Bitcoin Forum
December 02, 2016, 08:27:45 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Protecting your wallet. Put it in a hidden pocket.. (read on)  (Read 1144 times)
Morthawt
Jr. Member
*
Offline Offline

Activity: 31


Hey there! I am Wesley G aka Morthawt


View Profile WWW
June 13, 2011, 04:41:43 PM
 #1

If someone wants to steal your wallet they can because everyone's wallet is stored in the same place and has to be accessible to be used by the bitcoin program. So the solution is to either restrict access to the wallet or move the wallet.

To restrict the wallet run your bitcoin from a different useraccount in windows and make the folder where the wallet resides only accessible to THAT user the program is running on and its ownership reflects the same. This means file permissions and ownership changes.. Then go into your "Local Security Policy" in windows and set it so that only that username where your bitcoin runs from has access to take ownership over files. Then also in local security policy, you need to set it so that UAC requires authentication, this means not just a "press yes if you want to do this" this means "type your password to continue". Once you have done this malware cannot just change things on your system to easily access the wallet.


Another method is to move the wallet. You can use a program called Cameyo to make a portable version of bitcoin and then the wallet can be isolated in its own folder because the changes to the system it makes are "sandboxed" meaning they do not actually go into the system but rather in a dedicated folder that emulates the file system to the program, so the program (bitcoin) thinks its wallet is in the normal place but really that is cameyo telling bitcoin "Hey, this folder is your appdata" and then it just works. The only way a malware/hacker could steal your wallet with this method is to scan the entire system looking for wallet.dat which is possible.. but more work.

Another method is to run a virtual machine in your computer via VMWare, Virtual PC, Parallels, Virtualbox etc. This would completely isolate your bitcoin from your physical system by keeping ALL files hidden inside a virtual computer. Your wallet could only be stolen if the hacker gets access to your pc either physically or remotely and manually uses your computer mouse and keyboard to go into that virtual environment and copy to flash drive or upload to email your wallet from inside that environment.

Just a thought.

Free and open source Bitcoin exchange rate monitor and alerting program: http://forum.bitcoin.org/index.php?topic=14818.0
To show your support and appreciation for my bitcoin exchange rate watcher send me a donation: 1MTkF9ZTcXtgvQX245TwTL2Ko3NMvJHz6P
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480710465
Hero Member
*
Offline Offline

Posts: 1480710465

View Profile Personal Message (Offline)

Ignore
1480710465
Reply with quote  #2

1480710465
Report to moderator
1480710465
Hero Member
*
Offline Offline

Posts: 1480710465

View Profile Personal Message (Offline)

Ignore
1480710465
Reply with quote  #2

1480710465
Report to moderator
1480710465
Hero Member
*
Offline Offline

Posts: 1480710465

View Profile Personal Message (Offline)

Ignore
1480710465
Reply with quote  #2

1480710465
Report to moderator
bcearl
Full Member
***
Offline Offline

Activity: 168



View Profile
June 13, 2011, 05:33:18 PM
 #2

VMs don't mean to protect your guest from the host, only the other way around.

Misspelling protects against dictionary attacks NOT
FreeJAC
Member
**
Offline Offline

Activity: 112


View Profile
June 13, 2011, 06:41:21 PM
 #3

Let's say your wallet does get taken by malware but you have a backup copy. Could you recover and make the stolen one invalid somehow? What happens if there are two of the same wallets on the network? I would think both would become useless.

Donate here.... 18NiDLDA3qRxkEPN36xrzsdSgvEkbDKgNr
vrotaru
Jr. Member
*
Offline Offline

Activity: 35


View Profile
June 13, 2011, 07:02:48 PM
 #4

Let's say your wallet does get taken by malware but you have a backup copy. Could you recover and make the stolen one invalid somehow? What happens if there are two of the same wallets on the network? I would think both would become useless.

Send everything as soon as you got a chance to a safe account.
bcearl
Full Member
***
Offline Offline

Activity: 168



View Profile
June 13, 2011, 07:31:45 PM
 #5

Let's say your wallet does get taken by malware but you have a backup copy. Could you recover and make the stolen one invalid somehow? What happens if there are two of the same wallets on the network? I would think both would become useless.

If the attacker has spend your bitcoins, your backup is worthless.

Backup protects against failing disks and such, not against attackers.

Misspelling protects against dictionary attacks NOT
caveden
Legendary
*
Offline Offline

Activity: 1106



View Profile
June 14, 2011, 07:58:48 AM
 #6

Let's say your wallet does get taken by malware but you have a backup copy. Could you recover and make the stolen one invalid somehow? What happens if there are two of the same wallets on the network? I would think both would become useless.

Send everything as soon as you got a chance to a safe account.

And by safe account understand "an addresses generated in another wallet file". That's because if you just ask from a new address from the backup, it will get from the pool of addresses that was already there, so the thief will have it too.

18rZYyWcafwD86xvLrfuxWG5xEMMWUtVkL
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!