Yes, EFS recovery is kinda simple, if not well publicized.  When you use EFS, there are public / private keys uses just like bitcoin.  If you know where to look, you can export these keys from the system hosting the EFS files and store then on the system you want to access them from.  This is the data recovery methodology.

The reason EFS is of interest to me is because of a recent "I lost my bitcoins" thread.  The victim in this case had a very strong RPC password that he mistakenly shared with his hot wallet.  The attacker gained access to the SYSTEM account (like root in windows) which generally has access to all files.  With the heightened access level they were able to read the RPC password and tried it on the wallet which succeeded in compromising the account.

Now there are two ways to prevent system from reading your files:
1) you remove SYSTEM from the access control list of the file in question (can cause some odd problems)
2) you employ EFS on the file in question.

With the second option, SYSTEM can read / write / delete the file, but can't decrypt.  This allows it to do basic system maintenance (defrag, etc)  without breaching security.

Started that way, but since I put x:\Data on a Fat32 drive, I got real nervous about ACLs for that directory.  So this is why I left the data directory under %AppData% and just linked out the blocks and chainstate subdirs.

So yes, you COULD do it with just naming -datadir, but I didn't want to for the reasons above, namely security

Of all my apps, Bitcoin is the biggest storage hog, so for a while I had been running the entire datadir with my wallet on my main drive.  I did this mainly because my data has data, but not private data, that stuff I usually keep on an encrypted folder.  So after digging around, I found a better way.

The main data hogs WITHOUT personal information are:
Bitcoin\blocks
Bitcoin\chainstate
Bitcoin\testnet3\blocks
Bitcoin\testnet3\chainstate

So here's my solution (not mine but others)
1) Set up a data dir lets call it 'X:\Data'
2) Move folders to X:\Data
cd %AppData%
Move Bitcoin\blocks x:\Bitcoin\
Move Bitcoin\chainstate x:\Bitcoin\
Move Bitcoin\testnet3\blocks x:\Bitcoin\testnet3
Move Bitcoin\testnet3\chainstate x:\Bitcoin\testnet3
3) Link to the directories in X:\Data
cd %AppData%
MkLink /D Bitcoin\blocks x:\Bitcoin\blocks
MkLink /D Bitcoin\chainstate x:\Bitcoin\chainstate
MkLink /D Bitcoin\testnet3\blocks x:\Bitcoin\testnet3\blocks
MkLink /D Bitcoin\testnet3\chainstate x:\Bitcoin\testnet3\chainstate
4) Encrypt the Bitcoin directory with EFS now that it is very very small.

Like?

Am I insane?

Windows 8 Standard (not Pro or Ent)

I had Win8 early, maybe even beta or CTP via MSDN subscription. Anyway, I've been running it since then and have had great luck with it. On day 1 I put bitlocker on my USB drive (yes, it worked) and put EFS on key folders that held security related items. I fully realize that those features were not included in the marketing slide for the Win8 launch, but I always trust marketers as far as I can throw them.

Now fast forward to 2015, all my encrypted folders are now decrypted and my bitlocker drive is still bit-locked, but since I know the PIN I still have access to it.

Support thinks I'm certifiably insane, but I'm certain I enabled EFS and Bitlocker on Windows 8 Standard, while it was likely in beta or CTP. Did Windows update really just yank encryption out.

So my bitlocker drive is proof (not like court of law). I formatted it on day one. I did bitlocker stuff through the manage-bde script so I can never remember if the bitlocker control panel was ever really there (cuz its not now).

So... anyone have some non-win-updated Windows 8 machines to see if EFS and manage-bde work on? I'm less inclined to roll back the last 47 updates.

Hopefully not insane.

turns out the file debug.log is really really awesome.  It gives all types of juicy bits of info.

If you run into one of those problems again, you may want to look at that file.  Don't know what private info is in it, so may want to take care.

too late... pulled the trigger.  Came up in seconds and banged on the disk for about 10 minutes, now it's all quite.

Actually what I did was this:
1) Move Blocks dir off of drive C:
2) Replace the whole in AppData with a symlink
2a) mklink /d "%appdata%\Bitcoin\blocks" "<otherdrive>\<otherdir>\blocks"
3) Run bitcoin-qt(xt) with parameters
3a) start /low "" bitcoin-qt.exe -checklevel=0 -checkblocks=1 -splash=0

Tada

Even got incoming connections spread the luv....

So in your opinion would copying an 0.8 blocks directory to an 0.10 install be problem free?

I understand that going the other way round is forbidden.

Bust! the torrent is no longer maintained.

If plan A doesn't work, then I need to manually linearize a bootstrap.dat file then try loading it that way:
https://github.com/bitcoin/bitcoin/tree/master/contrib/linearize

We'll see.

OK... so I guess a corollary question would be:
b1) are bitcoin-qt 0.8 and bitcoin-qt 10.1 even remotely compatible?

I'm concerned with both the question of whether the *.blk file archival format has changed from 0.8 to 10.0 as well what the *.blk archival format is between qt and xt.

Same goes for wallet.dat.

Just read https://bitcoin.org/en/release/v0.10.0, and now it looks like there are some blk file format differences that could send me in a tailspin.  I'm not sure I buy the 3hrs to full sync.  Took me 3 weeks to bring 0.8 back to sync, but if the torrent works, I'll just try that.

Thx.

Upgrading from bitcoin-qt 0.8 to bitcoin-xt 10.1.

My plan is as follows:
1) backup my blocks directory
2) backup my wallet.dat
3) download bitcoin-xt
4) go offline
5) install bitcoin-xt
6) from command line launch bitcoin-xt with following parameters
6a) -checklevel=0 -checkblocks=1 -splash=0 -listen=0 -rescan -reindex

My questions:
a) is this grossly over simplified?
b) are bitcoin-qt 0.8 and bitcoin-xt 10.1 even remotely compatible?
c) is there actually a better / simpler way to try this?
d) in {6} would it be better to do bitcoind and query where the rescan reindex
e) have any of the 3000 xt full node ops ever tried anything like this before?

Thx

Not at all, your actually pretty close to the mark.

Luckily Youtube is your friend:
4 part cmd tutorial https://www.youtube.com/watch?v=8-Bnm9LxG6A

Basically:
0) Close bitcoin program and wait 60 seconds.
1) go to c:\Programs Files (x86)\Bitcoin
2) Shift click (like on the video) for "Command Prompt Here"
3) Type (no quote) "Bitcoin-Qt -checkblocks=1 -checklevel=0 -splash=0 -listen=0

Cross talk... your talking about the API console, I'm talking about the OS command console.

"Bitcoin-Qt Command Line Arguments" should help.

For permanency yes, though I would have just tagged them on the command line.

There are still a lot of not so secret secrets that can be found through digging around in the source and developer documents.

There was a point in our American History where the government tried to repress dissidents in its population.  They did this through search and seizure without due process, and wanton murder of its citizens.  Those citizens eventually overthrew the tyranny of that government.  If those citizens had been refused the right to bear arms they would have been massacred and we would have a picture of the queen in every bar.

So in answer to your question... we keep the right to bear arms because we remember far too well what it is like to live under a government that may turn on its citizens.

Today our arms are less in the form of flint and powder and more in the terms of primes and curves.  In the end it is all the same.  A government may claim it is abolishing guns to save the innocent, but the symbolism of that in our history runs far far deeper than that.  On the same note a government may repress a citizens rights to cryptography because enemies use secrets, and secrets are bad, but at the same time preventing secrecy only serves to make that government more powerful.

So, in a civilized society do we need guns... No.

In a civilized society do we need secrets... No.

Sad part is... our society is not civilized, and often some of the least civilized are in positions of power.

So you can take my guns... but if that right is ceded, it is only a matter of time before you take my crypto-kit too.

The truly sad part is... I thought, more than twice, of the wisdom of publicly publishing these views knowing all too well, that in the country in which I live, they can very well be used against me.

Try the following cmdline args:
-checkblocks=1 # minimal block check
-checklevel=0   # minimal level of checking
-splash=0        # mute the slash screen
-listen=0         # don't listen to new connections (aka leach)

also look at task manager and see if the process is consuming memory, disk or cpu resources.

There is also likely a logging option you can dig up to get it to dump a log of what its doing.  If not, try launching bitcoind.exe with all the debug switches on... that will light up your console.

Honestly the best security has nothing to do with passwords at all, but instead just make sure that the keys never, ever touch the outside world.  Have an offline computer that never, ever goes online.  Then only load very trusted SW on it.  Use this offline machine to generate the paper wallet keys, and use it to print them.  To spend, a common approach is to boot a machine (preferably without a nic) using an Unbuntu disk, then side load bitcoin-qt and sign your cold wallet transaction, then only expose the signed transaction to the outside world.  You could even enforce multisig between two cold wallets to make the attack vector even more complex.

Highly technical, but infinitely secure.  Someone would have to infect the Unbuntu disk or infect the bitcoin-qt client before sideloading to gain access to your keys.  Once you start shuffling around thousands of dollars in BTC, this lunacy starts to make sense.

ACK

Thx

Tongue-in-cheek : https://www.youtube.com/watch?v=tO5sxLapAts

But my thought process was that the game is boring.  You have to play some boring levels for about a week or two of game play before you rank your character up high enough to be able to play any of the "fun" stuff.

Anyway... my friend likes playing the boring levels and usually will play all of our characters up for us so that we can have high ranking characters with legendary weapons.  Mentioned that surely... there must be a way to turn that mindless game clicking into BTC, but so far no takers to my evil plan of global domination (that last part about world rule was also a joke).

No customers yet... but the plan is still young.

Why does the Signature campain thread (https://bitcointalk.org/index.php?topic=615953.0) say that only 50 participants in secondstrade will actually get paid.  Is this an oversight or mis-statement?