Bitcoin Forum
November 23, 2017, 03:16:20 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 [4]  All
  Print  
Author Topic: Best Cold Storage Methods For LTC and BTC  (Read 9259 times)
Zomdifros
Full Member
***
Offline Offline

Activity: 210



View Profile
April 09, 2013, 09:30:02 PM
 #61

Well that sounds reasonable indeed. The thing I'm most worried about by far are keyloggers and keeping the whole thing offline would pretty much solve that. I'm really looking forward toward the SSS solution within the GUI then, this would solve my other worry of somehow losing the piece of paper with the key.
 
One more question if you don't mind then: is there a risk that when you want to install Armory on your offline computer and transport it using a USB stick, malware somehow manages to copy itself on this stick and get onboard your offline computer, installs a keylogger and manages to get crucial information back on the internet using the same USB stick? Or is this way too far-fetched?

Well, the next release of Armory will have some help on the keylogger front (see images below).  The keylogger would have to record mouse-clicks in order to get your passphrase, and even that is useless if you scramble the keyboard.  Anything advanced enough to break that, will get your private keys another way.

As for the USB viruses:  that is a very real, and very remote threat.  It's not to say it couldn't be done.  It's why I've got the Improving offline wallets thread.  The reason why I stick with USB is so that people use it.  I'd much rather they use USB keys, than get fed up with something complicated, or not supported on all OS (battling drivers issues), and then resort to just regular hot wallets.  USB keys are universal, and everyone understands them.  No doubt, though, I'm working on some alternatives, for advanced users.







Isn't the Simple Python Keylogger already able to record mouse-clicks and taking a snapshot in each instance? I'm sure if an open source keylogger is up to the job any malicious keylogger should be able to do so as well.

1511450180
Hero Member
*
Offline Offline

Posts: 1511450180

View Profile Personal Message (Offline)

Ignore
1511450180
Reply with quote  #2

1511450180
Report to moderator
1511450180
Hero Member
*
Offline Offline

Posts: 1511450180

View Profile Personal Message (Offline)

Ignore
1511450180
Reply with quote  #2

1511450180
Report to moderator
Join ICO Now A blockchain platform for effective freelancing
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511450180
Hero Member
*
Offline Offline

Posts: 1511450180

View Profile Personal Message (Offline)

Ignore
1511450180
Reply with quote  #2

1511450180
Report to moderator
1511450180
Hero Member
*
Offline Offline

Posts: 1511450180

View Profile Personal Message (Offline)

Ignore
1511450180
Reply with quote  #2

1511450180
Report to moderator
1511450180
Hero Member
*
Offline Offline

Posts: 1511450180

View Profile Personal Message (Offline)

Ignore
1511450180
Reply with quote  #2

1511450180
Report to moderator
etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 09, 2013, 09:34:18 PM
 #62

Isn't the Simple Python Keylogger already able to record mouse-clicks and taking a snapshot in each instance? I'm sure if an open source keylogger is up to the job any malicious keylogger should be able to do so as well.

The OSD keyboard can be defeated.  But simple, off-the-shelf pluggable keyloggers, only record keystrokes.  This isn't intended to be a replacement for real security, it just raises the bar a tad for what an attacker needs to attack you.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
Zomdifros
Full Member
***
Offline Offline

Activity: 210



View Profile
April 09, 2013, 09:46:14 PM
 #63

Isn't the Simple Python Keylogger already able to record mouse-clicks and taking a snapshot in each instance? I'm sure if an open source keylogger is up to the job any malicious keylogger should be able to do so as well.

The OSD keyboard can be defeated.  But simple, off-the-shelf pluggable keyloggers, only record keystrokes.  This isn't intended to be a replacement for real security, it just raises the bar a tad for what an attacker needs to attack you.

Thanks for the link to your thread from last year! I read up on the QR code option and I think this could be done ultrasafe and very easy by slicing my Bitcoin holdings in several small accounts, then using the scanner from the Blockchain.info Android app to retreive the QR code with the private key. That way my offline laptop could remain more or less completely off-grid.

Dabs
Staff
Legendary
*
Offline Offline

Activity: 1876



View Profile
April 10, 2013, 08:18:49 AM
 #64

There's this thing I've used before called Neo's SafeKeys. It's a virtual keyboard software that is supposed to defeat many software (and hardware) based keyloggers, unless someone is capturing live video feed of everything you do. Check it out, you might learn a trick or two.

Escrow Service (Services) - GPG ID: 32AD7565, OTC ID: Dabs
All messages concerning escrow or with bitcoin addresses are GPG signed. Please verify.
CompTIA A+, Microsoft Certified Professional, MCSA: Windows 10; Windows Server 2012, MCSE: Cloud Platform and Infrastructure; Productivity; Messaging
Pages: « 1 2 3 [4]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!