Can bitaddress.org be trusted? (academic question)

[Evil-Knievel]

This message was too old and has been purged

[johnyj]

I heard about that casting dice is the most random way to generate a private key

[RoxxR]

I heard about that casting dice is the most random way to generate a private key

Speaking of that, bitaddress.org now accepts dice input!
Also NoBrainr (the python command) supports that in a very simple way.

[TookDk]

I read something written by someone else here which said something about the possibility of a virus (which could be carried by the CD/DVD/USB-stick) which generates a pattern in your power usage which can be read by someone monitoring the power usage of your house. So if you want to be completely paranoid, you'll have to run the computer by battery, and either destroy the battery afterward or at least never again connect it to the grid.

Now that is the right level of paranoia I am looking for 

Thank you for all the input guys (thanks a lot).
My conclusion is that you need to run your own random generator (truly deterministic)  and use it as a input to a script you understand and trust.
 

[Patel]

When generating new private keys, is it a good idea to do something like this?

generate a private key
enter that private key into wallet details tab
add & edit symbols, characters, and numbers to it

use the new private key it outputs?

Also, is it any better to use Armory or Bitcoin qt to generate private keys, as opposed to bitaddress.org.html?

[TookDk]

To answer your last question first, I don't trust the random number generator in my OS, let alone when used from javascript running on a liveUSB. Fortunately, bitaddress.org lets you provide your own private key which you can randomly generate from a more trustworthy source of randomness.

I was thinking about something, what are the rules for generating your own WIF 51 characters base58 private address? Is the only rule that the first character in the string is "5" ?
In that case, it would be pretty straight forward to generate your own private key.

[Patel]

When generating new private keys, is it a good idea to do something like this?

generate a private key
enter that private key into wallet details tab
add & edit symbols, characters, and numbers to it

use the new private key it outputs?

If you only add symbols, characters, and numbers, and don't edit or delete any, and you get that popup that says "The text you entered is not a valid Private Key! Would you like to use the entered text as a passphrase and create a Private Key using a SHA256 hash of the passphrase?" then you probably aren't doing any harm and maybe even slightly improving things.

When you create a new private key using the hash of added numbers and symbols, does this add to the security vs just clicking generate? As it is truly random

[Patel]

Thanks. I am just a little paranoid.

I generated my addresses with 2.5.1 of bitaddress, and I used the bulk address tab

I generated about 10 addresses. I am just trying to figure out if they will be 100% or as close to 100% secure as possible

Any additional tips regarding address generation safety would be greatly appreciated.