Bitcoin Forum
October 19, 2018, 10:30:40 AM *
News: Make sure you are not using versions of Bitcoin Core other than 0.17.0 [Torrent], 0.16.3, 0.15.2, or 0.14.3. More info.
 
   Home   Help Search Donate Login Register  
Pages: « 1 ... 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 [124] 125 126 127 128 129 »
  Print  
Author Topic: HOWTO: create a 100% secure wallet  (Read 275114 times)
bouc
Newbie
*
Offline Offline

Activity: 37
Merit: 0


View Profile
September 23, 2013, 02:48:50 PM
 #2461

maybe, keep the one created at step 2, would be logic, no?
1539945040
Hero Member
*
Offline Offline

Posts: 1539945040

View Profile Personal Message (Offline)

Ignore
1539945040
Reply with quote  #2

1539945040
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1539945040
Hero Member
*
Offline Offline

Posts: 1539945040

View Profile Personal Message (Offline)

Ignore
1539945040
Reply with quote  #2

1539945040
Report to moderator
CYPER
Hero Member
*****
Offline Offline

Activity: 770
Merit: 500



View Profile
September 23, 2013, 03:18:12 PM
 #2462

maybe, keep the one created at step 2, would be logic, no?

Do I need it when all the coins from it will be transferred to the new wallet created in step 1?
dishwara
Legendary
*
Offline Offline

Activity: 1834
Merit: 1014



View Profile
September 23, 2013, 03:34:35 PM
 #2463

OK, so for receiving coins you don't have be connected to the internet, in fact you don't need to do anything as long as you have your wallet secured.
For both sending & receiving coins you need to connect internet.
For to just check the balance in a particular address you dont need to connect your wallet software to internet.
you can just check the address in blockchain.info for balance

Quote
But what about sending coins? - I assume internet connection is needed in order to broadcast the transaction, but do I need to download the full blockchain in order to successfully send coins?
Yes
Quote
Can I just open a fresh client for less than a minute, send some coins and close it immediately after that? Is that enough time for the transaction to appear in the blockchain?
No

Open Altcoin Github
Limxtec Telegram












Bitsend BSD
The ultimate longterm rollout!
The first Masternodecoin with Segwit

Web: www.bitsend.info












Bitcore BTX
Are you ready for the future?!
The first hybrid fork from BTC

Web: www.bitcore.cc












Github.com/Limxtec
classic bitcoin core
electrum core
insight core
 












Developers
Plattform with
over 19 people!

 












Bitcloud BTDX
Megacoin MEC

████
 ████
  ████
   ████
    ████
     ████
      ████
       ████
        ████
       ████
      ████
     ████
    ████
   ████
  ████
 ████
████

████
 ████
  ████
   ████
    ████
     ████
      ████
       ████
        ████
       ████
      ████
     ████
    ████
   ████
  ████
 ████
████
[/center]
CYPER
Hero Member
*****
Offline Offline

Activity: 770
Merit: 500



View Profile
September 23, 2013, 03:42:35 PM
 #2464

For both sending & receiving coins you need to connect internet.

What do you mean by "receiving"?
If I have created a wallet and copied the receiving addresses on a piece of paper I don't really need internet connection to receive coins.
I can just give the address to someone and that's it.
Now If I want to spend these coins then I will need internet, but that is sending, no receiving.
Reaper3
Sr. Member
****
Offline Offline

Activity: 378
Merit: 250



View Profile
September 23, 2013, 05:21:25 PM
 #2465

100% is a strong statement

CHANGE FINANCE First Decentralised Global Crypto Bank
[color=#15B5E2 ]LINK TO ICO | LINK TO DISCUSSION
nobbynobbynoob
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


Annuit cœptis humanae libertas


View Profile WWW
September 23, 2013, 05:37:20 PM
 #2466

100% is a strong statement

True, but it is a reasonable approximation, given that, if one follows proper procedure for creating an offline wallet, there is essentially no way to steal the funds besides failure of Bitcoin protocol. Even robbery with violence can be stymied by splitting up private keys or key-access passphrases and storing them in multiple sites. I guess one could try to extort bitcoin via kidnapping and the like, just as with fiat.

Earn Free Bitcoins!   Earn bitcoin via BitcoinGet
BTC tip: 1PKkvuwC24Vqjv9odigXs1QVzE66jEJqmb (if <200 µBTC, please donate to charity)
LTC tip: LRqXaNdF79QHvhPpS5AZdEJZnLiNnAkJvq (if <Ł0,05, please donate to charity)
dishwara
Legendary
*
Offline Offline

Activity: 1834
Merit: 1014



View Profile
September 23, 2013, 05:53:49 PM
 #2467

For both sending & receiving coins you need to connect internet.

What do you mean by "receiving"?
If I have created a wallet and copied the receiving addresses on a piece of paper I don't really need internet connection to receive coins.
I can just give the address to someone and that's it.
Now If I want to spend these coins then I will need internet, but that is sending, no receiving.
Until you connect to internet, your wallet wont have the coins.
Blockchain shows the address has coins, not in your wallet.
You need to connect to internet, then only the coins will reach your wallet.

Open Altcoin Github
Limxtec Telegram












Bitsend BSD
The ultimate longterm rollout!
The first Masternodecoin with Segwit

Web: www.bitsend.info












Bitcore BTX
Are you ready for the future?!
The first hybrid fork from BTC

Web: www.bitcore.cc












Github.com/Limxtec
classic bitcoin core
electrum core
insight core
 












Developers
Plattform with
over 19 people!

 












Bitcloud BTDX
Megacoin MEC

████
 ████
  ████
   ████
    ████
     ████
      ████
       ████
        ████
       ████
      ████
     ████
    ████
   ████
  ████
 ████
████

████
 ████
  ████
   ████
    ████
     ████
      ████
       ████
        ████
       ████
      ████
     ████
    ████
   ████
  ████
 ████
████
[/center]
CYPER
Hero Member
*****
Offline Offline

Activity: 770
Merit: 500



View Profile
September 23, 2013, 05:59:25 PM
 #2468

Until you connect to internet, your wallet wont have the coins.
Blockchain shows the address has coins, not in your wallet.
You need to connect to internet, then only the coins will reach your wallet.

Sorry, but your understanding of how Bitcoin works is wrong.
The wallet doesn't contain any coins Wink
It contains your public and private keys to spend coins, that belong to it.
So basically the blockchain knows your address has some coins and your wallet contains the right to spend them.

So, no you don't need an internet connection to receive coins, but you need internet connection to spend them Wink
bwstacker
Member
**
Offline Offline

Activity: 79
Merit: 10


View Profile
September 29, 2013, 09:15:09 PM
 #2469

Wel in the end the only cecure wallet is a downloaded wallet freshly installed not up dated at all And send you coins to that address ,don't update wallet. Wallet dat. can be backed up but do not update the wallet
BTCetera
Member
**
Offline Offline

Activity: 81
Merit: 10


View Profile
November 04, 2013, 03:08:14 PM
 #2470

I think it's safe to summarize this post as: Armory is your home safe and Coinbase is the wallet you take when you get out of the house.

Naturally, the actual solutions hereby named change from time to time, but these two are pretty good options as of Nov 2013. Would someone disagree?

Want to send me a tip? 3EJTcRvvt54rv5Bn44KJbXFc7U2MXACkX9
Boris Ent
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
November 25, 2013, 03:28:09 AM
 #2471

Crypto currencies are a game-changer.  But, as currently implemented, they are designed to fail.  The proposals here won’t change the out­come.

Simply put: there is no spend password on the private key!

To illustrate: my PGP/GPG private keys are only created and used off­line; printed and stored in an off­site safe.  But, they are vulnerable to replication.  Somebody sitting at a keyboard and hammering out a random string that just may be identical to my original PGP/GPG private key.

So, when somebody finally replicates my PGP/GPG private key they must still crack my random password to impersonate me.  That, is to transact with my key.

The Android Bitcoin flaw proved that the Bitcoin 51 character private key is much easier to replicate.  It starts with the digit 5 and the rest of the key are randomised characters from the Base58 symbol chart on the Base58Check encoding page.

It doesn’t matter if you follow best-practice privacy measures, such as cold storage, paper-wallets, encrypted USB drives, etc.  No passphrase, no security.

It won’t be long before some script-kiddy writes an algorithm to replicate all possible Bitcoin private keys.  Run them through the JavaScripts available on­line that calculate the individual public keys.  Query sites such as Bitcoin Block Explorer for addresses with transaction histories.  Download the JavaScript to create secure offline Bitcoin transactions.  Then, broadcast the transactions.

All without touching a single encrypted wallet.dat.
––––
REFERENCES
····
The Android Bitcoin vulnerability explained
  http://blogs.avg.com/mobile/android-bitcoin-vulnerability-explained/
····
Base58Check encoding
  https://en.bitcoin.it/wiki/Base58Check_encoding
····
Query private wallet keys at
  https://www.bitaddress.org
····
Watch wallets online at
  https://blockchain.info/address/
····
Retrieve transaction history at
  http://blockexplorer.com/q/mytransactions/
····
Create offline send with
  http://www.howtovanish.com/images/offline-transactions.zip
····
Broadcast spend at
  http://blockchain.info/pushtx
Richy_T
Legendary
*
Offline Offline

Activity: 1344
Merit: 1000


1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k


View Profile
November 25, 2013, 09:20:43 PM
 #2472

All possible Bitcoin private keys, eh?  Cheesy Cheesy Cheesy Cheesy Cheesy Cheesy Cheesy Cheesy Cheesy

1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k
RoxxR
Full Member
***
Offline Offline

Activity: 180
Merit: 100


View Profile
November 27, 2013, 05:46:51 PM
 #2473

Crypto currencies are a game-changer.  But, as currently implemented, they are designed to fail.  The proposals here won’t change the out­come.

Simply put: there is no spend password on the private key!

To illustrate: my PGP/GPG private keys are only created and used off­line; printed and stored in an off­site safe.  But, they are vulnerable to replication.  Somebody sitting at a keyboard and hammering out a random string that just may be identical to my original PGP/GPG private key.

So, when somebody finally replicates my PGP/GPG private key they must still crack my random password to impersonate me.  That, is to transact with my key.

The Android Bitcoin flaw proved that the Bitcoin 51 character private key is much easier to replicate.  It starts with the digit 5 and the rest of the key are randomised characters from the Base58 symbol chart on the Base58Check encoding page.

It doesn’t matter if you follow best-practice privacy measures, such as cold storage, paper-wallets, encrypted USB drives, etc.  No passphrase, no security.

It won’t be long before some script-kiddy writes an algorithm to replicate all possible Bitcoin private keys.  Run them through the JavaScripts available on­line that calculate the individual public keys.  Query sites such as Bitcoin Block Explorer for addresses with transaction histories.  Download the JavaScript to create secure offline Bitcoin transactions.  Then, broadcast the transactions.

All without touching a single encrypted wallet.dat.
––––
REFERENCES
····
The Android Bitcoin vulnerability explained
  http://blogs.avg.com/mobile/android-bitcoin-vulnerability-explained/
····
Base58Check encoding
  https://en.bitcoin.it/wiki/Base58Check_encoding
····
Query private wallet keys at
  https://www.bitaddress.org
····
Watch wallets online at
  https://blockchain.info/address/
····
Retrieve transaction history at
  http://blockexplorer.com/q/mytransactions/
····
Create offline send with
  http://www.howtovanish.com/images/offline-transactions.zip
····
Broadcast spend at
  http://blockchain.info/pushtx


This already exists: Deep Space Vagabond Smiley  Google it.
Perhaps more interesting than the app is the discussion thread, read it all, it's very educational.
RoxxR
Full Member
***
Offline Offline

Activity: 180
Merit: 100


View Profile
November 27, 2013, 05:49:11 PM
 #2474

Just use bitaddress.org (web page) or NoBrainr (offline tool) to generate robust brainwallets and cold storage addresses.
plej
Newbie
*
Offline Offline

Activity: 15
Merit: 0


View Profile WWW
December 01, 2013, 08:24:05 AM
 #2475

I use bitaddress.org aswell, can recommend.
benziks
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
December 05, 2013, 05:15:28 PM
 #2476

I'm still trying to figure out how it works, and I haven't done any transactions yet.
barefoot
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
December 06, 2013, 03:34:24 PM
 #2477

As a well-disciplined newbie (although I already bought a bunch of BTC while still at $200-250), I tried to read this thread thoroughly, and the more I read the more I started to suspect that, unless I’m grossly missing something, the thing about “100% secure wallet” is a little bit paranoiac.

First I’ll state my conclusion: besides backing up the data to an external media, the only thing I have to do is to soundly encrypt the wallet and keep the passphrase out of the system. For additional protection I’ll put the wallet in an encrypted volume.

Now my arguments:

1. I think that most users generate and keep their passwords (the passphrase in this case) via a serious, dedicated app, protected by a healthy master password. This app will enter the passwords in any box you direct it to, bypassing the clipboard.

2. I know a thing or two about hacking (the now and then pass-time with friends in the nineties, as a teenager), and I’ll say that even if you are a greenhorn that opens unknown emails, visits unsafe sites etc., and thinks that the costliest antivirus, antispy and antimalware programs do protect you (they don’t), still:
  • keyloggers may work only if you enter the password manually. You should be quite a nerd to enter a 20 chars long gibberish password manually.
  • spyware and such are useless against encrypted data.
  • theoretically, a second-rate hacker may enter your system any time he wants and, finding a hot keyword in your files (as bitcoin, for example), he may start digging. But why choose precisely your computer? If you kept a low profile and your mouth shut, chances that he’ll find you are nil. And again, if your data is well encrypted, you are safe.

My 2¢. I’ll be grateful to the enlightened of this forum to show what am I missing. Perhaps things are more complicated. I still have to work out how using the same address for multiple transactions makes you vulnerable, as asserted in a previous reply in this thread.
AlbertKing
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
December 11, 2013, 04:50:09 AM
 #2478

Dude you really rock.
raveldoni
Sr. Member
****
Offline Offline

Activity: 434
Merit: 250


🤖UBEX.COM 🤖


View Profile
December 11, 2013, 04:55:21 AM
 #2479

As a well-disciplined newbie (although I already bought a bunch of BTC while still at $200-250), I tried to read this thread thoroughly, and the more I read the more I started to suspect that, unless I’m grossly missing something, the thing about “100% secure wallet” is a little bit paranoiac.

First I’ll state my conclusion: besides backing up the data to an external media, the only thing I have to do is to soundly encrypt the wallet and keep the passphrase out of the system. For additional protection I’ll put the wallet in an encrypted volume.

Now my arguments:

1. I think that most users generate and keep their passwords (the passphrase in this case) via a serious, dedicated app, protected by a healthy master password. This app will enter the passwords in any box you direct it to, bypassing the clipboard.

2. I know a thing or two about hacking (the now and then pass-time with friends in the nineties, as a teenager), and I’ll say that even if you are a greenhorn that opens unknown emails, visits unsafe sites etc., and thinks that the costliest antivirus, antispy and antimalware programs do protect you (they don’t), still:
  • keyloggers may work only if you enter the password manually. You should be quite a nerd to enter a 20 chars long gibberish password manually.
  • spyware and such are useless against encrypted data.
  • theoretically, a second-rate hacker may enter your system any time he wants and, finding a hot keyword in your files (as bitcoin, for example), he may start digging. But why choose precisely your computer? If you kept a low profile and your mouth shut, chances that he’ll find you are nil. And again, if your data is well encrypted, you are safe.

My 2¢. I’ll be grateful to the enlightened of this forum to show what am I missing. Perhaps things are more complicated. I still have to work out how using the same address for multiple transactions makes you vulnerable, as asserted in a previous reply in this thread.


Very well said. I totally agree with that.


GLOBAL DECENTRALIZED ADVERTISING EXCHANGE

Token sale: MAY 21

                                  ▄█▄      ▄█▄        
                                 █████    █████       
                        ▄██▄     ▀█▀      ▀█▀        
                ▄█▄    ▀██▀                           
         ▄     ▀█▀                        ▄█▄        
        ▀█▀                      ▄█▄     █████       
                        ▄██▄    █████     ▀█▀        
   ██          ▄█▄    ▀██▀     ▀█▀                  
         ▄     ▀█▀                        ▄█▄        
        ▀█▀                      ▄█▄     █████       
                        ▄██▄    █████     ▀█▀        
   ██          ▄█▄    ▀██▀     ▀█▀                  
                ▀█▀                                    
          ▄                      ▄█▄      ▄█▄        
         ▀█▀           ▄██▄    █████    █████       
   ██          ▄█▄    ▀██▀     ▀█▀      ▀█▀        
                ▀█▀                                    
           ▄                      ▄█▄     ▄█▄        
          ▀█▀            ▄██▄   █████   █████       
    ██            ▄█▄   ▀██▀    ▀█▀     ▀█▀        
             ▄    ▀█▀                                 
            ▀█▀                         ▄█▄           
       ██              ▄█▄   ▄██▄    █████          
                  ▄    ▀█▀   ▀██▀     ▀█▀           
                 ▀█▀                                   
            ██                   ▄██▄                 
                    ▄     ▄█▄   ▀██▀                 
                   ▀█▀    ▀█▀                          

▄█   ▄█  ▄█        ▄█████▄   ▀█▄     ▄█▀
██   ██  ██▄▄▄▄▄   ██▀   ▀██    ▀█▄  ▄█▀
██   ██  ██▀▀▀▀██  ██▀▀▀▀▀▀▀      ████   
██   ██  ██   ██  ██▄   ▄█    ▄██▀▀██▄   
▀██████▀  ▀██████▀  ▀███████▀   ▄██▀   ▀██▄
Telegram
Facebook
ANN Thread
Youtube
LinkedIn
Twitter
Medium
Reddit
Github
rarebitproject
Newbie
*
Offline Offline

Activity: 22
Merit: 0


View Profile WWW
December 11, 2013, 05:10:06 AM
 #2480

For both sending & receiving coins you need to connect internet.

What do you mean by "receiving"?
If I have created a wallet and copied the receiving addresses on a piece of paper I don't really need internet connection to receive coins.
I can just give the address to someone and that's it.
Now If I want to spend these coins then I will need internet, but that is sending, no receiving.


You can also spend coins by generating (signing) a transaction on an offline computer, then use a thumbdrive or sd card to move the raw tx to a service that will broadcast that tx to the bitcoin network for you.  That way, your private key or brainwallet passphrase need never be revealed to a computer with an internet connection (and its possible collection of installed malware).

There are wallets, such as brainwallet.org that can be run on an offline computer.
Pages: « 1 ... 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 [124] 125 126 127 128 129 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!