Bitcoin Forum
December 03, 2016, 09:57:14 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 ... 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 [58] 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 ... 129 »
  Print  
Author Topic: HOWTO: create a 100% secure wallet  (Read 249530 times)
RuckingFetard
Newbie
*
Offline Offline

Activity: 13


Yes You Are!


View Profile
November 22, 2012, 01:11:50 AM
 #1141

There's no 100% secure wallet just as there exists no 100% effective contraceptive
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480802234
Hero Member
*
Offline Offline

Posts: 1480802234

View Profile Personal Message (Offline)

Ignore
1480802234
Reply with quote  #2

1480802234
Report to moderator
Chris Weber
Jr. Member
*
Offline Offline

Activity: 37


View Profile
November 22, 2012, 07:35:50 AM
 #1142

First you have to set measure what is secure for you.
e.g.:
-you want noone to know you holding Bitcoin
-you wand noone to see your transaction
-you are confident noone knowing that a transaction is connected to you
-you just want to be the only one to spend your coin

if you wanna have all of that, it is hard - but still possible or at least plausible deniable with Bitcoin.
But never forget, that it was never intended to be "not known" anyhow - it was just meant to be pseudonymous and free of central control.
aware
Newbie
*
Offline Offline

Activity: 5


View Profile
November 22, 2012, 05:55:40 PM
 #1143

Put in safety box is the most secure lol.
zxyzxy
Full Member
***
Offline Offline

Activity: 133


View Profile
November 22, 2012, 11:30:52 PM
 #1144

Is it safe to backup my wallet on dropbox?
HELL NO! Well unless you encrypted it with a strong password. But Dropbox (i.e. their employees) can access your data. And depending on where they host their data, so can the particular 3rd party hosting / cloud storage company (maybe Amazon or whatever).

Not saying these companies are untrustworthy, but you simply don't want to take this risk. Especially because IF your coins disappear, there's no way to proof it was them.

Wuala.com (an alternative to Dropbox) is safer because encryption occurs client side there.

Then again, you shouldn't have an unencrypted wallet on your PC anyway. Suppose someone breaks in and takes your PC. Or you lose your laptop or whatever. Simply do NOT mess around with your money.


you think someone from their site has the time or motivation to g through tones of uploaded data? compress it as randomfilename.rar that is pw protected and there you go
prezbo
Sr. Member
****
Offline Offline

Activity: 422


View Profile
November 22, 2012, 11:32:16 PM
 #1145

Is it safe to backup my wallet on dropbox?
HELL NO! Well unless you encrypted it with a strong password. But Dropbox (i.e. their employees) can access your data. And depending on where they host their data, so can the particular 3rd party hosting / cloud storage company (maybe Amazon or whatever).

Not saying these companies are untrustworthy, but you simply don't want to take this risk. Especially because IF your coins disappear, there's no way to proof it was them.

Wuala.com (an alternative to Dropbox) is safer because encryption occurs client side there.

Then again, you shouldn't have an unencrypted wallet on your PC anyway. Suppose someone breaks in and takes your PC. Or you lose your laptop or whatever. Simply do NOT mess around with your money.


you think someone from their site has the time or motivation to g through tones of uploaded data?
Not too difficult if you know the file is most likely named "wallet.dat".
zxyzxy
Full Member
***
Offline Offline

Activity: 133


View Profile
November 22, 2012, 11:32:54 PM
 #1146

i edited my post above right after typing
ZeoNet
Newbie
*
Offline Offline

Activity: 3


View Profile
November 23, 2012, 03:48:05 AM
 #1147

Guys, I cannot stress this enough. If you're going to use a Live CD or USB, ad majorem dei gloriam, PLEASE use TAILS. Tor is just about the best thing that happened to BitCoin in terms of security during transactions.
Dagger75
Full Member
***
Offline Offline

Activity: 156


View Profile
November 24, 2012, 04:07:16 AM
 #1148

Thanks for the informative post OP.  I appreciate your effort   Smiley

>>>http://foundation.leafco.in/<<<  Please help support our cause

>>>A True Alt, with a True Purpose<<<  $$Leafcoin$$
sandaniele
Newbie
*
Offline Offline

Activity: 6



View Profile
November 25, 2012, 11:55:48 AM
 #1149

being kinda new on this whole bitcoin thing the wallet security was one of my big concerns (and yes, I tend to be a little paranoid).

having an OS on an usb device is actually a great solution. All I came up with was actually buying a simple computer and never ever accessing internet on that.
thanx for showing me a waaaay simpler method
colindean
Jr. Member
*
Offline Offline

Activity: 43


Esperantisto


View Profile
November 26, 2012, 04:51:50 AM
 #1150

I read a lot of suggestions about an offline wallet. If I have a computer that is completely and entirely disconnected from the Internet -- it never connects to a network under any circumstances -- how can I get a transaction it generates onto the network?

I can obviously move the blockchain files between computers, but how will the online client react if it sees data in the files that wasn't there previously? Will it identify "unsent transactions" or something like that and forward them to the network?

Bitmono, Esperante.
prezbo
Sr. Member
****
Offline Offline

Activity: 422


View Profile
November 26, 2012, 10:13:03 AM
 #1151

I read a lot of suggestions about an offline wallet. If I have a computer that is completely and entirely disconnected from the Internet -- it never connects to a network under any circumstances -- how can I get a transaction it generates onto the network?
You can use armory or brainwallet to sign the transaction offline, and broadcast it using brainwallet.
buttersstotch
Newbie
*
Offline Offline

Activity: 6


View Profile
November 26, 2012, 02:21:59 PM
 #1152

Nice info thanks.
MATTTT
Newbie
*
Offline Offline

Activity: 3


View Profile
November 26, 2012, 06:56:04 PM
 #1153

Ok, here comes this newbie's first post....

A couple issues:

1)Typo: "walled.dat".

2)There's no protection against MITM attack when you download that LiveCD - people need to ensure that the LiveCD image they download hasn't been trojaned on its way to them.  Checking securely obtained SHA hashes, PGP/GPG keys ... very important and worth mentioning!  Ditto for the bitcoin client.
OP says: "I think it makes sense to trust both the Ubuntu LiveCD as well as the client from bitcoin.org for now."  Well, it makes sense if you ensure they are what you think they are -- you have to trust someone.


-=>MATTTT>--

hashkey
Sr. Member
****
Online Online

Activity: 240


Tip Jar: 14yvNrEp83NSB5sz4eLkiWk2rxhQo3aGPs


View Profile
November 26, 2012, 07:25:41 PM
 #1154

I read a lot of suggestions about an offline wallet. If I have a computer that is completely and entirely disconnected from the Internet -- it never connects to a network under any circumstances -- how can I get a transaction it generates onto the network?

I can obviously move the blockchain files between computers, but how will the online client react if it sees data in the files that wasn't there previously? Will it identify "unsent transactions" or something like that and forward them to the network?

I guess you'll just have to trust them when they said "highly unlikely" on the Bitcoin wiki weaknesses section: https://en.bitcoin.it/wiki/Weaknesses#Generating_tons_of_addresses

[WTS] Voice Call or SMS Phone Verification Services [non-US] | [WTS] Data Scraping Service
"Your effort to remain what you are is what limits you." ~ Puppet Master
MATTTT
Newbie
*
Offline Offline

Activity: 3


View Profile
November 26, 2012, 07:26:30 PM
 #1155

Oh,and

3)Suggesting people "might want to make multiple copies" is bad advice.  People should *definitely* have more than one copy of their wallet. As you say, "losing your wallet.dat is worse than someone stealing it." but also: Flash drives go bad. Files get corrupted.  Things get misplaced.  Mistakes happen.  2 validated copies is a bare minimum.  I would say that "probably want to make more than two copies (and keep 2 copies on each storage device)" is better advice. 

In the early 90's, I became unable to unlock my PGP secret key - the passphrase I remembered and was sure was correct no longer worked.  Was the file corrupted, or did I somehow misremember it?  I'll never know for sure.  The key wasn't backed up, so I couldn't try or compare with a backup.
Kazimir
Legendary
*
Offline Offline

Activity: 1036



View Profile
November 27, 2012, 07:54:24 AM
 #1156

I read a lot of suggestions about an offline wallet. If I have a computer that is completely and entirely disconnected from the Internet -- it never connects to a network under any circumstances -- how can I get a transaction it generates onto the network?
You can use armory or brainwallet to sign the transaction offline, and broadcast it using brainwallet.
How? I downloaded the brainwallet.org script and tried it in a disconnected Ubuntu Live session. But in order to create transactions, it seems to require downloading the current balance of the address I'm sending from. I understand why it needs this, but I don't understand how that allows me to create and sign a transaction offline (which can then be broadcasted separately, once you're back online).

Would have made more sense if I could manually enter the current amount of BTC available on the sending address, right?




In theory, there's no difference between theory and practice. In practice, there is.
Insert coin(s): 1KazimirL9MNcnFnoosGrEkmMsbYLxPPob
Kazimir
Legendary
*
Offline Offline

Activity: 1036



View Profile
November 27, 2012, 08:03:46 AM
 #1157

Oh,and

3)Suggesting people "might want to make multiple copies" is bad advice.  People should *definitely* have more than one copy of their wallet. As you say, "losing your wallet.dat is worse than someone stealing it." but also: Flash drives go bad. Files get corrupted.  Things get misplaced.  Mistakes happen.  2 validated copies is a bare minimum.  I would say that "probably want to make more than two copies (and keep 2 copies on each storage device)" is better advice. 

In the early 90's, I became unable to unlock my PGP secret key - the passphrase I remembered and was sure was correct no longer worked.  Was the file corrupted, or did I somehow misremember it?  I'll never know for sure.  The key wasn't backed up, so I couldn't try or compare with a backup.
+1

And make sure to keep backups on multiple physical locations as well (both in your house as well as outside / online). Gotta consider scenarios like fire, flood, burglary, EMP blast from the local power plant, etc. Yet it's SO easy to avoid this risk. Just email it do some webmail addresses (with different providers, e.g. hotmail/gmail/etc). Dropbox. Send it to a couple of friends of family members ("hey please ignore this message and just leave this file in your archives, thanks"). Of course you do this with encrypted wallets only.

With Bitcoin, there is really NO EXCUSE to lose your money to stupid accidents. Don't be sorry.

In theory, there's no difference between theory and practice. In practice, there is.
Insert coin(s): 1KazimirL9MNcnFnoosGrEkmMsbYLxPPob
Zippe
Newbie
*
Offline Offline

Activity: 12


View Profile
November 27, 2012, 03:51:58 PM
 #1158

thx for the info
HotDiggityDawg
Newbie
*
Offline Offline

Activity: 15


View Profile
November 27, 2012, 09:45:44 PM
 #1159

Damn useful stuff, thank you!
Mammootty
Newbie
*
Offline Offline

Activity: 9


View Profile
November 28, 2012, 03:00:45 AM
 #1160

-= Small Edit: If you need something which is very secure and grandma-style easy, go vote on this poll and add your thoughts to the discussion. =-

Note: I can only post in the newbie forum for now, but if a moderator deems this topic useful, he may move it somewhere else. Right now, I'm too lazy to get 5 posts, just for the sake of it.

Also, there is an excellent article on the Wiki which should give you some ideas about the problem of security. This is meant as a more specific and simple straight-forward guide, i.e I won't spell out where you can find your wallet.dat and so on.


Why?

So, in light of the recent /19BSM]Drama Roll Eyes Kiss and my general feeling that some people are unsure about the security of their wallet (or their PC in general), I've decided to give you an idea how to create a secure savings account for you to deposit your hard-earned coins in.

Clarifications

So, you crazy twat want to invest all your savings in bitcoin, but you're not yet shit-for-brains enough to forget the security aspect of the whole thing? Here's the HowTo for you.

So, the first misconception to clear out, is the concept of the "wallet". The wording in itself is not ideal, since it is more like a key. Cryptographically speaking, it is actually exactly that: your private key.

Now this has the following implication: If someone steals your wallet.dat now, and you deposit coins in it later, the thief will be able to spend/transfer ALL your coins, including those you added _after_ the wallet was stolen! I'm sure a lot of you know this already, I just want to clarify this for everybody.

So, clearly, you have to make it impossible for anybody to _ever_ steal your wallet. Clearly, this is infeasible for your day-to-day transactions account, since encryption will be useless as soon as you want to access your coins (Since the decrypted wallet.dat has to be stored in RAM at some point. There are ways, but for now, consider them a little tedious).

So the solution is the following: you have your spendings-account where you keep only low amounts of coin (much like a real-life wallet), and you have your super-secure savings wallet, which you only access on rare occasions.

How?

I'll try to keep it short: You have to create your savings account under ideal security-conditions. I won't rant about you cunts people using Windows in general, but note that Linux is in no way automagically completely secure. Everything depends a lot on your behaviour.

1. What you'll do is the following: Create a live-CD or a bootable USB with your OS of choice on it. I suggest using the Ubuntu LiveCD.

The reason is simple. When you create your new wallet, you want to make abolutely sure, that your running operating system doesn't in any way log your keys or secretly save your files somewhere.

2. Boot your freshly-created OS, and install the Bitcoin client on it. Yes you can install software inside a liveCD environment. Optionally, also install some encryption software, but we'll leave that for now.

3. Your Bitcoin client will immediately generate 10 addresses for you, and with them, the corresponding wallet.dat.

4. Save your addresses somewhere, if you have to, write them down manually (if you do this, then I bow to your zeal and declare you crazy). I suggest you send them to yourself over email.

5. This is the important step. Copy your wallet.dat somewhere. Burn then on a CD or another medium. I for instance love those little 64MB SD-cards you sometimes get with a new camera. They rock. You might want to make multiple copies (on multiple cards/CDs, not multiple copies of the same file on the same disk you tart).

6. Now, eject whatever you just copied on, and guard it like your life depends on it. Not really, but here is the important step: If you encrypted your wallet.dat with an encryption algorithm you feel safe about, just keep it around your house.

7. Shut down. There will be no trace of your walled.dat on your harddisk, since it never actually resided there.

Important: You will want to keep another copy somewhere else, in a safe physical location, or at least one that is safe while your house burns down. You might already know it, but losing your wallet.dat is worse than someone stealing it. It'll be gone forever.

If you didn't encrypt the file (which I prefer), put the SDcards, CDs, whatever in a safe. That's right: a real-world safe, like banks have, who also happen to lock their doors and are in general very anal about their security and all that jazz. You can rent small safety-deposit boxes in exchange for money. As a bonus, it'll be fire-proof as well.

8. In case it's not yet obvious: You will now only make day-to-day transactions like you used to do it, on your computer (are you _still_ using windows?) and every now and then, you will put some coins into your savings-account. Using the addresses from step 4). How much you want to keep in your wallet is up to you.

But how can I haz my money back?

Okay, for those of you who didn't guess it yet: Whenever you want to make a transaction from your savings-account to someplace else, get your wallet.dat out of the safe, boot up your liveCD (don't you dare using your regular OS after all this work, or I'll come beat you up personally) and do the reverse: Install bitcoin again, install the encryption-software if necessary and copy your wallet.dat where it belongs.

Congratulations: you can now access your 25'000 bitcoins and nobody will have messed with them while you were asleep.

Possible attacks

So now, the _only_ way for someone to steal your coin, will be to steal your physical copy of the wallet. That's why you might want to encrypt it, although if you do, don't forget the passphrase. Also, if you die, your family can still get your bank-safe opened, but they won't be able to pick through your brain and get the passphrase out of it. That's why I prefer to not encrypt it.

There is one more possibility: a physical keylogger: It will be able to intercept the password you use to encrypt your wallet.dat, which, if you keep a copy at home, can then be stolen and used. Another reason, why a regular safe is the best option in my humble opinion.

What else?

EDIT: A little protip for those who don't know: You can of course use blockexplorer.com to keep track of your account while it's safely hidden away. Doing this will simply allow you to see how many coins are associated with a given address.

I suggest you also create new day-to-day wallets (even having a few coins stolen can be frustrating), as your current ones might already have been stolen. Of course, this requires a secure OS, so you better ditch that infected piece of shit fine gear of yours. DON'T just create new wallets on the system you're using right now, since it won't solve anything in case you're already infected.

In addition, it doesn't hurt to read up on some technical details. Use the Wiki. Learn the difference between the amount in your wallet, and the amount on the different block-addresses. If you handle a lot of money, ACT ACCORDINGLY. Don't get all crazy-enthusiastic-venture-capitalist and invest all your savings in bitcoin. Also, don't speculate too much on the price development, you'll make more money if you use that time to work at a regular job.

Now, if you happen to make/have made a significant amount of coins, don't run around telling everybody like the self-satisfied vagina that you are. You wouldn't do that with real money either. At least I hope so.

Also, someone will probably make a bitcoin-specific liveCD, which should save some hassle in the steps above.
Also, take it easy and be a cool guy woh doesn't afraid of anything.
Also, pick up a book every now and then.


Yes, there are other ways to do this, and yes, some might be more practical and maybe just as secure. Write a comment about it.

If anyone has any clarifications, questions, suggestions, or wants to call me a moron, please feel free to do so, and I'll see if there is anything to be improved about it. Also, spelling mistaeks.

Also, in case anybody got all excited by this guide and/or seen the light of Jesus-Christ the saviour AND wants to thank me with coins (why on earth would you do that?), here's my address: 16VD78R8nxqJGesE7E9KS6A8TikQQpKNm5

Have fun. Cool

EDIT: Corrections and added a few insults just for you, dear anonymous reader.
Quoting to bring op to back page so newbs will perhaps read it.  Great info here.
Pages: « 1 ... 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 [58] 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 ... 129 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!