Bitcoin Forum
July 28, 2024, 10:24:49 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Other > Beginners & Help > Online Wallet Security
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: Online Wallet Security  (Read 430 times)
guyon (OP)
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
December 13, 2013, 12:55:31 PM
 #1
This question has been asked previously ( https://bitcointalk.org/index.php?topic=170264.0 ) but the answers weren't as good as I was hoping (and as a newbie I can only post here for now).

I understand the principle of unlock-sendtoaddress-lock but this seems unduly risky to me. If a hacker can deploy key-loggers to a server they can also deploy wallet monitors that can scan the wallet.dat files for the private keys and in the brief milliseconds that the wallet is unlocked, the private keys will be read, tested and emptied.

So my questions are:

1. Will there ever be a password parameter to sendtoaddress? If so, any idea when? I see this has been a known issue for at least two years and as far as I can see, nothing has been done.

2. How do online wallet and exchange services protect their wallets (or for that matter, client solutions like armory). I can only assume they don't rely on the unlock-send-lock method.

3. Alternatively - are there methods for receiving and sending bitcoin (and other crypto currencies) that don't use a local bitcoind service? I would feel much safer knowing the private keys were never stored on disk in plain text at any time.

Regards,
Guyon
swansong
Full Member
***
Offline Offline

Activity: 151
Merit: 100



View Profile
December 13, 2013, 01:02:40 PM
 #2
2: Exchanges use Cold Storage for %80 of their holdings (Paper Wallets)
guyon (OP)
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
December 13, 2013, 01:27:40 PM
 #3
Quote from: swansong on December 13, 2013, 01:02:40 PM
2: Exchanges use Cold Storage for %80 of their holdings (Paper Wallets)

Thanks, but I already know about cold storage, that wasn't the question. What I'm really interested in is - How do they protect their online coins?
lindeanin
Full Member
***
Offline Offline

Activity: 161
Merit: 100


View Profile
December 13, 2013, 02:27:26 PM
 #4
Quote from: guyon on December 13, 2013, 01:27:40 PM
Quote from: swansong on December 13, 2013, 01:02:40 PM
2: Exchanges use Cold Storage for %80 of their holdings (Paper Wallets)

Thanks, but I already know about cold storage, that wasn't the question. What I'm really interested in is - How do they protect their online coins?


Their Bitcoins withdrawals doesnt need to be instant, and every request might be reviewed

MtGox hours to several days delays for Bitcoins withdrawals makes sence
ajax3592
Full Member
***
Offline Offline

Activity: 210
Merit: 100

Crypto News & Tutorials - Coinramble.com


View Profile
December 13, 2013, 03:02:08 PM
 #5
Quote from: guyon on December 13, 2013, 12:55:31 PM
they can also deploy wallet monitors that can scan the wallet.dat files for the private keys and in the brief milliseconds that the wallet is unlocked, the private keys will be read, tested and emptied.

Don't think there is anything in the market that can achieve that. Paper wallets are the safest bet, you use the address to receive Bitcoins and you import the private key into your wallet when you want to spend the Bitcoins, that's it.
Crypto news/tutorials >>CoinRamble<<                            >>Netcodepool<<                >>My graphics<<
Pages: [1]
  Print  
Bitcoin Forum > Other > Beginners & Help > Online Wallet Security
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!