Bitcoin Forum
December 04, 2016, 08:35:06 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 ... 129 »
  Print  
Author Topic: HOWTO: create a 100% secure wallet  (Read 249585 times)
bitlotto
Hero Member
*****
Offline Offline

Activity: 672


BitLotto - best odds + best payouts + cheat-proof


View Profile WWW
June 15, 2011, 01:25:28 PM
 #21

Careful what version of Bitcoin you use! Some versions will display multiple addresses but the private keys won't be made till you do a transaction and have it open for a while!!! Someone did something similar, where they sent some to the first address as a test then saw it worked then send the rest to the second address. Deleted everything only to go back and see that he lost his BTC!!

edit: Ignore. Apparently the user only had one address showing. Backed it up. Then created the newer addresses assuming it would use some of the 100 pre generated addresses. There was an older copy that would not create those 100 addresses however. Sorry for the confusion.

*Next Draw Feb 1*  BitLotto: monthly raffle (0.25 BTC per ticket) Completely transparent and impossible to manipulate who wins. TOR
TOR2WEB
Donations to: 1JQdiQsjhV2uJ4Y8HFtdqteJsZhv835a8J are appreciated.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480883706
Hero Member
*
Offline Offline

Posts: 1480883706

View Profile Personal Message (Offline)

Ignore
1480883706
Reply with quote  #2

1480883706
Report to moderator
1480883706
Hero Member
*
Offline Offline

Posts: 1480883706

View Profile Personal Message (Offline)

Ignore
1480883706
Reply with quote  #2

1480883706
Report to moderator
1480883706
Hero Member
*
Offline Offline

Posts: 1480883706

View Profile Personal Message (Offline)

Ignore
1480883706
Reply with quote  #2

1480883706
Report to moderator
Alex Beckenham
Full Member
***
Offline Offline

Activity: 154


View Profile
June 15, 2011, 01:39:27 PM
 #22

I've put this article up (with your donation address intact) at http://bitcoinsecurity.com.

Let me know if there are any issues with it.

Also, I've sent 0.20 to your donation address.

aiwk171
Newbie
*
Offline Offline

Activity: 28


View Profile
June 15, 2011, 01:47:00 PM
 #23

Careful what version of Bitcoin you use! Some versions will display multiple addresses but the private keys won't be made till you do a transaction and have it open for a while!!! Someone did something similar, where they sent some to the first address as a test then saw it worked then send the rest to the second address. Deleted everything only to go back and see that he lost his BTC!!

I did not know that. Are you sure, it's not just one of the occasions where --rescan would have done the trick? What version was it?

I've put this article up (with your donation address intact) at http://bitcoinsecurity.com.

Wow. My sincere thanks. I'll PM you in case I make any relevant additions to the text. Glad that you took out the emoticions, they look dumb in plain text Smiley

Also, feel free to delete the address mentioned at the bottom, that way it won't come across quite as desperately Smiley

And you may want to delete the mention about "comments"
torusJKL
Hero Member
*****
Offline Offline

Activity: 594


View Profile
June 15, 2011, 01:49:37 PM
 #24

Thanks for this post.
It has some very important facts.

And it's funny to read! :-)

P.S. Maybe you should add that one should only use trusted distributions (Debian, Ubuntu, Fedora, etc.) and check the md5sum of that Live CD.

If you find my post useful send some BTC: 167XM1Za8aG9CdbYuHFMpL2kvPsw6uC8da
Bitrated || bitcoin-otc || Moon Bitcoin Faucet
Alex Beckenham
Full Member
***
Offline Offline

Activity: 154


View Profile
June 15, 2011, 01:52:41 PM
 #25

Careful what version of Bitcoin you use! Some versions will display multiple addresses but the private keys won't be made till you do a transaction and have it open for a while!!! Someone did something similar, where they sent some to the first address as a test then saw it worked then send the rest to the second address. Deleted everything only to go back and see that he lost his BTC!!

I think it was a case of the client only creating 1 address at first, whereas the user expected it to immediately create 100 addresses (which it only did after the first time he hit the "New..." button.

So he:

installed the client
backed up the wallet (which only contained 1 address)
clicked "New..." a few times and sent all his BTC to those new addresses. It was only after this that the client created the pool of 100.
Next, he deleted the wallet, because he thought it had already been backed up, when in actual fact only the first address had been.

Coins lost.


aiwk171
Newbie
*
Offline Offline

Activity: 28


View Profile
June 15, 2011, 01:58:56 PM
 #26

Next, he deleted the wallet, because he thought it had already been backed up, when in actual fact only the first address had been.

Oh snap. Good to know though, and yes, the wallet only contains the addresses already generated at the time the file was backed up. I will refrain from mentioning this in the guide though, since 1: I advise against using the wallet you just backed up, 2: with the 10 fresh addresses generated, this shouldn't happen anymore, 3: I'm trying to keep it simple and hope not to confuse anybody. As Confucius says: Confusion is the death of non-confusion (and oversight)
Alex Beckenham
Full Member
***
Offline Offline

Activity: 154


View Profile
June 15, 2011, 02:04:51 PM
 #27

the wallet only contains the addresses already generated at the time the file was backed up.

Yes. The problem arises if you assume a newly created wallet.dat has generated your first 100 addresses in it.

Which is what I would have assumed until that unfortunate person lost his coins and posted about it.

honeybadger
Newbie
*
Offline Offline

Activity: 17



View Profile
June 15, 2011, 02:08:55 PM
 #28

Great post!

I installed Ubuntu on an encrypted LVM specifically for bitcoin realted use. I'll be taking your advice on the backups.

I don't give a shit.
www.youtube.com/watch?v=4r7wHMg5Yjg
SomeoneWeird
Hero Member
*****
Offline Offline

Activity: 700


View Profile
June 15, 2011, 02:22:56 PM
 #29

I've put this article up (with your donation address intact) at http://bitcoinsecurity.com.

Let me know if there are any issues with it.

Also, I've sent 0.20 to your donation address.


And stickied.
murfshake
Member
**
Offline Offline

Activity: 83


View Profile
June 15, 2011, 02:36:50 PM
 #30

"that Linux is in now way automagically completely secure."

Typo.

Great read though!
aiwk171
Newbie
*
Offline Offline

Activity: 28


View Profile
June 15, 2011, 02:42:20 PM
 #31

Thanks for the sticky, and thanks for the corrections. Keep it up. 10 spelling mistakes corrected and I will personally invent a new swearword and post it here.
Nescio
Jr. Member
*
Offline Offline

Activity: 56


View Profile
June 15, 2011, 02:52:33 PM
 #32

And that ladies and gentlemen is what you get when you let 4chan and Encyclopedia Dramatica rear your kids Smiley

Additional security measure: don't click on URL shortened links, especially in Bitcoin related fora.
Nescio
Jr. Member
*
Offline Offline

Activity: 56


View Profile
June 15, 2011, 03:01:35 PM
 #33

It's a shame the bitcoin.org client download link doesn't have a checksum...

The SHA1 signature was posted here with the announcement. It's a good practice not to put the signature on the same page the download resides, since if one is compromised the other can easily be altered too. That's assuming the forum is hosted on a different machine of course.
hex
Jr. Member
*
Offline Offline

Activity: 43



View Profile WWW
June 15, 2011, 07:22:30 PM
 #34

Is it still actual that when you send part of your bitcoins to someone rest of BTC are sent to you but on another address so your old wallet backup is useless ?

http://www.bitcoin.rs - Balkan ex.yu BitCoin community!
Desu
Newbie
*
Offline Offline

Activity: 28



View Profile
June 15, 2011, 09:24:35 PM
 #35

Thank god for this post! My laptop is pretty secure, hijack tracking software and finger scan technology, but that only protects from meatspace attacks. This helps for all others. I favor the usb attemp. Secure it on a thumb drive, only plugging it in to preform transactions or add to it.
--
Remember, Safety first! haha Cheesy

Tip me?
1KBuL4At3kKEsBbDwAqKa16CG4nbyjosdD
That's right, I'm a girl on the Interwebz
http://flipforbits.com/?id=1570
Spend cheaply, Win More. : ]
Bezza
Newbie
*
Offline Offline

Activity: 14



View Profile
June 15, 2011, 10:11:52 PM
 #36

If you are running Mac OS X simply create a 256-bit encrypted .DMG to store everything in your '~/Library/Application Support/Bitcoin' folder.  Impossible to steal unless you have the password or direct access.

Thanks for this!
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
June 15, 2011, 10:14:20 PM
 #37

Next, he deleted the wallet, because he thought it had already been backed up, when in actual fact only the first address had been.

Oh snap. Good to know though, and yes, the wallet only contains the addresses already generated at the time the file was backed up. I will refrain from mentioning this in the guide though, since 1: I advise against using the wallet you just backed up, 2: with the 10 fresh addresses generated, this shouldn't happen anymore, 3: I'm trying to keep it simple and hope not to confuse anybody. As Confucius says: Confusion is the death of non-confusion (and oversight)

wait an minute.  are u saying a new client install immediately creates 10 addresses?

which client version created only 1?

Salzgitter
Newbie
*
Offline Offline

Activity: 18



View Profile
June 16, 2011, 12:07:24 AM
 #38

Thanks man!

(and another post closer to post on grown-ups forums...)
88bitcoins
Newbie
*
Offline Offline

Activity: 9



View Profile
June 16, 2011, 12:18:19 AM
 #39

If you prefer to not encrypt the files to avoid remembering passwords, you won't be secure, unless you make a physical backup of the media holding your money and then put that backup in a vault (at your house or in a bank).

Actually, you could do a weekly trip to the bank and put your wallet.dat on a memory stick in a safety box. Assuming that you have that many BTCs to protect.

NO!! Encryption is not some magic thingamajawb that protects you from all evil.

Let me clarify: A _backup_ is of absolutely NO USE. So your weekly trip doesn't accomplish anything if the very same file has been on your main operating system. This is a dangerous fallacy, hence my analogy with "keys" instead of "wallets".

Again: that would be like making a copy of your safe-key every week and putting that in the vault.

It has to be a new, untainted address, in conjunction with the wallet.dat that you deposit. Actually, this is way more convenient, since you don't have to access your bank vault at all. You just deposit/sent the coins into the right addresses.

Until I read this thread, I was planning on doing the physical backup (of wallet.dat file) to usb. I don't have enough BTCs to justify "protecting", but I've learned that developing good security habits pays. Making those habits second nature is like insurance - in my experience.

Anyway, I just need clarification that I am understanding the following correctly - please advise so that I know I have not misunderstood the advice being given:

1)
Quote
backing up on physical media is of "NO USE"  [ME]: I'm assuming because if the same file is on your OS then it's not "protected" whether or not you have a physical backup elsewhere.

QUESTION: is there any circumstance in which making a physical backup would be beneficial? It's certainly easy enough.

2)
Quote
Encryption does not "protect [you] from all evil"  [ME]: I'm assuming because it can still be hacked and/or encryption doesn't protect from greater dangers such as your hard drive dying and the wallet cannot be retrieved, your laptop is stolen to be sold for $20 on the street.

[QUESTION]: is encryption still recommended?

3) [QUOTE/QUESTION]: So in order to (protect) your BTCs, you have to create a "new, untainted address, in conjunction with the wallet.dat that you deposit".

QUESTION: (I may sound naive, but I have to ask) do I go into my bitcoin app, then create a new never been used address, then send what I have to this new address, i.e. to myself? THEN, back up both that new address and my wallet.dat file together? And additionally, each time I want to do a backup, create a fresh address?


thanks in advance for clarification
kuloch
Member
**
Offline Offline

Activity: 70


View Profile
June 16, 2011, 01:16:17 AM
 #40

While I'm a complete n00b to BTC as of yesterday, I do know a thing or two about public/private key encryption.

1)
Quote
backing up on physical media is of "NO USE"
[88bitcoins]: I'm assuming because if the same file is on your OS then it's not "protected" whether or not you have a physical backup elsewhere.
Correct.  If the unencrypted "wallet" (read "key") exists in a vulnerable place, then it doesn't matter how securely you back it up.  It's like keeping a copy of your house key under your mat but making a "secure" copy regularly.  A burglar can simply check under your mat, regardless of how securely you keep the copies.

Quote
QUESTION: is there any circumstance in which making a physical backup would be beneficial? It's certainly easy enough.
I can think of two valid reasons for separate physical copies.  The first is simply to guard against data corruption, drive destruction, etc.  The second is to keep the "secure" file only on media other than your hard drive, created and saved in a "secure" operating system.

Keeping at least one backup is a good idea.  Just remember that the *least* secure copy of your "wallet" (read "key") is effectively the only one that matters for security.

2)
Quote
Encryption does not "protect [you] from all evil"
[88bitcoins]: I'm assuming because it can still be hacked and/or encryption doesn't protect from greater dangers such as your hard drive dying and the wallet cannot be retrieved, your laptop is stolen to be sold for $20 on the street.
Hard drive corruption/destuctions/loss is why it's good to keep a backup copy on another physical medium.  Note that having your drive stolen with an unencrypted wallet means that wallet is forfeit, unless you happen to transfer all BTC out from that account to another using a backup copy before the "bad guys" get to it, first.

Quote
[QUESTION]: is encryption still recommended?
I can't speak much on local encryption, as I've never personally had anything worth the bother.  But if you have a keylogger on your system, then encryption probably isn't worth crap once you type in your password.

3)
Quote
So in order to (protect) your BTCs, you have to create a "new, untainted address, in conjunction with the wallet.dat that you deposit".
The point is that any "wallet" (read "key") that has ever existed in unencrypted form on your computer (which may have keyloggers, trojans, and the like - regardless of whatever your anti-malware software says) could potentially be compromised.  The suggestion of using a bootable linux distro so that the "wallet" (read "key") file never touches your potentially tainted system is pretty good, if a little hardcore.  But if I had 25k BTC, that's probably what I'd do.

Quote
QUESTION: (I may sound naive, but I have to ask) do I go into my bitcoin app, then create a new never been used address, then send what I have to this new address, i.e. to myself? THEN, back up both that new address and my wallet.dat file together? And additionally, each time I want to do a backup, create a fresh address?
As soon as you create a "wallet" (read "key") in your (potentially compromised) operating system, then your wallet is already potentially compromised.  Remember: securing one copy doesn't secure all copies.  Only if *every* single copy that has ever existed is secure can you consider the "wallet" (read "key") to be "secure".

YinCoin YangCoin ☯☯First Ever POS/POW Alternator! Multipool! ☯ ☯ http://yinyangpool.com/ 
https://bitcointalk.org/index.php?topic=623937
Bwincoin - 100% Free POS. BCc7XkRRbzy7cJkg4QTrA7JzseTAHgmc2A
Pages: « 1 [2] 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 ... 129 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!