Well, do you know how to recover data with encrypted with EFS if your OS crashes? That's important if you're going to use EFS. Also, it's not clear whether you did this so you could encrypt your wallet file or to free up space on your main drive. That having been said...
If it was for encryption: I'm pretty sure EFS can do individual files, so splitting up the directory is unnecessary
If it was to free up space: You can move the entire Bitcoin directory and get rid of the other extra steps if you add (to match your example) "-datadir=X:\Bitcoin" to your bitcoin-qt or bitcoind command.
It might still be useful to split up the directory if you want the blockchain data on a non-redundant drive and the wallet on a redundant array, but even a redundant array can be lost, and you should be making backups of your wallet, so if you wanted redundancy, I'd think it would be more useful for the blockchain data that you aren't backing. Yes, EFS recovery is kinda simple, if not well publicized. When you use EFS, there are public / private keys uses just like bitcoin. If you know where to look, you can export these keys from the system hosting the EFS files and store then on the system you want to access them from. This is the data recovery methodology. The reason EFS is of interest to me is because of a recent "I lost my bitcoins" thread. The victim in this case had a very strong RPC password that he mistakenly shared with his hot wallet. The attacker gained access to the SYSTEM account (like root in windows) which generally has access to all files. With the heightened access level they were able to read the RPC password and tried it on the wallet which succeeded in compromising the account. Now there are two ways to prevent system from reading your files: 1) you remove SYSTEM from the access control list of the file in question (can cause some odd problems) 2) you employ EFS on the file in question. With the second option, SYSTEM can read / write / delete the file, but can't decrypt. This allows it to do basic system maintenance (defrag, etc) without breaching security.
|
|
|
You could add this to the command instead of making the links: -datadir=x:\BitCoin
Started that way, but since I put x:\Data on a Fat32 drive, I got real nervous about ACLs for that directory. So this is why I left the data directory under %AppData% and just linked out the blocks and chainstate subdirs. So yes, you COULD do it with just naming -datadir, but I didn't want to for the reasons above, namely security
|
|
|
Of all my apps, Bitcoin is the biggest storage hog, so for a while I had been running the entire datadir with my wallet on my main drive. I did this mainly because my data has data, but not private data, that stuff I usually keep on an encrypted folder. So after digging around, I found a better way.
The main data hogs WITHOUT personal information are: Bitcoin\blocks Bitcoin\chainstate Bitcoin\testnet3\blocks Bitcoin\testnet3\chainstate
So here's my solution (not mine but others) 1) Set up a data dir lets call it 'X:\Data' 2) Move folders to X:\Data cd %AppData% Move Bitcoin\blocks x:\Bitcoin\ Move Bitcoin\chainstate x:\Bitcoin\ Move Bitcoin\testnet3\blocks x:\Bitcoin\testnet3 Move Bitcoin\testnet3\chainstate x:\Bitcoin\testnet3 3) Link to the directories in X:\Data cd %AppData% MkLink /D Bitcoin\blocks x:\Bitcoin\blocks MkLink /D Bitcoin\chainstate x:\Bitcoin\chainstate MkLink /D Bitcoin\testnet3\blocks x:\Bitcoin\testnet3\blocks MkLink /D Bitcoin\testnet3\chainstate x:\Bitcoin\testnet3\chainstate 4) Encrypt the Bitcoin directory with EFS now that it is very very small.
Like?
|
|
|
Am I insane?
Windows 8 Standard (not Pro or Ent)
I had Win8 early, maybe even beta or CTP via MSDN subscription. Anyway, I've been running it since then and have had great luck with it. On day 1 I put bitlocker on my USB drive (yes, it worked) and put EFS on key folders that held security related items. I fully realize that those features were not included in the marketing slide for the Win8 launch, but I always trust marketers as far as I can throw them.
Now fast forward to 2015, all my encrypted folders are now decrypted and my bitlocker drive is still bit-locked, but since I know the PIN I still have access to it.
Support thinks I'm certifiably insane, but I'm certain I enabled EFS and Bitlocker on Windows 8 Standard, while it was likely in beta or CTP. Did Windows update really just yank encryption out.
So my bitlocker drive is proof (not like court of law). I formatted it on day one. I did bitlocker stuff through the manage-bde script so I can never remember if the bitlocker control panel was ever really there (cuz its not now).
So... anyone have some non-win-updated Windows 8 machines to see if EFS and manage-bde work on? I'm less inclined to roll back the last 47 updates.
Hopefully not insane.
|
|
|
turns out the file debug.log is really really awesome. It gives all types of juicy bits of info.
If you run into one of those problems again, you may want to look at that file. Don't know what private info is in it, so may want to take care.
|
|
|
too late... pulled the trigger. Came up in seconds and banged on the disk for about 10 minutes, now it's all quite. Actually what I did was this: 1) Move Blocks dir off of drive C: 2) Replace the whole in AppData with a symlink 2a) mklink /d "%appdata%\Bitcoin\blocks" "<otherdrive>\<otherdir>\blocks" 3) Run bitcoin-qt(xt) with parameters 3a) start /low "" bitcoin-qt.exe -checklevel=0 -checkblocks=1 -splash=0 Tada
|
|
|
Even got incoming connections spread the luv....
|
|
|
0.8 and newer versions are compatible. The only thing between them is the fact that the blockchain has to be reindexed, because the format used to keep the database has changed in newer versions The torrent is no longer maintained, because it's irrelevant, it does not make blockchain indexing faster anymore, as the new versions use a different form of syncing that's quite faster... So in your opinion would copying an 0.8 blocks directory to an 0.10 install be problem free? I understand that going the other way round is forbidden.
|
|
|
b) are bitcoin-qt 0.8 and bitcoin-xt 10.1 even remotely compatible? I haven't yet installed XT, but as it says on their github, XT and Core are compatible. OK... so I guess a corollary question would be: b1) are bitcoin-qt 0.8 and bitcoin-qt 10.1 even remotely compatible? I'm concerned with both the question of whether the *.blk file archival format has changed from 0.8 to 10.0 as well what the *.blk archival format is between qt and xt. Same goes for wallet.dat. Just read https://bitcoin.org/en/release/v0.10.0, and now it looks like there are some blk file format differences that could send me in a tailspin. I'm not sure I buy the 3hrs to full sync. Took me 3 weeks to bring 0.8 back to sync, but if the torrent works, I'll just try that. Thx.
|
|
|
Upgrading from bitcoin-qt 0.8 to bitcoin-xt 10.1.
My plan is as follows: 1) backup my blocks directory 2) backup my wallet.dat 3) download bitcoin-xt 4) go offline 5) install bitcoin-xt 6) from command line launch bitcoin-xt with following parameters 6a) -checklevel=0 -checkblocks=1 -splash=0 -listen=0 -rescan -reindex
My questions: a) is this grossly over simplified? b) are bitcoin-qt 0.8 and bitcoin-xt 10.1 even remotely compatible? c) is there actually a better / simpler way to try this? d) in {6} would it be better to do bitcoind and query where the rescan reindex e) have any of the 3000 xt full node ops ever tried anything like this before?
Thx
|
|
|
Ok, so if your talking about the OS command console, that's just bringing up run and typing cmd. From that console, how would the system / os (windows) know what to do if one simply typed -checkblocks=1 ?
If one has a system running say litecoin and bitcoin, how would the OS know where to send the command if one just...
start > run > cmd > -checkblocks=1 Not at all, your actually pretty close to the mark. Luckily Youtube is your friend: 4 part cmd tutorial https://www.youtube.com/watch?v=8-Bnm9LxG6ABasically: 0) Close bitcoin program and wait 60 seconds. 1) go to c:\Programs Files (x86)\Bitcoin 2) Shift click (like on the video) for "Command Prompt Here" 3) Type (no quote) "Bitcoin-Qt -checkblocks=1 -checklevel=0 -splash=0 -listen=0
|
|
|
I woulda had to use the conf file FWIW since the client never would load for me to get to the console.
Cross talk... your talking about the API console, I'm talking about the OS command console. "Bitcoin-Qt Command Line Arguments" should help.
|
|
|
For future ref though, those would all be things to put in the conf file right ? For permanency yes, though I would have just tagged them on the command line. There are still a lot of not so secret secrets that can be found through digging around in the source and developer documents.
|
|
|
I am a European. I cannot understand why Americans want to have so many people owning guns There was a point in our American History where the government tried to repress dissidents in its population. They did this through search and seizure without due process, and wanton murder of its citizens. Those citizens eventually overthrew the tyranny of that government. If those citizens had been refused the right to bear arms they would have been massacred and we would have a picture of the queen in every bar. So in answer to your question... we keep the right to bear arms because we remember far too well what it is like to live under a government that may turn on its citizens. Today our arms are less in the form of flint and powder and more in the terms of primes and curves. In the end it is all the same. A government may claim it is abolishing guns to save the innocent, but the symbolism of that in our history runs far far deeper than that. On the same note a government may repress a citizens rights to cryptography because enemies use secrets, and secrets are bad, but at the same time preventing secrecy only serves to make that government more powerful. So, in a civilized society do we need guns... No. In a civilized society do we need secrets... No. Sad part is... our society is not civilized, and often some of the least civilized are in positions of power. So you can take my guns... but if that right is ceded, it is only a matter of time before you take my crypto-kit too. The truly sad part is... I thought, more than twice, of the wisdom of publicly publishing these views knowing all too well, that in the country in which I live, they can very well be used against me.
|
|
|
Try the following cmdline args: -checkblocks=1 # minimal block check -checklevel=0 # minimal level of checking -splash=0 # mute the slash screen -listen=0 # don't listen to new connections (aka leach)
also look at task manager and see if the process is consuming memory, disk or cpu resources.
There is also likely a logging option you can dig up to get it to dump a log of what its doing. If not, try launching bitcoind.exe with all the debug switches on... that will light up your console.
|
|
|
I just came back to read that article about 1Password. From what I gained, the attack happens through iCloud. I disabled iCloud completely on my Mac and use dropbox for 1Password backups. Do you think it'll be safe from that type of attack? Honestly the best security has nothing to do with passwords at all, but instead just make sure that the keys never, ever touch the outside world. Have an offline computer that never, ever goes online. Then only load very trusted SW on it. Use this offline machine to generate the paper wallet keys, and use it to print them. To spend, a common approach is to boot a machine (preferably without a nic) using an Unbuntu disk, then side load bitcoin-qt and sign your cold wallet transaction, then only expose the signed transaction to the outside world. You could even enforce multisig between two cold wallets to make the attack vector even more complex. Highly technical, but infinitely secure. Someone would have to infect the Unbuntu disk or infect the bitcoin-qt client before sideloading to gain access to your keys. Once you start shuffling around thousands of dollars in BTC, this lunacy starts to make sense.
|
|
|
Tongue-in-cheek : https://www.youtube.com/watch?v=tO5sxLapAtsBut my thought process was that the game is boring. You have to play some boring levels for about a week or two of game play before you rank your character up high enough to be able to play any of the "fun" stuff. Anyway... my friend likes playing the boring levels and usually will play all of our characters up for us so that we can have high ranking characters with legendary weapons. Mentioned that surely... there must be a way to turn that mindless game clicking into BTC, but so far no takers to my evil plan of global domination (that last part about world rule was also a joke). No customers yet... but the plan is still young.
|
|
|
|