Bitcoin Wallet Security Discussion

[toroidmonster24]

(x-post from Newbies, but hoping for more discussion here)

I've been lurking here for a while and after reading about wallets, and all the recent thefts, and a bit about cold storage. I haven't taken the plunge into cold storage yet, so feel free to destroy my points here. Also I have a ton of questions too, so would appreciate some answers.

Basically, my goal is to understand what proper bitcoin storage would mean, and what solid ways there are for the general public. No I don't mean the few enthusiasts out there. It's the same thing how if your uncle asks you what new computer he should get, you don't tell him to build his own and get a GTX 790 or whatever. We're talking general public.

From what I know about cold storage, it seems a bit difficult to deal with.

• Not everyone has an offline computer. I have 4 computers in the house, 2 laptops (both online), 2 desktops, both online. I suppose I could use my NAS to create a VM and make a live CD. So here's where you think I'm a tech guy right? But no, I'm not that smart either. I'm a Linux noob and it'd probably take me forever to figure out how to install Electrum or Armory.
• Then what? Do a bunch of USB transfers? Sounds complicated, and a LOT of work.
• Lack of liquidity too. My fiat assets might not all be that liquidable, but selling stock is pretty straightforward, and even transferring emergency funds from a 3 months high interest savings account is pretty easy too.

Well what about a paper wallet you say? This is definitely easier. I can go to Bitaddress and print something quickly, but wait! I don't even have a printer at home. So what if I use the one at work? Uhh, that's like leaving a giant fingerprint left on the printer. And once again you ask what about getting a cheap printer to print at home? Once again I'm tasked with the issue of offline computers. The maybe so-so method would be to use a BIP38 address through Bitaddress as that's secure as hell (or so we think right?). I mean technically it's supposed to be secure enough where I can flaunt my Private Key, in which case, I'm probably somewhat OK printing at work.

So here's my take if I were to use paper wallets:

• Print a few Bitaddresses w/ BIP38 encryption and a STRONG password
• Store a PDF version encrypted with TrueCrypt on my Dropbox which has 2FA
• Hide the paper copy somewhere at home. I don't have a safe, nor do I think it makes sense unless people are putting their life savings away in BTC.
• I would avoid paper wallets unless I had BIP38, because I don't see a reasonable way to print stuff for me. Plus, without encryption protecting my private key, I feel like I would have to minimize the number of copies circulating around and therefore I think I'd be prone to misplacing copies

So I come back to Blockchain or Coinbase. Both have 2FA capabilities and Blockchain even has a 2nd password function. As much as enthusiasts say Blockchain is no good, isn't it technically pretty solid? No passwords stored on their servers, encryption done locally, blah blah blah. If one uses Blockchain with a STRONG password and 2FA, and even a second password, is there much to worry about? I guess there's a few weaknesses

• Emailed copies float around and if you have old copies with weaker passwords, this will be a weak link
• Wallet could be potentially taken offline to brute force attack
• Website or extension could be potentially compromised for MIM attacks. I find it disturbing Chrome auto updates extensions like that, but I suppose not all extensions are mission critical anyway, so I guess that's why they do it.

There's also the issue of a keylogger. Maybe it's a good habit at this point to use LastPass or something where you copy and paste the password in instead of typing it. I guess there's also the issue of whether or not you trust Blockchain, but it seems if you trust them, that if one doesn't have the password, then they're truly screwed. As for Coinbase, I didn't even touch on them, but given how they're in the US and the NSA is all over that stuff... eh I don't even know.

Anyway, at this point I just don't see a reasonable secure wallet storage method for most average people. Electrum and Armory are great, but you need vast resources. Paper wallets for the general public will be the equivalent of keeping a password written on a sticky note--easily misplaced, and likely not stored properly. Blockchain can be compromised with crappy passwords, but there are the right tools out there to effectively secure your Blockchain.

Anyway I'll stop ranting.

[12648430]

One major issue with blockchain.info is that they could change the JS they serve at any time to something that nabs your private keys when you decrypt them, and could potentially quietly pwn a lot of wallets that way before someone noticed; similarly, someone doing a MITM could do that. The stuff that is done client-side is essentially vulnerable to XSS-like attacks that aren't even cross-site (and so don't require any XSS vulnerabilities).

[Barek]

The point of a paper backup is that you can verify it by looking at it. If you can read it, you can access your coins.

The problem with digital media is that you never know when it will fail, and then your moneys are gone.

For general public I'd suggest Electrum. A lightweight client with a deterministic wallet. One printout allows you to restore the full wallet, with all private keys ever created. Even those created after the paper backup was printed!

http://electrum.org

[toroidmonster24]

The thing is Electrum doesn't work that well unless you run it on an offline computer right? Does the general public setup separate offline rigs and want to deal with USB transfers? I doubt it.

[12648430]

The thing is Electrum doesn't work that well unless you run it on an offline computer right? Does the general public setup separate offline rigs and want to deal with USB transfers? I doubt it.

Depends on what you mean for work well, if you want to use it as a wallet it works best with an internet connection. If you want to use it to implement cold storage, you could write down/memorize your passphrase, export your master public key, delete (ideally wipe securely) your wallet file, re-import the master public key, so you'll still be able to see your balance and get new receiving address but can't spend anywhere until you use your passphrase. You don't need an offline computer unless you're paranoid about it.

[toroidmonster24]

I don't think it's too complicated if you put your heart into it, but neither is rooting your phone using ADB. It's just not for the average person I don't think. I can see people using Bitcoin-Qt or Electrum on their normal computer, and likely this is how 95% of the average bitcoin user will use their coins... either in a hot wallet or a local wallet, but never truly shielded like everyone keeps recommending.

[silvergoldandbitcoin]

I don't think it's too complicated if you put your heart into it, but neither is rooting your phone using ADB. It's just not for the average person I don't think. I can see people using Bitcoin-Qt or Electrum on their normal computer, and likely this is how 95% of the average bitcoin user will use their coins... either in a hot wallet or a local wallet, but never truly shielded like everyone keeps recommending.

I agree that it's not for the average person in terms of how technical cold storage wallets can be. However I also think most people underestimate how important cold storage wallets truly are.

Any "significant" amount of bitcoin (however you personally define significant) should be kept in cold storage.

[Dabs]

I use the printer at work. I know, almost for sure, that it doesn't store anything. The computer that it is connected to also doesn't remember what it printed the day before. Most importantly, there are a limited number of people who have access to both the computer and the printer.

Now, you could argue that that computer is online. Yes it is, but only to look at work email. Everything else is blocked behind a firewall, and you can't access the computer remotely. Only one person works on that locally.

Now, you could argue that it is still connected.

I might change my views if I hold significantly more bitcoin enough that it bothers me.

I do have an offline laptop at home. It is also encrypted. Any old computer will work, you don't need to buy a brand new one. Just use one that you already have when you buy your new one.

But, for example, you own 1 or 2 whole bitcoins. You can actually buy a $200 laptop just for this purpose, the cheapest one you can find. And you can also buy the cheapest printer for your paper wallet backup.

[kllr123]

I have a question to add. If say I have a bitcoin wallet that is unencrypted, I make a backup of it and then encrypt the wallet. Years later, I dig up the backup and import it, will the backed up wallet get encrypted aswell or will it be usable and unencrypted?

[toroidmonster24]

I have a question to add. If say I have a bitcoin wallet that is unencrypted, I make a backup of it and then encrypt the wallet. Years later, I dig up the backup and import it, will the backed up wallet get encrypted aswell or will it be usable and unencrypted?

You can only use a fully decrypted private key. If you are able to import an encrypted wallet it's because the wallet software likely can detect what kind of encryption and then proceed to ask you for the passphrase to decrypt it (e.g. a BIP38 encrypted private key).

Honestly, your backup should be the encrypted version of it unless you seriously have troubles remembering your passphrase. If you're using some ridiculous 12 word passphrase, then write it down, but keep it separate. Otherwise, you're better off with a plaintext private key that you keep safe.

[seanneko]

Well what about a paper wallet you say? This is definitely easier. I can go to Bitaddress and print something quickly, but wait! I don't even have a printer at home. So what if I use the one at work? Uhh, that's like leaving a giant fingerprint left on the printer. And once again you ask what about getting a cheap printer to print at home? Once again I'm tasked with the issue of offline computers.

Write the key down with pen and paper. The only advantage of "printing" it is convenience, and you get fancy graphics on the paper.

If you don't trust your computers, just burn a Linux live CD (eg. Ubuntu), unplug the network cable, and boot off the CD. It will not modify or damage your existing operating system unless you deliberately tell it to. Then you can generate a private key using bitaddress or whatever other method you prefer.

In theory this still isn't absolutely 100% secure as there is malware which can persist across operating system reinstalls (BIOS implants), but the chances of this are so low that it's not even worth worrying about.

[toroidmonster24]

Well what about a paper wallet you say? This is definitely easier. I can go to Bitaddress and print something quickly, but wait! I don't even have a printer at home. So what if I use the one at work? Uhh, that's like leaving a giant fingerprint left on the printer. And once again you ask what about getting a cheap printer to print at home? Once again I'm tasked with the issue of offline computers.

Write the key down with pen and paper. The only advantage of "printing" it is convenience, and you get fancy graphics on the paper.

If you don't trust your computers, just burn a Linux live CD (eg. Ubuntu), unplug the network cable, and boot off the CD. It will not modify or damage your existing operating system unless you deliberately tell it to. Then you can generate a private key using bitaddress or whatever other method you prefer.

In theory this still isn't absolutely 100% secure as there is malware which can persist across operating system reinstalls (BIOS implants), but the chances of this are so low that it's not even worth worrying about.

How common is malware? I'm a moderately capable computer guru I'd say, and I have never gotten infected, except once when I was in high school and young and naive. I downloaded something suspicious and I KNEW it was suspicious too. I clicked on it once and intended on rightclicking to hit Scan or Delete (I forget a bit), but I accidentally double clicked. I knew it was going to screw me too and I saw the whole thing just unfold in front of me in slow motion. Freaking virus screwed my whole computer up.

But honestly, with all the spyware and malware out there I think there's FAR more people just infected with something stupid that annoys them or spams their computer more than there are people whose logins and passwords are actually getting stolen by keyloggers. Is it just me or this whole keylogger/malware stuff is getting overblown?

With all these Bitcoin thefts out there, how many people have actually gotten funds stolen because their passwords were logged? Most of the issues I've seen so far relate to:

• Terrible password choice leading to easy guessing and Brainwallets getting snatched
• Reuising passwords that were likely compromised in some other leak (Adobe, LinkedIn, etc.)
• Not using 2FA while having a crap password
• Losing digital wallet files
• Losing paper wallets, misplacing, etc.

And this is why I continue to ask why with cold wallet storage, people are going full tinfoil hat. The issues right now are more user issues more than anything. The way Blockchain is setup, there are some concerns such as keyloggers, or the site getting compromised with a MITM attack, but there's nothing really inherently wrong with Blockchain. It's more than sufficient if you setup a strong password and 2FA if you're really scared. Even if the site gets hacked and people steal your encrypted wallet, so what? It's encrypted. If you chose a good enough password, that's like having people hack Brainwallets and trying to generate phrases to guess seeds. In an ideal world, nothing gets compromised, but I think given that most people have issues with losing things, properly storing things on their computer, those real world user errors are a bigger threat to cold wallet storage and hot wallet storage, than with sites getting hacked, computers getting keylogged, MITM attacks, etc.

[Dabs]

I have a question to add. If say I have a bitcoin wallet that is unencrypted, I make a backup of it and then encrypt the wallet. Years later, I dig up the backup and import it, will the backed up wallet get encrypted aswell or will it be usable and unencrypted?

Not a good idea, if you are using bitcoin-qt. When you encrypt your wallet, it discards all unused keys in the key pool and generates a new batch. Your backup will not have those new keys (usually used for change.)

A good idea is to immediately back up your wallet after you have encrypted it.

A better idea is to create a brand new wallet, encrypt it, and back that one up, then send over all your coins from your old wallet to the new encrypted one that is backed up.

As for blockchain, I have never used it as a wallet. I have only tried bitcoin-qt, electrum, armory, and the android ones (bitcoin for android and bitcoinspinner / mycelium.)

I use QT.

[blkitty]

I don't think it's too complicated if you put your heart into it, but neither is rooting your phone using ADB. It's just not for the average person I don't think. I can see people using Bitcoin-Qt or Electrum on their normal computer, and likely this is how 95% of the average bitcoin user will use their coins... either in a hot wallet or a local wallet, but never truly shielded like everyone keeps recommending.

The average person doesn't have a significant amount of Bitcoins to worry about. It's like leaving small bills around the house. If you have a lot of money, then you'll be it in a more secure place.