Bitcoin Forum
December 10, 2016, 10:49:23 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 [25] 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 ... 129 »
  Print  
Author Topic: HOWTO: create a 100% secure wallet  (Read 249979 times)
Bebop
Newbie
*
Offline Offline

Activity: 27



View Profile
September 05, 2011, 09:48:24 PM
 #481

I'm with the others for the idea of simply encrytping the entire OS. The Live boot CDs are somewhat more painful in the long term, due to long load times and needing a USB to persist settings etc. Of course anyone assumed to have the knowledge or skill to do the OS encrypt is also clued up enough to practice safe habbits of web surfing and avoiding trojans.

Live CD is a safe resort, but inferior to the OS encrypt I do agree.

★ The cure for boredom is curiosity
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481410163
Hero Member
*
Offline Offline

Posts: 1481410163

View Profile Personal Message (Offline)

Ignore
1481410163
Reply with quote  #2

1481410163
Report to moderator
1481410163
Hero Member
*
Offline Offline

Posts: 1481410163

View Profile Personal Message (Offline)

Ignore
1481410163
Reply with quote  #2

1481410163
Report to moderator
finchfrank
Newbie
*
Offline Offline

Activity: 9


View Profile
September 05, 2011, 09:59:25 PM
 #482

and what about some kind of protection by using ubikey or smth similar as does guys from mtgox
LoupGaroux
Sr. Member
****
Offline Offline

Activity: 420



View Profile
September 05, 2011, 10:04:10 PM
 #483

Frankly, I love the dry wit of an Englisher. Being able to use words like twat and cunts in an actual coherent sentence? Priceless. This is the type of post that should be made sticky, but then in my case it is, I snorted iced tea out of my nose when I read it, and now the whole damn keyboard is sticky, not just this invaluable post.

54Gh/s bASIC Bitcoin Mining Devices
Pre-Order Yours Today!     
Only $1069.99 ! @ http://www.BitcoinASIC.com


Look^^ I'm selling my soul too!
CurrentB
Newbie
*
Offline Offline

Activity: 21


View Profile
September 06, 2011, 09:32:47 AM
 #484

Great information, and a great read. Thanks!
nguoinhaque
Newbie
*
Offline Offline

Activity: 22


View Profile
September 06, 2011, 02:02:17 PM
 #485

I encrypt the wallet using built-in functions of Win7 and store a backup my wallets & certificates on my google account under a password-protected zip file
clone4501
Jr. Member
*
Offline Offline

Activity: 56


View Profile
September 06, 2011, 05:17:56 PM
 #486

The main theme behind creating a secure wallet is to encrypt it to a strong passphrase and then to shred (rather than delete) the unecrypted wallet.  Next, back up the encrypted wallet ot a number of different physical and virtual locations.  There are risks to this strategy.  The two biggeet are 1) forgetting your passphrase, 2) the encryption software being able to properly decrypt later on, 3) the bitcon client being able to properly read the decrypted wallet.

Also, the above is all for nothing if you are not operating behind a secure firewall that keeps out malware.

To all you newbies, don't trust the software.  Stress test it, before you store a large amount of bitcoins.  Even commerically available encryption software including the bitcoin client does not work 100% on every system configuration.

Stress testing should include:

1) complete removal and reinstall of the bitcoin client,
2) complete removal and reinstall of the encryption software,
3) decrypting a formerly encrypted wallet and allow it to update all the block chains
4) sending and receiving small amount of bitcoin
5) repeating steps 1 to 4 again a week, month, two months later.
6) think of other worst case scenarios for your system and test with the small amounts of bitcoin

Good luck,
infiniblank
Newbie
*
Offline Offline

Activity: 5


View Profile
September 07, 2011, 10:07:56 AM
 #487

Thanks for the great info everyone. This helps a lot of people, including myself.
bitcoinhead
Newbie
*
Offline Offline

Activity: 15


View Profile
September 07, 2011, 10:28:27 PM
 #488

A yubikey or similar one-time-password (or even out-of-band authentication like an SMS code to your phone) only protects against rudimentary keylogging malware or phishing.  And it only protects the online account where you store bitcoins (clearly doesn't protect a locally stored wallet on your PC).

The problems with this for an online wallet include:
 - man-in-the-middle can get your OTP and password and take over your online wallet
 - man-in-the-browser malware can get your OTP and password and take over your online wallet
 - a hacker can still break into the online wallet service and steal/copy your coins (there are mitigations to this that online wallet services can and slowly are implementing)
 - bitcoin-specific malware can wait until you log into your online wallet and then do a session hijack to allow an attacker to basically become you and be logged in.

For protecting a local wallet, the bootable Linux approach (either on a USB stick or CD) is the most secure.  Store your wallet in an encrypted file partition on a flash drive (you could use a hardware encrypted drive like IronKey or MXI), and inside there, use TrueCrypt to double encrypt your filesystem which contains your wallet.  This is a highly secure approach using both physical crypto, software crypto and a clean OS that is reset every time (because you boot from a CD image).

Not sure how practical this is unless you have LOTs of bitcoins to protect!  And in that case, you should split them up into multiple wallets on different storage devices.
clone4501
Jr. Member
*
Offline Offline

Activity: 56


View Profile
September 12, 2011, 02:49:14 AM
 #489

In securing a wallet, there are some things that you need to do that are applicable to any secure computer.  First and foremast, you need a state-of-the-are firewall!  This will keep away 99.9% percent of the hackers, their trojans and key loggers.  Next, don't download shit unless it is from a reputable source that you can resonably trust. For example, I thought I would be a savy techie and download Kazaan to get free MP3 downloads.  It was not until much later on that I realized that I had downloaded a key logger that most likey was able to read all my PGP passphrases.  Lesson learned here, if you are going to deal with software pirates, remember that age-old adage, "there is no honor among theives."  Also, don't be cheap on your firewall.  Symantec, McAfee, Force 7, Avira, and any of their true competitors is what you should be running.

So lets say 1) you have a secure firewall, 2) you have not downloaded any shit from dubious sources, and 3) done a complete full system scan for viruses and trojans from the above mentioned antiviral programs listed above, and 4) after all that are reasonably confident you have a malware-computer.  Then you are ready to download the Bitcoin client.  If you think you are ready, then you are probably not and should download, let's say another anti-virus client, like Avira, and do a full-system scan again!

Once you download the Bitcoin client, get the hell offline.  Disable your wireless, unplug your usb/ethernet cable.

Now run the client and create your wallet.

TrueCrypt, PGP, or GPG are three good ways to encrypt your wallet.dat file.  Of course, you should have downloaded these earlier, only after you believe (not think) you have a secure firewall and a malware-free computer.

Refer to my earlier post about letting the wallet read all the current block chains.

Then go offline again!

Encrypt the wallet and then shred (rather delete) the unencrypted wallet.dat file.

Read my earlier post about what to do next.

In closing, many have compared Bitcoin to the Wild West of the Internet.  This is true.  So if you are going to be a player in the Bitcoin world, you need to learn a lot about data security and encryption.  It is these two elements that are the real instrinsic value in Bitcoin.

P.S. to all you fucking hackers--I know this site has been compromised, so I have to change my fucking passwords again becuase the host of this forums can't even follow the most basic security... ah fuck off!
 

Cosbycoin
Full Member
***
Offline Offline

Activity: 140


View Profile
September 12, 2011, 08:12:13 PM
 #490

Is this process once finished idiot proof?
Thralen
Full Member
***
Offline Offline

Activity: 123


View Profile
September 13, 2011, 03:35:35 PM
 #491

Is this process once finished idiot proof?

Regardless of what anyone might claim, nothing is idiot-proof. The world has this sick habit of constantly making better idiots.

Thralen

Supporting bitcoin as best I can with 1. mining, 2. buying with bitcoin, 3. selling (or trying to) for bitcoin. If you make a donation to:  1MahzUUEYJrZ4VbPRm2h5itGZKEguGVZK1  I'll get it into circulation.
Portnoy
Legendary
*
Offline Offline

Activity: 1820

My money; Our Bitcoin.


View Profile
September 18, 2011, 03:42:33 PM
 #492

Is there a good tutorial for using TrueCrypt to protect ones wallet?

Buy Bitcoin from CoinbaseXapo
Faucets & Earn Bitcoin Sites: FreeBitco.in; BitsForClicks; Moonbit
penix
Newbie
*
Offline Offline

Activity: 22



View Profile
September 20, 2011, 03:51:35 PM
 #493

I like the idea of securing a second wallet with Truecrypt. If I ever get enough coins to matter, I'm definitely doing this.

NeedyPoo's amazing rendition of RealSolid (NSFW) (http://i.imgur.com/5a9sJ.png)
They say Solidcoin is only good for one thing... (rendition by johnj) (http://i.imgur.com/QXBs3.png)
gutschilla
Newbie
*
Offline Offline

Activity: 19



View Profile
September 21, 2011, 01:18:13 AM
 #494

In securing a wallet, there are some things that you need to do that are applicable to any secure computer.  First and foremast, you need a state-of-the-are firewall!  This will keep away 99.9% percent of the hackers, their trojans and key loggers.  Next, don't download shit unless it is from a reputable source that you can resonably trust.

I cannot emphasize on your last sentence. Better even: Don't download and install anything on the machine you're going to do serious Bitcoin trading with. Of course, you'll need the bitcoin client and a browser. But I've seen too many (both linux and windows, but mostly windows) PCs with tons of crap installed. Oh and refrain from visiting your favourite porn site. Don't install Adobe Flash. Don't open PDFs.

At best, use a dedicated PC. A shiny new 300EUR netbook or your 5yr. old Pentium-M laptop should do.
CJM1682
Member
**
Offline Offline

Activity: 86


View Profile
September 21, 2011, 01:39:03 AM
 #495

oops i forgot my pass-phrase now i am screwed!!!!

LTC: LcN9tjjcNyjgE7HnZHSC686fWuhUUCiWsn      BTC: 163MGvqd2mr7iHumVYSpEM9jpS7dfEEqkv
CHN: CY2tsr2JKmQa7tUgZW9SkRJyUNwHzvveT2   FTC: 6uH8iaXt23WPVcJHy8eGLtm5cst5kYQnhN
josecitox
Newbie
*
Offline Offline

Activity: 3


View Profile
September 21, 2011, 03:00:32 PM
 #496

Great guide! Cheesy
snoopy
Newbie
*
Offline Offline

Activity: 7


View Profile
September 21, 2011, 09:24:07 PM
 #497

Yep, this is a useful guide. Good stuff.
NeonLicht
Jr. Member
*
Offline Offline

Activity: 53


View Profile
September 23, 2011, 08:35:03 AM
 #498

Interesting and entertaining.

Don't feed the troll, feed the Neon
BTC 12A9xBvwZMbDCyszohAki3J721HsCnNbML
nosuchthing
Newbie
*
Offline Offline

Activity: 7


View Profile
September 27, 2011, 11:18:49 AM
 #499

very well written!
bigewok
Newbie
*
Offline Offline

Activity: 14


View Profile
October 01, 2011, 06:18:04 AM
 #500

Thank you!
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 [25] 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 ... 129 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!