Bitcoin Forum
December 10, 2016, 03:24:38 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Securing wallet.dat  (Read 676 times)
FrodoMiner
Newbie
*
Offline Offline

Activity: 5


View Profile
January 14, 2012, 09:37:10 PM
 #1

Hi there,

my idea is to create a Linux VM, move my wallet.dat to it - and then make it read only.

The Bitcoin folder is in a volatile file system.

Would that work?

Would I create (too much) additional network traffic since all my blkxyz.dat files are created from scratch every time I boot up my VM ?

Would that be unfair on all the other Bitcoin users that permanently store those blk.dat files ?

cheers,
F.
1481340278
Hero Member
*
Offline Offline

Posts: 1481340278

View Profile Personal Message (Offline)

Ignore
1481340278
Reply with quote  #2

1481340278
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481340278
Hero Member
*
Offline Offline

Posts: 1481340278

View Profile Personal Message (Offline)

Ignore
1481340278
Reply with quote  #2

1481340278
Report to moderator
1481340278
Hero Member
*
Offline Offline

Posts: 1481340278

View Profile Personal Message (Offline)

Ignore
1481340278
Reply with quote  #2

1481340278
Report to moderator
1481340278
Hero Member
*
Offline Offline

Posts: 1481340278

View Profile Personal Message (Offline)

Ignore
1481340278
Reply with quote  #2

1481340278
Report to moderator
jake262144
Full Member
***
Offline Offline

Activity: 210


View Profile
January 14, 2012, 09:51:20 PM
 #2

That makes no sense.

Why would you go to such drastic measures when you can encrypt your wallet with a passphrase using the bitcoin client?
Choose a decent passphrase and you're good to go.
Just please make sure your machine stays malware-free, ok?

Remember that if your main machine gets infected, a VM running inside it might not protect you.
A VM can be used with great success to contain a threat, not to keep a threat already present in the parent machine outside.

There is no gain in keeping the block chain on a volatile FS and re-downloading it all the time.
Keep the block chain on the persistent FS and limit your worries to the wallet file.

Also, why make the wallet file read-only??
The client will want to write changes to your wallet with every transaction you make and "read" is the only privilege the malware really needs.


If built-in AES encryption doesn't seem enough, you could always use TrueCrypt and mount your Serpent-Twofish-AES-encrypted wallet using the command line.
Alternatively, you could keep the wallet on a LUKS-encrypted volume. This way you can have multiple keys and revoke them if necessary.
Or, use the good-old gpg for securing the wallet further.
There are countless possibilities.
codymanix
Full Member
***
Offline Offline

Activity: 203

Gir: I'm gonna sing the Doom Song now..


View Profile
January 15, 2012, 09:03:01 PM
 #3

Anybody who can copy or read your wallet.dat can transfer all your money to any bitcoin address he wants.
Therefore you should use the wallet encryption feature include in the standard bitcoin client.

Programming tutorials, Tools, Games & Humor http://deutronium.de.vu
My Vircurex referral code for persistant 0.05% trade discount: 750-33267 or use
https://vircurex.com/welcome/index?referral_id=750-33267
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!