Bitcoin Forum
December 04, 2016, 04:39:02 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: please stop using the bitcoin client on your home computers to store your BTC  (Read 3798 times)
Tasty Champa
Member
**
Offline Offline

Activity: 84


View Profile
July 23, 2011, 07:43:29 PM
 #1

*This isn't intended for security experts
**rant alert!

It was great in the beginning, the client was bitcoin's harbinger,
but now it's a completely new game that requires a level of security,
that isn't here or foreseeable yet. It's talked about, but it's still far away.

Out of maybe 20-40 issues I've seen since signing up to this forum the people with the most bitcoins lost due to theft, computer or even user failure was from running the client.

The real options right now that is not widely spread to new people, and is actually turning people away is not knowing to entrust your stake with an exchange or online wallet.
The people that run exchanges and online wallets have so much more to lose than you, so please use them.

If their site goes down, their business goes down, therefore the site being up and secure is of the utmost importance to them. This can be relied on, as trust and security is interdependent to them. If one is lost the other is taken for as long as the imbalance is happening.

Remember to do your own research into this.
If running the client is the most secure method for your situation, and you are not at Mensa level, I'm the only person telling you to reflect on this rant. I don't like seeing people pissed off, confused and just being kind of hateful and hugely skeptical toward and of one another. 

So, if after all the research you have done, all of this is still becoming way to daunting for you, use an exchange or online wallet. You will feel so much better having that layer of detachment and you might even notice no transaction fees. After that all you have to really be mindful of is managing all of your passwords, and the computer you are using.

/end of line
1480869542
Hero Member
*
Offline Offline

Posts: 1480869542

View Profile Personal Message (Offline)

Ignore
1480869542
Reply with quote  #2

1480869542
Report to moderator
1480869542
Hero Member
*
Offline Offline

Posts: 1480869542

View Profile Personal Message (Offline)

Ignore
1480869542
Reply with quote  #2

1480869542
Report to moderator
1480869542
Hero Member
*
Offline Offline

Posts: 1480869542

View Profile Personal Message (Offline)

Ignore
1480869542
Reply with quote  #2

1480869542
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480869542
Hero Member
*
Offline Offline

Posts: 1480869542

View Profile Personal Message (Offline)

Ignore
1480869542
Reply with quote  #2

1480869542
Report to moderator
SmokeAndMirrors
Full Member
***
Offline Offline

Activity: 168


View Profile
July 23, 2011, 07:47:23 PM
 #2

I can take care of myself, thank you very much. Last time I checked, public websites/servers are the least secure places on the internet aside from people who link surf. Remember MTGox incident?

Help Bitcoins by buying clothes, technology, books, etc. through people/stores that accept BTC. This will increase overall value of BTC as well as mitigate unnecessary bank transaction fees.

My address -
1EM9HGg1SEa5Bux1rVEPxGqGSfNTTc9EkC
coingenuity
Member
**
Offline Offline

Activity: 64


View Profile WWW
July 23, 2011, 07:49:40 PM
 #3

As a bitcoin web service developer/service provider: I wouldn't have a problem with this for the average end user, were it for one simple fact. Wallet providers don't consistently enough route the outbound address of a user back to that user's account. Most bitcoin-related services require an original client that will give users access to any bitcoin generated by the service, so until it becomes industry standard with wallet operators to route payments from outbound addresses back to the account they originated from, I won't be supporting them.

EricJ2190
Full Member
***
Offline Offline

Activity: 134


View Profile
July 23, 2011, 07:58:12 PM
 #4

As a bitcoin web service developer/service provider: I wouldn't have a problem with this for the average end user, were it for one simple fact. Wallet providers don't consistently enough route the outbound address of a user back to that user's account. Most bitcoin-related services require an original client that will give users access to any bitcoin generated by the service, so until it becomes industry standard with wallet operators to route payments from outbound addresses back to the account they originated from, I won't be supporting them.

I am pretty sure that "most bitcoin-related services" work just as well with an e-wallet. Some services like BitLotto and your RaffleBit don't, but none that I have used. In fact, those are the only two I can name of the top of my head.
ctoon6
Sr. Member
****
Offline Offline

Activity: 350



View Profile
July 23, 2011, 08:06:55 PM
 #5

storing your own BTC in a wallet you made on a computer not connected to the net, ie the ubuntu live cd method, you are almost guaranteed to not get your coins stolen. as soon as we get the ability to export private keys easily, we will even be able to print them out and be able to realistically type them back into the computer.

bitprotection
Member
**
Offline Offline

Activity: 103



View Profile
July 23, 2011, 08:56:48 PM
 #6

At the end of the day it's going to come down to trust with whomever you use.

We just opened today http://bitprotection.info  we provide a backup solution for peoples wallet's.  If you loose your wallet the game is over. We saw this happening to much and figured at some point someone has to step in and try to offer a way to help people protect what they own. We can't stop stolen coins but we can sure help protect your Bitcoin Wallet  Grin

Working on protecting the community!
ttk2
Member
**
Offline Offline

Activity: 76


View Profile
July 23, 2011, 09:29:00 PM
 #7

What we need for this situation is actually quite simple to make. Take chromium OS, package in a headers only Bitcoin client and a strong encryption program. Create two partitions, one for chromium OS the other for wallet storage, the wallet storage partition is of course encrypted. This entire setup can fit on a small flash drive, and can easily be made into a simple 'Create secure Bitcoin flash drive' program that even a monkey could use (insert flash drive, press button) To make it even simpler you could sell Flash drives pre installed with this software.  on first boot the user will chose his password and the encrypted volume will be created. I think chromium OS (or something similar) is best suited for this task for a few reasons.

1) Its lunix based, and as such brings with it a measure of security.
2) It is bare bones, totally lacking anything but a web browser, this may hinder the porting of the Bitcoin client, but it will help security, less programs mean less potential holes.
3) Its fast to start (even off of a old flash drive on a slow machine less than 10 seconds) people do not want to spend 10 minutes just waiting for a single purpose system to boot.
4) Google has already coded the OS to preform a self check on start up and restore it self to a original state if unauthorized changes are made, this is an excellent anti-virus move since all user data is in the encrypted wallet partition
5) Its already mostly coded and its open source, making this task an approachable one, if still difficult.   



I think this would be the best approach for the creation of a secure, fast, and simple environment to store and handle Bitcoins.



Just in case i do something worthwhile: 12YXLzbi4hfLaUxyPswRbKW92C6h5KsVnX
foggyb
Legendary
*
Offline Offline

Activity: 1302


View Profile
July 23, 2011, 10:00:05 PM
 #8


I agree with OP.

Until someone creates a drop-dead easy app that does all the exciting stuff in the previous post, there will continue to be a stream of incidents of mainstream users' bitcoin wallets being compromised by hackers & trojans.
ctoon6
Sr. Member
****
Offline Offline

Activity: 350



View Profile
July 23, 2011, 11:51:32 PM
 #9

What we need for this situation is actually quite simple to make. Take chromium OS, package in a headers only Bitcoin client and a strong encryption program. Create two partitions, one for chromium OS the other for wallet storage, the wallet storage partition is of course encrypted. This entire setup can fit on a small flash drive, and can easily be made into a simple 'Create secure Bitcoin flash drive' program that even a monkey could use (insert flash drive, press button) To make it even simpler you could sell Flash drives pre installed with this software.  on first boot the user will chose his password and the encrypted volume will be created. I think chromium OS (or something similar) is best suited for this task for a few reasons.

1) Its lunix based, and as such brings with it a measure of security.
2) It is bare bones, totally lacking anything but a web browser, this may hinder the porting of the Bitcoin client, but it will help security, less programs mean less potential holes.
3) Its fast to start (even off of a old flash drive on a slow machine less than 10 seconds) people do not want to spend 10 minutes just waiting for a single purpose system to boot.
4) Google has already coded the OS to preform a self check on start up and restore it self to a original state if unauthorized changes are made, this is an excellent anti-virus move since all user data is in the encrypted wallet partition
5) Its already mostly coded and its open source, making this task an approachable one, if still difficult.   



I think this would be the best approach for the creation of a secure, fast, and simple environment to store and handle Bitcoins.




The main problem with that is, how to teach people to boot a flash drive on a computer. its not even a simple task for even tech people that fix computers. the main problem is that almost every motherboard does it differntly. on 3 of my computers heres how i do it

1: i go into the boot menu and set the flash drive to #1
2: push f12 while booting up and select the flash drive
3: is not able to boot from flash.

I do love the idea though.

As i said in countless other threads, we need specific bitcoin hardware, weather it be a bitcoin certified sticker on cheap laptops, bitcoin credit cards with all the hardware needed on them or even smartphone sized bitcoin devices, or smartphones themselves branded as bitcoin certified.

If we had enough capital, we could buy like 10 of these http://www.newegg.com/Product/Product.aspx?Item=N82E16834215131 and reformat them and install only the stuff required to have a dedicated bitcoin machine that will only have bitcoin installed. it would also only allow bitcoin related connections so it would be secure against common attacks.

ttk2
Member
**
Offline Offline

Activity: 76


View Profile
July 24, 2011, 01:14:17 AM
 #10

What we need for this situation is actually quite simple to make. Take chromium OS, package in a headers only Bitcoin client and a strong encryption program. Create two partitions, one for chromium OS the other for wallet storage, the wallet storage partition is of course encrypted. This entire setup can fit on a small flash drive, and can easily be made into a simple 'Create secure Bitcoin flash drive' program that even a monkey could use (insert flash drive, press button) To make it even simpler you could sell Flash drives pre installed with this software.  on first boot the user will chose his password and the encrypted volume will be created. I think chromium OS (or something similar) is best suited for this task for a few reasons.

1) Its lunix based, and as such brings with it a measure of security.
2) It is bare bones, totally lacking anything but a web browser, this may hinder the porting of the Bitcoin client, but it will help security, less programs mean less potential holes.
3) Its fast to start (even off of a old flash drive on a slow machine less than 10 seconds) people do not want to spend 10 minutes just waiting for a single purpose system to boot.
4) Google has already coded the OS to preform a self check on start up and restore it self to a original state if unauthorized changes are made, this is an excellent anti-virus move since all user data is in the encrypted wallet partition
5) Its already mostly coded and its open source, making this task an approachable one, if still difficult.   



I think this would be the best approach for the creation of a secure, fast, and simple environment to store and handle Bitcoins.




The main problem with that is, how to teach people to boot a flash drive on a computer. its not even a simple task for even tech people that fix computers. the main problem is that almost every motherboard does it differntly. on 3 of my computers heres how i do it

1: i go into the boot menu and set the flash drive to #1
2: push f12 while booting up and select the flash drive
3: is not able to boot from flash.

I do love the idea though.

As i said in countless other threads, we need specific bitcoin hardware, weather it be a bitcoin certified sticker on cheap laptops, bitcoin credit cards with all the hardware needed on them or even smartphone sized bitcoin devices, or smartphones themselves branded as bitcoin certified.

If we had enough capital, we could buy like 10 of these http://www.newegg.com/Product/Product.aspx?Item=N82E16834215131 and reformat them and install only the stuff required to have a dedicated bitcoin machine that will only have bitcoin installed. it would also only allow bitcoin related connections so it would be secure against common attacks.





I know its not perfect, but i think its the best security/ease of use ratio we are going to get without dedicated devices (which i agree are needed, but may be a while coming, and even then this approach will have advantages) it could be set up so that if you plug it in while in windows a box will pop up telling you you need to reboot the computer with the drive inserted, and a nice big button saying "help me use ChromeCoin" that would place a boot loader entry that pointed to the drive, yes it would be annoying and a little heavy handed, but certainly simple enough.

Just in case i do something worthwhile: 12YXLzbi4hfLaUxyPswRbKW92C6h5KsVnX
Tasty Champa
Member
**
Offline Offline

Activity: 84


View Profile
July 24, 2011, 02:17:20 AM
 #11

I can take care of myself, thank you very much. Last time I checked, public websites/servers are the least secure places on the internet aside from people who link surf. Remember MTGox incident?

I was.
I even skim over the threads with the few people who have still not reclaimed their accounts and stolen funds before the fiasco to see how they are coming along, some have and some haven't.

That time delayed swift kick in the ass, hurt them quite a bit with reputation. However it indeed made them much more resilient. As well as upping the bar on security across the entire board, so much so that some exchanges use that utmost important factor of security as their main selling point.
We don't see those inquisition/crusades threads anymore toting a raging boner for full disclosure either.

It sounds like you have your area covered, been around long enough, so my best guess it that this thread isn't really for you.
luv2drnkbr
Hero Member
*****
Offline Offline

Activity: 771



View Profile
July 24, 2011, 03:57:18 AM
 #12

LOL seriously!?  Thread about security:  don't learn about security, just give your money to other people.

Great security advice right there.

Don't think, let us do the thinking for you.  We're the ones who have a vested interest in thinking, not you.  Why should you think?  Do you really NEED to think to get by when I could just think FOR you?

Do you see how absurd that is?

Tasty Champa
Member
**
Offline Offline

Activity: 84


View Profile
July 24, 2011, 08:14:37 AM
 #13

LOL seriously!?  Thread about security:  don't learn about security, just give your money to other people.

Great security advice right there.

Don't think, let us do the thinking for you.  We're the ones who have a vested interest in thinking, not you.  Why should you think?  Do you really NEED to think to get by when I could just think FOR you?

Do you see how absurd that is?

It's the ratio of mortality between airplane to car travel.

joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
July 24, 2011, 08:57:36 AM
 #14

The real options right now that is not widely spread to new people, and is actually turning people away is not knowing to entrust your stake with an exchange or online wallet.
The people that run exchanges and online wallets have so much more to lose than you, so please use them.

If their site goes down, their business goes down, therefore the site being up and secure is of the utmost importance to them. This can be relied on, as trust and security is interdependent to them. If one is lost the other is taken for as long as the imbalance is happening.

Yes, that worked out so well with Mt. Gox and MyBitcoin.

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
Vod
Legendary
*
Offline Offline

Activity: 1848


Licking my boob since 1970


View Profile WWW
July 24, 2011, 09:23:28 AM
 #15

How do we delete posts we created by accident?

I'm into creating universes, smiting people, writing holy books and listening to prayers.
If you want your prayers answered, you must donate to 1CDyx8AUTiYXS1ThcBU3vy4SJWQq6pdFMH
Tasty Champa
Member
**
Offline Offline

Activity: 84


View Profile
July 24, 2011, 10:03:23 AM
 #16

The real options right now that is not widely spread to new people, and is actually turning people away is not knowing to entrust your stake with an exchange or online wallet.
The people that run exchanges and online wallets have so much more to lose than you, so please use them.

If their site goes down, their business goes down, therefore the site being up and secure is of the utmost importance to them. This can be relied on, as trust and security is interdependent to them. If one is lost the other is taken for as long as the imbalance is happening.

Yes, that worked out so well with Mt. Gox and MyBitcoin.

I don't know the full story with mybitcoin, but when I got back into my mtgox account, everything was still there.
pennytrader
Sr. Member
****
Offline Offline

Activity: 253


View Profile
July 24, 2011, 10:22:44 AM
 #17

Agreed with OP.

I stored most of my funds in mtgox (and some in tradehill). Yes, I'm aware of the past incident. But my friend got all his money/BTC back from mtgox. And it's the biggest exchange, I believe they will recover all your funds for any mistakes/incidents related to their operations.

please donate to 1P3m2resGCP2o2sFX324DP1mfqHgGPA8BL
triforcelink
Member
**
Offline Offline

Activity: 112



View Profile
July 24, 2011, 11:35:53 AM
 #18

I hate to say it, but at this point in time I trust MtGox more than I trust Windows and my own competence to handle any decent amount of bitcoins.

spruce
Full Member
***
Offline Offline

Activity: 140


View Profile
July 24, 2011, 11:50:08 AM
 #19

You can always use a paper bitcoin wallet from someone like Casascius. I would rather trust him to have done it right and not kept a copy than trust my ability to keep the wallet secure on my own computer. You can also encode the private key(s) easily by hand in a totally unbreakable fashion so that you can leave the (encoded) private key lying around and it is not unsafe — see SpruceCodes link in my signature for details.
CurbsideProphet
Hero Member
*****
Offline Offline

Activity: 672


View Profile
July 24, 2011, 12:56:44 PM
 #20

Storing a decentralized currency on a centralized database (exchange, eWallet, whatever).  How ironic.

1ProphetnvP8ju2SxxRvVvyzCtTXDgLPJV
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!