Bitcoin Forum
October 22, 2020, 11:33:21 PM *
News: Latest Bitcoin Core release: 0.20.0 [Torrent]
   Home   Help Search Login Register More  
Pages: [1]
Author Topic: Security of Apple's encrypted dmg's  (Read 2246 times)
Full Member
Offline Offline

Activity: 136
Merit: 100

View Profile
September 30, 2012, 01:57:28 PM

Hi guys!

I printed one copy of a paper wallet on a brand new offline mac installation, that only had tha saved webpage on it and the printer drivers. I then saved the pdf on an encrypted apple dmg image with a 20+ character password. Ejected the image, saved it on a stick, shut down, formatted and zeroed-out the drive, then uploaded the unopened dmg to dropbox, emailed it to wife/friends for safekeeping and saved it on various other media.

The paper copy is in a safe place.

I'm guessing I should be pretty safe, would anyone care to comment? Oh, OS 10.6.8 if it matters.

many thanks in advance.

Hero Member
Offline Offline

Posts: 1603409601

View Profile Personal Message (Offline)

Reply with quote  #2

Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Mike Caldwell
Offline Offline

Activity: 1386
Merit: 1065

The Casascius 1oz 10BTC Silver Round (w/ Gold B)

View Profile WWW
September 30, 2012, 02:05:01 PM

For that much work I would have printed a long time supply of paper wallets instead of just one.

I am not sure what encryption is used in a dmg, nevertheless I would have done an encrypted PDF if it were me - knowing PDF uses AES - and because it would be openable on more machines while requiring a lower skill level to do so, just in case I need it openable by others. But that would be just me, and my needs may not be the same as yours.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
Offline Offline

Activity: 1218
Merit: 1007

Gerald Davis

View Profile
September 30, 2012, 02:19:12 PM

Yeah the two concerns are future access and security. 

What is the specs of the closed source dmg format?  Who knows.  Does it have an easily exploitable cryptographic flaw? Who knows.  In 20 or 30 or 50 years will Apple still produce OS capable of using that file format?  Who knows.

While there is nothing wrong with how you make a backup, using an open standard (like an AES encrypted text file) would ensure higher future compatibility and the security is more transparent.
Hero Member
Offline Offline

Activity: 728
Merit: 500


View Profile
September 30, 2012, 02:22:15 PM

I don't know how well DMG encryption has been audited. I reccomend using gpg or truecrypt which are both well scrutinized and available on all major platforms.

A 20 character password is sufficient if it is completely random but possibly not if it is from dictionary words. I reccomend against l33tspeak words which tend to make the password hard to remember faster than they add entropy.  Either use a short fully random key or use a long list of plain words.  Otherwise you will forget some bit of punctuation.

The rest of your process looks good for a highly paranoid approach.

      War is God's way of teaching Americans geography.  --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics.  --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
Pages: [1]
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!