Bitcoin Forum

What is the simplest way to get my bitcoins securely onto multiple usb sticks?

I don't want to futz around with extra operating systems or offline computers. I don't want to have to remember long passphrases. I am okay with the risk of assuming that I don't have any keyloggers on my computer at this moment. I don't need to be able to spend them anytime soon. What I want is basically a bunch of public addresses I can email to myself that I can safely send bitcoins to and have no worry of them disappearing in a computer crash or future hacking event.

Thanks.

Copy the unencrypted wallet.dat to multiple usb drives.

Still you need to be wary on keylogger not just now but any point in the future you use the USB drive. 

Say you store 100,000 BTC to those private keys over the next three decades.  You plug the USB drive in 2042 for the first time.  The inject computer instantly detects an unencrypted wallet.dat circa v0.6 client and makes a copy, transfers the balance to the attackers computer all in <1 sec.

Honestly if you want offline security use offline security and forget the USB drive.

https://www.bitaddress.org

Thanks for the bitaddress.org

I saved the webpage and seem to be able to generate new addresses like that as well.
Is there any difference/safer in proceeding like that?
Is the SHA-1.......html specific to my computer?

+1 bitaddress.org.  Minimum futzing, paper is very reliable, and it prevents bulk-stealing your keys when you go to redeem them in the future.  You can also save a copy to USB if you want.

The sha1 f2e410251c8741ac65d29a1c6fb8ef6919b6ab8b hash is the same as everyone gets for version 1.5.  It's the sha1-sum of the actual web page itself.  This lets you verify that you have a legitimate copy of the page.  Yes, it works fine from a local copy.

Edit: More info about bitaddress here: https://www.bitaddress.org/pgpsignedmsg.txt

Has anyone been able to verify for certain that bitaddress doesn't keep any logs?

The code doesn't send anything anywhere temporarily or otherwise, everything is done locally on the browser via javascript. 

I have looked over the code (it is just just javascript all the code is right there) and there is no communication to any server.

Still I would recommend that a user do what the the author has recommended ... save a local copy of the generation page.


1) save a local copy of the webpage from http://bitaddress.org
2) disconnect from the internet
3) generate your addresses
4) print 2+ copies (and/or encrypt a copy of output and store)
5) close browser, delete all files, and reboot
6) store your print or encrypted digital copies in multiple safe locations.

..or eject the linux-live-cd or delete the virtual machine file.

/paranoia off

Ente

ah, screw that!
/paranoia on

Don't forget to laminate that paper and stick it in a safe!

An Ironkey is easy enough, secure enough, strong enough.

Id trust it up to atleast 5 figures. Personally.

Every byte of flash ever created will eventually fail that is an absolute guarantee.

well, "eventually" is quite open, not?
But I agree, flash stands no chance to survive as long as plain (acid-free) paper written with a pen.
A laserprinter-print should work fine for several lifespans too.
Pro-mode: engrave a metal plate with the privkey. Should survive much about anything, including mould, water, fire.
Use steel for high temperature resistance, copper/brass for high corrosion resistance, silver for being cool! :-)

Ente

That's, assuming of course, USB drives will still be around in 2042.

http://wengo.co.uk/uploads/images/history.gif http://www.zkm.de/medienundwirtschaft/media/pictures/eniac.jpg

USB drives may not be made anymore but USB ports will probably exist either natively or via adapters.

RS-232 (serial) has been around since the 1960s and most computers today have a serial port (if only as a MB header).  If they don't USB to serial adapters exist.

Got it! BTW, where would you plug it in?

http://www.watblog.com/wp-content/uploads/2010/09/future-iphone.jpg

That port right there on the left.   I can get a lightstream to legacy USB adapter from Walmart for 3 mBTC.

You forgot to purge the printer's memory after you print and burn a blanking document (to prevent people from looking at the next document that comes out of your laser printer with a microscope).

If you guys want to go that far into the depths of paranoia, your printer is a huge security hole that most people don't do anything about.

Paranoia?  

If the system was infected with malware that does screen captures even when offline, then even your "offline paper wallet" is at risk.

- http://www.technewsworld.com/story/74461.html

Also
 - http://usa.visa.com/download/merchants/key-logger-key-stroke-and-screen-capture.pdf

Now if you are storing small amounts to the paper wallet, ending up with a paper wallet created from a compromised system might be a risk you are willing to take.  But since some people are putting larger amounts or are using the wallet for long-term savings of bitcoins, they should know that doing the above only after booting from a trusted live-CD (such as an official Ubuntu release) is the significantly more secure approach.

Whoa! Thats news to me!
I only knew about printers marking printouts with tiny yellow dots to make them uniquely identificable, and that some typewriters and needle-printers (oh, and labelprinters too!) have a printing ribbon where you can read exactly what was printed.. Talking about paranoia, huh?

Hmm.. I will have to investigate in that ghost-images on the next printout some day. Interesting. Paranoia: this reminds me on the cold-boot-attack, where you reboot a computer with your own OS (USB-drive) to read out the still readable data from the RAM, or simply pry out the RAM modules after supercooling them and read out the data on another computer..

If its that far, you probably wont like the idea to print/write the priv key, walk to a jeweller and give him that key to engrave in some metal piece. Do it quick, before Bitcoins and keys are widely recognized! :-)

Ente

 

I'm not a fan of IronKeys.  Just use TrueCrypt on a regular USB drive.

Inkjets are better than laser for this purpose since they don't have problems with ghost images.  Unfortunately the inks are water soluble, so make sure you laminate the pages.

for this reason you might consider putting together an 'offline' computer specifically for this purpose (i.e. a computer that is never put back online). ...or use an old $50 laptop with the wifi thoroughly disabled.

once you're done with it, melt it.

I'm waiting for someone to suggest making up your own private key and then calculating the public key by hand with pencil and paper...

Watch out, there are calculators with wifi or bluetooth already! Eventually there will be malware for those, when Bitcoin finally skyrockets! :-)

(yeah, you said paper and pencil.. but just because you're paranoid doesnt mean they are not out to get you..)