Bitcoin Forum
December 03, 2020, 11:06:53 AM *
News: Bitcointalk Community Awards
 
  Home Help Search Login Register More  
  Show Posts
Pages: « 1 2 3 4 5 6 [7] 8 »
121  Bitcoin / Bitcoin Discussion / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 03:39:52 PM
bcearl: Your setup seems quite the sensible thing to do. It's actually the method recommended by the wiki, and right now I can't think of any reason why this shouldn't be very secure. Especially if you never run any programs when logged in as the secure user.

However, the problem of keylogging (physically) still exists, as your password is the point of entry for any attacker. Other than that, you'll be completely fine.

Edit: Actually, the weak point is the login password, just wanted to clarify that (If I'm correct in assuming that your home directory is decrypted as soon as you log in. At least in RAM.). Also, scusi for the double post.
122  Other / Beginners & Help / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 02:42:20 PM
Thanks for the sticky, and thanks for the corrections. Keep it up. 10 spelling mistakes corrected and I will personally invent a new swearword and post it here.
123  Bitcoin / Bitcoin Discussion / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 02:17:36 PM
We already asked for a security subforum, maybe you join the request.

https://forum.bitcoin.org/index.php?topic=16273.0

If you have time and want to, you could also review my specific multi-user Ubuntu setup. Of course it is a trade of between perfect security and usability. A seperate system as you propose is absolutely necessary for huge amounts of coins.

http://forum.bitcoin.org/index.php?topic=15068.0

I'll have a look at both, promised. I have to run now though, I'll be back later.
124  Other / Beginners & Help / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 01:58:56 PM
Next, he deleted the wallet, because he thought it had already been backed up, when in actual fact only the first address had been.

Oh snap. Good to know though, and yes, the wallet only contains the addresses already generated at the time the file was backed up. I will refrain from mentioning this in the guide though, since 1: I advise against using the wallet you just backed up, 2: with the 10 fresh addresses generated, this shouldn't happen anymore, 3: I'm trying to keep it simple and hope not to confuse anybody. As Confucius says: Confusion is the death of non-confusion (and oversight)
125  Other / Beginners & Help / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 01:47:00 PM
Careful what version of Bitcoin you use! Some versions will display multiple addresses but the private keys won't be made till you do a transaction and have it open for a while!!! Someone did something similar, where they sent some to the first address as a test then saw it worked then send the rest to the second address. Deleted everything only to go back and see that he lost his BTC!!

I did not know that. Are you sure, it's not just one of the occasions where --rescan would have done the trick? What version was it?

I've put this article up (with your donation address intact) at http://bitcoinsecurity.com.

Wow. My sincere thanks. I'll PM you in case I make any relevant additions to the text. Glad that you took out the emoticions, they look dumb in plain text Smiley

Also, feel free to delete the address mentioned at the bottom, that way it won't come across quite as desperately Smiley

And you may want to delete the mention about "comments"
126  Bitcoin / Bitcoin Discussion / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 01:44:29 PM
Brainslug: Seems to kinda-work, but always be careful with overly complicated schemes: the possibilities for making an error are simply much bigger. Also, it seems a little tedious. Plus there is the physical security of your notebook. If you don't encrypt the partition, it will be open to anyone getting his hands on your machine.

Thank you for your work!

I aim to please. Happy that you like it.
127  Other / Beginners & Help / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 01:20:52 PM
If you prefer to not encrypt the files to avoid remembering passwords, you won't be secure, unless you make a physical backup of the media holding your money and then put that backup in a vault (at your house or in a bank).

Actually, you could do a weekly trip to the bank and put your wallet.dat on a memory stick in a safety box. Assuming that you have that many BTCs to protect.

NO!! Encryption is not some magic thingamajawb that protects you from all evil.

Let me clarify: A _backup_ is of absolutely NO USE. So your weekly trip doesn't accomplish anything if the very same file has been on your main operating system. This is a dangerous fallacy, hence my analogy with "keys" instead of "wallets".

Again: that would be like making a copy of your safe-key every week and putting that in the vault.

It has to be a new, untainted address, in conjunction with the wallet.dat that you deposit. Actually, this is way more convenient, since you don't have to access your bank vault at all. You just deposit/sent the coins into the right addresses.
128  Other / Beginners & Help / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 01:16:02 PM
For the same reasons that you made this post, I just created a small program that generates bitcoin addresses and saves the keypair as an encrypted wallet file. It's basically a tool for the overly paranoid, since it doesn't create any unencrypted intermediate files and doesn't require the full bitcoin client just to generate an address. It also generates just 1 address, so it's impossible for somebody to steal your keys from an "old backup".

https://github.com/vegard/mkbtcaddr

Great, you rock. Nice to see some progress by the community. If encryption is what you prefer, these kind of tools are perfect. Want to bundle it into a liveCD? In my experience, it's quite trivial to do.

encryption is good but i thin k you have to increase all of them

Wat
129  Other / Beginners & Help / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 12:58:04 PM
+1, I got it now. AES is actually secure enough, that it'll be safe forever provided mathematics don't completely vanish and the laws of physics still apply (and your key-length is sufficient).

Still, I prefer not to encrypt the file, since the passphrases either have to be written down or remembered, both of which aren't exactly ideal (Think brain hemorrhage, which I definitely plan to get one of these days).

Also, newbs can barely handle Ubuntu.
130  Bitcoin / Bitcoin Discussion / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 12:56:33 PM
Thanks for that guide.

You're welcome. And remember: nothing prevents you from doing the whole procedure now and just transferring a few coins every now and then. You'll get the extra satisfaction of having something like a piggy bank Smiley
131  Bitcoin / Bitcoin Discussion / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 12:53:53 PM
mods: is it possible, to somehow ShamWow merge these two topics, or at least redirect the replies to just one of the two?

http://forum.bitcoin.org/index.php?topic=17240.msg222430
http://forum.bitcoin.org/index.php?topic=17240.0

If not, then I'm sorry I made such a mess on your carpet.
132  Other / Beginners & Help / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 12:45:35 PM
Allright. Well if you don't trust the client from bitcoin.org or the ubuntu live CD, they are both open source, so you are able to compile it yourself.

Yes, and I also suggest, you read through the whole source-code that constitutes the entire Ubuntu distribution, just to make extra-sure Smiley

MBH: The whole point is to backup the entire disk, no? In that case, you still have to move your wallet.dat between the old CD and the new one. Besides, who guarantees that DSL will still be maintained a few years from now.

But if the encryption part was just meant for your wallet.dat, then yes, that's what I suggested. Just make sure, you use an encryption that will still be secure in a few years, otherwise, I'll steal it now (from your lame-ass cloud provider in case you use dropbox), keep it and decrypt it in 2018 with my quadruple ATI-over9000. Just a possible scenario. I prefer the more minimalistic physical security.
133  Other / Beginners & Help / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 12:43:50 PM
0) Damn Small Linux is 50MB in size, install it somewhere and install bitcoin on it.
1) Encrypt the disk/file.
2) Use a Cloud-based service like JungleDisk.com to backup your wallet/distro. It costs $5/month & the first 5GB is free.

Good idea, although DSLinux can be tedious for beginners. But I like the elegance of your solution.

One potential problem: If we think long-term, DSLinux-version.today might not necessarily be able to boot on modern hardware in a few years.
134  Other / Beginners & Help / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 12:39:55 PM
Thanks for this. It seems like a good idea. I'm wondering something though. Currently I just have my wallet on my computer. Lets say someone has access to my computer, can they just copy it to an USB stick, and open it at home to do transactions with it?

Obamaface: yes, they can
135  Other / Beginners & Help / Re: HOWTO: create a 100% secure wallet on: June 15, 2011, 12:38:47 PM
Yes, both of you have a point I thought about as well: You still have to use the bitcoin client downloaded from the official site, sou you have to trust that thing unconditionally. And yes, you have to trust the liveCD

Of course, someone could trick you into downloading the wrong software (DNS redirect?). But there's a point where a certain level of paranoia is kind of exaggerated. You could of course always write your own client Smiley

I think it makes sense to trust both the Ubuntu LiveCD as well as the client from bitcoin.org for now.
136  Bitcoin / Bitcoin Discussion / HOWTO: create a 100% secure wallet on: June 15, 2011, 11:45:55 AM
Note: This is a repost of the HOWTO I made in the newbie-forum. If any mod objects to double-posting, or is incredibly pissed at me right now, feel free to delete the thread of your choosing.

Also, there is an excellent article on the Wiki which should give you some ideas about the problem of security. This is meant as a more specific and simple straight-forward guide, i.e I won't spell out where you can find your wallet.dat and so on.


Why?

So, in light of the recent Drama Roll Eyes Kiss and my general feeling that some people are unsure about the security of their wallet (or their PC in general), I've decided to give you an idea how to create a secure savings account for you to deposit your hard-earned coins in.

Clarifications

So, you crazy twat want to invest all your savings in bitcoin, but you're not yet shit-for-brains enough to forget the security aspect of the whole thing? Here's the HowTo for you.

So, the first misconception to clear out, is the concept of the "wallet". The wording in itself is not ideal, since it is more like a key. Cryptographically speaking, it is actually exactly that: your private key.

Now this has the following implication: If someone steals your wallet.dat now, and you deposit coins in it later, the thief will be able to spend/transfer ALL your coins, including those you added _after_ the wallet was stolen! I'm sure a lot of you know this already, I just want to clarify this for everybody.

So, clearly, you have to make it impossible for anybody to _ever_ steal your wallet. Clearly, this is infeasible for your day-to-day transactions account, since encryption will be useless as soon as you want to access your coins (Since the decrypted wallet.dat has to be stored in RAM at some point. There are ways, but for now, consider them a little tedious).

So the solution is the following: you have your spendings-account where you keep only low amounts of coin (much like a real-life wallet), and you have your super-secure savings wallet, which you only access on rare occasions.

How?

I'll try to keep it short: You have to create your savings account under ideal security-conditions. I won't rant about you cunts people using Windows in general, but note that Linux is in no way automagically completely secure. Everything depends a lot on your behaviour.

1. What you'll do is the following: Create a live-CD or a bootable USB with your OS of choice on it. I suggest using the Ubuntu LiveCD.

The reason is simple. When you create your new wallet, you want to make abolutely sure, that your running operating system doesn't in any way log your keys or secretly save your files somewhere.

2. Boot your freshly-created OS, and install the Bitcoin client on it. Yes you can install software inside a liveCD environment. Optionally, also install some encryption software, but we'll leave that for now.

3. Your Bitcoin client will immediately generate 10 addresses for you, and with them, the corresponding wallet.dat.

4. Save your addresses somewhere, if you have to, write them down manually (if you do this, then I bow to your zeal and declare you crazy). I suggest you send them to yourself over email.

5. This is the important step. Copy your wallet.dat somewhere. Burn then on a CD or another medium. I for instance love those little 64MB SD-cards you sometimes get with a new camera. They rock. You might want to make multiple copies (on multiple cards/CDs, not multiple copies of the same file on the same disk you tart).

6. Now, eject whatever you just copied on, and guard it like your life depends on it. Not really, but here is the important step: If you encrypted your wallet.dat with an encryption algorithm you feel safe about, just keep it around your house.

7. Shut down. There will be no trace of your walled.dat on your harddisk, since it never actually resided there.

Important: You will want to keep another copy somewhere else, in a safe physical location, or at least one that is safe while your house burns down. You might already know it, but losing your wallet.dat is worse than someone stealing it. It'll be gone forever.

If you didn't encrypt the file (which I prefer), put the SDcards, CDs, whatever in a safe. That's right: a real-world safe, like banks have, who also happen to lock their doors and are in general very anal about their security and all that jazz. You can rent small safety-deposit boxes in exchange for money. As a bonus, it'll be fire-proof as well.

8. In case it's not yet obvious: You will now only make day-to-day transactions like you used to do it, on your computer (are you _still_ using windows?) and every now and then, you will put some coins into your savings-account. Using the addresses from step 4). How much you want to keep in your wallet is up to you.

But how can I haz my money back?

Okay, for those of you who didn't guess it yet: Whenever you want to make a transaction from your savings-account to someplace else, get your wallet.dat out of the safe, boot up your liveCD (don't you dare using your regular OS after all this work, or I'll come beat you up personally) and do the reverse: Install bitcoin again, install the encryption-software if necessary and copy your wallet.dat where it belongs.

Congratulations: you can now access your 25'000 bitcoins and nobody will have messed with them while you were asleep.

Possible attacks

So now, the _only_ way for someone to steal your coin, will be to steal your physical copy of the wallet. That's why you might want to encrypt it, although if you do, don't forget the passphrase. Also, if you die, your family can still get your bank-safe opened, but they won't be able to pick through your brain and get the passphrase out of it. That's why I prefer to not encrypt it.

There is one more possibility: a physical keylogger: It will be able to intercept the password you use to encrypt your wallet.dat, which, if you keep a copy at home, can then be stolen and used. Another reason, why a regular safe is the best option in my humble opinion.

What else?

EDIT: A little protip for those who don't know: You can of course use blockexplorer.com to keep track of your account while it's safely hidden away. Doing this will simply allow you to see how many coins are associated with a given address.

I suggest you also create new day-to-day wallets (even having a few coins stolen can be frustrating), as your current ones might already have been stolen. Of course, this requires a secure OS, so you better ditch that infected piece of shit fine gear of yours. DON'T just create new wallets on the system you're using right now, since it won't solve anything in case you're already infected.

In addition, it doesn't hurt to read up on some technical details. Use the Wiki. Learn the difference between the amount in your wallet, and the amount on the different block-addresses. If you handle a lot of money, ACT ACCORDINGLY. Don't get all crazy-enthusiastic-venture-capitalist and invest all your savings in bitcoin. Also, don't speculate too much on the price development, you'll make more money if you use that time to work at a regular job.

Now, if you happen to make/have made a significant amount of coins, don't run around telling everybody like the self-satisfied vagina that you are. You wouldn't do that with real money either. At least I hope so.

Also, someone will probably make a bitcoin-specific liveCD, which should save some hassle in the steps above.
Also, take it easy and be a cool guy woh doesn't afraid of anything.
Also, pick up a book every now and then.


Yes, there are other ways to do this, and yes, some might be more practical and maybe just as secure. Write a comment about it.

If anyone has any clarifications, questions, suggestions, or wants to call me a moron, please feel free to do so, and I'll see if there is anything to be improved about it. Also, spelling mistaeks.

Also, in case anybody got all excited by this guide and/or seen the light of Jesus-Christ the saviour AND wants to thank me with coins (why on earth would you do that?), here's my address: 16VD78R8nxqJGesE7E9KS6A8TikQQpKNm5

Have fun. Cool

EDIT: Corrections and added a few insults just for you, dear anonymous reader.
137  Bitcoin / Bitcoin Discussion / Re: How to be safe with bitcoins - guide on: June 15, 2011, 11:42:51 AM
Sweet, I wrote up a similar thing in the newb-forum Smiley HOWTO: create a 100% secure wallet

I wanted to move it here, but I see you've also taken a shot at this. Hope people will start behaving a little more responsibly.

EDIT: Jesus, dude... Begging is so sad. Also: awesome that you think in the time-span of 10 years Cheesy
138  Bitcoin / Bitcoin Discussion / Re: I just got hacked - any help is welcome! on: June 15, 2011, 11:34:12 AM
As a quick note: I suspect, that more people are prone to have their wallet stolen, or that a LOT of people might already have a trojan that copied their wallet some time ago.

So I decided to be nice and write up a (hopefully) helpful HowTo to protect yourself: HOWTO: create a 100% secure wallet.

If LulzSec can infect a gazillion of PCs to do their DDoS, then anybody can implement a simple file-upload function into any virus.

I'll update the guide with new information as it comes up.
139  Other / Beginners & Help / Re: Introduce yourself :) on: June 15, 2011, 11:23:17 AM
Dear newbie forum: who reads these introductions anyway? Also: 5 posts. Damn you for forcing me.
140  Other / Beginners & Help / Re: Question about decimal places in the client and transfers on: June 15, 2011, 11:16:36 AM
Do you know if it rounds the numbers, or does it just omit the digits?

I mean, it's not important yet, but why not let you transfer anything you like, as long as it's above the limit of 0.01. That would solve the SPAM-issue just as well.
Pages: « 1 2 3 4 5 6 [7] 8 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!