Bitcoin Forum
December 08, 2016, 06:21:08 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 [14] 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 ... 129 »
  Print  
Author Topic: HOWTO: create a 100% secure wallet  (Read 249803 times)
CyberPhunk
Full Member
***
Offline Offline

Activity: 124


View Profile
July 01, 2011, 06:54:10 PM
 #261

Will definitely have to play around with this.

Thanks for putting the time into sharing the info.

List of client download mirrors / Older Catalyst drivers/SDK
13dRbbqBpfZEmZiXXdLM4NKNoJYsgHbuFJ  <- might as well, in case someone feels generous. Wink
1481221268
Hero Member
*
Offline Offline

Posts: 1481221268

View Profile Personal Message (Offline)

Ignore
1481221268
Reply with quote  #2

1481221268
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481221268
Hero Member
*
Offline Offline

Posts: 1481221268

View Profile Personal Message (Offline)

Ignore
1481221268
Reply with quote  #2

1481221268
Report to moderator
1481221268
Hero Member
*
Offline Offline

Posts: 1481221268

View Profile Personal Message (Offline)

Ignore
1481221268
Reply with quote  #2

1481221268
Report to moderator
netrin
Sr. Member
****
Offline Offline

Activity: 322


FirstBits: 168Bc


View Profile
July 01, 2011, 07:11:51 PM
 #262

As someone who works in IT, I think that for most users this process is pretty complicated, but more importantly way too tedious for simply transferring funds.

Agreed. This all needs to be easier/simpler before my Mom will come near it.

Still, I think most people need a system that is perhaps 99% secure, but much simpler and faster. 

What does 99% secure mean? Is that like a water damn or parachute with a 1% hole in it? Or a computer with only one port out of a hundred compromised? Or one malicious out of hundred users? 99% secure is 100% insecure.

Most computers are not secure. This does not mean that their users will die or loose their all of their data, but it means that they are not the only ones in control of their hardware. When there are bitcoins on the machine, that is more of a concern than if the most private things you have a family photos and a tax return.

You have to think of this like a biological virus. A successful virus 'wants' to survive not kill or rather if a virus kills its host it will reduce its chance of replication. A successful virus 'wants' to infect in such a way that the host will continue unaware of infection unless (such as ebola) the host acts in a ways that it increases dissemination (like wandering into markets or going to the hospital and exploding blood upon a large number of vulnerable patients in close proximity).

An attacker does not want its host to know it has been compromised. It does not want to produce concern. It wants to act with surgical precision and maximal effect. We should thank Lulz and other joy riding young crackers for making us aware of our vulnerabilities, for making us conscious and secure.

Greenlandic tupilak. Hand carved, traditional cursed bone figures. Sorry, polar bear, walrus and human remains not available for export.
atomictornado
Newbie
*
Offline Offline

Activity: 18


View Profile
July 02, 2011, 04:51:57 AM
 #263

Very informative post!  Thanks for sharing!!   Grin
kartcrg84
Newbie
*
Offline Offline

Activity: 1


View Profile
July 02, 2011, 05:03:15 AM
 #264

wow, I probably laughed more than I learned. (I did learn a lot though. thanks a ton!)
BkkCoins
Hero Member
*****
Offline Offline

Activity: 784


firstbits:1MinerQ


View Profile WWW
July 02, 2011, 05:17:03 AM
 #265

Sorry I have not gone thru all 14 pages, plan to do so. I did run a search on this and did not find an answer.

I asked the same question here: https://forum.bitcoin.org/index.php?topic=20298.msg311431#msg311431

Quote
Mine (Bitcoin data folder) is over 300MB already, looks like the block chain files are the main culprit in the hundred of mb. Like the file blk0001.dat is over 300MB. But if I want to follow the instructions to secure my wallet here https://en.bitcoin.it/wiki/Securing_your_wallet using a Truecrypt container it says to make the container at least 100MB. At this rate of growth it seems I need to make my container in the GBs if I don't want to keep recreating it? Am I missing something? Can I just encrypt a container for the wallet.dat and not the block chains?


Making a backup of the block chain data is pointless except perhaps to save time later (as then it won't need to be downloaded again). Encrypting and backing up the wallet.dat file is essential and it's not too big. The plan is that future versions of the client will not need to have the full block chain on hand so by the time that data gets painfully huge we should have a solution that does not require downloading the whole chain.

cocodapuf
Newbie
*
Offline Offline

Activity: 26


View Profile
July 02, 2011, 04:15:46 PM
 #266

Still, I think most people need a system that is perhaps 99% secure, but much simpler and faster. 
What does 99% secure mean? Is that like a water damn or parachute with a 1% hole in it? Or a computer with only one port out of a hundred compromised? Or one malicious out of hundred users? 99% secure is 100% insecure.

Most computers are not secure. This does not mean that their users will die or loose their all of their data, but it means that they are not the only ones in control of their hardware. When there are bitcoins on the machine, that is more of a concern than if the most private things you have a family photos and a tax return.

You have to think of this like a biological virus. A successful virus 'wants' to survive not kill or rather if a virus kills its host it will reduce its chance of replication. A successful virus 'wants' to infect in such a way that the host will continue unaware of infection unless (such as ebola) the host acts in a ways that it increases dissemination (like wandering into markets or going to the hospital and exploding blood upon a large number of vulnerable patients in close proximity).

An attacker does not want its host to know it has been compromised. It does not want to produce concern. It wants to act with surgical precision and maximal effect. We should thank Lulz and other joy riding young crackers for making us aware of our vulnerabilities, for making us conscious and secure.
Heh, the lulz boat has been fun to watch, and I totally agree.  I have a feeling that most people don't see it as a mostly positive force though. 

And to clarify, instead of "99% secure" what I should have said was "good enough" security.  For example, when you punch in your ATM pin, you do it in a public place.  Does some unseen spy have a camera focused on the keypad?  Do you know that nobody tampered with he machine before you got there?  We could all come up with many more (absolutely legitimate) potential security holes.  Still, most people use ATMs and consider them mostly safe.  So what is mostly safe for us?

I found this other thread on the forums that I think satisfies my needs. "How to set up a secure bitcoin savings account"

But seriously, what is your opinion on "good enough" security? (open question to everyone in the thread)
Kangar00
Newbie
*
Offline Offline

Activity: 6

Firstbits: 1JPx6


View Profile
July 02, 2011, 04:26:23 PM
 #267

funny read and some pretty nifty ideas in there - thanks!

Wanna throw some BTC my way? 1JPx6RwyeErgEPKmnyQdKZqzK3gCPauGpG
showtime
Newbie
*
Offline Offline

Activity: 9


View Profile
July 02, 2011, 08:49:32 PM
 #268

Questions:

1. Is it be possible to create a second partition on the USB drive in order to store any install files and such? I'm imagining that partition 0 has the bootable Ubuntu Live environment and partition 1 has bitcoin install file, truecrypt install file, etc. This is so that you do not need to redownload the install files every time you want to use the wallet.


Thanks to anyone who can answer my questions. I know how to do the Ubuntu Live install and all that, but I want to make sure I know how to juggle all the other files and things I will need.

I was wondering the same thing.  I managed to get this work by following this short guide, http://radu.cotescu.com/ubuntu-usb-stick/.  Ubuntu is on partition 2, storage is on partition 1.

At this very moment I am working in Firefox in Ubuntu on my partition 2 of my USB drive.  I have Bitcoin client and Truecrypt in storage (partition 1).  Hope you're able to get it to work.

EDIT:  For some reason, I am unable to open a tar.gz file or run an exe file on my Ubuntu install. So, while I have BTC and TC on the storage partition, I cannot run them.  Even when I downloaded them again in Ubuntu, instead of using the ones in storage, it would not let me open them. Now I need to figure out why. 
saykor
Sr. Member
****
Offline Offline

Activity: 350


View Profile WWW
July 03, 2011, 06:51:40 AM
 #269

Nothing is a 100% secure in this life. You need to change it to 99% Smiley

Let's color the MOON: YP4ZV8yabKGBKG2uNWHQBwrdURkyxqst4D
Before to do business with me you can check my  BitcoinFeedback; ebay and .net developer profile
piramida
Legendary
*
Offline Offline

Activity: 994



View Profile
July 03, 2011, 07:28:48 AM
 #270

What about just trusting an online wallet, like mybitcoin, I guess you are not guaranteed from hacking or operator running away with all bitcoin, but it still is much more secure than local storage of wallet.dat, unless you actually spend time & money and store it on a flash drive in a bank.

i am satoshi
saykor
Sr. Member
****
Offline Offline

Activity: 350


View Profile WWW
July 03, 2011, 08:25:37 AM
 #271

What about just trusting an online wallet, like mybitcoin, I guess you are not guaranteed from hacking or operator running away with all bitcoin, but it still is much more secure than local storage of wallet.dat, unless you actually spend time & money and store it on a flash drive in a bank.

You can upload your dat file ( encrypted ) in online storage or secure email that only you know. It will be more good from to store it in a bank on a flash drive. You cannot go to your bank each day to update your file when you make a transactions. But you can reupload it easy.

Let's color the MOON: YP4ZV8yabKGBKG2uNWHQBwrdURkyxqst4D
Before to do business with me you can check my  BitcoinFeedback; ebay and .net developer profile
piramida
Legendary
*
Offline Offline

Activity: 994



View Profile
July 03, 2011, 09:14:03 AM
 #272

saykor right and thats what I do, I just wonder if there is any difference between uploading an encrypted wallet somewhere or having it in a trusted online wallet system? Should be about the same, security-wise, even more secure to use a service because your computer has higher chance of getting infected, even if you load from a bootable media every time - that just means your liveCD has an outdated OS, security-wise, and can get affected by some recent exploit.

i am satoshi
sareea
Member
**
Offline Offline

Activity: 76


View Profile
July 03, 2011, 11:55:40 AM
 #273

I suggest also this software :
TrueCrypt
It makes very secure files ( virtual hard drivers ) ...
I recommend it Cheesy
samadamsbeer
Member
**
Offline Offline

Activity: 87


View Profile
July 03, 2011, 12:31:24 PM
 #274



Quote

Making a backup of the block chain data is pointless except perhaps to save time later (as then it won't need to be downloaded again). Encrypting and backing up the wallet.dat file is essential and it's not too big. The plan is that future versions of the client will not need to have the full block chain on hand so by the time that data gets painfully huge we should have a solution that does not require downloading the whole chain.

I can do this but does this mean I need to move my wallet file in and out of the container each time I use the btc client?
plarkplark
Newbie
*
Offline Offline

Activity: 5


View Profile
July 03, 2011, 12:39:06 PM
 #275

I have printed my wallet.dat and put it in the safe of my dad.

Crazy? Yes. Only going to need it when SHIT really hits the fan (like: usb stick)
MtRev
Full Member
***
Offline Offline

Activity: 168



View Profile
July 03, 2011, 04:23:21 PM
 #276

Wait a min.

So, wallet.dat does NOT store how much BTC we have?
It's only a key that allow us to spend our credits and the BTC credits are stored in the global p2p network?

You need a web designer? I'm offering big agency quality, without the big agency invoices!
Drop me a message; will work for BTC, LTC & PPC =]
bitlotto
Hero Member
*****
Offline Offline

Activity: 672


BitLotto - best odds + best payouts + cheat-proof


View Profile WWW
July 03, 2011, 04:29:54 PM
 #277

Wait a min.

So, wallet.dat does NOT store how much BTC we have?
It's only a key that allow us to spend our credits and the BTC credits are stored in the global p2p network?
Pretty much. Yes.

*Next Draw Feb 1*  BitLotto: monthly raffle (0.25 BTC per ticket) Completely transparent and impossible to manipulate who wins. TOR
TOR2WEB
Donations to: 1JQdiQsjhV2uJ4Y8HFtdqteJsZhv835a8J are appreciated.
MtRev
Full Member
***
Offline Offline

Activity: 168



View Profile
July 03, 2011, 04:36:02 PM
 #278

Thanks for clearing that up for me, now I have a much better understanding of how this works. I used to think the wallet.dat actually acted as a wallet.

Much thanks to the OP for writing this guide and thank you Bitlotto for confirming my questions.

You need a web designer? I'm offering big agency quality, without the big agency invoices!
Drop me a message; will work for BTC, LTC & PPC =]
MtRev
Full Member
***
Offline Offline

Activity: 168



View Profile
July 03, 2011, 05:01:13 PM
 #279

One more question, how do I create a second wallet?

If I backup my current one, how do I get a separate one for daily use?


You need a web designer? I'm offering big agency quality, without the big agency invoices!
Drop me a message; will work for BTC, LTC & PPC =]
bitlotto
Hero Member
*****
Offline Offline

Activity: 672


BitLotto - best odds + best payouts + cheat-proof


View Profile WWW
July 03, 2011, 05:15:07 PM
 #280

One more question, how do I create a second wallet?

If I backup my current one, how do I get a separate one for daily use?


Move or delete or rename the wallet in the data dir. MAKE SURE it's backed up. Next time you open Bitcoin a whole new wallet will be made.

*Next Draw Feb 1*  BitLotto: monthly raffle (0.25 BTC per ticket) Completely transparent and impossible to manipulate who wins. TOR
TOR2WEB
Donations to: 1JQdiQsjhV2uJ4Y8HFtdqteJsZhv835a8J are appreciated.
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 [14] 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 ... 129 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!