delete

[RealBitcoin]

take your first point, and remove the "Then they start visiting shady websites, clicking on all shady ads, clicking on links from spam e-mail etc..." and you have the safest storage

it was i'm doing since i discovered bitcoin, and not even a satoshi was stolen from my desktop, the first secure option is your brain

Yet. You cannot know what other dangers might lurk in the future.

I dont really recomment what you are doing, it is very risky to store all btc in online pc.

well not all, i still keep them in the cold storage like any other sane person, but i like to have an hot wallet with a certain amount

for faster spending

Oh sure, yes that is ok. We all use that, and its ok, I thought you keep all of them on an online PC which is very wreckless.

[1715271613]

1715271613

[1715271613]

1715271613

[1715271613]

1715271613

[Amph]

take your first point, and remove the "Then they start visiting shady websites, clicking on all shady ads, clicking on links from spam e-mail etc..." and you have the safest storage

it was i'm doing since i discovered bitcoin, and not even a satoshi was stolen from my desktop, the first secure option is your brain

Yet. You cannot know what other dangers might lurk in the future.

I dont really recomment what you are doing, it is very risky to store all btc in online pc.

well not all, i still keep them in the cold storage like any other sane person, but i like to have an hot wallet with a certain amount

for faster spending

Oh sure, yes that is ok. We all use that, and its ok, I thought you keep all of them on an online PC which is very wreckless.

but usually i only install certified things and i'm not visiting any shady website, there is no need to be very paranoid about virus, it's the user that let them enter no one else

this is true for any virus even those bios virus, the only exception would be that router virus that propagate because there was an hole in the router security or something, i don't remember the name

[RealBitcoin]

but usually i only install certified things and i'm not visiting any shady website, there is no need to be very paranoid about virus, it's the user that let them enter no one else

this is true for any virus even those bios virus, the only exception would be that router virus that propagate because there was an hole in the router security or something, i don't remember the name

There arent any sophisticated viruses for bitcoin, yet. Not that I know of. In the sense that AI viruses, that have basic intelligence and can adapt to PC enviroment, like there are for bank account thefts.


Most Bitcoin viruses are either:

• Corrupted bitcoin of altcoin wallet
• Basic keylogger that searches for password fields
• Web keylogger for blockchain.info and similar sites
• Teamvier based remote acces virus (Yes i saw many altcoiners lost their altcoins by this)
• Detector virus, that searches for default bitcoin installation and sends the wallet file outside when unencrypted

You can easily protect against these, with no-script browser addon, basic antivirus scan of files and checking signatures/ checksums.

However, in the future, the malware can get a lot more sophisticated, so beware!

[SebastianJu]

9) Military-grade offline wallet storage

Description: An offline cold storage wallet, locked inside a electromagnetically shielded underground bunker room with radio signal shielding too that is empty with only: 1 PC, 1 chair, 1 table inside it, the entrance that is guarded by armed men and surveiled with multiple video cameras to prevent unauthorized personnel tampering the PC, and the only point of access off the PC is either reusable CD or a QR code based system to transfer the data from offline PC to online. Nothing can be plugged into that offline PC. And then when moving the data to the online PC only additional precautions are needed if you want your privacy shielded too, otherwise the bunker room is enough.
Pro's: Totally safe.
Con's: At this point the bitcoin can only be stolen by finding exploit in the protocol itself or by using an invisibility ring to get past the detection and steal the bitcoins. It is very expensive and unpractical, but its the only way to ensure that bitcoins are 100% safe.
Risk of bitcoin being stolen: █ █ █ █ █ █

*rofl*

I hope you tested if this type of storage is really as safe as you believe?

I think your list will give newbies some hints about the risks. Though i doubt that any normal user will use your 9th solution.

[shorena]

9) Military-grade offline wallet storage

Description: An offline cold storage wallet, locked inside a electromagnetically shielded underground bunker room with radio signal shielding too that is empty with only: 1 PC, 1 chair, 1 table inside it, the entrance that is guarded by armed men and surveiled with multiple video cameras to prevent unauthorized personnel tampering the PC, and the only point of access off the PC is either reusable CD or a QR code based system to transfer the data from offline PC to online. Nothing can be plugged into that offline PC. And then when moving the data to the online PC only additional precautions are needed if you want your privacy shielded too, otherwise the bunker room is enough.
Pro's: Totally safe.
Con's: At this point the bitcoin can only be stolen by finding exploit in the protocol itself or by using an invisibility ring to get past the detection and steal the bitcoins. It is very expensive and unpractical, but its the only way to ensure that bitcoins are 100% safe.
Risk of bitcoin being stolen: █ █ █ █ █ █

*rofl*

I hope you tested if this type of storage is really as safe as you believe?

I think your list will give newbies some hints about the risks. Though i doubt that any normal user will use your 9th solution.

I would say its less secure than 8, because you have to rely on the guards to actually do their job. Its certainly not 100% either you have to get the transactions online somehow. If you use an USB Stick for this with malicous firmware all the gards cant help you. There is no attacker scenario at all.

The OP also misses honey pots, IDS just to name two high level methods.

Wreckless is not a word.

[RealBitcoin]

*rofl*

I hope you tested if this type of storage is really as safe as you believe?

I think your list will give newbies some hints about the risks. Though i doubt that any normal user will use your 9th solution.

If they are a millionaire they can buy themselves a bunker, and private security to guard it.

And we know there are many bitcoin multi millionaires out there

9) Military-grade offline wallet storage

Description: An offline cold storage wallet, locked inside a electromagnetically shielded underground bunker room with radio signal shielding too that is empty with only: 1 PC, 1 chair, 1 table inside it, the entrance that is guarded by armed men and surveiled with multiple video cameras to prevent unauthorized personnel tampering the PC, and the only point of access off the PC is either reusable CD or a QR code based system to transfer the data from offline PC to online. Nothing can be plugged into that offline PC. And then when moving the data to the online PC only additional precautions are needed if you want your privacy shielded too, otherwise the bunker room is enough.
Pro's: Totally safe.
Con's: At this point the bitcoin can only be stolen by finding exploit in the protocol itself or by using an invisibility ring to get past the detection and steal the bitcoins. It is very expensive and unpractical, but its the only way to ensure that bitcoins are 100% safe.
Risk of bitcoin being stolen: █ █ █ █ █ █

*rofl*

I hope you tested if this type of storage is really as safe as you believe?

I think your list will give newbies some hints about the risks. Though i doubt that any normal user will use your 9th solution.

I would say its less secure than 8, because you have to rely on the guards to actually do their job. Its certainly not 100% either you have to get the transactions online somehow. If you use an USB Stick for this with malicous firmware all the gards cant help you. There is no attacker scenario at all.

The OP also misses honey pots, IDS just to name two high level methods.

Wreckless is not a word.

Well if you have alot of money, and armed guards I dont think people will just do an armed robbery against you. Its far more likely that an infiltration can occur, so that is the risk you need to worry about.

What is "IDS"?

[shorena]

-snip-
Well if you have alot of money, and armed guards I dont think people will just do an armed robbery against you. Its far more likely that an infiltration can occur, so that is the risk you need to worry about.

My point exactly. The guards are a security risk as well as a feature.

What is "IDS"?

https://en.wikipedia.org/wiki/Intrusion_detection_system

[notlist3d]

-snip-
Well if you have alot of money, and armed guards I dont think people will just do an armed robbery against you. Its far more likely that an infiltration can occur, so that is the risk you need to worry about.

My point exactly. The guards are a security risk as well as a feature.

What is "IDS"?

https://en.wikipedia.org/wiki/Intrusion_detection_system

The whole point military quality equipment makes it zero percent chance of losing BTC is just wrong.  As long as there is greed and "bad" people you cant just blindly trust.

Look at this coinbase - http://www.coindesk.com/former-silk-road-dea-agent-pleads-guilty-to-bitcoin-theft/ .  These DEA agents had military quality... they had secret clearances... should be great guys.  But in actual world they got greedy and stole BTC from what should have went into government holdings.

I still think cold wallet is key. I think hardware wallet and paper wallet are strongest ways to store BTC if done right.

[RealBitcoin]

My point exactly. The guards are a security risk as well as a feature.

But you dont let the guards inside the room, only you can access the room with fingerprint detector.

The guards are only there to guard the entrance.

And the room would be surveiled + movement detectors, so that nobody but you can go there undetected.

[SebastianJu]

My point exactly. The guards are a security risk as well as a feature.

But you dont let the guards inside the room, only you can access the room with fingerprint detector.

The guards are only there to guard the entrance.

And the room would be surveiled + movement detectors, so that nobody but you can go there undetected.

Fingerprint detector... normal ones easily cheatable with a bit of tesa and glue. And i would not want to risk that some thug cuts away my finger so that he can get into the vault. Even when the reader is detecting blood motion... it can be faked and was faked already. I would fear for my health with these kind of systems.

[shorena]

My point exactly. The guards are a security risk as well as a feature.

But you dont let the guards inside the room, only you can access the room with fingerprint detector.

Fingerprint you say?
-> https://www.youtube.com/watch?v=HM8b8d8kSNQ
-> http://arstechnica.com/security/2014/12/politicians-fingerprint-reproduced-using-photos-of-her-hands/

The guards are only there to guard the entrance.

And the room would be surveiled + movement detectors, so that nobody but you can go there undetected.

Like the cameras in public transport systems or banks that dont actually prevent the crime?

[RealBitcoin]

My point exactly. The guards are a security risk as well as a feature.

But you dont let the guards inside the room, only you can access the room with fingerprint detector.

The guards are only there to guard the entrance.

And the room would be surveiled + movement detectors, so that nobody but you can go there undetected.

Fingerprint detector... normal ones easily cheatable with a bit of tesa and glue. And i would not want to risk that some thug cuts away my finger so that he can get into the vault. Even when the reader is detecting blood motion... it can be faked and was faked already. I would fear for my health with these kind of systems.

If you have a fortified compound with armed guards, I dont think anybody will attack you

However if you do hold a lot of bitcoins, and somehow other people will know about it, and if you dont hire some armed guards, then it will be the biggest danger. All billionaires have a private army protecting them.

My point exactly. The guards are a security risk as well as a feature.

But you dont let the guards inside the room, only you can access the room with fingerprint detector.

Fingerprint you say?
-> https://www.youtube.com/watch?v=HM8b8d8kSNQ
-> http://arstechnica.com/security/2014/12/politicians-fingerprint-reproduced-using-photos-of-her-hands/

The guards are only there to guard the entrance.

And the room would be surveiled + movement detectors, so that nobody but you can go there undetected.

Like the cameras in public transport systems or banks that dont actually prevent the crime?

Those have different roles.

In my situation, the cameras serve the role of checking if the room has been entered without authorization.

For example: 1 infiltrator enters the saferoom to install some transmitter on your secure PC, that will leak the private key to him when you use it.

If you videotape the room all day, and check the footage before you use the PC, then you will not use the PC if it has been tampered with, and will replace it with a clean PC, and copy all data into that. Then burn the tampered PC.

[shorena]

-snip-
Those have different roles.

In my situation, the cameras serve the role of checking if the room has been entered without authorization.

For example: 1 infiltrator enters the saferoom to install some transmitter on your secure PC, that will leak the private key to him when you use it.

If you videotape the room all day, and check the footage before you use the PC, then you will not use the PC if it has been tampered with, and will replace it with a clean PC, and copy all data into that. Then burn the tampered PC.

So the videotape is protected better than the room with the computer?

[RealBitcoin]

-snip-
Those have different roles.

In my situation, the cameras serve the role of checking if the room has been entered without authorization.

For example: 1 infiltrator enters the saferoom to install some transmitter on your secure PC, that will leak the private key to him when you use it.

If you videotape the room all day, and check the footage before you use the PC, then you will not use the PC if it has been tampered with, and will replace it with a clean PC, and copy all data into that. Then burn the tampered PC.

So the videotape is protected better than the room with the computer?

Look it can be secured, relative to the level of paranoia.

There is always the possibility that an invisible goblin will watch the keystrokes when you enter your bitcoin wallet password, so what does it matter ?

So this discussion is pointless. There will be alway an attack vector. However method 9) is still the most secure and the odds of theft become so low, that you will have a higher chance of falling off the stairs and dying than to lose the bitcoins if you secure it properly, so at that point it doesnt matter.

More people die from car accidents than those that lose their bitcoin from bunker

[whizz94]

More people die from car accidents than those that lose their bitcoin from bunker

Haven't you guys seen how easily a disc of data may be stolen from a military grade secure bunker in Mission Impossible ?

For owners of valuable but not priceless data such as a few hundred bitcoins, I suggest that you set up an Electrum Wallet on a new install of linux (preferably raspbian on a raspberry pi) and use a poem which you will remember or something comparable which you won't forget over many years as the encryption passphrase.  Transfer your BTCthere and wait for the transaction to confirm.

If you want to hoard much of your BTCfor a few weeks or months then a raspberryPi is small and cheap enough that you can lock it in the safe next to the bars of bullion and just not use it for that long.  If you know that you want to hoard BTCfor years then pull out the sd card from the raspberryPi and permanently erase or destroy all that is on it.  Unlike a pc with bios, raspberryPi is stateless hardware, meaning that the sd card is the only persistent data storage on it.  To fully recover your BTC, procedure is to install electrum on something which you trust and enter that same passphrase.  If you are being really careful then you can buy a new 4GB sd card to do this on and erase it afterwoods.  After a few minutes online to synch, your BTCare recovered from only the passphrase.  I think the devs came up with a snazzy name like "deterministic wallet generation" to mean that you can throw your computing hardware into the fiery bits of Mt Etna, just so long as you remember the passphrase.

Of course, if you do own all the money in the world or a priceless list of military contacts, then you have to beware of lovely ladies with foreign accents who demand "tell me the poem"


If anyone wants to spend a BTCto get me to do all or part of this for you, just pm me.


Now, how does "remember the poem" compare to 1-9 listed in the first post of this thread ?

[SebastianJu]

My point exactly. The guards are a security risk as well as a feature.

But you dont let the guards inside the room, only you can access the room with fingerprint detector.

The guards are only there to guard the entrance.

And the room would be surveiled + movement detectors, so that nobody but you can go there undetected.

Fingerprint detector... normal ones easily cheatable with a bit of tesa and glue. And i would not want to risk that some thug cuts away my finger so that he can get into the vault. Even when the reader is detecting blood motion... it can be faked and was faked already. I would fear for my health with these kind of systems.

If you have a fortified compound with armed guards, I dont think anybody will attack you

However if you do hold a lot of bitcoins, and somehow other people will know about it, and if you dont hire some armed guards, then it will be the biggest danger. All billionaires have a private army protecting them.

I think having guards only will raise suspicion and attract thieves. Put the guards to sleep with gas and you can move on. Or especially in the bitcoin area... buy anonymous a hit team and let them  raid the vault.

I think the best protection would be that nobody knows you are rich. You take care about your privacy and prevent your bitcoin addresses to be connectable to you. You can hide your private key everywhere. Your whole computer is full of data where you could hide a privkey without anybody ever being able to find it.

Of course when you run a business and everybody knows you and your company then it might be something to consider.

[SebastianJu]

-snip-
Those have different roles.

In my situation, the cameras serve the role of checking if the room has been entered without authorization.

For example: 1 infiltrator enters the saferoom to install some transmitter on your secure PC, that will leak the private key to him when you use it.

If you videotape the room all day, and check the footage before you use the PC, then you will not use the PC if it has been tampered with, and will replace it with a clean PC, and copy all data into that. Then burn the tampered PC.

So the videotape is protected better than the room with the computer?

Look it can be secured, relative to the level of paranoia.

There is always the possibility that an invisible goblin will watch the keystrokes when you enter your bitcoin wallet password, so what does it matter ?

So this discussion is pointless. There will be alway an attack vector. However method 9) is still the most secure and the odds of theft become so low, that you will have a higher chance of falling off the stairs and dying than to lose the bitcoins if you secure it properly, so at that point it doesnt matter.

More people die from car accidents than those that lose their bitcoin from bunker

Actually i think 9 is less secure than others. Because you are publicly showing up yourself as someone who has something to hide. I'm sure satoshi has no heavily guarded fault. And he is the richest bitcoiner alive. And he probably is way more safe than the operator of a big mining farm. Even with guarded vault.

[shorena]

-snip-
So this discussion is pointless.
-snip-

I get that, but I am not sure if you understand why. You have no attack scenario so you cant properly judge the defenses. As SebastianJu pointed out, if are rich enough to set up a bunker + guard for your bitcoins you will have to consider attackers willing and able to cut your fingers off[1]. It does not even make sense to compare #9 to #1.

Anyway, I will not further pester your thread with my criticism.

[1] http://news.bbc.co.uk/2/hi/asia-pacific/4396831.stm

[notlist3d]

-snip-
So this discussion is pointless.
-snip-

I get that, but I am not sure if you understand why. You have no attack scenario so you cant properly judge the defenses. As SebastianJu pointed out, if are rich enough to set up a bunker + guard for your bitcoins you will have to consider attackers willing and able to cut your fingers off[1]. It does not even make sense to compare #9 to #1.

Anyway, I will not further pester your thread with my criticism.

[1] http://news.bbc.co.uk/2/hi/asia-pacific/4396831.stm

I think the guy with the hardware wallet or properly done paper wallet and stored in good location like bank is just about as secure as most need.  I think it comes down to cold vs hot wallet. Even if you have a bunker your relying on guards who I would assume make much less then what is being stored.  As long as there is greed there is a chance of them going "bad"

I like mine to only rely on myself.  I see bank as ok as for the level of security it's hard to beat price for a security deposit box.    

But I kinda agree with shorena it's kinda hard to have a discussion.  It seems a little adversarial which is not healthy for a discussion.

[RealBitcoin]

I think having guards only will raise suspicion and attract thieves. Put the guards to sleep with gas and you can move on. Or especially in the bitcoin area... buy anonymous a hit team and let them  raid the vault.

I think the best protection would be that nobody knows you are rich. You take care about your privacy and prevent your bitcoin addresses to be connectable to you. You can hide your private key everywhere. Your whole computer is full of data where you could hide a privkey without anybody ever being able to find it.

Of course when you run a business and everybody knows you and your company then it might be something to consider.

Banks hold trillions of $$$ in their vaults, or if you dont like reversible ones, then check the gold exchanges.

Gold exchanges hold tons of gold in their vaults, none of them raided yet.

I think you guys watch too many movies, in reality nobody dares to raid a compound full of armed guards.