byt411
|
|
May 18, 2014, 11:06:57 AM |
|
Aha, that's not how it works. You generate a private key on an offline computer, abd then print it out. That way keyloggers cannot send the data to the hacker.
That's not completely true, if your computer is already compromised, you can even cut off the internet connection, but when you will re-connect the PC, a keylogger will be able to send the infos catched in the offline session to an attacker. So the best thing that you can do is basically use a live CD to obtain a clear environment Sorry, I think I didn't express myself clearly, I meant a computer that will never be online at all. But if you had that, you could simply turn it into a cold wallet, where you sign transactions on there and then broadcast it using an online computer.
|
|
|
|
alexrossi
Legendary
Offline
Activity: 3794
Merit: 1742
Join the world-leading crypto sportsbook NOW!
|
|
May 18, 2014, 04:47:14 PM |
|
But if you had that, you could simply turn it into a cold wallet, where you sign transactions on there and then broadcast it using an online computer.
Yep, definetly better especially for managing multiple address (electrum can do perfectly the job, and the deterministic feature avoid a lot of harassment)
|
|
|
|
bitcoinrocks (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
May 18, 2014, 05:28:25 PM |
|
What is the best way to go about storing the bulk of my BTC offline? Paper wallets seem to be popular. How do you transfer BTC from a paper wallet to an online wallet for spending?
I personally find that paper wallets are a mediocre solution. They look nice and are sort of functional (except you have to import the whole balance and then broadcast from a comp connected to the net which poses a security risk) and can be encrypted (with BIP38) if done correctly. You would be far better off looking at cold storage - have Armory/Electrum on an offline air gapped computer and use it to sign txs that you make on your online computer. That way you never have your private keys exposed on an online computer. I would prefer Electrum as you can backup your seed physically and thanks to its deterministic nature you'll have all your private keys even if your hardware fails. This sounds like the only really secure option. Would I only need to backup the seed? If someone were able to read that seed backup, would they be able to spend the coins? If the offline computer were physically stolen, would the thief be able to spend the coins? How about installing Linux on a USB stick and booting to that with networking disabled instead of using a separate offline computer? I suppose this sort of thing is only available for BTC so altcoins have to remain vulnerable.
|
|
|
|
byt411
|
|
May 18, 2014, 05:44:12 PM |
|
This sounds like the only really secure option.
Would I only need to backup the seed? If someone were able to read that seed backup, would they be able to spend the coins?
Yes, only the seed. And yes, if someone gets the seed, they can spend your coins. If the offline computer were physically stolen, would the thief be able to spend the coins?
Well of course. All they need is to connect the computer to the internet. How about installing Linux on a USB stick and booting to that with networking disabled instead of using a separate offline computer?
Mhmm... Maybe. As far as I know, some keyloggers can log everything, no matter what VM/USB OS you put on it. But seriously, a paper wallet is more than enough. You are a bit too paranoid.
|
|
|
|
wakasaki808
|
|
May 18, 2014, 05:54:57 PM |
|
I use 3 wallet The first with something like 200$ on blockchain wallet The second on Elecrum with 30 % of my bitcoins Then I have a paper wallet with other bitcoins
|
|
|
|
bitcoinrocks (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
May 19, 2014, 12:56:07 PM |
|
If the offline computer were physically stolen, would the thief be able to spend the coins?
Well of course. All they need is to connect the computer to the internet. Can't I encrypt or add a password to the Electrum wallet to prevent that? How about installing Linux on a USB stick and booting to that with networking disabled instead of using a separate offline computer?
Mhmm... Maybe. As far as I know, some keyloggers can log everything, no matter what VM/USB OS you put on it. A physically-installed hardware keylogger would function on a USB boot but a software keylogger wouldn't work. Does anyone run a cold wallet this way? But seriously, a paper wallet is more than enough. You are a bit too paranoid.
From a practical perspective, I don't see how a paper wallet provides any more security than a wallet on your computer. In order to move the coins from your paper wallet, you have to import the private key to your online computer and if your computer is compromised, you lose control of the coins just like the wallet was on your computer all along.
|
|
|
|
alexrossi
Legendary
Offline
Activity: 3794
Merit: 1742
Join the world-leading crypto sportsbook NOW!
|
|
May 19, 2014, 01:00:18 PM |
|
Can't I encrypt or add a password to the Electrum wallet to prevent that?
Of course! My advice is to use only encrypted backups, w/o a "raw" seed backup.
|
|
|
|
Meuh6879
Legendary
Offline
Activity: 1512
Merit: 1011
|
|
May 19, 2014, 01:01:19 PM |
|
in clear, buy a PC for Bitcoin. not a big deal (with low price netbook). you can use a android phone, too ... just for Bitcoin (only this installed, wifi ... no SIM card).
compromise PC is always because of multiple usage and multiples users ...
|
|
|
|
alexrossi
Legendary
Offline
Activity: 3794
Merit: 1742
Join the world-leading crypto sportsbook NOW!
|
|
May 19, 2014, 01:04:34 PM |
|
in clear, buy a PC for Bitcoin. not a big deal (with low price netbook). you can use a android phone, too ... just for Bitcoin (only this installed, wifi ... no SIM card).
compromise PC is always because of multiple usage and multiples users ...
A PC is definetly a better choice for managing a cold storage. With an android phone, afaik, you can't sign offline transaction, so now there isn't a very secure and reliable way to administrate an offline wallet.
|
|
|
|
keithers
Legendary
Offline
Activity: 1456
Merit: 1001
This is the land of wolves now & you're not a wolf
|
|
May 19, 2014, 05:02:36 PM |
|
in clear, buy a PC for Bitcoin. not a big deal (with low price netbook). you can use a android phone, too ... just for Bitcoin (only this installed, wifi ... no SIM card).
compromise PC is always because of multiple usage and multiples users ...
I agree with the above, and this is actually what I do as well. I keep a separate PC, that I do not browse the internet with, and definitely don't download anything on it.
|
|
|
|
byt411
|
|
May 19, 2014, 06:22:33 PM |
|
in clear, buy a PC for Bitcoin. not a big deal (with low price netbook). you can use a android phone, too ... just for Bitcoin (only this installed, wifi ... no SIM card).
compromise PC is always because of multiple usage and multiples users ...
I agree with the above, and this is actually what I do as well. I keep a separate PC, that I do not browse the internet with, and definitely don't download anything on it. Still isn't enough, it needs to be 100% offline. It could still be hacked and have keyloggers implanted in its registry.
|
|
|
|
alexrossi
Legendary
Offline
Activity: 3794
Merit: 1742
Join the world-leading crypto sportsbook NOW!
|
|
May 19, 2014, 06:43:27 PM |
|
in clear, buy a PC for Bitcoin. not a big deal (with low price netbook). you can use a android phone, too ... just for Bitcoin (only this installed, wifi ... no SIM card).
compromise PC is always because of multiple usage and multiples users ...
I agree with the above, and this is actually what I do as well. I keep a separate PC, that I do not browse the internet with, and definitely don't download anything on it. Still isn't enough, it needs to be 100% offline. It could still be hacked and have keyloggers implanted in its registry. I agree, for a true security an offline PC is the best thing that you can do.
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
May 19, 2014, 06:57:56 PM |
|
From a practical perspective, I don't see how a paper wallet provides any more security than a wallet on your computer. In order to move the coins from your paper wallet, you have to import the private key to your online computer and if your computer is compromised, you lose control of the coins just like the wallet was on your computer all along.
Paper wallet is a means of storage it isn't incompatible with using an offline client for signing. Someone however could buy $1,000 worth of BTC and in a fairly easy, fast. and straightfoward manner secure them offline via a paper wallet. If they are a buy and hold kind of investor that may be all they need for ... now. If Bitcoin goes nowhere well it didn't take much to get started but say Bitcoin over 5 years does explode and there $1,000 in now worth a couple hundred thousand. Pretty easy to buy a netbook or some other device to act as an offline signing device and import the private key directly on to that device.
|
|
|
|
PolarPoint
|
|
May 19, 2014, 08:52:00 PM |
|
I think a separate PC with Electrum as bitcoin cold wallet and no alts is adequate security for most people. Just keep small amounts on online wallet and exchange.
|
|
|
|
bitcoinrocks (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
May 19, 2014, 09:10:09 PM |
|
in clear, buy a PC for Bitcoin. not a big deal (with low price netbook). you can use a android phone, too ... just for Bitcoin (only this installed, wifi ... no SIM card).
compromise PC is always because of multiple usage and multiples users ...
A PC is definetly a better choice for managing a cold storage. With an android phone, afaik, you can't sign offline transaction, so now there isn't a very secure and reliable way to administrate an offline wallet. What's wrong with booting a USB stick? Is it just the possibility of a hardware keylogger?
|
|
|
|
byt411
|
|
May 19, 2014, 09:13:21 PM |
|
in clear, buy a PC for Bitcoin. not a big deal (with low price netbook). you can use a android phone, too ... just for Bitcoin (only this installed, wifi ... no SIM card).
compromise PC is always because of multiple usage and multiples users ...
A PC is definetly a better choice for managing a cold storage. With an android phone, afaik, you can't sign offline transaction, so now there isn't a very secure and reliable way to administrate an offline wallet. What's wrong with booting a USB stick? Is it just the possibility of a hardware keylogger? Your USB stick could be infected with malware and keyloggers, and the computer you plug it in too, so there's no difference.
|
|
|
|
bitcoinrocks (OP)
Legendary
Offline
Activity: 1372
Merit: 1000
|
|
May 19, 2014, 09:16:20 PM |
|
in clear, buy a PC for Bitcoin. not a big deal (with low price netbook). you can use a android phone, too ... just for Bitcoin (only this installed, wifi ... no SIM card).
compromise PC is always because of multiple usage and multiples users ...
A PC is definetly a better choice for managing a cold storage. With an android phone, afaik, you can't sign offline transaction, so now there isn't a very secure and reliable way to administrate an offline wallet. What's wrong with booting a USB stick? Is it just the possibility of a hardware keylogger? Your USB stick could be infected with malware and keyloggers, and the computer you plug it in too, so there's no difference. If you build the USB stick the same way you would build a computer, why would the USB stick be more dangerous?
|
|
|
|
byt411
|
|
May 19, 2014, 09:17:07 PM |
|
in clear, buy a PC for Bitcoin. not a big deal (with low price netbook). you can use a android phone, too ... just for Bitcoin (only this installed, wifi ... no SIM card).
compromise PC is always because of multiple usage and multiples users ...
A PC is definetly a better choice for managing a cold storage. With an android phone, afaik, you can't sign offline transaction, so now there isn't a very secure and reliable way to administrate an offline wallet. What's wrong with booting a USB stick? Is it just the possibility of a hardware keylogger? Your USB stick could be infected with malware and keyloggers, and the computer you plug it in too, so there's no difference. If you build the USB stick the same way you would build a computer, why would the USB stick be more dangerous? Because it can pass malware onto any computer it gets plugged in to.
|
|
|
|
Kashim
|
|
May 19, 2014, 09:53:57 PM |
|
multiple wallets will be an issue
|
|
|
|
byt411
|
|
May 19, 2014, 10:14:00 PM |
|
multiple wallets will be an issue
It won't. Please stop making statements without backing them up with an explanation, you are misleading people.
|
|
|
|
|