"Original" Idea to further strenghten the protection of a cold wallet- is itgood

[Mikcik]

Hello
If one wanted a cold storage of BTC. In this case cold storage= wallet.dat (or similiar) created in multibit or electrum wallet- on a computer not connected to internet. Created on a LIVE Linux distribution running on a USB stick on this offline computer. And after this storing this wallet.dat files on several USB flash drives/sticks+that offline computer+2 external HDDs+possibly burn on a DVD RW and DVD R mediums... - Cold storage.

Would it be a good idea BEFORE putting the wallet.dat on all of these mediums (PC, External HDDs, flahs discs etc.) to rename the wallet.dat to something like- SchoolSeminar.pdf  (or just something.sth ). THEN putting it into passwords protected rar file (SchoolSeminar.rar) and renaming it again to something like SchoolSeminar.Doc


Is there any downside for such easy and quick additional security measure? The only one i can think of that i myself my forget what is in these files and migh fail to properly identify them in the future :-). But beside this, is there any downside? Like for example that this might somehow damage the files (or its content?). Like just the renaming or maybe in future failed openening in the programs (doc- word, pdf, winrar)... Is there any "weird" low possibility that this "security" measure culd damage the wallets stored this way?

[Red-Apple]

all the items you are using are considered digital storage, USB, HDD, CD, ... and they all have the same risk of "data loss over time" and also "hardware failure due to age or electrical shot, damage,..."

and as for renaming, it can be good if you are paranoid but just a simple encryption with what your wallet offers (usually it is AES encryption) with a strong password would be enough.

and the solution is that it is best if you keep a different type of backup, for example printing the private key or your seed on a piece of paper (which can also be encrypted PK or Seed)

in summary: wallet file on USB + backup on DVD + Printed paper all encrypted is more than enough.

[Mikcik]

all the items you are using are considered digital storage, USB, HDD, CD, ... and they all have the same risk of "data loss over time" and also "hardware failure due to age or electrical shot, damage,..."

and as for renaming, it can be good if you are paranoid but just a simple encryption with what your wallet offers (usually it is AES encryption) with a strong password would be enough.

and the solution is that it is best if you keep a different type of backup, for example printing the private key or your seed on a piece of paper (which can also be encrypted PK or Seed)

in summary: wallet file on USB + backup on DVD + Printed paper all encrypted is more than enough.

Yeah i know about that... that isnt what i was asking...

 My question was specifically on the topic if the renaming of the files, storing them in RAR file, and renaming even the rar file cant somehow damage the file...

For example if i rename the file to doc and by accident try to open it, it opens in word (or rather word programs loads but fails to load the document... wont the word document attempt to write something to the file (when he (badly) considers it as a word file)...?
Its not really likely i guess but you never know what can fuck up in IT... :-)...

So is it safe to do it this way?

[d5000]

The weak point in you approach is the RAR algorithm as it's closed source and nobody knows if it will continue to exist forever.

Obviously probability is low that it will cease to exist (and the decompression code seems to be publicly available, for now), but with open source solutions like Bzip2 and Tar you would do better as you can be completely sure that you will be able to open your file again in the future.

If you are concerned about "damage" that a compression algorithm could do to your wallet: That is only possible if you experience a hardware failure while compressing your file (unless there is a severe bug in the algorithm, but that is not very probable) so simply compressing it two or three times and comparing the file size and a hash (like MD5) should be enough to be safe.

[iluvpie60]

I wonder why go through these extreme lengths to begin with. But if you have a sizeable amount of btc I see how that would make sense to want to be more secure.

On the other hand if you have a lot of btc you just made a post asking how to secure it better and made yourself a target. I barely have enough to make it worthwhile to transfer amd pay the fee lol.

[Kprawn]

Renaming files are one of the weakest methods to hide data. There are some forensic software out there that look specifically for files that were

renamed, but contains data that does not correspond to the file it is renamed too. If you wanted to rename a *.mpg or *.mpeg file to *.jpg for

instance... then this software will point it out. People try to hide encrypted archives like this and it's actually funny, because it is the first thing

law enforcement looks for when they scrutinize your drives.   

[BrewMaster]

what the file extension names (eg. .doc, .rar, ...) do is that they tell your OS which program to open when you double click them. they don't change anything about the file.

and to answer your question, no if you open a RAR file named .doc with office, it won't open or damage it. office will give you an error that the file is damaged or the type is not right or something similar.

[Mikcik]

Renaming files are one of the weakest methods to hide data. There are some forensic software out there that look specifically for files that were

renamed, but contains data that does not correspond to the file it is renamed too. If you wanted to rename a *.mpg or *.mpeg file to *.jpg for

instance... then this software will point it out. People try to hide encrypted archives like this and it's actually funny, because it is the first thing

law enforcement looks for when they scrutinize your drives.   

Yeah i know there exists such software... (altough didnt know that its one of the first things the gov runs/checks for, thats new to me :-) ).

But i dont intend to hide it from gov. or some big conspiracy, just random idiots/criminals that might by BIG accident get acces to it...

BTW how does it "know" if the *.suffix matches the content of the file...? For some general format like jpg etc. i can understand how it can check it, but what for some more exotic formats...? Like i dont know u3d (which should be some point cloud data used in geography and CGi simulation). How can it know the content of the file doesnt match the suffix of the file...?

[Mikcik]

I wonder why go through these extreme lengths to begin with. But if you have a sizeable amount of btc I see how that would make sense to want to be more secure.

On the other hand if you have a lot of btc you just made a post asking how to secure it better and made yourself a target. I barely have enough to make it worthwhile to transfer amd pay the fee lol.

Lol, no i dont have anything close to "a lot of BTC", actually none currently since i think the price will go down (due to current situation +hardforks). Im asking more out of curiosity since i have other documents/backups i liked to secure . Just curiosity. BTW this isnt any "extreme" lengths of security... if you think this is extreme, then... :-)

[Mikcik]

The weak point in you approach is the RAR algorithm as it's closed source and nobody knows if it will continue to exist forever.

Obviously probability is low that it will cease to exist (and the decompression code seems to be publicly available, for now), but with open source solutions like Bzip2 and Tar you would do better as you can be completely sure that you will be able to open your file again in the future.

If you are concerned about "damage" that a compression algorithm could do to your wallet: That is only possible if you experience a hardware failure while compressing your file (unless there is a severe bug in the algorithm, but that is not very probable) so simply compressing it two or three times and comparing the file size and a hash (like MD5) should be enough to be safe.

why should open source solutions be better in this case...? Even if rar stops beeing developed ther will always be some copies to instal lying around on the internet. Even if know (which is nonsense) nothing is prohobiting to store an instal file of winrar on my backup...?

OR am i missing something (?).

[Karpeles]

Some people relate wallet.dat files getting corrupted, plus you can never be sure if the software will be upgraded and if open your wallet.dat file(or the equivalent in whatever wallet you are using) will be easy or even possible at all in the future.

Backup your private keys, to avoid unpleasant surprises in the future