What's the latest on the new client?
|
|
|
This has been a great conversation. Thanks dudes.
|
|
|
I've heard of that but I think it's exceedingly rare. Are there any confirmed reports of that happening?
|
|
|
Running linux from a USB is Ok, but make sure that the computer was never online. I thought you meant installing something like Electrum on a Usb and using it when you need to. Do you mean make sure the operating system on the USB stick was never online? If so, I agree. It's OK that the host computer was online as long as you actually boot into the USB stick to use it. No, that's not what I meant. The computer must be offline at all times, no matter what OS. It's not OK that the host computer was online, since, as I said before, there are cross-OS keyloggers too. As long as the USB stick is not plugged into the computer when its main OS is booted, it is safe to go online with that main OS. When the USB stick is booted, the computer's main OS will not affect it unless you mount the device containing the main OS while the USB stick is booted.
|
|
|
Running linux from a USB is Ok, but make sure that the computer was never online. I thought you meant installing something like Electrum on a Usb and using it when you need to. Do you mean make sure the operating system on the USB stick was never online? If so, I agree. It's OK that the host computer was online as long as you actually boot into the USB stick to use it.
|
|
|
What is the minimum number of alphanumeric characters to use for a safe Nxt passphrase?
|
|
|
Could someone help me out? I don't know if I've been scammed by Dgex or what. I submitted a BTC withdrawal 10 days ago and it still says PENDING. I've used their contact form and I created a thread in their forum 3 days ago: https://nextcoin.org/index.php/topic,4745.0.htmlNo response whatsoever. Anybody? These are actually my wife's coins so I'm feeling bad.
|
|
|
Could someone help me out? I don't know if I've been scammed by Dgex or what. I submitted a BTC withdrawal 10 days ago and it still says PENDING. I've used their contact form and I created a thread in their forum 3 days ago: https://nextcoin.org/index.php/topic,4745.0.htmlNo response whatsoever.
|
|
|
The idea here is that any operating system installation that has ever been online is potentially compromised. So you want to sign your transactions with an install that has never been online. I think a carefully installed USB stick would work nicely for that if you actually boot to it in order to sign the transaction and you don't connect it to an install that has ever been online.
|
|
|
All 3 of those along with blockchain.info show the final balance including the last deposit of ~2.5BTC but Multibit does not show that final transaction and does not include it in its final balance.
|
|
|
I withdrew a few BTC from an exchange into my Multibit wallet and the transaction appears on blockchain.info with about 50 confirmations but not in my wallet. I'd prefer not to publicize my BTC address here. What could be causing this?
|
|
|
in clear, buy a PC for Bitcoin. not a big deal (with low price netbook). you can use a android phone, too ... just for Bitcoin (only this installed, wifi ... no SIM card).
compromise PC is always because of multiple usage and multiples users ...
A PC is definetly a better choice for managing a cold storage. With an android phone, afaik, you can't sign offline transaction, so now there isn't a very secure and reliable way to administrate an offline wallet. What's wrong with booting a USB stick? Is it just the possibility of a hardware keylogger? Your USB stick could be infected with malware and keyloggers, and the computer you plug it in too, so there's no difference. If you build the USB stick the same way you would build a computer, why would the USB stick be more dangerous? Because it can pass malware onto any computer it gets plugged in to. In order to install Linux on a separate offline computer, I would need to set up the install on a USB stick anyway. Doesn't anyone run cold storage on a bootable USB stick?
|
|
|
in clear, buy a PC for Bitcoin. not a big deal (with low price netbook). you can use a android phone, too ... just for Bitcoin (only this installed, wifi ... no SIM card).
compromise PC is always because of multiple usage and multiples users ...
A PC is definetly a better choice for managing a cold storage. With an android phone, afaik, you can't sign offline transaction, so now there isn't a very secure and reliable way to administrate an offline wallet. What's wrong with booting a USB stick? Is it just the possibility of a hardware keylogger? Your USB stick could be infected with malware and keyloggers, and the computer you plug it in too, so there's no difference. If you build the USB stick the same way you would build a computer, why would the USB stick be more dangerous?
|
|
|
in clear, buy a PC for Bitcoin. not a big deal (with low price netbook). you can use a android phone, too ... just for Bitcoin (only this installed, wifi ... no SIM card).
compromise PC is always because of multiple usage and multiples users ...
A PC is definetly a better choice for managing a cold storage. With an android phone, afaik, you can't sign offline transaction, so now there isn't a very secure and reliable way to administrate an offline wallet. What's wrong with booting a USB stick? Is it just the possibility of a hardware keylogger?
|
|
|
If the offline computer were physically stolen, would the thief be able to spend the coins?
Well of course. All they need is to connect the computer to the internet. Can't I encrypt or add a password to the Electrum wallet to prevent that? How about installing Linux on a USB stick and booting to that with networking disabled instead of using a separate offline computer?
Mhmm... Maybe. As far as I know, some keyloggers can log everything, no matter what VM/USB OS you put on it. A physically-installed hardware keylogger would function on a USB boot but a software keylogger wouldn't work. Does anyone run a cold wallet this way? But seriously, a paper wallet is more than enough. You are a bit too paranoid.
From a practical perspective, I don't see how a paper wallet provides any more security than a wallet on your computer. In order to move the coins from your paper wallet, you have to import the private key to your online computer and if your computer is compromised, you lose control of the coins just like the wallet was on your computer all along.
|
|
|
What is the best way to go about storing the bulk of my BTC offline? Paper wallets seem to be popular. How do you transfer BTC from a paper wallet to an online wallet for spending?
I personally find that paper wallets are a mediocre solution. They look nice and are sort of functional (except you have to import the whole balance and then broadcast from a comp connected to the net which poses a security risk) and can be encrypted (with BIP38) if done correctly. You would be far better off looking at cold storage - have Armory/Electrum on an offline air gapped computer and use it to sign txs that you make on your online computer. That way you never have your private keys exposed on an online computer. I would prefer Electrum as you can backup your seed physically and thanks to its deterministic nature you'll have all your private keys even if your hardware fails. This sounds like the only really secure option. Would I only need to backup the seed? If someone were able to read that seed backup, would they be able to spend the coins? If the offline computer were physically stolen, would the thief be able to spend the coins? How about installing Linux on a USB stick and booting to that with networking disabled instead of using a separate offline computer? I suppose this sort of thing is only available for BTC so altcoins have to remain vulnerable.
|
|
|
What makes this coin unique? Is there an ETA on Darksend working? I wrote this post before but then deleted it myself, sorry.
|
|
|
It sounds like everyone is going to know my balance if I don't use a mixing service and that's OK. The important thing is that they can't take it. What is the best way to go about storing the bulk of my BTC offline? Paper wallets seem to be popular. How do you transfer BTC from a paper wallet to an online wallet for spending?
You can use any wallet to import the private key, and you can spend funds from that wallet. So you create a new private key on your computer, print it onto a piece of paper, and delete it from your computer. Then when you want to spend those funds, you type the private key from the piece of paper into your computer? I don't see how that offers much extra security since your private key will then be known if your computer has been compromised. What am I missing?
|
|
|
It sounds like everyone is going to know my balance if I don't use a mixing service and that's OK. The important thing is that they can't take it. What is the best way to go about storing the bulk of my BTC offline? Paper wallets seem to be popular. How do you transfer BTC from a paper wallet to an online wallet for spending?
|
|
|
|