Bitcoin Forum
November 01, 2024, 12:47:31 PM *
News: Bitcoin Pumpkin Carving Contest
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 [13] 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 ... 127 »
  Print  
Author Topic: HOWTO: create a 100% secure wallet  (Read 276208 times)
BitcoinBabe
Member
**
Offline Offline

Activity: 84
Merit: 10


Side-stepping the matrix | Bit by bit


View Profile WWW
June 30, 2011, 05:04:23 AM
 #241

OK,

You've probably already clarified this, but there are just too many replies to go through.

So I haven't made any transactions yet, but I have downloaded the bitcoin software to my PC (yes... it's windows... and?  :|).

Are you saying that even thougth I've done nothing involving my bitcoin wallet thus far, I should NOT back up this wallet onto a liveCD/USB...? Does this mean reinstalling bitcoin in ubuntu and then backing THAT up...?
The wallet contains "keys". Since it was on windows it COULD be compromised. If you back that up it's no good. You need a brand new wallet that's created while running the Live CD. Yes you would install Bitcoin while in Ubuntu. Run it. Get some addresses and then close it. Make sure its a new version of Bitcoin. Backup/Encrypt the new wallet. OR see:
https://forum.bitcoin.org/index.php?topic=24546.0 it may be more simple for a savings only account...

Gotcha!

Muchas gracias. Smiley

infested999
Hero Member
*****
Offline Offline

Activity: 854
Merit: 500



View Profile
June 30, 2011, 04:07:30 PM
 #242

Truecrypt volume inside a Virtual machine for maximum security xD

              ▄███▄   ▄███▄
              █████   █████
      ▄███▄    ▀▀▀     ▀▀▀    ▄███▄
      █████     ▄██▄ ▄██▄     █████
       ▀▀▀ ▄██▄ ▀██▀ ▀██▀ ▄██▄ ▀▀▀
 ▄███▄     ▀██▀           ▀██▀     ▄███▄
 █████ ▄██▄                   ▄██▄ █████
  ▀▀▀  ▀██▀                   ▀██▀  ▀▀▀
                       ▄█
▄███▄ ▄██▄            ███ ███  ▄██▄ ▄███▄
█████ ▀██▀  ████      █████    ▀██▀ █████
 ▀▀▀         ▀███▄    ████           ▀▀▀
       ▄██▄    ████   ███     ▄██▄
 ▄███▄ ▀██▀     ▀███  ███     ▀██▀ ▄███▄
 █████            ███▄██           █████
  ▀▀▀              ▀████            ▀▀▀
                     ███
                     ███
                     ██
                   ███

████    ██
  ████    ██
    ████    ██
      ████    ██
        ████    ██
          ████    ██
          ████    ██
        ████    ██
      ████    ██
    ████    ██
  ████    ██
████    ██










White Paper
Yellow Paper
Pitch Deck
Telegram
LinkedIn
Twitter
netrin
Sr. Member
****
Offline Offline

Activity: 322
Merit: 251


FirstBits: 168Bc


View Profile
June 30, 2011, 04:09:32 PM
 #243

... Since it was on windows it COULD be compromised.

There seem to be two schools of thought regarding the Linux vs. Windows security issue. (1) is that Linux is inherently more secure by design vs. (2) Windows has bigger market share and perhaps fewer technical users and is thus an easier, more lucrative target.

I subscribe to both schools, but I think bitcoins presents an interesting test case of these theories. We are a community made of a disproportionately high number of Linux users. Compromising our systems provides a nearly untraceable and immediate benefit to an attacker (namely copying and spending the wallet.dat file).

While it can probably still be said that the Linux users represent a higher technical level, it seems they might represent a bigger market share (do we have statistics on this?). So we may soon have more insight into assertion (1).

I run Linux, but I must admit, I am very concerned. The bitcoin client must implement encryption (unlocking on send only) and offline transaction files. I would not be surprised if we see a successful Linux trojan before Christmas which could do much damage to the general confidence in bitcoin security.

Greenlandic tupilak. Hand carved, traditional cursed bone figures. Sorry, polar bear, walrus and human remains not available for export.
netrin
Sr. Member
****
Offline Offline

Activity: 322
Merit: 251


FirstBits: 168Bc


View Profile
June 30, 2011, 04:14:12 PM
 #244

Truecrypt volume inside a Virtual machine for maximum security xD

I am afraid you will all loose your keys after hardware failure rather than a malicious attack. I symetrically encrypt multiple wallets offline, then commit the encrypted wallets to distributed version control, and replicate the repositories on multiple devices.

I only decrypt one wallet at a time for spending, thus exposing only a subset of bitcoins to the network. I can check my total balances in the block chain. I am protected from both malicious attack and hardware failure. And it's MUCH easier than LiveCD's with encrypted shares that may Ooops! get lost.

Greenlandic tupilak. Hand carved, traditional cursed bone figures. Sorry, polar bear, walrus and human remains not available for export.
jasonstx
Newbie
*
Offline Offline

Activity: 53
Merit: 0


View Profile
July 01, 2011, 02:52:10 AM
 #245

Forgive my ignorance, but couldn't you just get the vmware player (free), make your own vmx to install ubuntu, install bitcoin and truecrypt, download all the blocks, snapshot, mount and import your wallet.dat from truecrypt volume on USB, send BTC, shutdown and delete snapshot?  There isn't really even a need to make a change in your truecrypt volume.

I realize that you could possibly do forensics on the drive and recover that deleted snapshot but that requires physical access to the drive.

And AFAIK Ubuntu is pretty safe as it doesn't listen for any incoming connections.

So if it was a dedicated single use just for BTC transactions (no browsing, etc.) would it be fine for non-paranoid people?




John (John K.)
Global Troll-buster and
Legendary
*
Offline Offline

Activity: 1288
Merit: 1227


Away on an extended break


View Profile
July 01, 2011, 03:33:41 AM
 #246

Informational and funny to read  Grin
PandaMiner
Sr. Member
****
Offline Offline

Activity: 322
Merit: 250



View Profile
July 01, 2011, 06:03:21 AM
 #247

** Poll: Who is really doing so? **

Be honest. How many of us really use two wallets?
One for daily buying and selling. One for saving.

I am.  I tried out with small amounts first, and making sure my boot-from-ubuntu-usbkey worked multiple times before sending my "savings" to it.

❘|❘ NEUFUND Re-Imagine ICOs | Connect off- and on-chain with equity tokens | Enjoy risk-free commitment
JOIN THE ICBM | JOIN THE DISCUSSION
nipsy
Newbie
*
Offline Offline

Activity: 9
Merit: 0


View Profile
July 01, 2011, 06:32:58 AM
 #248

I know it's coming, but I still can't fathom why the client didn't include the option early on of encrypting the private keys in use in your wallet.  Seems like an obvious requirement for such a currency as this.
mystery2048
Member
**
Offline Offline

Activity: 70
Merit: 10


View Profile
July 01, 2011, 09:13:46 AM
 #249

In my opinion, the first adage to obey is, Dont put all your eggs in one basket, before considering anything else about security... I dont think anyone should have too much money in any one wallet at a time...

Important: https://bitcointalk.org/index.php?topic=92424.0;all

Donations: 1HWMQv2VYviAgpy6NWNvVg9JhKm4zcMGS5
rowyourboat
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
July 01, 2011, 09:18:08 AM
 #250

great post, thanks!
sealkid
Jr. Member
*
Offline Offline

Activity: 59
Merit: 1


Honk, honk!


View Profile
July 01, 2011, 12:21:12 PM
 #251

thanks for the info! very useful

Come join my triplemining minipool! (http://sealkid.triplemining.com/register)
PandaMiner
Sr. Member
****
Offline Offline

Activity: 322
Merit: 250



View Profile
July 01, 2011, 03:21:34 PM
 #252

I am in the process of installing bitcoin client on one of my miners for testing purposes.  It has been 3 hours and it still hasn't downloaded all of the blocks yet.  I fear every day puts minutes onto this time.  Which means that by this time next year, it will take a day or more to have a fully up-to-date client.

I wonder if there is a way to copy the database?

❘|❘ NEUFUND Re-Imagine ICOs | Connect off- and on-chain with equity tokens | Enjoy risk-free commitment
JOIN THE ICBM | JOIN THE DISCUSSION
samadamsbeer
Member
**
Offline Offline

Activity: 93
Merit: 10


View Profile
July 01, 2011, 04:04:13 PM
 #253

Sorry I have not gone thru all 14 pages, plan to do so. I did run a search on this and did not find an answer.

I asked the same question here: https://forum.bitcoin.org/index.php?topic=20298.msg311431#msg311431

Quote
Mine (Bitcoin data folder) is over 300MB already, looks like the block chain files are the main culprit in the hundred of mb. Like the file blk0001.dat is over 300MB. But if I want to follow the instructions to secure my wallet here https://en.bitcoin.it/wiki/Securing_your_wallet using a Truecrypt container it says to make the container at least 100MB. At this rate of growth it seems I need to make my container in the GBs if I don't want to keep recreating it? Am I missing something? Can I just encrypt a container for the wallet.dat and not the block chains?
cocodapuf
Newbie
*
Offline Offline

Activity: 27
Merit: 0


View Profile
July 01, 2011, 05:56:08 PM
 #254

Admittedly I read through the guide and the first page of comments, then skipped the rest.  Here are my thoughts...

As someone who works in IT, I think that for most users this process is pretty complicated, but more importantly way too tedious for simply transferring funds.  With my current bank, it's easier for me to transfer funds from my checking account to savings, even though those funds aren't physically in my possession.

Now granted, this is pretty simple for a system that is practically 100% secure.  Still, I think most people need a system that is perhaps 99% secure, but much simpler and faster. 
CyberPhunk
Full Member
***
Offline Offline

Activity: 124
Merit: 100


View Profile
July 01, 2011, 06:54:10 PM
 #255

Will definitely have to play around with this.

Thanks for putting the time into sharing the info.

List of client download mirrors / Older Catalyst drivers/SDK
13dRbbqBpfZEmZiXXdLM4NKNoJYsgHbuFJ  <- might as well, in case someone feels generous. Wink
netrin
Sr. Member
****
Offline Offline

Activity: 322
Merit: 251


FirstBits: 168Bc


View Profile
July 01, 2011, 07:11:51 PM
 #256

As someone who works in IT, I think that for most users this process is pretty complicated, but more importantly way too tedious for simply transferring funds.

Agreed. This all needs to be easier/simpler before my Mom will come near it.

Still, I think most people need a system that is perhaps 99% secure, but much simpler and faster. 

What does 99% secure mean? Is that like a water damn or parachute with a 1% hole in it? Or a computer with only one port out of a hundred compromised? Or one malicious out of hundred users? 99% secure is 100% insecure.

Most computers are not secure. This does not mean that their users will die or loose their all of their data, but it means that they are not the only ones in control of their hardware. When there are bitcoins on the machine, that is more of a concern than if the most private things you have a family photos and a tax return.

You have to think of this like a biological virus. A successful virus 'wants' to survive not kill or rather if a virus kills its host it will reduce its chance of replication. A successful virus 'wants' to infect in such a way that the host will continue unaware of infection unless (such as ebola) the host acts in a ways that it increases dissemination (like wandering into markets or going to the hospital and exploding blood upon a large number of vulnerable patients in close proximity).

An attacker does not want its host to know it has been compromised. It does not want to produce concern. It wants to act with surgical precision and maximal effect. We should thank Lulz and other joy riding young crackers for making us aware of our vulnerabilities, for making us conscious and secure.

Greenlandic tupilak. Hand carved, traditional cursed bone figures. Sorry, polar bear, walrus and human remains not available for export.
atomictornado
Newbie
*
Offline Offline

Activity: 27
Merit: 0


View Profile
July 02, 2011, 04:51:57 AM
 #257

Very informative post!  Thanks for sharing!!   Grin
kartcrg84
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
July 02, 2011, 05:03:15 AM
 #258

wow, I probably laughed more than I learned. (I did learn a lot though. thanks a ton!)
BkkCoins
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1009


firstbits:1MinerQ


View Profile WWW
July 02, 2011, 05:17:03 AM
 #259

Sorry I have not gone thru all 14 pages, plan to do so. I did run a search on this and did not find an answer.

I asked the same question here: https://forum.bitcoin.org/index.php?topic=20298.msg311431#msg311431

Quote
Mine (Bitcoin data folder) is over 300MB already, looks like the block chain files are the main culprit in the hundred of mb. Like the file blk0001.dat is over 300MB. But if I want to follow the instructions to secure my wallet here https://en.bitcoin.it/wiki/Securing_your_wallet using a Truecrypt container it says to make the container at least 100MB. At this rate of growth it seems I need to make my container in the GBs if I don't want to keep recreating it? Am I missing something? Can I just encrypt a container for the wallet.dat and not the block chains?


Making a backup of the block chain data is pointless except perhaps to save time later (as then it won't need to be downloaded again). Encrypting and backing up the wallet.dat file is essential and it's not too big. The plan is that future versions of the client will not need to have the full block chain on hand so by the time that data gets painfully huge we should have a solution that does not require downloading the whole chain.

cocodapuf
Newbie
*
Offline Offline

Activity: 27
Merit: 0


View Profile
July 02, 2011, 04:15:46 PM
 #260

Still, I think most people need a system that is perhaps 99% secure, but much simpler and faster. 
What does 99% secure mean? Is that like a water damn or parachute with a 1% hole in it? Or a computer with only one port out of a hundred compromised? Or one malicious out of hundred users? 99% secure is 100% insecure.

Most computers are not secure. This does not mean that their users will die or loose their all of their data, but it means that they are not the only ones in control of their hardware. When there are bitcoins on the machine, that is more of a concern than if the most private things you have a family photos and a tax return.

You have to think of this like a biological virus. A successful virus 'wants' to survive not kill or rather if a virus kills its host it will reduce its chance of replication. A successful virus 'wants' to infect in such a way that the host will continue unaware of infection unless (such as ebola) the host acts in a ways that it increases dissemination (like wandering into markets or going to the hospital and exploding blood upon a large number of vulnerable patients in close proximity).

An attacker does not want its host to know it has been compromised. It does not want to produce concern. It wants to act with surgical precision and maximal effect. We should thank Lulz and other joy riding young crackers for making us aware of our vulnerabilities, for making us conscious and secure.
Heh, the lulz boat has been fun to watch, and I totally agree.  I have a feeling that most people don't see it as a mostly positive force though. 

And to clarify, instead of "99% secure" what I should have said was "good enough" security.  For example, when you punch in your ATM pin, you do it in a public place.  Does some unseen spy have a camera focused on the keypad?  Do you know that nobody tampered with he machine before you got there?  We could all come up with many more (absolutely legitimate) potential security holes.  Still, most people use ATMs and consider them mostly safe.  So what is mostly safe for us?

I found this other thread on the forums that I think satisfies my needs. "How to set up a secure bitcoin savings account"

But seriously, what is your opinion on "good enough" security? (open question to everyone in the thread)
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 [13] 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 ... 127 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!