Ripple/Bitcoin best security practices for newbies (updated). Keep it alive!

[interlagos]

/********** Method 1 ********** applicable to Ripple and Bitcoin in blockchain.info MyWallet **********/

Since Ripple doesn't require storing your wallet locally (it keeps an encrypted copy in a cloud if Payward is selected), wouldn't it be much safer to advertise using Ripple from Ubuntu (or Mint) Live CD session? And if people want to use Bitcoins at the same time (for trading) then suggest to keep small amount of them in a hot wallet in one of the exchanges or blockchain.info MyWallet (which is safer), so that live session with a browser is still enough.

NOTE: It seems that Ripple and blockchain.info MyWallet work the same way: https://blockchain.info/wallet/how-it-works

Even though encryption of the wallet itself might be strong in Ripple it won't protect careless users from trojans/keyloggers that can steal your password the moment you type it in. Booting from clean Live CD every time you need to access your funds protects you from keyloggers and leaves your normal OS installation (Windows or Linux) unchanged. Something like "best security advice" on the Ripple's wallet creation page with a few easy steps would suffice.

It might take a bit more time to boot from a Live CD and you might need to change the boot order (only once) in your computer's BIOS setup to be able to do that, but in the end the added security is well worth the time and effort.

/********** Method 2 ********** applicable to Ripple and Bitcoin in your normal OS installation **********/

If you still find it cumbersome to play with Live CDs and prefer to work with sensitive data in your normal OS installation here is a trick how to fool the most primitive keylogger:

1) type one third* of your password
2) then type a fixed amount (1-5) of random keys**
3) then carefully delete them with your mouse (select last N symbols in the text field, right-click->Delete)
4) type another third of your password
5) repeat 2) and 3) with a different key sequence
6) type the last third of your password
7) press login

* you can divide your password into as many parts as you like, but one third is good enough for simplicity of the demonstration

** it's better to use the same (from one login to another login) pre-defined key sequences but different for their respective injection points in the password, so that they cannot be figured out by textual analysis from multiple stolen password strings for the same account.

From the keylogger's perspective your typed password would contain some garbage and won't work with your account.
Of course some keyloggers might attempt to intercept your mouse moves and clicks as well, but it seems much more difficult to figure out exactly what you typed with the approach described above.

/********** Method 3 ********** applicable to Ripple and Bitcoin in your normal OS installation **********/

Yet another way to protect yourself from malicious software is to create a separate secure user/workspace within your normal OS installation. Use your normal user account for day-to-day operations like reading news, working with email, chatting with friends, installing software from the Internet, etc. Use your secure user account to access your locally stored bitcoins and other sensitive information (Ripple account, Bitcoin exchanges, bank account etc). You can use this method in conjunction with method 2 described above for stronger security.

NOTE: More information on how to create secure user/workspace can be found here: https://en.bitcoin.it/wiki/Securing_your_wallet

For absolute security use offline cold wallets for storing bitcoins safely: http://bitcoinarmory.com/using-offline-wallets-in-armory/
This method is not currently applicable to Ripple but it might change once Ripple software is opensourced.

/******************************************************************************************************/

If you're new to Ripple/Bitcoin and you find these practices useful, please bump this thread (by posting in it) every once in a while so that other people can see it as well. Alternatively moderators might choose to make it a sticky thread on top of the board.

Remember that a few dozens of dollars worth of bitcoins or ripples right now might be a lot of money a few years down the road. So we'll be much better off as a community if we develop a good sense of discipline towards best security practices early on.

[memvola]

It's business as usual really. If you're not sure that you can keep your system safe, running from a write restricted medium makes sense. It's especially easy if you access your wallet remotely.

With deterministic Bitcoin wallets, you can also run a local Bitcoin client that way, since you never need to update the wallet. I imagine same would go for a local Ripple client, as you only have one private key.

[interlagos]

Yes, I hope most bitcoiners have some idea how to protect their systems, but looking at the amount of newbies rushing in to get some free XRP I bet most of them use Windows with tons of bloatware and likely many old bitcoiners still do. So it's better to take some precautions from the start.

I wonder if upcoming Bitcoin hardware wallets are capable of storing Ripple secret keys and sign transactions with them? Hopefully some advanced ones will be able to do that since ECDSA is the same for both Bitcoin and Ripple. But at the moment there is no cold wallet alternative for Ripple as we know it, so the approach described in OP is the only sane way to keep your ripples safe.

[interlagos]

Updated OP with a few more methods. I will bump this thread a couple more times before I leave for vacation in about a week.
Please feel free to keep it alive.

[memvola]

Updated OP with a few more methods. I will bump this thread a couple more times before I leave for vacation in about a week.
Please feel free to keep it alive.

Well, Method 2 would give you a false feeling of security, since if your computer is compromised by a keylogger, there is no reason not to expect it to take mouse click snapshots besides keyboard events.

While using Method 3, you could use iptables to prevent your secure user from accessing the network. This can not protect you from privileged keyloggers and such, but could be used to make sure offline-only tools don't do some fishy stuff in the background. It could even be switched on and off manually, to be used in conjunction with tools like blockchain.info/wallet. I don't know if offline tools will be of any use in the case of Ripple though.

[interlagos]

Updated OP with a few more methods. I will bump this thread a couple more times before I leave for vacation in about a week.
Please feel free to keep it alive.

Well, Method 2 would give you a false feeling of security, since if your computer is compromised by a keylogger, there is no reason not to expect it to take mouse click snapshots besides keyboard events.

While using Method 3, you could use iptables to prevent your secure user from accessing the network. This can not protect you from privileged keyloggers and such, but could be used to make sure offline-only tools don't do some fishy stuff in the background. It could even be switched on and off manually, to be used in conjunction with tools like blockchain.info/wallet. I don't know if offline tools will be of any use in the case of Ripple though.

I agree that none of these three methods provide absolute security.

1) With the first method you need to trust the Live CD image provider that it's free from malware and security holes.
Open source makes it easier to monitor, but I think there might be a few loopholes when the software is built and the image is created.
I need to look closer into this. Do you know if Ubuntu/Mint Live CD image creation process is completely transparent?

2) With the second method, yes some advanced loggers would likely capture everything you interact with including sceenshots, mouse clicks and moves. You can probably make their life harder if you scroll/resize the page a few times while you type your password with injections.
They would need to capture your screen several times to determine the offsets of injections within your password properly.

3) Yes if keylogger has root access then the third method doesn't really bring much security to online operations. So users should be careful when installing random software from the Internet. It might be wise to keep a small partition on your hard drive with some trusted and well tested clean Linux installation for just the purposes of dealing with sensitive data online. Can you recommend a good one for that?

The only rock solid secure method is to keep your secret/private keys on the protected offline computer and transfer signed transactions via clean USB flash drive or QRcode printer/reader. But that luxury is only available for BItcoin with Armory at the moment, so Ripple users are left with what we have.