Electrum Wallet Bitcoin Security Precautions

[bob123]

So can others tell me who is correct here... pooya or bob?

We are both right.
pooya87 mentioned that (correctly implemented) encryption algorithms (which are 'accepted' in the crypto scene) are unbreakable if the password is strong enough.
I was refering to the option to infect your PC to log the password the next time you decrypt/access your encrypted file.

Those are 2 completely different attacking methods.

Okay well if someone put malware on your computer, could they open up keepass and electrum or not if you have a very tough password. 

They could not just open it instantly (unless there is a 0-day exploit, noone is aware of).
But they could to safe the password the next time you login.
Or even easier. They could (the next time you open electrum with your very tough password) simply move all your funds to their addresses.
An attacker doesn't always have to break an encryption. He can easily wait until you use the software (unencrypt your wallet) to steal your funds.

The other thing is what if you then open electrum on another computer then but not the one they infected or possibly infected.  Then you are safe there right? 

If the PC is not infected, you are safe.

But if you open electrum on your computer which might be compromised, then there will be problems since they could just put a keylogger and the moment you open electrum on the computer, then you have problems right?

The moment you open electrum an attacker can instantly steal your funds.
But he can also 'just' install a keylogger and log your password, yes.

So basically if you believe your computer is compromised, just no longer use that computer anymore and try to open keepass and electrum in a safe computer?

Yes. If not, you are running a big risk of your confidential data getting stolen.
After an infection you should completely(!) wipe your drive and install a fresh OS.

[jerry0]

Bob thanks for that information.  Makes sense now.


Another thing i want to ask is this.


If i add someone on skype who wants to exchange my bank funds for their bitcoin funds, lets just say this person is in a forum but is a reputable poster.  Its not this forum but another forum.  I do trades like this in another forum but its almost always with someone i done a few transactions with and trust.


First off, if i add them on skype and just speak to them via chat and do not click on anything such as link or pictures he sends or video chat, am i safe from this poster sending me a virus etc?  Is there anyway he could send me malware just by adding me on skype and me accepting and all i do is chat?


The thing is if im sending bank funds to his account and then supply him the btc address i want him to send it to, well then as long as he is legit, he will send the btc to me without any problems right?


The other thing that i just bought is this.


Let say i have btc and i want bank funds or say skrill from someone.  They first send me the bank or skrill funds.  When they give me their btc address by copying their btc address to me in skype, is there a chance that when i copy and then paste that address in my electrum wallet, there could be a virus?  Such as that btc address is actually a keylogger or trojan or malware?  I had just thought about this right now as people say don't click on suspicious links or open files from ppl you dont trust etc.  However, is it possible for keylogger or virus like this if you were to copy and paste the btc address given to you into electrum?  But if you were to paste it on say chrome search etc... that might be dangerous?  I also read about the copy and paste bitcoin virus etc where when you copy a btc address and then paste it to send to that address, it would change the address to something else.  Can you tell me if this is related to the example i used with skype such as someone giving you the btc address to send to?  Or its completely unrelated?  Because i had not thought about how someone giving you the btc address to send to... could possibly be a virus/malware?  I assume if you are somewhat skeptical, you could just manually type out their btc address to send the btc to them like that?  Of course you have to double check and make sure as you type the whole address manually.  I know im sounding very paranoid with this but since people say dont click on links etc... well this is sort of like that right?

[TryNinja]

Is there anyway he could send me malware just by adding me on skype and me accepting and all i do is chat?

I don't think so. Just don't download anything or click in suspicious links.

The thing is if im sending bank funds to his account and then supply him the btc address i want him to send it to, well then as long as he is legit, he will send the btc to me without any problems right?

If he isn't trying to scam you, yes.

When they give me their btc address by copying their btc address to me in skype, is there a chance that when i copy and then paste that address in my electrum wallet, there could be a virus?  Such as that btc address is actually a keylogger or trojan or malware? I had just thought about this right now as people say don't click on suspicious links or open files from ppl you dont trust etc.  However, is it possible for keylogger or virus like this if you were to copy and paste the btc address given to you into electrum?

I don't think that's possible. You are just copying a text to your clipboard.

I also read about the copy and paste bitcoin virus etc where when you copy a btc address and then paste it to send to that address, it would change the address to something else.  Can you tell me if this is related to the example i used with skype such as someone giving you the btc address to send to?

No. That's a virus that can be obtained when you download and run an infected software. This only happens when you are infected with the virus.

I assume if you are somewhat skeptical, you could just manually type out their btc address to send the btc to them like that?

That's not necessary. Just double check the address before sending any coins.