zeroday
Donator
Hero Member
Offline
Activity: 784
Merit: 1000
|
|
November 06, 2013, 12:09:16 AM |
|
Just don't store all your bitcoins in a single place, even if it's "cold wallet", which can be physically destroyed by accident or confiscated. Split it between three places, in example:
- paper printed private keys stored in bank safe (don't forget to mention it in your bequest). - QT wallet encrypted with strong password on offline computer, then uploaded to many different online storage services, emails, etc. - brain wallet generated key with a very long but very memorable passphrase (i.e. password made with combination of very rare and private words like your mom's birthplace + your grandma's maiden name + address where your family was living in 1985 + your usual password).
No need for an offline computer nor uploaded online. A few SD cards or USB sticks will do USB sticks often fail. A few corrupted bites and your wallet is useless. Besides having encrypted walled on USB flash, distributing it into many online storages will assure it's always safe and accessible. Offline computer is only needed to create and encrypt your wallet - to avoid possibility that some virus/trojan steals your key while you create it.
|
|
|
|
roadsterreplica
Newbie
Offline
Activity: 44
Merit: 0
|
|
November 06, 2013, 12:36:42 AM |
|
Step 1) Create a live Linux CD Step 2) Download the latest version of the wallet generator from here https://github.com/pointbiz/bitaddress.org Put on USB Stick Step 3) Unplug the network cable from your computer, boot to the USB drive Step 4) Once in Linux, open up the offline wallet generator Step 5) Print or write down your private and public keys and addresses (or print out a pretty wallet) Step 6) Low level format the USB drive Step 7) Power up the computer again (Still disconnected) and format the USB drive (wipe with 0) Step Reboot Step 9) Profit with your new paper wallet But then again, why go to all that trouble. I have a feeling that some people are just way too paranoid for their own good. S
|
|
|
|
nak (OP)
Member
Offline
Activity: 74
Merit: 10
☛ DarkKnightsCoin ☚
|
|
November 07, 2013, 07:44:35 AM |
|
So how safe is a website such as blockchain.info?
|
☛ DarkKnightsCoin ☚
|
|
|
Whosdaddy
|
|
November 07, 2013, 08:34:50 AM |
|
it will be harder to send out if save on computer / offline?
|
|
|
|
xDan
|
|
November 07, 2013, 10:08:47 AM |
|
cold storage is easy enough (use something like bitaddress.org, though preferably offline and using randomness from someplace other than javascript - e.g. use the standard Bitcoin client offline to generate a private key, and then use that private key in an offline bitaddress.org). actually paying out from the paper wallet *safely* is still pretty damn hard. This was started on, but never really tested or finished: https://bitcointalk.org/index.php?topic=167312.0armory is good if you can get your head around it *AND* you are capable of (or willing to) synching the blockchain but there is really nothing complete-newbie friendly, for the complete path from generating secure offline wallets to redeeming them, I consider this an unsolved problem!
|
HODLing for the longest time. Skippin fast right around the moon. On a rocketship straight to mars. Up, up and away with my beautiful, my beautiful Bitcoin~
|
|
|
Barek
|
|
November 07, 2013, 11:19:07 AM |
|
At some point there is no way around taking security seriously. That includes disconnecting the private key from the internet and making sure the backup works. armory is good if you can get your head around it *AND* you are capable of (or willing to) synching the blockchain
Yes, it takes a moment to get used to, but makes you sleep so much better. http://bitcoinarmory.com/about/using-our-wallet/
|
|
|
|
linuxnewbie
Member
Offline
Activity: 92
Merit: 10
|
|
November 07, 2013, 11:48:39 AM |
|
Electrum ( http://electrum.org) seems secure enough for me. I have my stash distributed among 6 wallets, so that if one gets compromised, I still have the other 5. And the only thing I have to store are the seeds to the wallets, each seed consisting of 12 words.
|
|
|
|
nak (OP)
Member
Offline
Activity: 74
Merit: 10
☛ DarkKnightsCoin ☚
|
|
November 07, 2013, 12:57:44 PM |
|
So what's everyone's take on Trezor? http://www.bitcointrezor.com/
|
☛ DarkKnightsCoin ☚
|
|
|
Barek
|
|
November 07, 2013, 02:00:27 PM |
|
You have to trust the makers that it does what they say it does.
It is very similar to what an offline Armory transaction does. Except that Armory is open source and that you can review the transaction details again before you sign the transaction. On the other hand, Trezor is more user friendly (you don't need an offline computer).
|
|
|
|
whiskers75
|
|
November 07, 2013, 05:39:39 PM |
|
Easy tool for making (secure) paper wallets, heavily documented and open source (so it's safe, as the code can be checked by hand): http://bitcoinpaperwallet.com
|
|
|
|
zeroday
Donator
Hero Member
Offline
Activity: 784
Merit: 1000
|
|
November 07, 2013, 06:11:20 PM |
|
So how safe is a website such as blockchain.info?
All web wallets are not safe as they are out of your control. Keep only small amounts for fast online transactions. The same warning is for exchanges (mtgox,bitstamp,coinbase,etc). Everything can be hacked in time.
|
|
|
|
TheButterZone
Legendary
Offline
Activity: 3038
Merit: 1032
RIP Mommy
|
|
November 08, 2013, 12:34:35 AM |
|
So how safe is a website such as blockchain.info?
Perfectly safe, if you use it only to import private keys and immediately and completely sweep (spend) them to addresses that have no private keys stored electronically.
|
Saying that you don't trust someone because of their behavior is completely valid.
|
|
|
GenTarkin
Legendary
Offline
Activity: 2450
Merit: 1002
|
|
November 08, 2013, 06:14:03 AM |
|
Easy tool for making (secure) paper wallets, heavily documented and open source (so it's safe, as the code can be checked by hand): http://bitcoinpaperwallet.comI love the design of this paper wallet. I have the source downloaded and on an offline computer and print wallets locally =) One of my favs by far!
|
|
|
|
nak (OP)
Member
Offline
Activity: 74
Merit: 10
☛ DarkKnightsCoin ☚
|
|
November 08, 2013, 08:32:59 AM |
|
Easy tool for making (secure) paper wallets, heavily documented and open source (so it's safe, as the code can be checked by hand): http://bitcoinpaperwallet.comI love the design of this paper wallet. I have the source downloaded and on an offline computer and print wallets locally =) One of my favs by far! This does sound very good, what I don't understand - and this is where it all goes a bit beyond me is... essentially you're printing off a private address/wallet to send bitcoins to, right? Surely that bitcoin address needs to be online somewhere in order for the bitcoins to reach it? I really want to start using this paperwallet - but need to fully grasp how it works first, any help would be appreciated.
|
☛ DarkKnightsCoin ☚
|
|
|
birkomester
|
|
November 08, 2013, 08:47:12 AM |
|
Armory + paper wallet
|
|
|
|
leemar
|
|
November 08, 2013, 10:10:42 AM |
|
Take a bit of time to understand the risks of......
1. Loss due to file overwrites from backups an data corruption. 2. Theft, hacking of your private key and theft of wallet file, a hacker needs both which is why online is less secure. 3. Password loss, make it strong and write it down in a couple of places
Number 1 mentioned earlier in the thread about new addresses, is important as they will not be in old backup files. But if you have or send coins to old addresses you should be fine is my understanding.
Armory is a deterministic wallet so your paper backups will support any new addresses created.
It's funny people derided, SecondMarket for charging clients 2% storage, beginning to look more and more like a bargain for big investors.
|
|
|
|
Barek
|
|
November 08, 2013, 11:13:03 AM |
|
Reusing addresses is not ideal. It is much more secure (not just more anonymous) to never re-use an address (and yes - am aware of my sig and you'll notice there a no unspent outputs on that address).
The reason being that once you have signed a tx for any unspent output that was sent to that address (i.e. once you "spend from it" and with the standard client you can't easily control how it chooses which unspent outputs to "spend from") then you have "released" your "public key" (prior to that only the Base58 encoded RIPEMD hash of it was publicly known - also known as the "address").
Now if the ECDSA that Bitcoin uses ever becomes found to be "crackable" then the "private key" to your "address" could be feasibly be cracked and any "remaining" unspent outputs to that address could now be spent by the cracker.
|
|
|
|
calian
|
|
November 08, 2013, 11:19:56 AM |
|
After looking around and doing a bunch of reading I'm going to use blockchain.info + lastpass + yubikey as a pretty secure method for spending money amounts. Note that you can't use the MTGOX yubikey, it has to be a normal one.
Is anyone running their own coinpunk server yet? That seems like it'd be fun but risky.
|
|
|
|
canton
|
|
November 10, 2013, 07:43:11 PM |
|
Easy tool for making (secure) paper wallets, heavily documented and open source (so it's safe, as the code can be checked by hand): http://bitcoinpaperwallet.comI love the design of this paper wallet. I have the source downloaded and on an offline computer and print wallets locally =) One of my favs by far!
Hi, this is the author of https://bitcoinpaperwallet.com here. I'm glad you like the design of the paper wallet, though it's worth mentioning the design is functional too: it's got tamper-evident features and a folding design that help guard against (1) theft from people in your trusted environment, and (2) accidental copying or distribution of private keys (e.g. laywer or spouse photocopying all precious-looking documents in safety deposit.) Paper wallets are in my opinion the safest way to protect bitcoins, though only if your paper wallet design doesn't easily give up your private keys. My top 6 security tips for making paper wallets (in ascending orders of paranoia) are here: https://bitcoinpaperwallet.com/#securityIn brief: 1. Keep it physically safe from water, light, etc. 2. Know how to withdraw funds 3. Produce your wallets offline 4. Destroy cache files 5. Use a clean OS 6. Use a dumb printer
|
|
|
|
canton
|
|
November 22, 2013, 03:02:38 AM |
|
PS: Holiday design now available!
|
|
|
|
|