Bitcoin Forum
November 08, 2024, 02:58:37 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 [123] 124 125 126 127 »
  Print  
Author Topic: HOWTO: create a 100% secure wallet  (Read 276211 times)
Paulieb81
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 18, 2013, 03:27:19 PM
 #2441

I absolutely love this OP! Great info and not all geeky worded, it's nice to see that some people still have personality. I'm going to start working with digital coins and found this with some searching online.
Attani
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 26, 2013, 06:06:59 AM
 #2442

Thanks for the advice. At least now I know how to deal with my paranoia. I've been looking at buying and mining but the whole stealing aspect has made me very nervous. I'm going to start with dogecoins so if I fuck up I won't feel too bad.
rapport
Full Member
***
Offline Offline

Activity: 157
Merit: 100


View Profile
December 28, 2013, 09:26:56 AM
 #2443

The OP guide talks about wallet.dat suggesting the use of bitcoinqt.  For newbies, bitcoinqt is painfully slow to start with and be prepared to spend a day waiting to get the entire blockchain (unless you get bootstrap.dat which I didn't try).
Something like this guide might be more helpful these days:
https://bitcointalk.org/index.php?topic=257672.msg2746081#msg2746081
CountBlood
Newbie
*
Offline Offline

Activity: 8
Merit: 0


View Profile
January 04, 2014, 09:07:43 PM
 #2444

I think the OP was not clear on this bit I put in red:

But how can I haz my money back?

Okay, for those of you who didn't guess it yet: Whenever you want to make a transaction from your savings-account to someplace else, get your wallet.dat out of the safe, boot up your liveCD (don't you dare using your regular OS after all this work, or I'll come beat you up personally) and do the reverse: Install bitcoin again

A. How is that the reverse of what you did before? It isn't ... or am I missing the obvious here?
B. Why install bitcoin again? The instructions above did not say to uninstal it, so why do you install it a second time?

Maybe I'm dumber than I thought, or missing something because I'm a noob....or that red bit really is not clear. Obviously I think it's the last, hence my post!  Tongue
jayc89
Hero Member
*****
Offline Offline

Activity: 756
Merit: 500

CryptoTalk.Org - Get Paid for every Post!


View Profile
January 09, 2014, 02:25:07 PM
 #2445

I think the OP was not clear on this bit I put in red:

But how can I haz my money back?

Okay, for those of you who didn't guess it yet: Whenever you want to make a transaction from your savings-account to someplace else, get your wallet.dat out of the safe, boot up your liveCD (don't you dare using your regular OS after all this work, or I'll come beat you up personally) and do the reverse: Install bitcoin again

A. How is that the reverse of what you did before? It isn't ... or am I missing the obvious here?
B. Why install bitcoin again? The instructions above did not say to uninstal it, so why do you install it a second time?

Maybe I'm dumber than I thought, or missing something because I'm a noob....or that red bit really is not clear. Obviously I think it's the last, hence my post!  Tongue

Depending on how you created the LiveCD\USB it may not have persistent storage (and really shouldn't in this case). As such any changes you make within the LiveOS will be lost when you shutdown, hence the need to reinstall bitcoin.

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
.CryptoTalk.org.|.MAKE POSTS AND EARN BTC!.🏆
jerrybaba
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
January 09, 2014, 03:15:43 PM
 #2446

[引用作者= myrm链接=主题= 17240。 msg222367 # msg222367日期= 1308141081]
一个linux发行版,一切你可能需要来得不够快。 就好如果很小,基本上是一个向导,用户完成所有必需的步骤走到安全的钱包。 如果我有时间我就会恢复正常。

它仍然会100%安全吗? 什么是恶意软件的当前状态驻留在BIOS ? 我知道这是什么真是酷毙了从前。 我认为,机器开始引导OSs,安全事后运行持续从同一媒体杀一些。如果公元前起飞,我们会看到一个回到那些日子吗?
(/报价)
12345678
newbitcoin
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile
January 09, 2014, 03:28:34 PM
 #2447

create a 100% secure wallet?

It's impossible due to the SHA-256 is not 100% secure,  Cheesy
upnext
Newbie
*
Offline Offline

Activity: 8
Merit: 0


View Profile
January 15, 2014, 11:26:05 AM
 #2448

If I use mac instead of linux and use sd card that is encrypted by truecrypt, will it be less secure than linux. For example if I download bitcoin client into true crypt container and then install it and create a wallet, then save the wallet only in the container. Will this be secure enough ?
diond
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
January 19, 2014, 11:22:49 PM
Last edit: January 20, 2014, 12:39:11 AM by diond
 #2449

create a 100% secure wallet?

It's impossible due to the SHA-256 is not 100% secure,  Cheesy

Of course, nothing is 100% secure, but writing "HOWTO: Create a 99.9999999% secure wallet" probably didn't have the same ring as 100% Wink

Having a fresh OS every time, with a fresh install of the QT wallet, and keeping 2 copies of your wallet.dat file encrypted on a removable medium (USB or CD/DVD) is probable as close to 100% as you can get ... (I'd keep a copy of the blockchain too, so you don't have to download it again)

Thanks to everyone for all the awesome suggestions in this thread!
fibbonac1z
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
January 20, 2014, 12:04:51 AM
 #2450

Brainwallet is a nice feature to have and unless someone can find a way to crack into people's brains, then it should be secure.
mkendall
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
January 25, 2014, 04:02:37 AM
 #2451

Thanks for the guidelines, will do as you say.
coinerbit
Newbie
*
Offline Offline

Activity: 25
Merit: 0


View Profile
January 25, 2014, 01:23:51 PM
 #2452

I absolutely love this OP! Great info and not all geeky worded, it's nice to see that some people still have personality. I'm going to start working with digital coins and found this with some searching online.
k1ngandr3w1
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
January 26, 2014, 06:28:01 AM
 #2453

-= Small Edit: If you need something which is very secure and grandma-style easy, go vote on this poll and add your thoughts to the discussion. =-

Note: I can only post in the newbie forum for now, but if a moderator deems this topic useful, he may move it somewhere else. Right now, I'm too lazy to get 5 posts, just for the sake of it.

Also, there is an excellent article on the Wiki which should give you some ideas about the problem of security. This is meant as a more specific and simple straight-forward guide, i.e I won't spell out where you can find your wallet.dat and so on.


Why?

So, in light of the recent /19BSM]Drama Roll Eyes Kiss and my general feeling that some people are unsure about the security of their wallet (or their PC in general), I've decided to give you an idea how to create a secure savings account for you to deposit your hard-earned coins in.

Clarifications

So, you crazy twat want to invest all your savings in bitcoin, but you're not yet shit-for-brains enough to forget the security aspect of the whole thing? Here's the HowTo for you.

So, the first misconception to clear out, is the concept of the "wallet". The wording in itself is not ideal, since it is more like a key. Cryptographically speaking, it is actually exactly that: your private key.

Now this has the following implication: If someone steals your wallet.dat now, and you deposit coins in it later, the thief will be able to spend/transfer ALL your coins, including those you added _after_ the wallet was stolen! I'm sure a lot of you know this already, I just want to clarify this for everybody.

So, clearly, you have to make it impossible for anybody to _ever_ steal your wallet. Clearly, this is infeasible for your day-to-day transactions account, since encryption will be useless as soon as you want to access your coins (Since the decrypted wallet.dat has to be stored in RAM at some point. There are ways, but for now, consider them a little tedious).

So the solution is the following: you have your spendings-account where you keep only low amounts of coin (much like a real-life wallet), and you have your super-secure savings wallet, which you only access on rare occasions.

How?

I'll try to keep it short: You have to create your savings account under ideal security-conditions. I won't rant about you cunts people using Windows in general, but note that Linux is in no way automagically completely secure. Everything depends a lot on your behaviour.

1. What you'll do is the following: Create a live-CD or a bootable USB with your OS of choice on it. I suggest using the Ubuntu LiveCD.

The reason is simple. When you create your new wallet, you want to make abolutely sure, that your running operating system doesn't in any way log your keys or secretly save your files somewhere.

2. Boot your freshly-created OS, and install the Bitcoin client on it. Yes you can install software inside a liveCD environment. Optionally, also install some encryption software, but we'll leave that for now.

3. Your Bitcoin client will immediately generate 10 addresses for you, and with them, the corresponding wallet.dat.

4. Save your addresses somewhere, if you have to, write them down manually (if you do this, then I bow to your zeal and declare you crazy). I suggest you send them to yourself over email.

5. This is the important step. Copy your wallet.dat somewhere. Burn then on a CD or another medium. I for instance love those little 64MB SD-cards you sometimes get with a new camera. They rock. You might want to make multiple copies (on multiple cards/CDs, not multiple copies of the same file on the same disk you tart).

6. Now, eject whatever you just copied on, and guard it like your life depends on it. Not really, but here is the important step: If you encrypted your wallet.dat with an encryption algorithm you feel safe about, just keep it around your house.

7. Shut down. There will be no trace of your walled.dat on your harddisk, since it never actually resided there.

Important: You will want to keep another copy somewhere else, in a safe physical location, or at least one that is safe while your house burns down. You might already know it, but losing your wallet.dat is worse than someone stealing it. It'll be gone forever.

If you didn't encrypt the file (which I prefer), put the SDcards, CDs, whatever in a safe. That's right: a real-world safe, like banks have, who also happen to lock their doors and are in general very anal about their security and all that jazz. You can rent small safety-deposit boxes in exchange for money. As a bonus, it'll be fire-proof as well.

8. In case it's not yet obvious: You will now only make day-to-day transactions like you used to do it, on your computer (are you _still_ using windows?) and every now and then, you will put some coins into your savings-account. Using the addresses from step 4). How much you want to keep in your wallet is up to you.

But how can I haz my money back?

Okay, for those of you who didn't guess it yet: Whenever you want to make a transaction from your savings-account to someplace else, get your wallet.dat out of the safe, boot up your liveCD (don't you dare using your regular OS after all this work, or I'll come beat you up personally) and do the reverse: Install bitcoin again, install the encryption-software if necessary and copy your wallet.dat where it belongs.

Congratulations: you can now access your 25'000 bitcoins and nobody will have messed with them while you were asleep.

Possible attacks

So now, the _only_ way for someone to steal your coin, will be to steal your physical copy of the wallet. That's why you might want to encrypt it, although if you do, don't forget the passphrase. Also, if you die, your family can still get your bank-safe opened, but they won't be able to pick through your brain and get the passphrase out of it. That's why I prefer to not encrypt it.

There is one more possibility: a physical keylogger: It will be able to intercept the password you use to encrypt your wallet.dat, which, if you keep a copy at home, can then be stolen and used. Another reason, why a regular safe is the best option in my humble opinion.

What else?

EDIT: A little protip for those who don't know: You can of course use blockexplorer.com to keep track of your account while it's safely hidden away. Doing this will simply allow you to see how many coins are associated with a given address.

I suggest you also create new day-to-day wallets (even having a few coins stolen can be frustrating), as your current ones might already have been stolen. Of course, this requires a secure OS, so you better ditch that infected piece of shit fine gear of yours. DON'T just create new wallets on the system you're using right now, since it won't solve anything in case you're already infected.

In addition, it doesn't hurt to read up on some technical details. Use the Wiki. Learn the difference between the amount in your wallet, and the amount on the different block-addresses. If you handle a lot of money, ACT ACCORDINGLY. Don't get all crazy-enthusiastic-venture-capitalist and invest all your savings in bitcoin. Also, don't speculate too much on the price development, you'll make more money if you use that time to work at a regular job.

Now, if you happen to make/have made a significant amount of coins, don't run around telling everybody like the self-satisfied vagina that you are. You wouldn't do that with real money either. At least I hope so.

Also, someone will probably make a bitcoin-specific liveCD, which should save some hassle in the steps above.
Also, take it easy and be a cool guy woh doesn't afraid of anything.
Also, pick up a book every now and then.


Yes, there are other ways to do this, and yes, some might be more practical and maybe just as secure. Write a comment about it.

If anyone has any clarifications, questions, suggestions, or wants to call me a moron, please feel free to do so, and I'll see if there is anything to be improved about it. Also, spelling mistaeks.

Also, in case anybody got all excited by this guide and/or seen the light of Jesus-Christ the saviour AND wants to thank me with coins (why on earth would you do that?), here's my address: 16VD78R8nxqJGesE7E9KS6A8TikQQpKNm5

Have fun. Cool

EDIT: Corrections and added a few insults just for you, dear anonymous reader.

thanks

I plan to use these tips. 
Sutters Mill
Hero Member
*****
Offline Offline

Activity: 976
Merit: 575


Cryptophile at large


View Profile
January 26, 2014, 08:42:24 AM
 #2454

I'm going to set up a wallet on my raspberry pi. It's portable and it's running Linux, which I hear is safer. Anyone confirm that?
Sonny
Hero Member
*****
Offline Offline

Activity: 868
Merit: 1000


View Profile
January 26, 2014, 08:54:16 AM
 #2455

I'm going to set up a wallet on my raspberry pi. It's portable and it's running Linux, which I hear is safer. Anyone confirm that?

For the Linux part, definitely it is better than Windows Cheesy (most of the virus are targeting to Windows users).
Sonny
Hero Member
*****
Offline Offline

Activity: 868
Merit: 1000


View Profile
January 26, 2014, 08:57:49 AM
 #2456

Brainwallet is a nice feature to have and unless someone can find a way to crack into people's brains, then it should be secure.

Not secure at all if you use simple words like "baseball" or "password".
superben99
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
January 29, 2014, 01:16:23 AM
 #2457

it's so useful, I am newbie to coins world, seeking to go more further now. Smiley
Sutters Mill
Hero Member
*****
Offline Offline

Activity: 976
Merit: 575


Cryptophile at large


View Profile
January 31, 2014, 02:12:39 PM
 #2458

Why not just adapt a 'paper wallet'. Encrypt it in a puzzle. I'm thinking of having my key engraved on to some puzzle pieces, mixing it up and then locking it in a safe. I don't have a huge amount of coin at the moment but it's safe all the same. Nobody will know what it means at the moment even if they do decipher it.
Sonny
Hero Member
*****
Offline Offline

Activity: 868
Merit: 1000


View Profile
January 31, 2014, 02:18:32 PM
 #2459

[引用作者= myrm链接=主题= 17240。 msg222367 # msg222367日期= 1308141081]
一个linux发行版,一切你可能需要来得不够快。 就好如果很小,基本上是一个向导,用户完成所有必需的步骤走到安全的钱包。 如果我有时间我就会恢复正常。

它仍然会100%安全吗? 什么是恶意软件的当前状态驻留在BIOS ? 我知道这是什么真是酷毙了从前。 我认为,机器开始引导OSs,安全事后运行持续从同一媒体杀一些。如果公元前起飞,我们会看到一个回到那些日子吗?
(/报价)
12345678

Can't understand the font..?

lol.
Why did someone make a chinese post here?
And, the google-translated version doesn't make any sense....
Valerian77
Sr. Member
****
Offline Offline

Activity: 437
Merit: 255


View Profile
February 01, 2014, 01:17:29 AM
 #2460

Why not just adapt a 'paper wallet'. Encrypt it in a puzzle. I'm thinking of having my key engraved on to some puzzle pieces, mixing it up and then locking it in a safe. I don't have a huge amount of coin at the moment but it's safe all the same. Nobody will know what it means at the moment even if they do decipher it.

Funny idea - but if one gets the puzzle out of the safe he may be able to solve it.

Simply create an encrypted paper wallet. Print it out five times. Split the key into ten chunks and write one chunk on every print out. Then fold them and seal them with some kind of stamp. After this the five sealed printouts should be given to reliable persons with the instruction only to unseal them in case of your death or on your request. It is a good idea to have at least someone in the group who is not in good relationship to the others.

So then you have a perfect backup of the coins even for your heirs or in case you loose your wallet key or the password.
Pages: « 1 ... 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 [123] 124 125 126 127 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!