cloud9 (OP)
Member
Offline
Activity: 126
Merit: 10
|
|
June 28, 2011, 12:55:28 PM |
|
Can someone add to bitcoin.org's client page the following for Bitcoin to succeed securely:
A downloadable, lightweight bootable image file that automatically boots up into the bitcoin client when a usb stick of 2gb or so is connected to the computer and the computer is booted while it is attached.
It can be free license linux lightweight, automatically opening the Bitcoin client and storing the bitcoin block chain and wallet files on the usb - thus giving an easy to use client and a sterile environment. It should only do bitcoin - if the user is done with bitcoin transactions - they shut down.
|
|
|
|
cloud9 (OP)
Member
Offline
Activity: 126
Merit: 10
|
|
June 28, 2011, 07:13:21 PM |
|
Included in the image file should also be a pre-set free license firewall with rule set to just allow bitcoin client traffic.
The average, computer novice, bitcoin user do not want to (/ can not) set this up manually.
|
|
|
|
|
cloud9 (OP)
Member
Offline
Activity: 126
Merit: 10
|
|
June 28, 2011, 07:34:40 PM |
|
Thanks!! It has even been noticed (although not yet endorsed) by allinvain It would be comforting if some of the veteran technical bitcoin people could verify its secureness and add it to the bitcoin.org client download page as a secure endorsement.
|
|
|
|
cloud9 (OP)
Member
Offline
Activity: 126
Merit: 10
|
|
June 28, 2011, 07:44:08 PM |
|
|
|
|
|
CydeWeys
|
|
June 28, 2011, 08:00:03 PM |
|
Thanks!! It has even been noticed (although not yet endorsed) by allinvain Why would you need his endorsement? His claim to fame is losing a shedload of money through poor security practices.
|
|
|
|
cloud9 (OP)
Member
Offline
Activity: 126
Merit: 10
|
|
June 28, 2011, 08:14:21 PM |
|
Thanks!! It has even been noticed (although not yet endorsed) by allinvain Why would you need his endorsement? His claim to fame is losing a shedload of money through poor security practices. Wouldn't that make him the most careful, walking on eggs, bitcoin user at the moment?!?
|
|
|
|
CydeWeys
|
|
June 28, 2011, 09:54:42 PM |
|
Well, there's two kinds of people.
#1 Otherwise diligent people who make a colossal mistake and then go to great pains to never, ever let it happen again.
#2 People who make a colossal mistake simply because they're just not careful. Making one colossal mistake doesn't make them any less likely to have another one in the future.
We don't know what type allinvain is.
|
|
|
|
Smalleyster
Member
Offline
Activity: 84
Merit: 10
I yam what I yam. - Popeye
|
|
July 10, 2011, 07:28:00 PM |
|
I have spent quite a bit of time on this project and in my opinion it is not at all secure because it allways boots up without asking for a password...ever
|
|
|
|
error
|
|
July 10, 2011, 07:34:28 PM |
|
I have spent quite a bit of time on this project and in my opinion it is not at all secure because it allways boots up without asking for a password...ever It was designed for mining, not wallet storage.
|
3KzNGwzRZ6SimWuFAgh4TnXzHpruHMZmV8
|
|
|
ercolinux
Legendary
Offline
Activity: 938
Merit: 1000
|
|
July 10, 2011, 07:41:27 PM |
|
al I have spent quite a bit of time on this project and in my opinion it is not at all secure because it allways boots up without asking for a password...ever I help mantain a linux distro and I've to tell that is not so simple make a secure password protected linux usb medium. The password should be stored in the persistent area, but this area is easily readable if you put the pen in a pc. If you can have the medium in your hand only a strong cryptography of the partition can save your data.
|
Bitrated user: ercolinux.
|
|
|
Smalleyster
Member
Offline
Activity: 84
Merit: 10
I yam what I yam. - Popeye
|
|
July 10, 2011, 07:44:26 PM |
|
al I have spent quite a bit of time on this project and in my opinion it is not at all secure because it allways boots up without asking for a password...ever I help mantain a linux distro and I've to tell that is not so simple make a secure password protected linux usb medium. The password should be stored in the persistent area, but this area is easily readable if you put the pen in a pc. If you can have the medium in your hand only a strong cryptography of the partition can save your data. Thank you for that explanation. With that I can stop wasting my time expecting that I can create a secure yet easy to use wallet. Oh well.
|
|
|
|
Smalleyster
Member
Offline
Activity: 84
Merit: 10
I yam what I yam. - Popeye
|
|
July 10, 2011, 07:47:44 PM |
|
I have spent quite a bit of time on this project and in my opinion it is not at all secure because it allways boots up without asking for a password...ever It was designed for mining, not wallet storage. Does anyone know of an answer for secure usb wallet storage? Is the concept foolish and impossible?
|
|
|
|
error
|
|
July 10, 2011, 07:54:02 PM |
|
I have spent quite a bit of time on this project and in my opinion it is not at all secure because it allways boots up without asking for a password...ever It was designed for mining, not wallet storage. Does anyone know of an answer for secure usb wallet storage? Is the concept foolish and impossible? No, it could be done with an encrypted stick. It's just not very easy to set this up.
|
3KzNGwzRZ6SimWuFAgh4TnXzHpruHMZmV8
|
|
|
ercolinux
Legendary
Offline
Activity: 938
Merit: 1000
|
|
July 10, 2011, 08:44:57 PM |
|
Does anyone know of an answer for secure usb wallet storage?
Is the concept foolish and impossible?
The best way to secure things is to put the OS on one media (best if is a non writable one like a cd-r) and the wallet datas on a encrypted usb stick. It's not easy to setup but neither impossible to do. The greates problem is that a livecd is way slow compared to a usb stick and you've to reconfigure your hardware every time.
|
Bitrated user: ercolinux.
|
|
|
Smalleyster
Member
Offline
Activity: 84
Merit: 10
I yam what I yam. - Popeye
|
|
July 11, 2011, 12:15:12 AM |
|
Does anyone know of an answer for secure usb wallet storage?
Is the concept foolish and impossible?
The best way to secure things is to put the OS on one media (best if is a non writable one like a cd-r) and the wallet datas on a encrypted usb stick. It's not easy to setup but neither impossible to do. The greates problem is that a livecd is way slow compared to a usb stick and you've to reconfigure your hardware every time. I'm still mulling all this over as i attempt to get different OS's bootable on USB sticks. Right now I think I'll have to settle for "reasonably secure" kind of like the front door any locksmith can pick. You guys have really helped remove the wool from my eyes.
|
|
|
|
brendio
|
|
July 11, 2011, 02:23:15 PM |
|
Does anyone know of an answer for secure usb wallet storage?
Is the concept foolish and impossible?
The best way to secure things is to put the OS on one media (best if is a non writable one like a cd-r) and the wallet datas on a encrypted usb stick. It's not easy to setup but neither impossible to do. The greates problem is that a livecd is way slow compared to a usb stick and you've to reconfigure your hardware every time. What about a partitioned usb stick with an unencrypted partition with the bootable OS and a true crypt (or similar) encrypted partition containing the Bitcoin wallet?
|
|
|
|
bitlotto
|
|
July 11, 2011, 02:43:26 PM |
|
What about a partitioned usb stick with an unencrypted partition with the bootable OS and a true crypt (or similar) encrypted partition containing the Bitcoin wallet?
That would work. You just have to be sure that it's not storing swap data on the unencrypted part. Honestly if you want a live distro I'd check either puppy linux or tiny core linux. Both run completely in ram off of a CD and are very fast. Then load the wallet off of a truecrypt container. When you reboot there will be no traces! If you used puppy linux you download the extras you want and when you reboot it will ask where to save those changes. You can put that on usb stick as well! Then you don't have to re-setup every time. Just pick -strong encryption- and not weak encryption (its not actually encryption!) when asked. Anyone familiar with what their strong encryption is? If it's decent you don't even have to worry about truecrypt as your live home folder is saved in the puppy linux storage file. I guess if you keep the usb stick safe your safe.
|
*Next Draw Feb 1* BitLotto: monthly raffle (0.25 BTC per ticket) Completely transparent and impossible to manipulate who wins. TOR TOR2WEB Donations to: 1JQdiQsjhV2uJ4Y8HFtdqteJsZhv835a8J are appreciated.
|
|
|
Sandoz
Member
Offline
Activity: 85
Merit: 10
|
|
July 11, 2011, 06:01:30 PM |
|
What about a partitioned usb stick with an unencrypted partition with the bootable OS and a true crypt (or similar) encrypted partition containing the Bitcoin wallet?
That would work. You just have to be sure that it's not storing swap data on the unencrypted part. Honestly if you want a live distro I'd check either puppy linux or tiny core linux. Both run completely in ram off of a CD and are very fast. Then load the wallet off of a truecrypt container. When you reboot there will be no traces! If you used puppy linux you download the extras you want and when you reboot it will ask where to save those changes. You can put that on usb stick as well! Then you don't have to re-setup every time. Just pick -strong encryption- and not weak encryption (its not actually encryption!) when asked. Anyone familiar with what their strong encryption is? If it's decent you don't even have to worry about truecrypt as your live home folder is saved in the puppy linux storage file. I guess if you keep the usb stick safe your safe. The Problem with persistence: lend me your USB Key for a Minute and I put a keylogger on. Tails Linux on a signed CD-R is IMHO the safest choice at the moment
|
|
|
|
SeriousWorm
Newbie
Offline
Activity: 54
Merit: 0
|
|
July 12, 2011, 03:56:25 AM |
|
With Truecrypt, you can encrypt the whole system partition, I guess that goes for USB sticks too. The bootloader will decrypt the whole USB partition after you supply it with the correct password.
For extra extra security, you could even have a Truecrypt file container inside the whole USB partition container, with perhaps a dummy wallet as a hidden volume, so if you are forced to open your wallet, you can just type the alternate password and then your alternate wallet with perhaps only a few coins will decrypt.
|
|
|
|
|