Multiple BTC wallets for security?

[Meuh6879]

Because it can pass malware onto any computer it gets plugged in to.

yes ... and skynet exist. 
after a moment, stop to spread some legend about multiple infection.

if you pass he USB key on main computer that it have (real) antivirus (and correctly configure) ... it scan the USB stick always and clean all files.

malware and spyware only transist with inject java corrupted code on this plant in 2014.

but, other solution is to desactivate the "auto-lauch" ... in every windows to remove an automated script on the key (good luck, only apparear 1 time in 7 years on pictures and word documents massivly infected).

[1714640577]

1714640577

[bitcoinrocks]

in clear, buy a PC for Bitcoin.
not a big deal (with low price netbook).
you can use a android phone, too ... just for Bitcoin (only this installed, wifi ... no SIM card).

compromise PC is always because of multiple usage and multiples users ...

A PC is definetly a better choice for managing a cold storage. With an android phone, afaik, you can't sign offline transaction, so now there isn't a very secure and reliable way to administrate an offline wallet.

What's wrong with booting a USB stick?  Is it just the possibility of a hardware keylogger?

Your USB stick could be infected with malware and keyloggers, and the computer you plug it in too, so there's no difference.

If you build the USB stick the same way you would build a computer, why would the USB stick be more dangerous?

Because it can pass malware onto any computer it gets plugged in to.

In order to install Linux on a separate offline computer, I would need to set up the install on a USB stick anyway.  Doesn't anyone run cold storage on a bootable USB stick?

[serenitys]

Started out on page 1 being relieved. By page 4, I'm terrified, paranoid, hopeless and confused. Thanks

What is your suggestion on using an external backup drive to put the wallets and btc info on and keep it off the computer...and then when it's needed, plug it in and use it however? If I use the offline wallet (not paper) but the software that sits on an external drive or usb stick, I know I'm supposed to turn off the net connection when using it.

But what's the procedure to say, take some btc out of the offline wallet to send to the web based wallet for spending/use or transferring back and forth? Do I connect only long enough to send funds to the web wallet (presumably a completely new/different one and not an old one?) and disconnect the computer, remove the drive and then reconnect as the norm otherwise?

Yall seriously can make someone scared to death to even get online anymore 


Also for the point about people seeing how much btc you have or following the whole transaction, unless someone is specifically tracking a specific transaction to a person, I'd think it really doesn't matter if anyone sees amounts of btc. They don't know *you* have it, just that somebody does. That's part of the whole transparency thing...so even if a hacker sees a lot of btc in the chain, they still have a ton of work to do to find a way to get it, right?

[bitcoinrocks]

The idea here is that any operating system installation that has ever been online is potentially compromised.  So you want to sign your transactions with an install that has never been online.  I think a carefully installed USB stick would work nicely for that if you actually boot to it in order to sign the transaction and you don't connect it to an install that has ever been online.

[a7594li]

Yes ,It's security

[byt411]

Because it can pass malware onto any computer it gets plugged in to.

yes ... and skynet exist. 
after a moment, stop to spread some legend about multiple infection.

if you pass he USB key on main computer that it have (real) antivirus (and correctly configure) ... it scan the USB stick always and clean all files.

malware and spyware only transist with inject java corrupted code on this plant in 2014.

but, other solution is to desactivate the "auto-lauch" ... in every windows to remove an automated script on the key (good luck, only apparear 1 time in 7 years on pictures and word documents massivly infected).

Its not a legend, and you should know that commercial antiviruses don't deect the majority of malware and crap.

The idea here is that any operating system installation that has ever been online is potentially compromised.  So you want to sign your transactions with an install that has never been online.  I think a carefully installed USB stick would work nicely for that if you actually boot to it in order to sign the transaction and you don't connect it to an install that has ever been online.

Running linux from a USB is Ok, but make sure that the computer was never online. I thought you meant installing something like Electrum on a Usb and using it when you need to.

Yes ,It's security

Yes ,It's security

This statement makes no sense whatsoever.

[alexrossi]

The idea here is that any operating system installation that has ever been online is potentially compromised.  So you want to sign your transactions with an install that has never been online.  I think a carefully installed USB stick would work nicely for that if you actually boot to it in order to sign the transaction and you don't connect it to an install that has ever been online.

Also, as before was mentioned, beware of windows autostart, is one of the most dangerous feature for an "always offline PC"

[Unluckyduck]

Yes for sure use many different wallets so in the unlikely event that one gets taken over or lost you still have the majority of your funds.

[bitcoinrocks]

Running linux from a USB is Ok, but make sure that the computer was never online. I thought you meant installing something like Electrum on a Usb and using it when you need to.

Do you mean make sure the operating system on the USB stick was never online?  If so, I agree.  It's OK that the host computer was online as long as you actually boot into the USB stick to use it.

[byt411]

Running linux from a USB is Ok, but make sure that the computer was never online. I thought you meant installing something like Electrum on a Usb and using it when you need to.

Do you mean make sure the operating system on the USB stick was never online?  If so, I agree.  It's OK that the host computer was online as long as you actually boot into the USB stick to use it.

No, that's not what I meant. The computer must be offline at all times, no matter what OS. It's not OK that the host computer was online, since, as I said before, there are cross-OS keyloggers too.

[bitcoinrocks]

Running linux from a USB is Ok, but make sure that the computer was never online. I thought you meant installing something like Electrum on a Usb and using it when you need to.

Do you mean make sure the operating system on the USB stick was never online?  If so, I agree.  It's OK that the host computer was online as long as you actually boot into the USB stick to use it.

No, that's not what I meant. The computer must be offline at all times, no matter what OS. It's not OK that the host computer was online, since, as I said before, there are cross-OS keyloggers too.

As long as the USB stick is not plugged into the computer when its main OS is booted, it is safe to go online with that main OS.  When the USB stick is booted, the computer's main OS will not affect it unless you mount the device containing the main OS while the USB stick is booted.

[byt411]

Running linux from a USB is Ok, but make sure that the computer was never online. I thought you meant installing something like Electrum on a Usb and using it when you need to.

Do you mean make sure the operating system on the USB stick was never online?  If so, I agree.  It's OK that the host computer was online as long as you actually boot into the USB stick to use it.

No, that's not what I meant. The computer must be offline at all times, no matter what OS. It's not OK that the host computer was online, since, as I said before, there are cross-OS keyloggers too.

As long as the USB stick is not plugged into the computer when its main OS is booted, it is safe to go online with that main OS.  When the USB stick is booted, the computer's main OS will not affect it unless you mount the device containing the main OS while the USB stick is booted.

Wrong. Viruses can be embedded in the BIOS, and will be activated when you turn on your computer.

[bitcoinrocks]

I've heard of that but I think it's exceedingly rare.  Are there any confirmed reports of that happening?

[alexrossi]

Wrong. Viruses can be embedded in the BIOS, and will be activated when you turn on your computer.

This is a rare type of attack that i think can be stopped only with an ever offline PC

[byt411]

Wrong. Viruses can be embedded in the BIOS, and will be activated when you turn on your computer.

This is a rare type of attack that i think can be stopped only with an ever offline PC

That's why I'm saying that the PC should be completely 100% offline.
You have no guarantee that these types of viruses won't be common in the future, and it's better safe than sorry.

[ranlo]

I read something about Electrum that I didn't like.  Something about it being centralized in some way?

What do you mean it is "centralized"? It does rely on specific servers, since it does not download the entire blockchain.

I think he means that the blockchain itself (that is scanned) is centralized. But this is very different from being a centralized service, in that you can always take the private keys to your own client and scan the blockchain on your own. Electrum just speeds it up.

[alexrossi]

I read something about Electrum that I didn't like.  Something about it being centralized in some way?

What do you mean it is "centralized"? It does rely on specific servers, since it does not download the entire blockchain.

I think he means that the blockchain itself (that is scanned) is centralized. But this is very different from being a centralized service, in that you can always take the private keys to your own client and scan the blockchain on your own. Electrum just speeds it up.

And you can also setup your own electrum server/node for maximum privacy/reliability

[bitcoinrocks]

This has been a great conversation.  Thanks dudes.

[jonald_fyookball]

Wrong. Viruses can be embedded in the BIOS, and will be activated when you turn on your computer.

This is a rare type of attack that i think can be stopped only with an ever offline PC

That's why I'm saying that the PC should be completely 100% offline.
You have no guarantee that these types of viruses won't be common in the future, and it's better safe than sorry.

This is not that hard to implement.

Buy a cheapie old laptop on craigslist (just make sure it has a USB port),
and delete the wifi/ethernet driver(s). 

[ranlo]

Wrong. Viruses can be embedded in the BIOS, and will be activated when you turn on your computer.

This is a rare type of attack that i think can be stopped only with an ever offline PC

That's why I'm saying that the PC should be completely 100% offline.
You have no guarantee that these types of viruses won't be common in the future, and it's better safe than sorry.

This is not that hard to implement.

Buy a cheapie old laptop on craigslist (just make sure it has a USB port),
and delete the wifi/ethernet driver(s). 

Or just pull the BIOS battery out and short it (I think is what you do?). The same way you reset the password. That would clear out a virus.