My 2 cents (as an experienced systems administrator and bitcoin newbie):
Nothing will help better than safe browsing practices and an up to date anti-virus solution. The cat and mouse game of the virus creators and the anti-virus companies will always be an issue. That virus creator only has to be right once to get his hands on your important data.
I have a blockchain.info account but I keep my main wallet on a Windows 7 Virtual Machine. The VM has full disk encryption (truecrypt), all Microsoft security patches are installed, and it is turned off when not in use. It only runs armory, bitcoin-qt and anti-virus. Only downside is it usually only takes about 30-60 minutes to sync back up with the blockchain after being turned off for a few days
I also plan on setting up a completely offline wallet using ubuntu on an older netbook that I can stash in a safe.
I don't have too much money in bitcoin right now but I hope to see my mining and monthly deposits reach some serious worth.
I like to think I am very security conscious but maybe I am just paranoid
Nothing will help better than safe browsing practices and an up to date anti-virus solution. The cat and mouse game of the virus creators and the anti-virus companies will always be an issue. That virus creator only has to be right once to get his hands on your important data.
I have a blockchain.info account but I keep my main wallet on a Windows 7 Virtual Machine. The VM has full disk encryption (truecrypt), all Microsoft security patches are installed, and it is turned off when not in use. It only runs armory, bitcoin-qt and anti-virus. Only downside is it usually only takes about 30-60 minutes to sync back up with the blockchain after being turned off for a few days
I also plan on setting up a completely offline wallet using ubuntu on an older netbook that I can stash in a safe.
I don't have too much money in bitcoin right now but I hope to see my mining and monthly deposits reach some serious worth.
I like to think I am very security conscious but maybe I am just paranoid
Hi sir, I take it you're not fully aware of remote administration tools? If you are sorry..
Ok, an up to date anti-virus will be near to nothing when it comes to being effective against a virus. Those who create viruses are also aware of how to change variables and methods of injecting a file so that the anti-virus will not pick up any data, this can vary from simply changing icon to binding a program so that when virus is ran a fake program is ran too.
My point is that you can still be infected if you have up to date antivirus.
On the discussion of a remote administration tool, it gains unathorised access to your whole computer, meaning the hacker can scavage throughout all your files, and search for files which the hacker may deem valuable, in this case wallet.dat or whatever other crypto-currency data files you may have. Your idea of keeping the wallet offline is the only true method of being 100% protected, where the computer doesn't have an internet connection it is more likely to remain safe.
Thanks for your reply. I completely agree that an offline wallet is the safest thing.
I am also very aware of RATs though. My point was that by not using this system for anything other than hosting my wallet there I am greatly reducing my risk of such an infection. Someone would have to find a way to exploit the Armory or Bitcoin-qt through the open sockets it uses to communicate to drop such a RAT onto my wallet system. This risk is greatly lessened because both applications are open source so their code can be scrutinized. Or I suppose they could use a zero day to exploit the operating system itself, but keeping the system fulling patched and not running unnecessary Windows services further mitigates this risk. Not to mention the system is off most of the time so it has no attack surface in that state.
Except maybe if someone were to gain access to the system hosting the VM and copy the VM files to their own system. In this case the truecrypt encryption protecting the entire hard drive on the machine would prevent someone from firing it up and attacking it that way.
The anti-virus is just best practice for any Windows operating system and will help with known threats.