are the block chain files interchangeable btwn OS's like the wallet?
Yes. That's what the P2P network is for. It distributes the block chain. |
|
|
|
Use a separate user account for your bitcoin/wallet. Then (assuming your main user account doesn't have administrator privileges), any wallet stealing processes you may encounter won't be able to access the wallet.
that would be the first line of defense - that (especially pre-7) windows users have surrendered by default: not running as admin. Yes, but a VM is only a bad solution, a BSD system with a Windows guest wouldn't work for most users. The only solution is a small isolated computer. Actually that computer could write transactions offline to a file, and the online-computer uses the transaction file only. Then no counterfeiting is possible. yes. isolation. there are more ways to achieve that than taking yourself off the network, though. i've given some recent thought to how malware is propagated. it's targeted to OSs and browsers. i wonder how much effort has been spent on writing the stuff for operating systems like... oh... Plan9? That's not the point. It's not security to just say "nobody attacks me". |
|
|
|
Use a separate user account for your bitcoin/wallet. Then (assuming your main user account doesn't have administrator privileges), any wallet stealing processes you may encounter won't be able to access the wallet.
that would be the first line of defense - that (especially pre-7) windows users have surrendered by default: not running as admin. Yes, but a VM is only a bad solution, a BSD system with a Windows guest wouldn't work for most users. The only solution is a small isolated computer. Actually that computer could write transactions offline to a file, and the online-computer uses the transaction file only. Then no counterfeiting is possible. |
|
|
|
so the same goes for the encrypted USB stick. when its plugged into the host and unencrypted, its wide open?
Yes. A program can just ask for files and the system will decrypt them automatically. |
|
|
|
one thing i haven't tried is installing a VM into a TrueCrypt partition - no way an infected/compromised host is going to get at that! has anybody tried that?
No, that's total rubbish. You don't understand anything, do you? possibly more than you think. dual boot two OSs on the same hard drive - one on the network, the other off. put a VM on the OS that is off the network. explain how infecting the on-network machine could get to the off-network VM, installed on an encrypted partition? When the VM is running, nothing is encrypted. You can just copy the private keys from main memory.Oh, you do it the other way around. I already said that it would work this way, but it is a total waste. |
|
|
|
one thing i haven't tried is installing a VM into a TrueCrypt partition - no way an infected/compromised host is going to get at that! has anybody tried that?
No, that's total rubbish. You don't understand anything, do you? |
|
|
|
I am using ubuntu 10.04. I am new to it. When you "create accounts" and strongly encrypt them you are referring to features that ubuntu provides? As opposed to using a third party product like truecrypt?
Yes, I am talking about the built in "encrypted home directory" feature of Ubuntu. I typed: sudo adduser --encrypt-home bitcoin It asks for a password, and then you have an account "bitcoin". |
|
|
|
Okay, but if there have been any receiving coins on the wallet.dat that is going to be copied over, will those coins be lost when the saved wallet.dat is copied over it?
yes. |
|
|
|
Hosting a VM does provide an advantage of obscurity.
99.9% of the people with bitcoin wallets will not use VMs, therefore most BTC-stealing malwares will not target VMs (even if it's "easy", you still need to target a VM specifically when trying to steal wallets from it. A simple approach of scanning your HD for "wallet.dat" will not find it if it's encoded in a VM filesystem).
It's not a good solution, but it adds one more layer of abstraction an attacker has to get over.
It's a good thing to do until your BTC are worth enough $ to make you buy a dedicated machine for BTC access, that will be "100%" malware free.
Yes, of course it is a way of obscuring, but the wasting of ressources is huge. You could have such an effect much cheaper. where do most trojans/viruses/malware come from; email or browsing? I don't know, I haven't had Windows for a while.  are u implying Macs are much safer? Macs are much worse. |
|
|
|
I want to tell you, how I manage my wallets. The purpose of this thread is to exchange ideas, and to analyse how well the ideas of others work. Setup:My main computer is a laptop with a recent version Ubuntu Linux. In addition to my user account, I made a new account for bitcoin only with an encrypted home directory. - The password is pretty strong (12 characters, including upper and lower letters, numbers and special characters). - I don't run any programs with this special account except for bitcoin. - The files of this special user are strongly protected by encryption, when he is not logged in. Wallets:My regular user account and my bitcoin user account have a wallet each. My bitcoin user account stores the majority of coins, my regular account has a small amount. When I want to receive a large amount of bitcoins, I use an address of the better protected wallet. When I want to send a lot of coins, I login with the bitcoin account and send some. Then I log out again. Backups:I make backups of the wallet by the following command: tar -c ~/.bitcoin/wallet.dat | gpg -c > $BACKUP_FILENAME The command asks for a password, and I enter a quite strong one, because I want to be save putting those backups anywhere. I store those encrypted backups on USB disks and on university computers (which are backuped very systematically and well). It's easy because the wallet files are quite small. Possible attacks:- cracking the strong password or the AES encryption keys - cracking the whole machine with root access and stealing the wallet, while the bitcoin user account is logged in - stealing my computer while the bitcoin user account is logged in Do you see any flaws? How do you do it? What can I do better? Do you see any attacks that I haven't thought of? |
|
|
|
Hosting a VM does provide an advantage of obscurity.
99.9% of the people with bitcoin wallets will not use VMs, therefore most BTC-stealing malwares will not target VMs (even if it's "easy", you still need to target a VM specifically when trying to steal wallets from it. A simple approach of scanning your HD for "wallet.dat" will not find it if it's encoded in a VM filesystem).
It's not a good solution, but it adds one more layer of abstraction an attacker has to get over.
It's a good thing to do until your BTC are worth enough $ to make you buy a dedicated machine for BTC access, that will be "100%" malware free.
Yes, of course it is a way of obscuring, but the wasting of ressources is huge. You could have such an effect much cheaper. where do most trojans/viruses/malware come from; email or browsing? I don't know, I haven't had Windows for a while. |
|
|
|
I was thinking about that, too. It should be perfect in principle. But to make it comfortable, we need to implement a lot and it takes a while until it all works safely.
Yeah, I mean I haven't really looked at the RPC stuff for Bitcoind at all... it could theoretically be done simply by generating the 100 addresses, sticking them in a DB in my billing software, then raping blockexplorer all day looking for those addresses - but that really wouldn't scale well. I was thinking about writing up an RPC daemon which simply watched for transactions, reported them to the billing software and immediately shipped the money off to another box. But that has two downsides that immediately spring to mind: 1) it'll get eaten alive by transaction fees and 2) if the box running bitcoind gets owned, they could change the payout address and you may not notice until some BTC is gone. I think not having the private keys anywhere online is a much more suitable idea. It's just that the client software is so far from finished. It is not meant to be broadly used. The media attention brought a lot of users, but actually, it's too early for them. There is not even a key export, or a feature that makes password-protected backup files that one could just carry around and store anywhere. |
|
|
|
You can just remember an accound number of the wallet.dat1 and then send savings to it.
You only have to get wallet.dat1 to the bitcoin client, when you want to spend the coins from the savings wallet.
Okay, but how do you "get wallet.dat1 to the bitcoin client"? Copying. At the moment, you have to do everything manually, including managing and protecting wallets. Bitcoin has for a reason the version number 0.3.22. It just does not have all features yet. There are so many noobs now because of the media attention, but the software is still far from finished. At least it is stable and works properly. |
|
|
|
Hosting a VM does provide an advantage of obscurity.
99.9% of the people with bitcoin wallets will not use VMs, therefore most BTC-stealing malwares will not target VMs (even if it's "easy", you still need to target a VM specifically when trying to steal wallets from it. A simple approach of scanning your HD for "wallet.dat" will not find it if it's encoded in a VM filesystem).
It's not a good solution, but it adds one more layer of abstraction an attacker has to get over.
It's a good thing to do until your BTC are worth enough $ to make you buy a dedicated machine for BTC access, that will be "100%" malware free.
Yes, of course it is a way of obscuring, but the wasting of ressources is huge. You could have such an effect much cheaper. |
|
|
|
It ups the bar (malware can't just look in common locations for wallet.dat, it would have to understand that a VM is there and how to look at the FS in the VM), but you're right - VMs/jails/zones/sandboxes/whatever are only really any use to protect the host from the jail... there is nothing protecting the jail from the host. A wallet file does not have to be online to receive money. I was thinking about this for securely processing BTC transactions in an automated fashion... I wonder if it's possible to hack up bitcoind to watch addresses it doesn't possess the private key for? I create a new wallet, generate say, 100 addresses, and dump the public keys for them all. I setup bitcoind on my billing server, and feed it those 100 addresses. My billing software talks to it when someone wants to make a payment, and it hands them one of the addresses not in use. bitcoind reports confirmed payments to those addresses back to my billing software, which credits the account appropriately. A script checks, to complain very loudly, when it gets below a certain threshold of free addresses. Then the only time the wallet needs to be opened and vulnerable is when I'm transferring money out to spend it, or when I'm generating new addresses. It could spend the rest of the time on a USB key in a safe. Would that work that way, or am I missing some showstopper? I was thinking about that, too. It should be perfect in principle. But to make it comfortable, we need to implement a lot and it takes a while until it all works safely. |
|
|
|
|
It doesn't matter.
VMWare is designed to protect the host from the guest. That's not what you need when talking about using VMs for bitcoin.
You could use it the other way around: Install a minimal operating system on the computer hardware, and then add a VM for all the unsecure fun stuff (games, browsing etc.). But that wouldn't work well, because it is the fun stuff what requires so much ressources.
|
|
|
|
|
If you set up a guest VM on a host computer, the programs in the guest VM can not (easily) attack the host computer.
But in the other direction, it is not true. Programs on the host machine can just manipulate the guest VM, e.g. just modify the disk image file.
Thus, a guest machine for bitcoin does not make sense at all (at least when the intended goal is protection).
But a hint may help:
A wallet file does not have to be online to receive money. You can just create a wallet on a offline computer and use the addresses.
Only if you want to spend money from that wallet, it has to be taken to an online machine.
|
|
|
|
|
It's weekend and the old banks don't perfom wire transfers.
So there are only very few transactions, and those few produce a lot of noise.
|
|
|
|
|
You can just remember an accound number of the wallet.dat1 and then send savings to it.
You only have to get wallet.dat1 to the bitcoin client, when you want to spend the coins from the savings wallet.
|
|
|
|
Perhaps 95% of news articles in general have misconceptions in them?
That's totally true. I don't know whether most journalists are just stupid or don't care to write rubbish. But most stories are pretty false. And I didn't even think of hidden intentions, just plain facts are often reported wrong. |
|
|
|
|
Show Posts
