/********** Method 1 ********** applicable to Ripple and Bitcoin in blockchain.info MyWallet **********/
Since Ripple doesn't require storing your wallet locally (it keeps an encrypted copy in a cloud if Payward is selected), wouldn't it be much safer to advertise using Ripple from Ubuntu (or Mint) Live CD session? And if people want to use Bitcoins at the same time (for trading) then suggest to keep small amount of them in a hot wallet in one of the exchanges or blockchain.info MyWallet (which is safer), so that live session with a browser is still enough.
NOTE: It seems that Ripple and blockchain.info MyWallet work the same way:
https://blockchain.info/wallet/how-it-worksEven though encryption of the wallet itself might be strong in Ripple it won't protect careless users from trojans/keyloggers that can steal your password the moment you type it in. Booting from clean Live CD every time you need to access your funds protects you from keyloggers and leaves your normal OS installation (Windows or Linux) unchanged. Something like "best security advice" on the Ripple's wallet creation page with a few easy steps would suffice.
It might take a bit more time to boot from a Live CD and you might need to change the boot order (only once) in your computer's BIOS setup to be able to do that, but in the end the added security is well worth the time and effort.
/********** Method 2 ********** applicable to Ripple and Bitcoin in your normal OS installation **********/
If you still find it cumbersome to play with Live CDs and prefer to work with sensitive data in your normal OS installation here is a trick how to fool the most primitive keylogger:
1) type one third* of your password
2) then type a fixed amount (1-5) of random keys**
3) then carefully delete them with your mouse (select last N symbols in the text field, right-click->Delete)
4) type another third of your password
5) repeat 2) and 3) with a different key sequence
6) type the last third of your password
7) press login
* you can divide your password into as many parts as you like, but one third is good enough for simplicity of the demonstration
** it's better to use the same (from one login to another login) pre-defined key sequences but different for their respective injection points in the password, so that they cannot be figured out by textual analysis from multiple stolen password strings for the same account.
From the keylogger's perspective your typed password would contain some garbage and won't work with your account.
Of course some keyloggers might attempt to intercept your mouse moves and clicks as well, but it seems much more difficult to figure out exactly what you typed with the approach described above.
/********** Method 3 ********** applicable to Ripple and Bitcoin in your normal OS installation **********/
Yet another way to protect yourself from malicious software is to create a separate secure user/workspace within your normal OS installation. Use your normal user account for day-to-day operations like reading news, working with email, chatting with friends, installing software from the Internet, etc. Use your secure user account to access your locally stored bitcoins and other sensitive information (Ripple account, Bitcoin exchanges, bank account etc). You can use this method in conjunction with method 2 described above for stronger security.
NOTE: More information on how to create secure user/workspace can be found here:
https://en.bitcoin.it/wiki/Securing_your_walletFor absolute security use offline cold wallets for storing bitcoins safely:
http://bitcoinarmory.com/using-offline-wallets-in-armory/This method is not currently applicable to Ripple but it might change once Ripple software is opensourced.
/******************************************************************************************************/
If you're new to Ripple/Bitcoin and you find these practices useful, please bump this thread (by posting in it) every once in a while so that other people can see it as well. Alternatively moderators might choose to make it a sticky thread on top of the board.
Remember that a few dozens of dollars worth of bitcoins or ripples right now might be a lot of money a few years down the road. So we'll be much better off as a community if we develop a good sense of discipline towards best security practices early on.