory with an offline computer, a completely offline paper wallet, or the Trezor.

I found this guide to be quite helpful in achieving what I wanted to acheive, which was a completely (and forever) offline netbook with armory running on Ubuntu 10.04.

Armory Offline setup tutorial (http://georgeoughttohelp.tumblr.com/post/46937654072/transferring-bitcoins-to-a-secure-offline-wallet-using)

I believe there are only three attack vectors here:

1) malware/other attack is transferred over to the offline netbook via USB when transferring a transaction for signing (not known of yet)

2) an attacker can change the payment address of your payment on the online computer before you create the transaction (this can be avaoided by checking the payment address(es) at all stages of the payment.

3) Someone comes round your house and hits you with a bat until you hand over the password(s) required to steal your coin.

I would also reccomend password-protecting you offline Armory installation even though "George" does not reccomend it; can't be too careful eh!

Thanks for the thoughtful replies.

I am considering Armory, however I will also want an LTC wallet and possibly XPM too.

Considering what e4xit has outlined above, what are the additional attack vectors for my scenario?

I have:

-compromised software when updating wallets.
-direct hacking of my computer due to IP being visible on the network (is this even possible?)

Someone who has the knowledge says brainwallets with passphrases chosen by human beings are a terrible idea:

https://bitcointalk.org/index.php?topic=311000.msg3345309#msg3345309

Use electrum if you want a brainwallet.

How much RAM does Armory need?

Thanks. This should suffice. I just wanted a rough idea.

This discussion is not new. In my opinion most of the analysis is going too far.

Clearly a virus or malware infected system is bad anyways and a special danger for wallets. So first thing before one starts to handle with Bitcoin wallets is to clean the system or use Linux with a dedicated user account - suggested software and procedure for Windows:
 - Superantispyware
 - Avast Antivirus
 - SpyBot
 - CCleaner
 - strict firewall settings
 - manual inspection of the process list in the task manager
 - analyse any small peace of software with www.virustotal.com before installation
 - AdBlock and BetterPrivacy add ons for the browser; turn off 3rd party cookies
 - for paranoids turn off Javascript and Java and do not visit any suspicious sites

When all that done (it has to be done frequently and regulary at best every day) install any wallet software with password protection and strong key encryption (eg. AES256) like Bitcoin-QT. Turn on the password with a secure password (http://bit.ly/19SE2n9 (http://bit.ly/19SE2n9)) - at least 13 characters out of a set of 120. Be careful with the password not to write it down anywhere accessable.

Then Bitcoin addresses may be created. After each new address the wallet.dat must be backed up somewhere eg. cloud, email, memory stick, CD, etc. - at least in two independent locations.

When that is done not too much should happen. If someone is really paranoid he can use https://www.bitaddress.org (https://www.bitaddress.org) on a not connected and clean device to create a paper wallet as cold storage and transfer his Bitcoins there. I would not recommend brain wallets - some kind of backup has to be done which would be equal to paper wallets from a security perspective.

Finally I recommend using more than one wallet (not address) if the Bitcoin amount or value gets bigger - if accidently one wallet is lost or cracked at least the rest will be preserved.

Buy a cheap secondhand android device, wipe it and install only: Cyanogenmod + Mycelium Bitcoin Wallet (https://play.google.com/store/apps/details?id=com.mycelium.wallet&hl=en) + ... nothing else
Use the Cold Storage Spending feature with paper wallets, and don't use it for anything else.

Cheap + Easy + Secure

Demo: http://youtu.be/1pDSzOiFgIk

If one bitcoin worth enough money, there will be hardware key logger built in the mother board, and the motherboard searches any hard drive for wallet files and send it to a server together with logged key stroke as soon as there is a network connection.  :D

The only way to survive such attack is Armory (together with an old usb drive, before any fancy usb hidden devices are invented), but currently armory is still difficult to use

Try using a brain wallet. Store your coins in the mind! :o

Don't. Very few people can come up with a passphrase safe enough to use.

Secondly - if you have an accident and loose your memory all Bitcoins will be lost too.

That's kinda true for my way of saving the Bitcoins too. If I'm the only one who knows it's a lot safer. I'm not responsible for anyone's lifelyhood though (except my own) :)

Little selfish - may it would be worth to leave a closed letter with the private key at your lawyer for the case of the cases.

Maybe it would be a good concept to make Bitcoin addresses invalid after a certain period of time. It would give the miners the possibility to reuse lost coins.

Lets say Bitcoin addresses get invalid after 10 years (we can call it expiration). Then any Bitcoin holder must be aware to transfer his money frequently to a new addresses (latest before 10 years are over). Lost coins can be found by blockchain analysis and simplly be remined.

A lot of people are hostile to this idea (myself included).

Maybe only if the time period was greater than the average life expectancy.

Sorry to keep asking the same sort of questions, but...

If I were to have an online computer with a guaranteed clean OS, running only bitcoin-qt, with no other software ever to be installed, how could someone steal my coins?

(Ignoring offline attacks)

The same way someone could inject malware or a virus in your system without your direct support. Basically the attacker must be able to run some code or script on your computer. If your system was just clean (you never know if it was really clean even if you think so) then there might be three primary leakages:

1. you use any browser and it is able to execute code (Java, Javascript, ActiveX, etc ...) which simply reads your key input (keylogger) and/or your wallet.dat

2. you install some software which serves an attacker as intrusion point and reads your keys and/or wallet.dat

3. some process on your system (who knows how it came where it is now) serves an attacker as intrusion point and reads your keys and/or wallet.dat

You'll never be sure for 100%. But if you follow some rules (one of my previous postings in this thread) the probability to loose Bitcoins gets low.

Thank you.

What I'm struggling to get my head around is that I need a 'clean' PC to generate my private keys for a paper wallet, so why not just install Bitcoin-qt and do NOTHING else with this computer, but send/receive transactions?

Is connecting to the internet inherently dangerous even if you don't download ANYTHING?

Yes it is inherently dangerous. But following some rule reduces risks:
https://bitcointalk.org/index.php?topic=320385.msg3443370#msg3443370 (https://bitcointalk.org/index.php?topic=320385.msg3443370#msg3443370)

I am thinking over long time on the same problem now. Finally the point is: Know your system.
Paper wallets etc also have their flaws.

how exactly the backup recovery process work? what if i have several backups but only manage to recover slightly older version. what happens then with funds and blockchain?

Since the wallet.dat only holds the private keys for the addresses you can access all money bound to that addresses. If the version is old and some addresses are missing in the backup version that money will be lost. The blockchain does care about anybody who looses his addresses.

Don't mean to sound rude but these questions doing from someone with a high level of activity? Sort of weird.
Having all that experience I would assume you should know most all of this basic knowledge of bitcoin.

I have never stored a large number of BTC on a PC at home, but this is something I would like to do in the future (I have found blockchain.info with 2FA to be fine so far).

Of course, I understand that all it takes is for some malware to get onto the PC and the coins are gone - what I am trying to work out is if there is a way to run Bitcoin-qt on a fresh PC and ensure that it is impossible for malware to infect it through your actions (or rather, your lack of actions).  If you don't download anything, how can someone gain access? I don't know enough about hacking - can they hack through your router possibly?

This is all good advice: https://bitcointalk.org/index.php?topic=320385.msg3443370#msg3443370

This thread has served as a bit of a thought experiment for me (and hopefully helped some newbies too).

I use laptop for my wallet transaction and everything else related to bitcoin and transactions. My wallet password has 30+ characters and so on.

That depends.

What you're basically asking is if you can have a pet snake and never be bitten. The best way to guarantee that is don't have the snake. Generally speaking, no, you wouldn't worry simply connecting to the Internet. Absent local machine access a hacker needs a machine to "answer" instructions in some way which can be exploited. This might be a daemon running like telnet or a web server etc. There is also software like PC anywhere which allows remote computer control. Modern Windows computers often reach out remotely for "automatic updates" unless disabled. Throw the NSA into the mix and who knows when your computer is being remotely controlled. However, if your machine isn't set up in anyway to respond to network connections, you do nothing via web browser, and nobody inadvertently turns on or installs exploitable software directly your machine should be okay. The uncertainty is knowing no doors exist over time.

If you intend to store alot of coins in cold storage best not connect it to the webs at all.

Dang, Sherlock!  That's impressive.  Not that you would still crack that in 1 million years.

Ha ha!  :D

http://www.bitcointrezor.com/


Sure, 200$ is a bit too much for that  :D

What do you guys think of these ...

http://www.bit-card.de/cards/passphrase-protected-cards-two-factor/passphrase-protected-wallet-cards.html


Are they secure?

By secure, I mean in the process of generating the password/private key using a so-called verification key.

Are keyloggers the only thing to worry about?

I really like the overall process you show in the demo, and it's something I might do myself -- but I'm concerned that you're recommending a process in which only a portion of the BTC balance on a paper wallet is 'swept' and the balance is sent back to the same paper wallet. As I understand it, this undermines the pseudo-anonymity provided by using a paper wallet. The instructions I provide regarding paper wallets is:

1) ALWAYS sweep the entire balance
2) If you want to keep some of the balance on a paper wallet, generate a new paper wallet and transfer the coins there.

If anonymity is not an issue, I believe your instructions are fine. But it's worth at least mentioning that this procedure involves sacrificing one of the much-touted benefits to using Bitcoin.

See: https://bitcointalk.org/index.php?topic=139381.0

I like you!