Bitcoin Forum
December 04, 2024, 11:10:25 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 »  All
  Print  
Author Topic: HOWTO: create a 100% secure wallet  (Read 9035 times)
aiwk171 (OP)
Jr. Member
*
Offline Offline

Activity: 134
Merit: 1


View Profile
June 15, 2011, 11:45:55 AM
Last edit: June 16, 2011, 07:20:42 AM by aiwk171
 #1

Note: This is a repost of the HOWTO I made in the newbie-forum. If any mod objects to double-posting, or is incredibly pissed at me right now, feel free to delete the thread of your choosing.

Also, there is an excellent article on the Wiki which should give you some ideas about the problem of security. This is meant as a more specific and simple straight-forward guide, i.e I won't spell out where you can find your wallet.dat and so on.


Why?

So, in light of the recent Drama Roll Eyes Kiss and my general feeling that some people are unsure about the security of their wallet (or their PC in general), I've decided to give you an idea how to create a secure savings account for you to deposit your hard-earned coins in.

Clarifications

So, you crazy twat want to invest all your savings in bitcoin, but you're not yet shit-for-brains enough to forget the security aspect of the whole thing? Here's the HowTo for you.

So, the first misconception to clear out, is the concept of the "wallet". The wording in itself is not ideal, since it is more like a key. Cryptographically speaking, it is actually exactly that: your private key.

Now this has the following implication: If someone steals your wallet.dat now, and you deposit coins in it later, the thief will be able to spend/transfer ALL your coins, including those you added _after_ the wallet was stolen! I'm sure a lot of you know this already, I just want to clarify this for everybody.

So, clearly, you have to make it impossible for anybody to _ever_ steal your wallet. Clearly, this is infeasible for your day-to-day transactions account, since encryption will be useless as soon as you want to access your coins (Since the decrypted wallet.dat has to be stored in RAM at some point. There are ways, but for now, consider them a little tedious).

So the solution is the following: you have your spendings-account where you keep only low amounts of coin (much like a real-life wallet), and you have your super-secure savings wallet, which you only access on rare occasions.

How?

I'll try to keep it short: You have to create your savings account under ideal security-conditions. I won't rant about you cunts people using Windows in general, but note that Linux is in no way automagically completely secure. Everything depends a lot on your behaviour.

1. What you'll do is the following: Create a live-CD or a bootable USB with your OS of choice on it. I suggest using the Ubuntu LiveCD.

The reason is simple. When you create your new wallet, you want to make abolutely sure, that your running operating system doesn't in any way log your keys or secretly save your files somewhere.

2. Boot your freshly-created OS, and install the Bitcoin client on it. Yes you can install software inside a liveCD environment. Optionally, also install some encryption software, but we'll leave that for now.

3. Your Bitcoin client will immediately generate 10 addresses for you, and with them, the corresponding wallet.dat.

4. Save your addresses somewhere, if you have to, write them down manually (if you do this, then I bow to your zeal and declare you crazy). I suggest you send them to yourself over email.

5. This is the important step. Copy your wallet.dat somewhere. Burn then on a CD or another medium. I for instance love those little 64MB SD-cards you sometimes get with a new camera. They rock. You might want to make multiple copies (on multiple cards/CDs, not multiple copies of the same file on the same disk you tart).

6. Now, eject whatever you just copied on, and guard it like your life depends on it. Not really, but here is the important step: If you encrypted your wallet.dat with an encryption algorithm you feel safe about, just keep it around your house.

7. Shut down. There will be no trace of your walled.dat on your harddisk, since it never actually resided there.

Important: You will want to keep another copy somewhere else, in a safe physical location, or at least one that is safe while your house burns down. You might already know it, but losing your wallet.dat is worse than someone stealing it. It'll be gone forever.

If you didn't encrypt the file (which I prefer), put the SDcards, CDs, whatever in a safe. That's right: a real-world safe, like banks have, who also happen to lock their doors and are in general very anal about their security and all that jazz. You can rent small safety-deposit boxes in exchange for money. As a bonus, it'll be fire-proof as well.

8. In case it's not yet obvious: You will now only make day-to-day transactions like you used to do it, on your computer (are you _still_ using windows?) and every now and then, you will put some coins into your savings-account. Using the addresses from step 4). How much you want to keep in your wallet is up to you.

But how can I haz my money back?

Okay, for those of you who didn't guess it yet: Whenever you want to make a transaction from your savings-account to someplace else, get your wallet.dat out of the safe, boot up your liveCD (don't you dare using your regular OS after all this work, or I'll come beat you up personally) and do the reverse: Install bitcoin again, install the encryption-software if necessary and copy your wallet.dat where it belongs.

Congratulations: you can now access your 25'000 bitcoins and nobody will have messed with them while you were asleep.

Possible attacks

So now, the _only_ way for someone to steal your coin, will be to steal your physical copy of the wallet. That's why you might want to encrypt it, although if you do, don't forget the passphrase. Also, if you die, your family can still get your bank-safe opened, but they won't be able to pick through your brain and get the passphrase out of it. That's why I prefer to not encrypt it.

There is one more possibility: a physical keylogger: It will be able to intercept the password you use to encrypt your wallet.dat, which, if you keep a copy at home, can then be stolen and used. Another reason, why a regular safe is the best option in my humble opinion.

What else?

EDIT: A little protip for those who don't know: You can of course use blockexplorer.com to keep track of your account while it's safely hidden away. Doing this will simply allow you to see how many coins are associated with a given address.

I suggest you also create new day-to-day wallets (even having a few coins stolen can be frustrating), as your current ones might already have been stolen. Of course, this requires a secure OS, so you better ditch that infected piece of shit fine gear of yours. DON'T just create new wallets on the system you're using right now, since it won't solve anything in case you're already infected.

In addition, it doesn't hurt to read up on some technical details. Use the Wiki. Learn the difference between the amount in your wallet, and the amount on the different block-addresses. If you handle a lot of money, ACT ACCORDINGLY. Don't get all crazy-enthusiastic-venture-capitalist and invest all your savings in bitcoin. Also, don't speculate too much on the price development, you'll make more money if you use that time to work at a regular job.

Now, if you happen to make/have made a significant amount of coins, don't run around telling everybody like the self-satisfied vagina that you are. You wouldn't do that with real money either. At least I hope so.

Also, someone will probably make a bitcoin-specific liveCD, which should save some hassle in the steps above.
Also, take it easy and be a cool guy woh doesn't afraid of anything.
Also, pick up a book every now and then.


Yes, there are other ways to do this, and yes, some might be more practical and maybe just as secure. Write a comment about it.

If anyone has any clarifications, questions, suggestions, or wants to call me a moron, please feel free to do so, and I'll see if there is anything to be improved about it. Also, spelling mistaeks.

Also, in case anybody got all excited by this guide and/or seen the light of Jesus-Christ the saviour AND wants to thank me with coins (why on earth would you do that?), here's my address: 16VD78R8nxqJGesE7E9KS6A8TikQQpKNm5

Have fun. Cool

EDIT: Corrections and added a few insults just for you, dear anonymous reader.
Brainslug
Newbie
*
Offline Offline

Activity: 35
Merit: 0


View Profile
June 15, 2011, 12:53:45 PM
 #2

+1 Me likey.

Guess as soon as I start to trade with larger amounts of BTC I'll use that technique. Thanks for that guide.
aiwk171 (OP)
Jr. Member
*
Offline Offline

Activity: 134
Merit: 1


View Profile
June 15, 2011, 12:53:53 PM
 #3

mods: is it possible, to somehow ShamWow merge these two topics, or at least redirect the replies to just one of the two?

http://forum.bitcoin.org/index.php?topic=17240.msg222430
http://forum.bitcoin.org/index.php?topic=17240.0

If not, then I'm sorry I made such a mess on your carpet.
aiwk171 (OP)
Jr. Member
*
Offline Offline

Activity: 134
Merit: 1


View Profile
June 15, 2011, 12:56:33 PM
 #4

Thanks for that guide.

You're welcome. And remember: nothing prevents you from doing the whole procedure now and just transferring a few coins every now and then. You'll get the extra satisfaction of having something like a piggy bank Smiley
Brainslug
Newbie
*
Offline Offline

Activity: 35
Merit: 0


View Profile
June 15, 2011, 01:22:21 PM
 #5

Yeah, I think I'm slowly beginning to think in the context on how to keep my BTC safe (I hope that made any sense, english isn't my first language Cheesy)

I was thinking of using my old netbook I don't use at all (because it was too slow for my purposes), install Ubuntu on it and create my savings wallet there. Now I thought of something (I'm probably not the first) so I'd appreciate it if you (or anybody else) may give me some feedback on that thought:

I make a completely clean installation of Ubuntu on that netbook. I only once let it connect to the internet to install all current needed updates and the Bitcoin Client. As soon as that's finished I completely disconnect it from the internet and generate a few addresses which I write down on my PC on which I use my every-day-wallet. I either use that every-day-wallet or the addresses of the savings-wallet directly to store my "savings-BTC".
Now if in some point in time I want to withdraw something from my savings-wallet, I first transfer everything from my every-day-wallet to the savings-wallet. Then I turn on the netbook, take a completely clean USB-stick (or any other medium), move the savings-wallet on that medium and repeat the first step (create a new wallet on the netbook and write down the addresses). Then copy the old savings-wallet on my PC and transfer the remainder of the BTC (if I only want to withdraw a certain amount) to the new savings wallet.

Although... now that I read it, it doesn't seem as safe as I first thought it was >.>
bcearl
Full Member
***
Offline Offline

Activity: 168
Merit: 103



View Profile
June 15, 2011, 01:35:09 PM
 #6

First security advice I read here that doesn't look like total bullshit.


Thank you for your work!





Ultimately you could do security in three stages then:

1. Regular user account has a wallet with small amounts only.
2. For larger but not huge amounts you could follow my advice for a second user account.
3. For huge amounts your proposal is the only way in my opinion.

Misspelling protects against dictionary attacks NOT
aiwk171 (OP)
Jr. Member
*
Offline Offline

Activity: 134
Merit: 1


View Profile
June 15, 2011, 01:44:29 PM
 #7

Brainslug: Seems to kinda-work, but always be careful with overly complicated schemes: the possibilities for making an error are simply much bigger. Also, it seems a little tedious. Plus there is the physical security of your notebook. If you don't encrypt the partition, it will be open to anyone getting his hands on your machine.

Thank you for your work!

I aim to please. Happy that you like it.
Brainslug
Newbie
*
Offline Offline

Activity: 35
Merit: 0


View Profile
June 15, 2011, 02:01:16 PM
 #8

Yeah, that the netbook will be encrypted is already in my thought-process (that's why I didn't write it explicitly Cheesy). And I think one could write a simple script that 1) wipes the USB medium completely
2) copies the old savings-wallet to the medium
3) runs the Bitcoin client and (if that's even possible) automatically generates a few addresses and saves them in a textfile on the USB medium

Though I think the last step is not possible afaik, but it also isn't necessarily needed.
bcearl
Full Member
***
Offline Offline

Activity: 168
Merit: 103



View Profile
June 15, 2011, 02:12:42 PM
 #9

Brainslug: Seems to kinda-work, but always be careful with overly complicated schemes: the possibilities for making an error are simply much bigger. Also, it seems a little tedious. Plus there is the physical security of your notebook. If you don't encrypt the partition, it will be open to anyone getting his hands on your machine.

Thank you for your work!

I aim to please. Happy that you like it.

We already asked for a security subforum, maybe you join the request.

https://forum.bitcoin.org/index.php?topic=16273.0



If you have time and want to, you could also review my specific multi-user Ubuntu setup. Of course it is a trade of between perfect security and usability. A seperate system as you propose is absolutely necessary for huge amounts of coins.

http://forum.bitcoin.org/index.php?topic=15068.0

Misspelling protects against dictionary attacks NOT
aiwk171 (OP)
Jr. Member
*
Offline Offline

Activity: 134
Merit: 1


View Profile
June 15, 2011, 02:17:36 PM
Last edit: June 15, 2011, 03:17:54 PM by aiwk171
 #10

We already asked for a security subforum, maybe you join the request.

https://forum.bitcoin.org/index.php?topic=16273.0

If you have time and want to, you could also review my specific multi-user Ubuntu setup. Of course it is a trade of between perfect security and usability. A seperate system as you propose is absolutely necessary for huge amounts of coins.

http://forum.bitcoin.org/index.php?topic=15068.0

I'll have a look at both, promised. I have to run now though, I'll be back later.
aiwk171 (OP)
Jr. Member
*
Offline Offline

Activity: 134
Merit: 1


View Profile
June 15, 2011, 03:39:52 PM
 #11

bcearl: Your setup seems quite the sensible thing to do. It's actually the method recommended by the wiki, and right now I can't think of any reason why this shouldn't be very secure. Especially if you never run any programs when logged in as the secure user.

However, the problem of keylogging (physically) still exists, as your password is the point of entry for any attacker. Other than that, you'll be completely fine.

Edit: Actually, the weak point is the login password, just wanted to clarify that (If I'm correct in assuming that your home directory is decrypted as soon as you log in. At least in RAM.). Also, scusi for the double post.
kokojie
Legendary
*
Offline Offline

Activity: 1806
Merit: 1003



View Profile
June 15, 2011, 03:43:23 PM
 #12

Your setup seems quite the sensible thing to do. It's actually the method recommended by the wiki, and right now I can't think of any reason why this shouldn't be very secure. Especially if you never run any programs when logged in as the secure user.

However, the problem of keylogging (physically) still exists, as your password is the point of entry for any attacker. Other than that, you'll be completely fine.

How does a keylogger get installed on a live cd?

btc: 15sFnThw58hiGHYXyUAasgfauifTEB1ZF6
aiwk171 (OP)
Jr. Member
*
Offline Offline

Activity: 134
Merit: 1


View Profile
June 15, 2011, 03:46:50 PM
 #13

How does a keylogger get installed on a live cd?

See my link in the guide. Not only are there physical keyloggers which you usually put between the keyboard an the USB-port, but there are ways to remotely monitor what you're typing.
bcearl
Full Member
***
Offline Offline

Activity: 168
Merit: 103



View Profile
June 15, 2011, 03:49:05 PM
 #14

bcearl: Your setup seems quite the sensible thing to do. It's actually the method recommended by the wiki, and right now I can't think of any reason why this shouldn't be very secure. Especially if you never run any programs when logged in as the secure user.

However, the problem of keylogging (physically) still exists, as your password is the point of entry for any attacker. Other than that, you'll be completely fine.

Edit: Actually, the weak point is the login password, just wanted to clarify that (If I'm correct in assuming that your home directory is decrypted as soon as you log in. At least in RAM.). Also, scusi for the double post.

Yes, that's why I have a 12-character password with really independent characters of all categories, which I meantioned in the Howto.

Idea for your setup: It looks reasonable for me to disable unnecessary dangers in the system, like automatic mount and preview of files.

Misspelling protects against dictionary attacks NOT
Brainslug
Newbie
*
Offline Offline

Activity: 35
Merit: 0


View Profile
June 15, 2011, 03:55:38 PM
 #15

If you're looking for really strong passwords I can always recommend a YubiKey http://www.yubico.com/yubikey
Using a "normal strong" password (something you can actually remember) in combination with the 16-64 character long static password on the YubiKey provides pretty good safety. Though you then have to watch out for your YubiKey of course Cheesy
Sandoz
Member
**
Offline Offline

Activity: 85
Merit: 10


View Profile
June 15, 2011, 04:02:19 PM
 #16

How does a keylogger get installed on a live cd?

See my link in the guide. Not only are there physical keyloggers which you usually put between the keyboard an the USB-port, but there are ways to remotely monitor what you're typing.

Use an on-screen keyboard to get around hardware keyloggers. Cumbersome but quite safe...
jerfelix
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250


View Profile
June 15, 2011, 04:05:59 PM
 #17

@aiwk171-

Excellent guide, and I especially appreciate the crossed out words.

The only thing I did differently was:
1.  Download LinuxCoin, which is a "Live CD" that includes Bitcoin
2.  Install LinuxCoin while you are disconnected from the internet.  This way there's no chance someone will hack you during the minutes it takes to complete this procedure.
3.  Fire up your PC running LinuxCoin, start up Bitcoin, and create your wallet file.
4.  EXIT Bitcoin
5.  Dump your wallet file to multiple mediums, including CD, USB key, and maybe even paper.

My wallet.dat file was 16K, so a lot of hex to re-key in later (in an emergency situation), but really you only need less than 1K of the file: your public and private keys to enable the one Bitcoin Address to work. 1K of hex isn't impossible to type in.  I may write a quick python script to pull out the critical few bits from wallet.dat, as an emergency+emergency backup.  Of course, a QR code would be nice, but too much work for the emergency+emergency backup!

The only reason I really like paper is because I am thinking 50 years down the road, when someone pulls out my safe-deposit box.  I'm afraid electronic media might be in jeopardy.

Don't forget to include instructions for your next-of-kin.  It's possible that they will find the disks, and not realize the potential value stored on them (especially if it's in the next year or two, before digital currency really is wide-spread).

---

And, for everyone who is too lazy or not technical enough to do all this, the alternative is to find a Linux geek who you REALLY Trust to execute these steps for you.

If you ARE the Linux geek who can follow these instructions, I encourage you to offer your service to others.  Once you fire up your Live CD, create a few of these "vaults" for your non-technical friends.

---

Also, note that if you make regular deposits to this account, you can check the status of them at any time on Blockexplorer.com, and see that your deposit was made.  You can also sort of verify the balance at any time, and make sure no one is stealing your Savings account. 

aral
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
June 15, 2011, 04:21:51 PM
 #18

You could always just get a crappy cheap little netbook to put your safe wallet on and keep that in the safe.  Saves a lot of faffing with CDs.
Drifter
Sr. Member
****
Offline Offline

Activity: 364
Merit: 252


View Profile
June 15, 2011, 04:27:04 PM
 #19

You could always just get a crappy cheap little netbook to put your safe wallet on and keep that in the safe.  Saves a lot of faffing with CDs.

You're still going to have to connect to the internet if you ever want to spend the coins.

aiwk171 (OP)
Jr. Member
*
Offline Offline

Activity: 134
Merit: 1


View Profile
June 15, 2011, 04:30:24 PM
 #20

+1 for you jerfelix

aral: So you're saying burning CDs is too tedious, better buy a netbook and use that as medium? And do you specifically require a crappy one?  Roll Eyes
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!