Bitcoin Forum
December 06, 2016, 02:30:31 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 ... 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 [106] 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 »
  Print  
Author Topic: HOWTO: create a 100% secure wallet  (Read 249673 times)
wgrand
Newbie
*
Offline Offline

Activity: 7


View Profile
April 04, 2013, 08:06:53 PM
 #2101

good guide, thx!
1481034631
Hero Member
*
Offline Offline

Posts: 1481034631

View Profile Personal Message (Offline)

Ignore
1481034631
Reply with quote  #2

1481034631
Report to moderator
1481034631
Hero Member
*
Offline Offline

Posts: 1481034631

View Profile Personal Message (Offline)

Ignore
1481034631
Reply with quote  #2

1481034631
Report to moderator
1481034631
Hero Member
*
Offline Offline

Posts: 1481034631

View Profile Personal Message (Offline)

Ignore
1481034631
Reply with quote  #2

1481034631
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
gacbmmml
Newbie
*
Offline Offline

Activity: 29


View Profile
April 04, 2013, 08:16:14 PM
 #2102

hi,

two years ago i bought a load of bitcoins and stored them offline,
unencrypted, following the exact process outlined in the original post in this thread.

today i decided to sell them. so i retrieved my wallet.dat file from storage.

then i downloaded the bitcoin client. then i pasted my wallet.dat in the correct place and let it run for 8 hours until it
had synced. it was just about to finish syncing when i got the
error message saying "file corrupt. salvage failed."

then i tried to see if i could upload the file to a blockchain wallet.

i got an error message saying something along the lines of "invalid file
type or incorrect password, no keys uploaded."

so there must be something wrong with my wallet.dat file. but i have no
idea how it became corrupted and what I can do about it to recover my
bitcoins.

i am pretty tech savvy, as far as using windows goes. but when it comes to
playing around in linux and source code, i have no idea. (i use an ubuntu
machine for all my bitcoin work.)

any suggestions would be gratefully appreciated...
You need two things... your wallet.dat AND your private keys. So if you're missing your private keys then you might be out of luck accessing that wallet. Of note, just because a wallet.dat is "unecrypted" doesn't mean that it still doesn't use private keys for access.
bitcoinloser
Newbie
*
Offline Offline

Activity: 2


View Profile
April 04, 2013, 09:42:19 PM
 #2103

i don't understand. your wallet.dat IS your private keys.

i followed the instructions to the letter from the original post that started this thread. so i'm not sure what you're talking about....
not_sure_105
Newbie
*
Offline Offline

Activity: 11


View Profile
April 05, 2013, 12:40:26 AM
 #2104

Need some kind of noobs video guide for this, I don't understand a word of it  Cry

I second that.  All this talk of live cd's, Ubuntu, Linux, windows is evil, etc is making no sense.  It seems that along with learning how to use bitcoins comes learning computer programming.
DavidAU
Newbie
*
Offline Offline

Activity: 19


View Profile
April 05, 2013, 03:30:57 AM
 #2105

I'm using paper wallets created through blockchain.info, can someone explain the extra security in generating logging in via offline mode and disconnecting internet before generating the address? If someone managed to gain access to my account wouldn't it still be pointless without my private key?
minternj
Sr. Member
****
Offline Offline

Activity: 434


View Profile
April 05, 2013, 04:42:49 AM
 #2106

Good tutorial.

Warning about Nitrogensports.eu
https://bitcointalk.org/index.php?topic=709114.0
Mylon
Full Member
***
Offline Offline

Activity: 140

Mining FTW


View Profile
April 05, 2013, 08:41:24 AM
 #2107

Good tutorial.
Let me improve that for you:
   "Awesome Tutorial!"

The moment I got some BTC to spare I'll definitely donate some to the guy who made this Cheesy

"All Your Base Are Belong To Us" by CATS
Primrose
Member
**
Offline Offline

Activity: 75


View Profile
April 05, 2013, 09:47:19 AM
 #2108

Hi

I am a newbie and I have installed bitcoin qt wallet on my laptop.
I did this before discovering these forums.
I have not yet secured it and have got no bitcoins or made any transactions, but since reading this post https://bitcointalk.org/index.php?PHPSESSID=9fjpqnfrrleq40pbu8q9t4ig96&topic=17240.msg222383#msg222383 I am a bit worried that I have made myself vulnerable and would love to know what I can do to make my laptop secure again.

Many thanks
Mylon
Full Member
***
Offline Offline

Activity: 140

Mining FTW


View Profile
April 05, 2013, 10:12:23 AM
 #2109

Hi

I am a newbie and I have installed bitcoin qt wallet on my laptop.
I did this before discovering these forums.
I have not yet secured it and have got no bitcoins or made any transactions, but since reading this post https://bitcointalk.org/index.php?PHPSESSID=9fjpqnfrrleq40pbu8q9t4ig96&topic=17240.msg222383#msg222383 I am a bit worried that I have made myself vulnerable and would love to know what I can do to make my laptop secure again.

Many thanks
Pretty simple, create a secure wallet using the tutorial at the start of this topic. This should be your savings account. (you never want this file on a networked computer) (this is also the account with the big amount of money you have, preferably multiple sharing this amount (so if you happen to accidentally lose one, you don't lose all your money))

The wallet on your laptop you can use as your "spending account".

The simplest way to put it is, any wallet you have an a networked computer or at some service, you should handle like your real wallet. (don't put all your money in it, etc. accept risk of loss / stolen)
Besides those you should create a very secure wallet (not networked, preferably offline/paper) which would be the same as your savings account (hence put it in a big bank vault or something) (protect these wallets, which at some point might contain a lot of money, like your life-savings account, and think what you would do to protect your life-savings account.)

Personally, I have 500 saving account addresses, 50% of these is hard-copy paper. Stored at several locations. (bank safety-deposit boxes are great, as they are also fire resistant, and you can put all those papers in there, if you encrypt it, they will still need a pass-phrase to get to the BTC's) The other 50% is on USB / Flash drives, bought specifically for this purpose, which have not been used for anything else. These are also stored in vaults on hard to get locations, spread out. Every single address, I can get to in at least 3 different locations, so technically I shouldn't be able to lose my private keys.

The only problem is, due to the nature of BTC you preferably only want to use an address once. (to keep anonymity up) So after 500 txns I run out of addresses, and I have to visit all my backup locations again to update their backups. (with extra newly generated addresses)

You can take this up any scale you want... or down if you like. Though looking at that the fact that a BTC is currently 100 euros... Hackers are going to try more often to steal bitcoins, and the only way to really protect from a hacker, is making sure the data is not networked in any way. (aka offline) So the better sense of security you have now, the less amount of surprises you'll see in the future. (you other wise might find out at some point... that one of your accounts is empty... while you didn't spend any.)

"All Your Base Are Belong To Us" by CATS
CBit
Newbie
*
Offline Offline

Activity: 14


View Profile
April 05, 2013, 12:30:10 PM
 #2110

Got a Q: is it generally a slowish process to send money from the kind of offline wallet described in the OP? I've read people talking about the bitcoin client syncing something and that taking many hours. I'm not too savvy in this field...

I try to keep my coins liquid, I want to be able to sell them fast. If I deposit coin to an offline wallet using the live-CD/USB-method, does it generally slow down the flow of my BTC?

If yes, then am I correct when thinking that setting up a whole computer never connected to internet would be a better option? Meaning, having the bitcoin client installed all the time?

Thanks. Still quite baffled by this security aspect.
btcminer021
Member
**
Offline Offline

Activity: 98


Mine hard!


View Profile
April 05, 2013, 01:03:25 PM
 #2111

Too much work. Why not use a web-based service like blockchain.info?

▲▼▲▼▲▼▲▼  No.1 Bitcoin Binary Options and Double Dice  ▲▼▲▼▲▼▲▼
████████████████████████████████  sec◔nds trade  ████████████████████████████████
↑↓ Instant Bets ↑↓ Flexible 1~720 minutes Expiry time ↑↓ Highest Reward 190% ↑↓ 16 Assets [btc, forex, gold, 1% edge double dice] ↑↓
MikeMark
Full Member
***
Offline Offline

Activity: 178


Bitcoin: money chosen by the market.


View Profile
April 05, 2013, 01:22:34 PM
 #2112

Too much work. Why not use a web-based service like blockchain.info?

The blockchain.info wallet is great for everyday use, and for keeping track of BTCitcoins in your safe offline savings, but don't use it as safe savings store.

The Path of the Just is as the Shining Light...
[WTS] 1 Oz 9999 Silver Maple Leafs
drewz
Newbie
*
Offline Offline

Activity: 22


View Profile
April 05, 2013, 01:37:33 PM
 #2113

i myself use a mac, i know there ware some account stealer for osx also, but still is much more safe than windows.
Mylon
Full Member
***
Offline Offline

Activity: 140

Mining FTW


View Profile
April 05, 2013, 01:43:22 PM
 #2114

Got a Q: is it generally a slowish process to send money from the kind of offline wallet described in the OP? I've read people talking about the bitcoin client syncing something and that taking many hours. I'm not too savvy in this field...

I try to keep my coins liquid, I want to be able to sell them fast. If I deposit coin to an offline wallet using the live-CD/USB-method, does it generally slow down the flow of my BTC?

If yes, then am I correct when thinking that setting up a whole computer never connected to internet would be a better option? Meaning, having the bitcoin client installed all the time?

Thanks. Still quite baffled by this security aspect.

What you have to keep in mind, is you have your spending account, and saving account.

Saving account, you basically want to put this on paper and put it in a safe deposit box in a bank. (why, unless you are planning to spend major money, you shouldn't have to access this account, hence it will be only once every couple of weeks/months, putting it on paper basically guarantees that hackers will not be able to get to it, but thieves will, hence the safe deposit box)

Your spending account could be anything, online service (not recommended) or a multi layer encryption on a computer/hardcopy.

The idea of the spending account is, to have the quick access to your money, without suffering to much risk of losing money. For example, a hacker will not easily go for a single bitcoin, but if he knows you have a 1000 bitcoins in your wallet on your computer... In the end as long as the hacker is good enough... it will get hacked... the only way to completely prevent hacking, is either non-networked, or hard-copy. Hence your 1 to 10 BTC are easy to keep in any wallet, (atm) but the moment you start talking about bigger money, you have to start thinking about good to great security.

So yes, if you want a saving account (in a bank) you want to be able to access often, thats a hassle. If you want to be able to get access to a lot of coins without really locking them up, spread them over your addresses, thats why you can generate basically unlimited addresses. Keep in mind though, that hardcopy is still a very smart thing to do. As if somebody hacks your wallet with all your keys... the spreading over address is useless. (mutliple wallets is what you want)

If you thinking about moving them back and forth over the currency market, then it all depends how much you are willing to invest. (note that the initial registration for fiat(usd, euro, pounds) to bitcoin and vice versa is an hassle that takes a couple of days) Haven't gotten into that yet, and not really sure yet how to do that... because when their end up a lot of money in the wallet... I would kinda want a second pc, non-networked, who would print out my private keys, which I would just have to scan on my regular pc with the QR code, to do the payments. (and if becoming that big of a trader, a VPN connection or something like that to the exchange network would be really nice too... so the chances of Man in the Middle attacks are slim to none too)

Think of your wallet as digital gold, keep in mind that hackers are able to get into any computer that is on the internet, as long as they have a big enough incentive (enough money). And then start thinking about how you want to secure your digital gold, so it stays easy access for you, but impossible / near impossible for hackers / thieves. Here it all comes down to what are you willing to sacrifice for safety of your wallet.


"All Your Base Are Belong To Us" by CATS
bitcoinburnol
Newbie
*
Offline Offline

Activity: 10


View Profile
April 05, 2013, 04:14:43 PM
 #2115

thanks for the info.

this is really helpful.
Ardivaba
Newbie
*
Offline Offline

Activity: 11


View Profile
April 05, 2013, 04:46:36 PM
 #2116

Also if you are VERY paranoid, then you could have Virtual Machine inside Virtual Machine, protecting your stuff.
Mylon
Full Member
***
Offline Offline

Activity: 140

Mining FTW


View Profile
April 05, 2013, 04:57:25 PM
 #2117

Also if you are VERY paranoid, then you could have Virtual Machine inside Virtual Machine, protecting your stuff.
If your extremely paranoid, you just have a chip implanted with your private key Smiley

My buddy is very paranoid, he encrypted his key. And then he encrypted it again with a mbit encryption, printed it out and it now resides in a high security bank with member only access. (all devices he used were brand new before he used them, and he melted most of them afterwards.)

Anybody who is very paranoid and knows what hackers can do, will never keep their key on a networked device. (not even with 10 layers of visualization)

For the people who know nothing about computers, just print out the key and put it in your home vault. (or preferably a banks vault)

Encrypting the key on paper, is only useful when you want nobody but you to be able to access them. (or could help in other situations where you prefer two factor authentication, for example you could give a relative the key (or multiple relatives each a different part of the key  Shocked), knowing that they will only get access to the deposit box when you die. Hence not letting the bitcoins get lost forever)

"All Your Base Are Belong To Us" by CATS
christop
Member
**
Offline Offline

Activity: 84



View Profile
April 05, 2013, 05:09:13 PM
 #2118

Also if you are VERY paranoid, then you could have Virtual Machine inside Virtual Machine, protecting your stuff.
Yo dawg, I heard you like virtual machines....

Tips are always welcome: 17Z63hLi2ox4fCMhDqVJrLTJiXVcBMJpMo
Alpaca socks donations: 1sockzDWcF8mrC59CgiN7HAJm6xL7TiRW
Ollebolle22
Newbie
*
Offline Offline

Activity: 27


View Profile
April 05, 2013, 05:27:07 PM
 #2119

-= Small Edit: If you need something which is very secure and grandma-style easy, go vote on this poll and add your thoughts to the discussion. =-

Note: I can only post in the newbie forum for now, but if a moderator deems this topic useful, he may move it somewhere else. Right now, I'm too lazy to get 5 posts, just for the sake of it.

Also, there is an excellent article on the Wiki which should give you some ideas about the problem of security. This is meant as a more specific and simple straight-forward guide, i.e I won't spell out where you can find your wallet.dat and so on.


Why?

So, in light of the recent /19BSM]Drama Roll Eyes Kiss and my general feeling that some people are unsure about the security of their wallet (or their PC in general), I've decided to give you an idea how to create a secure savings account for you to deposit your hard-earned coins in.

Clarifications

So, you crazy twat want to invest all your savings in bitcoin, but you're not yet shit-for-brains enough to forget the security aspect of the whole thing? Here's the HowTo for you.

So, the first misconception to clear out, is the concept of the "wallet". The wording in itself is not ideal, since it is more like a key. Cryptographically speaking, it is actually exactly that: your private key.

Now this has the following implication: If someone steals your wallet.dat now, and you deposit coins in it later, the thief will be able to spend/transfer ALL your coins, including those you added _after_ the wallet was stolen! I'm sure a lot of you know this already, I just want to clarify this for everybody.

So, clearly, you have to make it impossible for anybody to _ever_ steal your wallet. Clearly, this is infeasible for your day-to-day transactions account, since encryption will be useless as soon as you want to access your coins (Since the decrypted wallet.dat has to be stored in RAM at some point. There are ways, but for now, consider them a little tedious).

So the solution is the following: you have your spendings-account where you keep only low amounts of coin (much like a real-life wallet), and you have your super-secure savings wallet, which you only access on rare occasions.

How?

I'll try to keep it short: You have to create your savings account under ideal security-conditions. I won't rant about you cunts people using Windows in general, but note that Linux is in no way automagically completely secure. Everything depends a lot on your behaviour.

1. What you'll do is the following: Create a live-CD or a bootable USB with your OS of choice on it. I suggest using the Ubuntu LiveCD.

The reason is simple. When you create your new wallet, you want to make abolutely sure, that your running operating system doesn't in any way log your keys or secretly save your files somewhere.

2. Boot your freshly-created OS, and install the Bitcoin client on it. Yes you can install software inside a liveCD environment. Optionally, also install some encryption software, but we'll leave that for now.

3. Your Bitcoin client will immediately generate 10 addresses for you, and with them, the corresponding wallet.dat.

4. Save your addresses somewhere, if you have to, write them down manually (if you do this, then I bow to your zeal and declare you crazy). I suggest you send them to yourself over email.

5. This is the important step. Copy your wallet.dat somewhere. Burn then on a CD or another medium. I for instance love those little 64MB SD-cards you sometimes get with a new camera. They rock. You might want to make multiple copies (on multiple cards/CDs, not multiple copies of the same file on the same disk you tart).

6. Now, eject whatever you just copied on, and guard it like your life depends on it. Not really, but here is the important step: If you encrypted your wallet.dat with an encryption algorithm you feel safe about, just keep it around your house.

7. Shut down. There will be no trace of your walled.dat on your harddisk, since it never actually resided there.

Important: You will want to keep another copy somewhere else, in a safe physical location, or at least one that is safe while your house burns down. You might already know it, but losing your wallet.dat is worse than someone stealing it. It'll be gone forever.

If you didn't encrypt the file (which I prefer), put the SDcards, CDs, whatever in a safe. That's right: a real-world safe, like banks have, who also happen to lock their doors and are in general very anal about their security and all that jazz. You can rent small safety-deposit boxes in exchange for money. As a bonus, it'll be fire-proof as well.

8. In case it's not yet obvious: You will now only make day-to-day transactions like you used to do it, on your computer (are you _still_ using windows?) and every now and then, you will put some coins into your savings-account. Using the addresses from step 4). How much you want to keep in your wallet is up to you.

But how can I haz my money back?

Okay, for those of you who didn't guess it yet: Whenever you want to make a transaction from your savings-account to someplace else, get your wallet.dat out of the safe, boot up your liveCD (don't you dare using your regular OS after all this work, or I'll come beat you up personally) and do the reverse: Install bitcoin again, install the encryption-software if necessary and copy your wallet.dat where it belongs.

Congratulations: you can now access your 25'000 bitcoins and nobody will have messed with them while you were asleep.

Possible attacks

So now, the _only_ way for someone to steal your coin, will be to steal your physical copy of the wallet. That's why you might want to encrypt it, although if you do, don't forget the passphrase. Also, if you die, your family can still get your bank-safe opened, but they won't be able to pick through your brain and get the passphrase out of it. That's why I prefer to not encrypt it.

There is one more possibility: a physical keylogger: It will be able to intercept the password you use to encrypt your wallet.dat, which, if you keep a copy at home, can then be stolen and used. Another reason, why a regular safe is the best option in my humble opinion.

What else?

EDIT: A little protip for those who don't know: You can of course use blockexplorer.com to keep track of your account while it's safely hidden away. Doing this will simply allow you to see how many coins are associated with a given address.

I suggest you also create new day-to-day wallets (even having a few coins stolen can be frustrating), as your current ones might already have been stolen. Of course, this requires a secure OS, so you better ditch that infected piece of shit fine gear of yours. DON'T just create new wallets on the system you're using right now, since it won't solve anything in case you're already infected.

In addition, it doesn't hurt to read up on some technical details. Use the Wiki. Learn the difference between the amount in your wallet, and the amount on the different block-addresses. If you handle a lot of money, ACT ACCORDINGLY. Don't get all crazy-enthusiastic-venture-capitalist and invest all your savings in bitcoin. Also, don't speculate too much on the price development, you'll make more money if you use that time to work at a regular job.

Now, if you happen to make/have made a significant amount of coins, don't run around telling everybody like the self-satisfied vagina that you are. You wouldn't do that with real money either. At least I hope so.

Also, someone will probably make a bitcoin-specific liveCD, which should save some hassle in the steps above.
Also, take it easy and be a cool guy woh doesn't afraid of anything.
Also, pick up a book every now and then.


Yes, there are other ways to do this, and yes, some might be more practical and maybe just as secure. Write a comment about it.

If anyone has any clarifications, questions, suggestions, or wants to call me a moron, please feel free to do so, and I'll see if there is anything to be improved about it. Also, spelling mistaeks.

Also, in case anybody got all excited by this guide and/or seen the light of Jesus-Christ the saviour AND wants to thank me with coins (why on earth would you do that?), here's my address: 16VD78R8nxqJGesE7E9KS6A8TikQQpKNm5

Have fun. Cool

EDIT: Corrections and added a few insults just for you, dear anonymous reader.
Thanks
alexh
Member
**
Offline Offline

Activity: 112



View Profile
April 05, 2013, 06:08:19 PM
 #2120

Thats a lot of information, it will take me days to get through everything. Ohhhh Sad
Pages: « 1 ... 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 [106] 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!