How is DPR securing his wallets from the Feds?

[Dabs]

But if your key is on your hard drive and it's encrypted they can't get it unless they have your passphrase right?

They can point a gun to your head and ask for the passphrase.

If I only memorized half the passphrase required, and the other half got destroyed, they can point a gun to my head, and I still can't tell them the other half. I'll probably die for nothing. So, I'm going to grab the gun and point it back at them and pull. (or I'll try.)

[manuel]

But if your key is on your hard drive and it's encrypted they can't get it unless they have your passphrase right?

They can point a gun to your head and ask for the passphrase.

Well can't they put a gun to your head and ask for the brain wallet key too?

[Dabs]

Depends on whether you value your money or your life.

What changes the whole thing is if they point a gun to someone else's head (like your spouse, girlfriend / boyfriend, kids, someone you know) and demand for your passphrase.

[Lauda]

Encrypt the wallet and then encrypt the wallet.dat file itself. Double win.

[Lauda]

Encrypt the wallet and then encrypt the wallet.dat file itself. Double win.

yes, if you just encrypt the wallet then you can still see what public keys are there and what the balance is.  if you encrypt the wallet file itself nobody knows it is a Bitcoin wallet file.

Make a .zip file and encrypt that.
porn-keep-out.zip  

[CMMPro]

I should think that he is smart enough to have a "plausible deniability" strategy....he gave them a huge number of bitcoins and then cry foul that they got everything....meanwhile still having 50 or 100 other wallets scattered across the blockchain with many more coins in total. If he was smart those coins never went through a device he owned or an IP address he could be traced to...accessed only once to be transferred form the mixer to the addresses.

Those coins are protected through obscurity...with passwords created from something he can remember or locate easily that would persist through time regardless of how long he may be in jail. The #X word on every #Y page of a certain book/song/poem or something like that. You could complicate it further mathematically or geometrically....lot's of ideas can be derived.

Then he only has to remember one small thing and when he gets out he has access to all his wallets.

[Gabi]

Encrypt the wallet and then encrypt the wallet.dat file itself. Double win.

yes, if you just encrypt the wallet then you can still see what public keys are there and what the balance is.  if you encrypt the wallet file itself nobody knows it is a Bitcoin wallet file.

Let's explain this. If you encrypt the wallet using bitcoin-qt, then the public keys are left not encrypted

If you encrypt it by using another tool like Truecrypt, then everything is encrypted.

[kgo]

But if your key is on your hard drive and it's encrypted they can't get it unless they have your passphrase right?

Normal bitcoin-qt:  A key is randomly generated.  The passphrase symmetrically encrypts it.  Lose wallet, passphrase is worthless.

Brainwallet: Your passphrase is used to deterministically generate a private key.  For example taking an SHA512 hash of the passphrase.  This is then loaded as a private key.  Lose your wallet, you can rebuild the private key through the same process given the same inputs.

Note that if you load that brainwallet key into bitcoin-qt, and that's not encrypted, then the key in your wallet *won't* be encrypted.

[kgo]

^^ Encryption? Brainwallet? Please elaborate as I'm kinda of a newb regarding the technical part of things..

Also, what do you consider as bulletproof security regarding wallets?

Well the feds did seize 144,000 bitcoins, so he didn't do a great job.  There's rumored to be another address with 100,000 btc.

[Lauda]

Encrypt the wallet and then encrypt the wallet.dat file itself. Double win.

yes, if you just encrypt the wallet then you can still see what public keys are there and what the balance is.  if you encrypt the wallet file itself nobody knows it is a Bitcoin wallet file.

Let's explain this. If you encrypt the wallet using bitcoin-qt, then the public keys are left not encrypted

If you encrypt it by using another tool like Truecrypt, then everything is encrypted.

You don't need to use any tools like Truecrypt.

[MysteryMiner]

Wallet.dat encryption is for protection of wallet private keys in case the wallet.dat is stolen by hacking or copying the wallet file. It only protects the coins from being spent and only if the wallet password is not captured using keylogger. Almost every trojan horse have keylogger. All other sensitive info like balance and transaction history are still unencrypted in the wallet.

TrueCrypt protects whole computer from being tampered when it is offline. It protects everything and properly encrypted computer is useless paperweight for forensic examinators.

Brain wallets are good for specific situations like taking your coins with you when escaping Best Korea or secretly taking the coins to gang member in prison. For cold storage it is not so good. The passphrase could be guessed by someone else if it contains dictionary words, it can be forgotten by passage of time or damage to brainwallet storage container.

I use DiskCryptor (TrueCrypt replacement) with 25+ character random password to protect my computer from tampering and forensic examination. If I was at risk of being hacked then I will apply password to wallet.dat in Bitcoin-Qt.

From what I read is that DPR did not use full disc encryption or kept wallet.dat backups on unencrypted devices. FBI did get a wallet.dat that is encrypted with password. This is how they know he have 80+M $$$ in BTC but they are unable to transfer the coins somewhere else.

[Lauda]

I use DiskCryptor (TrueCrypt replacement) with 25+ character random password to protect my computer from tampering and forensic examination. If I was at risk of being hacked then I will apply password to wallet.dat in Bitcoin-Qt.

What are the benefits of each of those?
Why are you using that one as a replacement to TrueCrypt?

[Dabs]

http://en.wikipedia.org/wiki/DiskCryptor

Both that one and TrueCrypt work. I think with DC, you can easily set up a self-destruct sequence upon entering either the wrong password, or a password specifically to do that.

In TC, you can too, sort of, but it's a work around.

Again, if you can manage it, you can also try memorizing a whole private key (in base58 WIF or hex) instead of the passphrase for it. Don't use pi, even if you managed to memorize 200 digits already. Everyone else knows it.

[Lauda]

http://en.wikipedia.org/wiki/DiskCryptor

Both that one and TrueCrypt work. I think with DC, you can easily set up a self-destruct sequence upon entering either the wrong password, or a password specifically to do that.

In TC, you can too, sort of, but it's a work around.

Again, if you can manage it, you can also try memorizing a whole private key (in base58 WIF or hex) instead of the passphrase for it. Don't use pi, even if you managed to memorize 200 digits already. Everyone else knows it.

I like the sound of that. The self destruct feature would be very useful.

[go1111111]

I thought the FBI stole almost all of DRP's coins already.

This is the FBI's address that they used to store the Silk Road coins (belonging to customers, in a 'hot wallet'): https://blockchain.info/address/1F1tAaz5x1HUXrCNLbtMDqcw6o5GNn4xqX. It contains about 29,000 BTC.

This is the FBI's address that they are using to store DPR's personal coins: https://blockchain.info/address/1FfmbHfnpaZjKFvyi1okTjJJusN455paPH. It contains about 144,000 BTC.

How did they get the second batch of DPR's personal coins? I'm guessing that DPR either had his wallet password written down somewhere, or had hints to the password written down somewhere, which made cracking it very easy.

Some people think DPR has a few hundred thousand more coins somewhere in another wallet. It's possible, but it's also possible that the FBI already has almost all of his coins.

EDIT: note that the FBI started moving the silk road coins on October 2nd, and they started moving DPR's coins on October 25th. This suggests that the FBI had to work pretty hard to get DPR's coins, but eventually they succeeded somehow.

[MysteryMiner]

I use DiskCryptor (TrueCrypt replacement) with 25+ character random password to protect my computer from tampering and forensic examination. If I was at risk of being hacked then I will apply password to wallet.dat in Bitcoin-Qt.

What are the benefits of each of those?
Why are you using that one as a replacement to TrueCrypt?

DiskCryptor have a lot better performance on my old CPU https://en.wikipedia.org/wiki/Pentium_4#Willamette The attached benchmark screens speak for themselves.
DC pros:
+works better with RAID arrays (i'm running RAID array on my computer)
+generally faster because of better code optimization (on computers lacking hardware AES acceleration the DC's more secure Serpent is even faster than TC's AES!)
+more configurable bootloader - good for servers

TC pros:
+better for single drives - can encrypt entire drives including unallocated space versus DC volume-based approach.
+ Hidden volumes and hidden operating system
+ ability to mount as read-only

I think with DC, you can easily set up a self-destruct sequence upon entering either the wrong password, or a password specifically to do that.

In TC, you can too, sort of, but it's a work around.

Entirely false. Both DiskCryptor and TrueCrypt does no have self-destruct feature. It is useless against any half-capable enemy because enemy will make copies before and ask to write down password on piece of paper. If You understand russian then DiskCryptor author NTLDR made very clear and profane statement about this.

How did they get the second batch of DPR's personal coins?

It's very sad ;( seems like they cracked DPR to cooperate or he did not use full disk encryption on his computer. Or his security got compromised. Anyway we most likely don't know full story. And it is bad news that the FBI have their CP masturbating hands on 1.5% of all bitcoins ever in existence.

[Dabs]

Well, the configurable boot loader allows you to attempt the self-destruct feature. Of course, it won't work against enemies that image your hard drives and work on the copies.

My version of TC has a work around. You boot into the decoy OS and if you don't do something, it will proceed to wipe the data on the hidden OS, and it really only needs to wipe a megabyte or two to get the job done.

It only works on the assumption that they do not image my hard drive.

Sorry, I don't understand Russian, but again, it works on the assumption that whoever grabs your computer just turns it on. Similar to how Prey works, and how most phones have a delete feature if wrong password or something.

The best way to secure data, in my opinion, is physical destruction of the encrypted media. The best way I can tell to do that is to have a small thermite bomb on top of the hard drive that ignites and melts it when you hit a panic button. (If you can get to the panic button.)

[manuel]

But if your key is on your hard drive and it's encrypted they can't get it unless they have your passphrase right?

For the "brain wallet" you don't need to get your wallet file.  You can recalculate the private keys just from that phrase.  The problem here is that people are using large supercomputers to calculate as many possible brain wallets as they can.  Several people have reported funds being stolen from brain wallets because people don't realize how many brain wallets can be checked by a group of large computers.  They are making large databases of possible brain wallets and they watch the Bitcoin network and steal money when they can.  A regular user should not use a brain wallet because it takes a certain level of knowledge and sophistication to do it right.

To encrypt a wallet means you have to get access to that wallet file.  If someone gets the file they can try to brute force the password but they have to have a copy of the file.  So those supercomputers that are trying to break brain wallets do not do any good since they don't have the wallet file

If he is in jail and he can't get to the file he can not get to the funds.  however, if he used a brain wallet and still remembers it he can communicate that info and someone can recreate the wallet.

http://millybitcoin.com/common-bitcoin-misconceptions/

I see but isn't that just a deterministic wallet?  Or functionally the same as a deterministic wallet?

[theecoinomist]

I thought the FBI stole almost all of DRP's coins already.

This is the FBI's address that they used to store the Silk Road coins (belonging to customers, in a 'hot wallet'): https://blockchain.info/address/1F1tAaz5x1HUXrCNLbtMDqcw6o5GNn4xqX. It contains about 29,000 BTC.

This is the FBI's address that they are using to store DPR's personal coins: https://blockchain.info/address/1FfmbHfnpaZjKFvyi1okTjJJusN455paPH. It contains about 144,000 BTC.

How did they get the second batch of DPR's personal coins? I'm guessing that DPR either had his wallet password written down somewhere, or had hints to the password written down somewhere, which made cracking it very easy.

Some people think DPR has a few hundred thousand more coins somewhere in another wallet. It's possible, but it's also possible that the FBI already has almost all of his coins.

EDIT: note that the FBI started moving the silk road coins on October 2nd, and they started moving DPR's coins on October 25th. This suggests that the FBI had to work pretty hard to get DPR's coins, but eventually they succeeded somehow.

It's my understand the majority of his coints are not seized.
http://www.coindesk.com/fbi-proves-seizing-bitcoins-isnt-owning/

[go1111111]

It's my understand the majority of his coints are not seized.
http://www.coindesk.com/fbi-proves-seizing-bitcoins-isnt-owning/

What is the evidence that DPR has another 489,000 coins? Just that if you subtract the amount of coins that the FBI seized from the total amount of commissions that Silk Road made, you get 489,000?