Bitcoin Forum
September 26, 2017, 12:41:20 AM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: « 1 ... 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 [124] 125 126 127 128 129 »
  Print  
Author Topic: HOWTO: create a 100% secure wallet  (Read 268346 times)
sweetne$$
Newbie
*
Offline Offline

Activity: 6


View Profile
September 08, 2013, 12:51:08 AM
 #2461

I appreciate all the tips given in this thread, I'm newer to the scene so this really helps me out.
1506386480
Hero Member
*
Offline Offline

Posts: 1506386480

View Profile Personal Message (Offline)

Ignore
1506386480
Reply with quote  #2

1506386480
Report to moderator
1506386480
Hero Member
*
Offline Offline

Posts: 1506386480

View Profile Personal Message (Offline)

Ignore
1506386480
Reply with quote  #2

1506386480
Report to moderator
"If you don't want people to know you're a scumbag then don't be a scumbag." -- margaritahuyan
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1506386480
Hero Member
*
Offline Offline

Posts: 1506386480

View Profile Personal Message (Offline)

Ignore
1506386480
Reply with quote  #2

1506386480
Report to moderator
AndrewWilliams
Full Member
***
Offline Offline

Activity: 182

Fourth richest fictional character


View Profile
September 12, 2013, 06:47:55 AM
 #2462

If you want true security in addition to the BitCoin software your are using, you need to use the following software to prevent malware, trojans, and viruses from giving someone backdoor access to your computer. All the encryption and passwords in the world will not help you if you computer is infected. BTC



1. Anti-Keylogger
This will prevent a hacker from capturing your passwords as you enter them to decrypt wallets and posting payments.
Key Scrambler - Free and Paid editions. You need to have the paid edition to encrypt your typing using a software wallet and not just your browser. Well worth it IMO.
http://www.qfxsoftware.com

2. VPN Service
This will put a buffer and prevent hackers from having easy access to remotely control your computer if it infected.
Many available. Private Internet Access and Mulavad are recommended by many.
http://www.privateinternetaccess.com , https://www.mullvad.net/en/

3. Firewall and Anti-Virus
Self explanatory. I also recommend Malwarebytes Anti-Malware to detect malware that may not be picked up by most anti-virus software. Free as well.

4. Privacy Browser
Many people think that if you have a proxy or VPN you are immune from tracking. This could not be further from the truth. Browser fingerprinting allows an unscrupulous person to track the websites you visit and monitor your movements online. In a nutshell browser fingerprinting is the method of IDing people online, only needing 21 bits of identification. With 21 bits of identification, a person can be pinpointed with near 100% accuracy by their browser. These points include your OS, browser, any browser add-ons you use, your screen resolution, http header tags, timezone, system fonts, and many more things you probably didn't know could be accessed by a website. THIS IS WHY using Firefox and adding a few privacy addons DOES NOT WORK! If anything, using add-ons, it INCREASES your ability to be tracked. The question becomes, how do we prevent cookies, javascript, and flash from tracking us without using add-ons that contribute to bits of identification?

Test yourself:
https://panopticlick.eff.org/
http://ip-check.info/?lang=en

Solution:
JonDoBrowser: A special build of Firefox that has all privacy essential addons, disables flash cookies, and uses the TOR network to proxify your websurfing.
The best part is that JonDoBrower has the same exact browser fingerprint for ever person who uses it. So you browser fingerprint is no longer unique; it is shared by thousands! The more people use it, the greater the factor of anonymity. It will bring you to under 10 bits of identification. Yes, it is free.
https://anonymous-proxy-servers.net/index.html


shuttleclock
Jr. Member
*
Offline Offline

Activity: 50



View Profile
September 16, 2013, 01:22:30 AM
 #2463

More secure = less comfortable to use,
Less secure = more comfortable to use Tongue

what i don't understind how i'm going to receive or send this coin if i didn't wait for the bitcoin-qt to download all the block, and how he gonna do that if its in a CD.
As far as I know, you can always receive payment as long as you have your bitcoin address, hence no need to wait for the client to download ll the block.

And if downloading all the blockchain sounds annoying for you, how about use some lightweight wallet instead, like Multibit? Smiley
CYPER
Hero Member
*****
Offline Offline

Activity: 700



View Profile
September 22, 2013, 11:29:19 PM
 #2464

OK, so for receiving coins you don't have be connected to the internet, in fact you don't need to do anything as long as you have your wallet secured.

But what about sending coins? - I assume internet connection is needed in order to broadcast the transaction, but do I need to download the full blockchain in order to successfully send coins?
Can I just open a fresh client for less than a minute, send some coins and close it immediately after that? Is that enough time for the transaction to appear in the blockchain?



Also I would like to transfer the few coins I have to a new wallet, because my current one is on my Windows machine encrypted and I'd rather not open it in this environment, just in case there is some malware waiting for it. Is this the right procedure:

1 - I fire up a LiveCD, install a bitcoin client, get some new addresses, write them down, backup wallet.dat.
2 - Again load LiveCD and copy my original wallet.dat to be used with the bitcoin client, but this time with an internet connection, so I can send the coins to an address from step one.
3 - Delete original wallet.dat and keep the one created in step 1.

Did I miss anything?

If this post helped you and you feel generous you know what to do: 1P9tXFy9bVgzrfPGeV7F8np26ZtFdCCWvz
CYPER
Hero Member
*****
Offline Offline

Activity: 700



View Profile
September 23, 2013, 01:13:23 PM
 #2465

Anyone?

If this post helped you and you feel generous you know what to do: 1P9tXFy9bVgzrfPGeV7F8np26ZtFdCCWvz
bouc
Jr. Member
*
Offline Offline

Activity: 37


View Profile
September 23, 2013, 02:48:50 PM
 #2466

maybe, keep the one created at step 2, would be logic, no?
CYPER
Hero Member
*****
Offline Offline

Activity: 700



View Profile
September 23, 2013, 03:18:12 PM
 #2467

maybe, keep the one created at step 2, would be logic, no?

Do I need it when all the coins from it will be transferred to the new wallet created in step 1?

If this post helped you and you feel generous you know what to do: 1P9tXFy9bVgzrfPGeV7F8np26ZtFdCCWvz
dishwara
Legendary
*
Offline Offline

Activity: 1526



View Profile
September 23, 2013, 03:34:35 PM
 #2468

OK, so for receiving coins you don't have be connected to the internet, in fact you don't need to do anything as long as you have your wallet secured.
For both sending & receiving coins you need to connect internet.
For to just check the balance in a particular address you dont need to connect your wallet software to internet.
you can just check the address in blockchain.info for balance

Quote
But what about sending coins? - I assume internet connection is needed in order to broadcast the transaction, but do I need to download the full blockchain in order to successfully send coins?
Yes
Quote
Can I just open a fresh client for less than a minute, send some coins and close it immediately after that? Is that enough time for the transaction to appear in the blockchain?
No

BitSend ◢◤Clients | Source
www.bitsend.info
█▄
█████▄
████████▄
███████████▄
██████████████
███████████▀
████████▀
█████▀
█▀












Your Digital Network | 10MB Blocks
Algo: XEVAN | DK3 | Masternodes
Bitcore - BTX/BTC -Project












BSD -USDT | Bittrex | C.Gather | S.Exchange
Cryptopia | NovaExchange | Livecoin
CoinPayments | Faucet | Bitsend Airdrop













████
 ████
  ████
   ████
    ████
     ████
      ████
       ████
        ████
       ████
      ████
     ████
    ████
   ████
  ████
 ████
████

████
 ████
  ████
   ████
    ████
     ████
      ████
       ████
        ████
       ████
      ████
     ████
    ████
   ████
  ████
 ████
████
CYPER
Hero Member
*****
Offline Offline

Activity: 700



View Profile
September 23, 2013, 03:42:35 PM
 #2469

For both sending & receiving coins you need to connect internet.

What do you mean by "receiving"?
If I have created a wallet and copied the receiving addresses on a piece of paper I don't really need internet connection to receive coins.
I can just give the address to someone and that's it.
Now If I want to spend these coins then I will need internet, but that is sending, no receiving.

If this post helped you and you feel generous you know what to do: 1P9tXFy9bVgzrfPGeV7F8np26ZtFdCCWvz
Reaper3
Sr. Member
****
Offline Offline

Activity: 350



View Profile
September 23, 2013, 05:21:25 PM
 #2470

100% is a strong statement

CHANGE FINANCE First Decentralised Global Crypto Bank
[color=#15B5E2 ]LINK TO ICO | LINK TO DISCUSSION
nobbynobbynoob
Hero Member
*****
Offline Offline

Activity: 756


Annuit cœptis humanae libertas


View Profile WWW
September 23, 2013, 05:37:20 PM
 #2471

100% is a strong statement

True, but it is a reasonable approximation, given that, if one follows proper procedure for creating an offline wallet, there is essentially no way to steal the funds besides failure of Bitcoin protocol. Even robbery with violence can be stymied by splitting up private keys or key-access passphrases and storing them in multiple sites. I guess one could try to extort bitcoin via kidnapping and the like, just as with fiat.

Earn Free Bitcoins!   Earn bitcoin via BitcoinGet
BTC tip: 1PKkvuwC24Vqjv9odigXs1QVzE66jEJqmb (if <200 µBTC, please donate to charity)
LTC tip: LRqXaNdF79QHvhPpS5AZdEJZnLiNnAkJvq (if <Ł0,05, please donate to charity)
dishwara
Legendary
*
Offline Offline

Activity: 1526



View Profile
September 23, 2013, 05:53:49 PM
 #2472

For both sending & receiving coins you need to connect internet.

What do you mean by "receiving"?
If I have created a wallet and copied the receiving addresses on a piece of paper I don't really need internet connection to receive coins.
I can just give the address to someone and that's it.
Now If I want to spend these coins then I will need internet, but that is sending, no receiving.
Until you connect to internet, your wallet wont have the coins.
Blockchain shows the address has coins, not in your wallet.
You need to connect to internet, then only the coins will reach your wallet.

BitSend ◢◤Clients | Source
www.bitsend.info
█▄
█████▄
████████▄
███████████▄
██████████████
███████████▀
████████▀
█████▀
█▀












Your Digital Network | 10MB Blocks
Algo: XEVAN | DK3 | Masternodes
Bitcore - BTX/BTC -Project












BSD -USDT | Bittrex | C.Gather | S.Exchange
Cryptopia | NovaExchange | Livecoin
CoinPayments | Faucet | Bitsend Airdrop













████
 ████
  ████
   ████
    ████
     ████
      ████
       ████
        ████
       ████
      ████
     ████
    ████
   ████
  ████
 ████
████

████
 ████
  ████
   ████
    ████
     ████
      ████
       ████
        ████
       ████
      ████
     ████
    ████
   ████
  ████
 ████
████
CYPER
Hero Member
*****
Offline Offline

Activity: 700



View Profile
September 23, 2013, 05:59:25 PM
 #2473

Until you connect to internet, your wallet wont have the coins.
Blockchain shows the address has coins, not in your wallet.
You need to connect to internet, then only the coins will reach your wallet.

Sorry, but your understanding of how Bitcoin works is wrong.
The wallet doesn't contain any coins Wink
It contains your public and private keys to spend coins, that belong to it.
So basically the blockchain knows your address has some coins and your wallet contains the right to spend them.

So, no you don't need an internet connection to receive coins, but you need internet connection to spend them Wink

If this post helped you and you feel generous you know what to do: 1P9tXFy9bVgzrfPGeV7F8np26ZtFdCCWvz
bwstacker
Member
**
Offline Offline

Activity: 62


View Profile
September 29, 2013, 09:15:09 PM
 #2474

Wel in the end the only cecure wallet is a downloaded wallet freshly installed not up dated at all And send you coins to that address ,don't update wallet. Wallet dat. can be backed up but do not update the wallet
BTCetera
Member
**
Offline Offline

Activity: 78


View Profile
November 04, 2013, 03:08:14 PM
 #2475

I think it's safe to summarize this post as: Armory is your home safe and Coinbase is the wallet you take when you get out of the house.

Naturally, the actual solutions hereby named change from time to time, but these two are pretty good options as of Nov 2013. Would someone disagree?
Boris Ent
Newbie
*
Offline Offline

Activity: 1


View Profile
November 25, 2013, 03:28:09 AM
 #2476

Crypto currencies are a game-changer.  But, as currently implemented, they are designed to fail.  The proposals here won’t change the out­come.

Simply put: there is no spend password on the private key!

To illustrate: my PGP/GPG private keys are only created and used off­line; printed and stored in an off­site safe.  But, they are vulnerable to replication.  Somebody sitting at a keyboard and hammering out a random string that just may be identical to my original PGP/GPG private key.

So, when somebody finally replicates my PGP/GPG private key they must still crack my random password to impersonate me.  That, is to transact with my key.

The Android Bitcoin flaw proved that the Bitcoin 51 character private key is much easier to replicate.  It starts with the digit 5 and the rest of the key are randomised characters from the Base58 symbol chart on the Base58Check encoding page.

It doesn’t matter if you follow best-practice privacy measures, such as cold storage, paper-wallets, encrypted USB drives, etc.  No passphrase, no security.

It won’t be long before some script-kiddy writes an algorithm to replicate all possible Bitcoin private keys.  Run them through the JavaScripts available on­line that calculate the individual public keys.  Query sites such as Bitcoin Block Explorer for addresses with transaction histories.  Download the JavaScript to create secure offline Bitcoin transactions.  Then, broadcast the transactions.

All without touching a single encrypted wallet.dat.
––––
REFERENCES
····
The Android Bitcoin vulnerability explained
  http://blogs.avg.com/mobile/android-bitcoin-vulnerability-explained/
····
Base58Check encoding
  https://en.bitcoin.it/wiki/Base58Check_encoding
····
Query private wallet keys at
  https://www.bitaddress.org
····
Watch wallets online at
  https://blockchain.info/address/
····
Retrieve transaction history at
  http://blockexplorer.com/q/mytransactions/
····
Create offline send with
  http://www.howtovanish.com/images/offline-transactions.zip
····
Broadcast spend at
  http://blockchain.info/pushtx
Richy_T
Legendary
*
Offline Offline

Activity: 1316


1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k


View Profile
November 25, 2013, 09:20:43 PM
 #2477

All possible Bitcoin private keys, eh?  Cheesy Cheesy Cheesy Cheesy Cheesy Cheesy Cheesy Cheesy Cheesy

1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k
RoxxR
Full Member
***
Offline Offline

Activity: 178


View Profile
November 27, 2013, 05:46:51 PM
 #2478

Crypto currencies are a game-changer.  But, as currently implemented, they are designed to fail.  The proposals here won’t change the out­come.

Simply put: there is no spend password on the private key!

To illustrate: my PGP/GPG private keys are only created and used off­line; printed and stored in an off­site safe.  But, they are vulnerable to replication.  Somebody sitting at a keyboard and hammering out a random string that just may be identical to my original PGP/GPG private key.

So, when somebody finally replicates my PGP/GPG private key they must still crack my random password to impersonate me.  That, is to transact with my key.

The Android Bitcoin flaw proved that the Bitcoin 51 character private key is much easier to replicate.  It starts with the digit 5 and the rest of the key are randomised characters from the Base58 symbol chart on the Base58Check encoding page.

It doesn’t matter if you follow best-practice privacy measures, such as cold storage, paper-wallets, encrypted USB drives, etc.  No passphrase, no security.

It won’t be long before some script-kiddy writes an algorithm to replicate all possible Bitcoin private keys.  Run them through the JavaScripts available on­line that calculate the individual public keys.  Query sites such as Bitcoin Block Explorer for addresses with transaction histories.  Download the JavaScript to create secure offline Bitcoin transactions.  Then, broadcast the transactions.

All without touching a single encrypted wallet.dat.
––––
REFERENCES
····
The Android Bitcoin vulnerability explained
  http://blogs.avg.com/mobile/android-bitcoin-vulnerability-explained/
····
Base58Check encoding
  https://en.bitcoin.it/wiki/Base58Check_encoding
····
Query private wallet keys at
  https://www.bitaddress.org
····
Watch wallets online at
  https://blockchain.info/address/
····
Retrieve transaction history at
  http://blockexplorer.com/q/mytransactions/
····
Create offline send with
  http://www.howtovanish.com/images/offline-transactions.zip
····
Broadcast spend at
  http://blockchain.info/pushtx


This already exists: Deep Space Vagabond Smiley  Google it.
Perhaps more interesting than the app is the discussion thread, read it all, it's very educational.
RoxxR
Full Member
***
Offline Offline

Activity: 178


View Profile
November 27, 2013, 05:49:11 PM
 #2479

Just use bitaddress.org (web page) or NoBrainr (offline tool) to generate robust brainwallets and cold storage addresses.
plej
Newbie
*
Offline Offline

Activity: 13


View Profile WWW
December 01, 2013, 08:24:05 AM
 #2480

I use bitaddress.org aswell, can recommend.

BTC: 17BDrv6m1WGzY6f61eWWArdQsyHwSioP4j
LTC: LPpxThksJQHAU2Ra5ykubThdTSimXa8NQk
QRK: Qc65owymp6KTAS3WKEE5EMyY3rA3TMP6U5
Pages: « 1 ... 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 [124] 125 126 127 128 129 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!