tjohej
Sr. Member
Offline
Activity: 378
Merit: 250
Magic Staff
|
|
October 29, 2012, 01:20:18 PM |
|
I think the guide to being secure doesn't need to be complex at all, though I don't know if the required technologies are available to write such a simple guide.
For example I think that an offline computer can send money without being connected to the internet. You just use your signing keys(you must also know manually how much bitcoins you have beforehand, without having any blockchain around. Here you can use blockchain.info to check that up, advised to access it through Tor. Then since you know how much you have, you use your private key on that offline computer and sign a transaction. Then you transfer that transaction with a usb key storage to your main computer which may be virus and trojan+keylogger infested and just execute the transaction. Voila!
Though are these technologies available. We would need a very simple program, one that doesn't like need the latest version of Ubuntu, not the full fledged bitcoin-qt, except if it can work in offline mode and it can allow to send Bitcoins without needing an internet connection.
The above are maybe a bit of half-baked thoughts.
|
There may still be hope for the 1st decentralized cryptocurrency which is Bitcoin. How to approach different subjects is key to progress.
|
|
|
Jimmysmith
Newbie
Offline
Activity: 49
Merit: 0
|
|
October 29, 2012, 09:54:01 PM |
|
ijust secured my lr because i did lr to btc exchange and someone hacked my lr with all the funds smh
|
|
|
|
thenixedreport
Newbie
Offline
Activity: 7
Merit: 0
|
|
October 30, 2012, 04:54:54 PM |
|
At the very least, I've avoided using online wallet services after reading about btc thefts. So the argument about keeping those savings accounts on physical media and physically locked in a safe is not a bad one to make.
|
|
|
|
piramida
Legendary
Offline
Activity: 1176
Merit: 1010
Borsche
|
|
October 31, 2012, 08:24:59 AM |
|
Great Info...
However, as I am not a wealthy man in bitcoins, I still use blockchain.info 's wallet, as it appears to be pretty secure to me.
If I however be wealthy in btc's, I will surely add more protection to my money.
Thanks.
You are right, this whole thread is obsolete. There are two million + 1 ways to lose your bitcoins if you do encrypt your disk and create cold storage wallet and use regular client which you would never start. There's only one (ok two) passwords between you & your money on blockchain wallet, it is easy, secure (as long as your computer is secure), and convinient. The only thing they need to do is to remove the builtin satoshi dice. I mean really, that's very distracting and dangerous. Have to keep money in an archived address to not waste them all while not sober.
|
i am satoshi
|
|
|
gazwel
Newbie
Offline
Activity: 12
Merit: 0
|
|
November 01, 2012, 10:01:22 AM |
|
I know people mostly just reply on here to get their post count up but that is some seriously great information in the OP, thanks
|
|
|
|
thirdchance57
Full Member
Offline
Activity: 190
Merit: 100
★Bitvest.io★ Play Plinko or Invest!
|
|
November 01, 2012, 07:15:25 PM |
|
why not just use an anti keylogger program ?
|
|
|
|
alien193
Newbie
Offline
Activity: 13
Merit: 0
|
|
November 01, 2012, 09:49:22 PM |
|
aren't sites like blockchain or instawallet secure aswell?
|
|
|
|
Richy_T
Legendary
Offline
Activity: 2548
Merit: 2264
1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k
|
|
November 02, 2012, 12:04:29 AM |
|
aren't sites like blockchain or instawallet secure aswell?
That's exactly the question. How much do you trust them? Even if they're "smashing chaps", that doesn't preclude them from making a mistake. Of course, you may make a mistake too so how much do you trust yourself. The security ultimately resides in access to the private key. If only you have access to it, that's about as secure as it's possible to get.
|
1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k
|
|
|
mintcoin
Newbie
Offline
Activity: 15
Merit: 0
|
|
November 02, 2012, 06:53:21 AM |
|
aren't sites like blockchain or instawallet secure aswell?
As long as you use the zerotrust method i.e. have the private keys yourself then they're fine. But imo people shouldnt worry too much about bitcoin security - its far more secure than nearly all other forms of online transctions e.g. Paypal, moneybookers. The main problem is the flucuating exchange rate... But this doesnt mean you can then use your bitcoin client on a comp which is used by other people who moght get it infected - still use a livecd. The main problem though is that you have to trust the liveCD to not suddenly become infected...
|
|
|
|
Kazimir
Legendary
Offline
Activity: 1176
Merit: 1011
|
|
November 02, 2012, 11:43:27 AM |
|
why not just use an anti keylogger program ? such as?
|
|
|
|
arco1
Newbie
Offline
Activity: 2
Merit: 0
|
|
November 02, 2012, 06:21:16 PM |
|
why not just use an anti keylogger program ? such as? I am interested also. All the keylogging software I have used has been too troublesome, given its effect on slowing down my pc.
|
|
|
|
nobbynobbynoob
|
|
November 02, 2012, 06:34:07 PM |
|
why not just use an anti keylogger program ? such as? On-screen keyboards (Windows or Kaspersky)? KIS also comes with anti-screen-dump tools, I think, though I don't currently own a KIS licence/copy myself.
|
|
|
|
Monkey1
|
|
November 02, 2012, 08:24:35 PM |
|
Ive said it several times but the most secure solution is Armory! Goole it, download it, make an offline wallet and off you go.
|
|
|
|
TraderJoe42
Newbie
Offline
Activity: 3
Merit: 0
|
|
November 04, 2012, 06:46:58 PM |
|
How paranoid is all of this? or in other words, would it be reasonably safe to just use the bitcoin.org wallet on a PC if you aren't storing a small fortune in bitcoins?
|
|
|
|
nobbynobbynoob
|
|
November 04, 2012, 06:56:34 PM |
|
How paranoid is all of this? or in other words, would it be reasonably safe to just use the bitcoin.org wallet on a PC if you aren't storing a small fortune in bitcoins?
This, if you're reasonably confident you're not already infected with malware. The theft cases I've read on here have involved unencrypted wallets left floating around, but even so, you can't be too careful, and storing large quantities of BTC (certainly 1000s, even 100s if not for immediate use) in "cold wallets" offline is strongly advisable per the information provided in this thread. I think the pertinent point is that users understand the endemic risk, not that they're bound to get robbed if they have BTC100+ on their live computer!
|
|
|
|
Bart31
Newbie
Offline
Activity: 22
Merit: 0
|
|
November 04, 2012, 08:19:23 PM |
|
Everyone has an old computer somewhere. Just reinstall that one cleanly, install AV software on it and only use it for bitcoins. If you do not use that computer for surfing or other things, it is perfectly secure for storing your wallet. Have bitcoin-qt on there and - if you have a lot of bitcoins - store them in Armory on that PC. Use that for your savings.
You can have a bitcoin-qt on your everyday-use computer for your pettycash. If you are a miner, let the pool send the credits to your pettycash account. When there is some value in there, send it over to you dedicated savings BTCPC.
If you need some bitcoins for spending, just send it from your savingsBTCPC to your everydayPC's pettycash wallet and do your payments with that one.
With Armory, you can even PRINT ON PAPER your private keys. No more backups, you have your private key printed out! (or save it on a dedicated USB stick you do not use for other things).
What if all your systems die on you? Get a new computer, install bitcoin-qt. Let it update the bitcoinchain (yes, wait a couple of days, unfortunally). Install Armory and fill in your private keys from the printed paper. Your back in business.
If you make sure your bitcoin-qt wallet on the savingsBTCPC is empty (ie, all is in the Armory) and you have little or none BTC in your pettycash PC (or have a backup of the wallet.dat), you do not lose a dime.
Onlinewallets, suite yourself. I do not want to be depending on third parties security settings. I want to have it in my own control. Ok, I have some BTC and Euro's at MTGOX. I know.... but that's just my pettycash.
|
|
|
|
bruj0
Newbie
Offline
Activity: 32
Merit: 0
|
|
November 05, 2012, 08:10:28 AM |
|
Having lost a few bitcoins when I rebuilt my laptop without saving off the dat file - D'oh! I have taken these precautions this time thanks for the simple instructions and guide
|
|
|
|
MinorMiner
Member
Offline
Activity: 73
Merit: 10
|
|
November 05, 2012, 02:45:42 PM |
|
Great Info...
However, as I am not a wealthy man in bitcoins, I still use blockchain.info 's wallet, as it appears to be pretty secure to me.
If I however be wealthy in btc's, I will surely add more protection to my money.
Thanks.
blockchain.info works for me too .. nice and simple I find. What you can also do is make a private key for an address that you only keep locally safe (written on paper in safe deposit box even). The corresponding address can be added as a 'view only' address in blockchain.info. You can then send coins TO that address, but cannot be sent FROM that address without the super-secure private key. So periodically you can secure a number of coins.
|
All contributions gratefully received 1G6Wia22Jnpz2DUisA5EoAC6KJ7MHm6QyP
|
|
|
xx78213
Newbie
Offline
Activity: 41
Merit: 0
|
|
November 06, 2012, 08:01:07 AM |
|
Great guide, I really needed some guidance on this issue.
|
|
|
|
tjohej
Sr. Member
Offline
Activity: 378
Merit: 250
Magic Staff
|
|
November 06, 2012, 11:56:34 AM |
|
At the very least, I've avoided using online wallet services after reading about btc thefts. So the argument about keeping those savings accounts on physical media and physically locked in a safe is not a bad one to make.
Maybe it would be smart to have a locked safe, but nothing in there. When the thief comes they steal your whole safe and take it with them only to find it is empty once he/she cracks it open at home. Then you as a smart person has a usb stick somewhere that nobody else would even dream of where it could be. I don't say you should use this technique, because if everybody used it then the thief would not look for the safe, but though again you could be fooling around and then have it in the safe, making the thief look stupid(while he/she avoids searching the safe). What about that combined key thing, where for example your key from your cell phone gets combined with the key from your computer bitcoin client key into one whole that signs important transactions? I think it has been implemented in bitcoind, but how to use it in an easy to understand way? I don't know. Isn't that called "Multisignature transactions"
|
There may still be hope for the 1st decentralized cryptocurrency which is Bitcoin. How to approach different subjects is key to progress.
|
|
|
|