|
Bruce Wagner (OP)
|
 |
November 19, 2010, 11:19:15 PM |
|
Sorry if this question has been addressed somewhere... but I couldn't find it.
It's my understanding that anyone who gains access to my wallet.dat file... basically has "the keys to the kingdom". He has all of my money.
That means that backing up my wallet.dat file is important. But it also means that every backup I make, is one more copy that could fall into the wrong hands. No? Kind of like making multiple copies of my house keys...?
What's the best practice with securing the safety of your wallet.dat file?
Also, couldn't there be encryption of my wallet.dat file built-in to the bitcoin app. In other words, upon launch, I am prompted to enter a password. That password un-encrypts my wallet.dat file. Later, when I close the app, it is automatically encrypted again.
This way, I could make a zillion backup copies of the file... without worry... because no one could actually use it without the un-encryption password.
No?
Could PGP encryption of the wallet.dat file be built-in to the app?
I apologize that I'm talking over my head, technology-wise... But you understand my question? Has this topic already been addressed somewhere else?
It seems pretty obvious to me... Who wants just anyone sitting down at their computer to have instant access to all of their money... without even a password standing in their way?
Also... If I backup my wallet.dat file into my Gmail account and my Dropbox.... then all of my money is only as secure as my Gmail account? or my Dropbox account? That's not too secure.
|
|
|
|
|
|
|
|
You can see the statistics of your reports to moderators on the "Report to moderator" pages.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
bitcoinex
|
|
November 20, 2010, 05:53:18 AM |
|
I see on your computer (except for your wallet) photos with someone. What are you doing there? You want to encrypt this photos too?
That's my strategy:
It would be logical to encrypt entire home directory. Mechanisms for this are built in into the windows and linux and may be into mac too.
+ On a home computer I do a backup on a physically separate hard drive, which also contains an encrypted file system.
sometimes I do a backup to a third encrypted disk, but it is rare - about every month or two.
Also, no one ever uses my account but me.
most frightens me that someone could put a hardware keylogger while I'm not home. (I also recently read that the foil hat is not really secure from radiowaves but rather strengthens it)
|
New bitcoin lottery: probiwon.com- Moжeт, ты eщё и в Heвидимyю Pyкy Pынкa вepyeшь? - Зaчeм жe вepoвaть в тo, чтo мoжнo нaблюдaть нeпocpeдcтвeннo? |
|
|
|
nanotube
|
|
November 21, 2010, 06:53:31 AM |
|
well, if you're savvy with pgp or truecrypt, you could do your encryption yourself.
that said, i don't think it's a bad idea to have the option to store the wallet as an encrypted file which requires a passphrase upon every bitcoin start, etc. that way the file is 'encrypted by default', which is not a bad place to be.
|
|
|
|
grondilu
Legendary
 Offline
Activity: 1288
Merit: 1076
|
|
November 21, 2010, 08:24:31 AM |
|
What's the best practice with securing the safety of your wallet.dat file?
You are responsible of the security of your data. So there is no "best practice". Personnaly I encrypt backups with GnuPG, and I use a ecryptfs virtual encrypted Private directory to store my wallet.dat file. None of this solution should be included in bitcoin, because I think bitcoin should adhere to the UNIX philosophy : "do only one thing, but do it well". |
|
|
|
slush
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
November 21, 2010, 12:07:28 PM |
|
You are responsible of the security of your data. So there is no "best practice".
Poor argument. Not all people can be an experts in safety. Why not to help people with transparent encryption of wallet.dat? It should improve security a lot. It can be quite easy, idea is the same as for private keys in GPG. File itself is encrypted with master password and when people want to make a transaction, application ask for password. Maybe there can be short password cache. With this simple thing wallet.dat is almost unusable for other people. Personnaly I encrypt backups with GnuPG, and I use a ecryptfs virtual encrypted Private directory to store my wallet.dat file.
Do you think it is easy? Say it to my mum. None of this solution should be included in bitcoin, because I think bitcoin should adhere to the UNIX philosophy : "do only one thing, but do it well".
But UNIX like system never became a mainstream. With this attitude, bitcoin never became mainstream too, because it will be too difficult to be safe. Imagine that many small companies have its 20 computers on the same LAN, with Windows sharing 'on'. Will people believe in bitcoin anymore after somebody will steal it's wallet.dat from their computers? I fully accept idea of bitcoin, but currently it is still game for a geeks. If we can take it seriously, we have to make it user friendly as much as possible. Answer that 'something does not belong to bitcoin core' will fail. It is also reason why I'd like to see exact specification of bitcoin protocol. Then there can be both simple clients for geeks (with almost no dependencies etc) and eye-candy client for masses. Like bittorent world. |
|
|
|
|
bitcoinex
|
|
November 21, 2010, 12:23:41 PM |
|
You are responsible of the security of your data. So there is no "best practice".
Poor argument. Not all people can be an experts in safety. Why not to help people with transparent encryption of wallet.dat? It should improve security a lot. It can be quite easy, idea is the same as for private keys in GPG. File itself is encrypted with master password and when people want to make a transaction, application ask for password. Maybe there can be short password cache. With this simple thing wallet.dat is almost unusable for other people. Personnaly I encrypt backups with GnuPG, and I use a ecryptfs virtual encrypted Private directory to store my wallet.dat file.
Do you think it is easy? Say it to my mum. None of this solution should be included in bitcoin, because I think bitcoin should adhere to the UNIX philosophy : "do only one thing, but do it well".
But UNIX like system never became a mainstream. you're dead  With this attitude, bitcoin never became mainstream too, because it will be too difficult to be safe. Imagine that many small companies have its 20 computers on the same LAN, with Windows sharing 'on'. Will people believe in bitcoin anymore after somebody will steal it's wallet.dat from their computers?
I fully accept idea of bitcoin, but currently it is still game for a geeks. If we can take it seriously, we have to make it user friendly as much as possible. Answer that 'something does not belong to bitcoin core' will fail. It is also reason why I'd like to see exact specification of bitcoin protocol. Then there can be both simple clients for geeks (with almost no dependencies etc) and eye-candy client for masses. Like bittorent world.
You want for bitcoin went all way to combat with storing users passwords in the disk caches or cleartext in RAM as software like PGP? What protection will give password for wallets really? Many users actually use different passwords for different accounts? Not system administrators or geeks but "regular users"? How many passwords do you personally use? (I think, password protection is a garbage at all. Meatbag can not remember more than 1-2 really good passwords.) |
New bitcoin lottery: probiwon.com- Moжeт, ты eщё и в Heвидимyю Pyкy Pынкa вepyeшь? - Зaчeм жe вepoвaть в тo, чтo мoжнo нaблюдaть нeпocpeдcтвeннo? |
|
|
slush
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
November 21, 2010, 12:43:20 PM |
|
you're dead :-) unix never become mainstream, but I personally use only unix-like systems (linux). You want for bitcoin went all way to combat with storing users passwords in the disk caches or cleartext in RAM as software like PGP?
What protection will give password for wallets really?
I think any kind of password protection will rise security. Each step will discourage small % of attackers and it is good at all. We can discuss where is the edge. If we want discourage 'common John' who known only how to copy and use unencrypted wallet.dat or discourage somebody who is capable to do cold stard attack to password stored in memory. Many users actually use different passwords for different accounts? Not system administrators or geeks but "regular users"?
Many users have two different passwords - one for chats, emails etc and second for banking. Things became better in few last years, because people became use Internet banking. How many passwords do you personally use?
One for very common services where I'm not interested in security and one for each separate services where I want better safety. I never store these passwords anywhere, but have an algorithm how to obtain this password. But nobody who get this one password can reconstruct original algorithm (yes - I'm using hashing function for my passwords for many years). (I think, password protection is a garbage at all. Meatbag can not remember more than 1-2 really good passwords.)
I personally don't remember more than algorithm. But without any password protection of my wallet.dat, I cannot apply this algorithm on that. |
|
|
|
|
wumpus
|
|
November 21, 2010, 12:48:04 PM |
|
(I think, password protection is a garbage at all. Meatbag can not remember more than 1-2 really good passwords.)
Indeed, password protection is way overdue to be replaced with other methods. They are difficult to remember and too easy to sniff with a keylogger / fast camera. Doesn't matter if it is two-factor, biometric, sideband, smartcard, everything is more secure than just a password. Too bad there is so little standardization in that realm, meaning that it is quite some more effort to use those in an actual application. |
Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through File → Backup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts. |
|
|
slush
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
November 21, 2010, 12:51:23 PM |
|
It would be logical to encrypt entire home directory. Mechanisms for this are built in into the windows and linux and may be into mac too.
By the way, this increase safety against physical attacks (somebody can steal your disk, but will find data unusable), but not again software attacks, because *all* software on your computer see wallet.dat unencrypted. When file on disk will be everytime encrypted and client ask for password, user can decide if he is doing correct transaction or something strange happen. This does not mean we have to make strange memory management etc. Plaintext password in memory (for time of transaction) is enough for this issue (it is much much harder to get unencrypted wallet for common John). |
|
|
|
slush
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
November 21, 2010, 12:54:12 PM |
|
Indeed, password protection is way overdue to be replaced with other methods. They are difficult to remember and too easy to sniff with a keylogger / fast camera.
But both is much much harder than move plaintext file to USB and go away. Nothing is perfect, but current situation is extremely unperfect :-). |
|
|
|
|
Anonymous
Guest
|
|
November 21, 2010, 01:13:21 PM |
|
I use keepass to create strong passwords and then I only have to remember the master password and the password file location on my computer.
|
|
|
|
|
|
bitcoinex
|
|
November 21, 2010, 01:29:25 PM |
|
You want for bitcoin went all way to combat with storing users passwords in the disk caches or cleartext in RAM as software like PGP?
What protection will give password for wallets really?
I think any kind of password protection will rise security. Each step will discourage small % of attackers and it is good at all. We can discuss where is the edge. If we want discourage 'common John' who known only how to copy and use unencrypted wallet.dat or discourage somebody who is capable to do cold stard attack to password stored in memory. We made changes to various software and the user after each sneeze must enter a password. Will he use different passwords everywhere? Or it uses the password that he uses everywhere on facebook and on the computer which hi now logged in. And how many people we turn away from using passwords by that way? Many users actually use different passwords for different accounts? Not system administrators or geeks but "regular users"?
Many users have two different passwords - one for chats, emails etc and second for banking. Things became better in few last years, because people became use Internet banking. Nonsense! All these passwords are stored in the configuration files for their software. And since the password must be in the cleartext they only scrambled but not hashed. That is, in fact, they just stored on their disks and may be readed by everybody. Banking do not using password protection for transactions at all How many passwords do you personally use?
One for very common services where I'm not interested in security and one for each separate services where I want better safety. I never store these passwords anywhere, but have an algorithm how to obtain this password. But nobody who get this one password can reconstruct original algorithm (yes - I'm using hashing function for my passwords for many years). This is a controversial strategy. No more than a few months ago, I become known for the case when by multiple passwords algorithm was been restored and a mail and personal information was stolen. (But he used a simple algorithm) I do not know your algorithm so I will not make assumptions. You, however, can permission or excuse the algorithm being drunk and then you have to invent a new one and it will be very difficult. Do you consider yourself a typical user? (I think, password protection is a garbage at all. Meatbag can not remember more than 1-2 really good passwords.)
I personally don't remember more than algorithm. But without any password protection of my wallet.dat, I cannot apply this algorithm on that. You can! you just need to protect the directory in which to store a wallet. |
New bitcoin lottery: probiwon.com- Moжeт, ты eщё и в Heвидимyю Pyкy Pынкa вepyeшь? - Зaчeм жe вepoвaть в тo, чтo мoжнo нaблюдaть нeпocpeдcтвeннo? |
|
|
|
bitcoinex
|
|
November 21, 2010, 01:35:03 PM |
|
It would be logical to encrypt entire home directory. Mechanisms for this are built in into the windows and linux and may be into mac too.
By the way, this increase safety against physical attacks (somebody can steal your disk, but will find data unusable), but not again software attacks, because *all* software on your computer see wallet.dat unencrypted. When file on disk will be everytime encrypted and client ask for password, user can decide if he is doing correct transaction or something strange happen. This does not mean we have to make strange memory management etc. Plaintext password in memory (for time of transaction) is enough for this issue (it is much much harder to get unencrypted wallet for common John). If someone has overflowed the buffer it can read memory of user processes. It might even be easier than running a large shell interpretator for the remote control. |
New bitcoin lottery: probiwon.com- Moжeт, ты eщё и в Heвидимyю Pyкy Pынкa вepyeшь? - Зaчeм жe вepoвaть в тo, чтo мoжнo нaблюдaть нeпocpeдcтвeннo? |
|
|
|
bitcoinex
|
|
November 21, 2010, 01:41:27 PM |
|
(I think, password protection is a garbage at all. Meatbag can not remember more than 1-2 really good passwords.)
Indeed, password protection is way overdue to be replaced with other methods. They are difficult to remember and too easy to sniff with a keylogger / fast camera. Doesn't matter if it is two-factor, biometric, sideband, smartcard, everything is more secure than just a password. Too bad there is so little standardization in that realm, meaning that it is quite some more effort to use those in an actual application. But we have libgss and PAM! |
New bitcoin lottery: probiwon.com- Moжeт, ты eщё и в Heвидимyю Pyкy Pынкa вepyeшь? - Зaчeм жe вepoвaть в тo, чтo мoжнo нaблюдaть нeпocpeдcтвeннo? |
|
|
slush
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
November 21, 2010, 01:57:01 PM |
|
We made changes to various software and the user after each sneeze must enter a password.
Will he use different passwords everywhere? Or it uses the password that he uses everywhere on facebook and on the computer which hi now logged in.
And how many people we turn away from using passwords by that way?
I see analogy with safety belts in car (=passwords in software). There are many other ways how to be safe than use them. For example buy a Hummer with extra steel frame around (=disk encryption,sandboxing etc). But you are saying that safety belts are nonsense, because *you* have Hummer. Buy I'm common user and have only Ford Ka. So using safety belts is better than nothing. Of course, I can meet you in your Hummer on highway, but I have a little bit more chance to be alive with belts than with nothing. It is just responsibility of everyone if he will use safety belts in Ford Ka or not (=if you use this password and if you do it safely). Buy belts are there already, no one driver of Hummer fight against safety belts in small Fords. Nonsense! All these passwords are stored in the configuration files for their software. And since the password must be in the cleartext they only scrambled but not hashed.That is, in fact, they just stored on their disks and may be readed by everybody.
What? Are you saying I have some magical file on my disk with my password to bank? Are you serious? Banking do not using password protection for transactions at all
Again, it is your point of view. My bank allow to use passwords for certain transaction and I use them. I do not use any kind of better security when sending money to my mum. This is a controversial strategy. No more than a few months ago, I become known for the case when by multiple passwords algorithm was been restored and a mail and personal information was stolen. (But he used a simple algorithm)
I do not know your algorithm so I will not make assumptions. You, however, can permission or excuse the algorithm being drunk and then you have to invent a new one and it will be very difficult.
You probably did not understand me at this point. I don't have any master passwords for my other passwords. I have just algorithm based on hashing methods so I can create password to my bank or to this forum without any additional software, which can be cracked and password stolen. Do you consider yourself a typical user?
Of course not. But again, it is just my responsibility to have strong system of my passwords. I use common infrastructure contained in almost every software - password protection. I'm missing that in bitcoin client. And disc encryption does not solve my problems, because until client itself does not support any kind of encryption, I have to unlock wallet.dat on disk also for every other software. That's all. You can! you just need to protect the directory in which to store a wallet.
But not in seamless fashion. I have to run additional software, decrypt directory before starting bitcoin client, then make a transaction and then again unmount a directory. That's both strange and not safe. Because once I mount decrypted directory, every piece of software can work with unencrypted data with common functions. I still feel that buffer overflow is less common way how to read file contents. |
|
|
|
slush
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
November 21, 2010, 01:59:41 PM |
|
But we have libgss and PAM! Of course we have :-). But try to implement that in platform-independent way ;-). Still think that simple password protection is first stage. If somebody add next auth method, I will be happy. But now we have *nothing* here. |
|
|
|
da2ce7
Legendary
Offline
Activity: 1222
Merit: 1016
Live and Let Live
|
|
November 21, 2010, 02:05:49 PM |
|
Basic (strong) encryption should be added to the wallet handling code, along with being able to have multiple wallets loaded, the ability to export and import wallets, and transfer balances between wallets.
|
One off NP-Hard.
|
|
|
Gavin Andresen
Legendary
Offline
Activity: 1652
Merit: 2216
Chief Scientist
|
|
November 21, 2010, 02:27:37 PM |
|
I see analogy with safety belts in car (=passwords in software).
I worry that the correct analogy is: Typing a password every time you use your bitcoin wallet is like putting padding your car's steering wheel instead of wearing a seatbelt. It might make you feel safer, but it is a false sense of security. Good security is hard. If you're not computer savvy, then you've probably already got spyware and trojans on your system, and running bitcoin on a system infested with spyware and trojans is a bad idea. Period. I think an online service that takes care of wallet security for you is a much better solution for non-geeks like my mom. All that said: As my personal bitcoin wallet gets more valuable, I get more nervous. I would like to be able to export some of the value in my wallet onto a USB thumb drive and then put that thumb drive in my safe deposit box (along with a backup, gpg-encrypted copy that I'd keep in the fire safe in my basement). Another analogy: I keep most of my money in the bank; I don't have piles of cash or gold in my house. I will do the same for my bitcoins, keeping only enough in my online, connected, possible-to-hack wallet to use day-to-day. |
How often do you get the chance to work on a potentially world-changing project?
|
|
|
|
bitcoinex
|
|
November 21, 2010, 02:33:44 PM |
|
We made changes to various software and the user after each sneeze must enter a password.
Will he use different passwords everywhere? Or it uses the password that he uses everywhere on facebook and on the computer which hi now logged in.
And how many people we turn away from using passwords by that way?
I see analogy with safety belts in car (=passwords in software). There are many other ways how to be safe than use them. For example buy a Hummer with extra steel frame around (=disk encryption,sandboxing etc). But you are saying that safety belts are nonsense, because *you* have Hummer. Buy I'm common user and have only Ford Ka. So using safety belts is better than nothing. Of course, I can meet you in your Hummer on highway, but I have a little bit more chance to be alive with belts than with nothing. It is just responsibility of everyone if he will use safety belts in Ford Ka or not (=if you use this password and if you do it safely). Buy belts are there already, no one driver of Hummer fight against safety belts in small Fords. Nonsense! All these passwords are stored in the configuration files for their software. And since the password must be in the cleartext they only scrambled but not hashed.That is, in fact, they just stored on their disks and may be readed by everybody.
What? Are you saying I have some magical file on my disk with my password to bank? Are you serious? Yes Can you post link to the internet banking manual of your bank? Banking do not using password protection for transactions at all
Again, it is your point of view. My bank allow to use passwords for certain transaction and I use them. I do not use any kind of better security when sending money to my mum. This is a controversial strategy. No more than a few months ago, I become known for the case when by multiple passwords algorithm was been restored and a mail and personal information was stolen. (But he used a simple algorithm)
I do not know your algorithm so I will not make assumptions. You, however, can permission or excuse the algorithm being drunk and then you have to invent a new one and it will be very difficult.
You probably did not understand me at this point. I don't have any master passwords for my other passwords. I have just algorithm based on hashing methods so I can create password to my bank or to this forum without any additional software, which can be cracked and password stolen. Probably, yes, I don't understand you. Can you tell me more? You use a password + salt and hash them for creating new password? How did you manage to enter a password without access to any hash functions? Or you remember the hashes? Do you consider yourself a typical user?
Of course not. But again, it is just my responsibility to have strong system of my passwords. I use common infrastructure contained in almost every software - password protection. I'm missing that in bitcoin client. And disc encryption does not solve my problems, because until client itself does not support any kind of encryption, I have to unlock wallet.dat on disk also for every other software. That's all. I prefer to simply do not use a passwords. You can! you just need to protect the directory in which to store a wallet.
But not in seamless fashion. I have to run additional software, decrypt directory before starting bitcoin client, then make a transaction and then again unmount a directory. That's both strange and not safe. Because once I mount decrypted directory, every piece of software can work with unencrypted data with common functions. I still feel that buffer overflow is less common way how to read file contents. I am wait for your answer and we compare our methods. |
New bitcoin lottery: probiwon.com- Moжeт, ты eщё и в Heвидимyю Pyкy Pынкa вepyeшь? - Зaчeм жe вepoвaть в тo, чтo мoжнo нaблюдaть нeпocpeдcтвeннo? |
|
|
slush
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
November 21, 2010, 02:41:14 PM |
|
Gavin, I almost agree. But I think an online service that takes care of wallet security for you is a much better solution for non-geeks like my mom.
is way how classic banks started its businesses. When some online wallet become popular, they will probably see that have too much bitcoins on account which nobody handle for long time.... By the way, when you have account bitcoins on some service, how they belong to you? Technically they are not yours. Do you ask for some paper that you have some deposit here? Do you see an analogy? :-) Electronic currency can be safer than physical wallet. Because it can be encrypted in your pocket and you can make a backup to your home vault. So when we fix wallet security somehow, there will not be a space for 'trusted entities which manage your large amounts of bitcoins'. |
|
|
|
|
