Slenderman52 (OP)
Newbie
Offline
Activity: 1
Merit: 0
|
|
July 03, 2014, 08:42:15 PM |
|
Is it okay to use a refurbished laptop to make a cold wallet as long as I remove the wireless card? Can an encrypted wallet with over 30 characters(random, numbers, LC letters, Capital letters, and special characters) still easily be hacked without using a keylogger to obtain the password?
|
|
|
|
zhinkk
|
|
July 03, 2014, 09:02:48 PM |
|
You would most likely be okay, but I would reformat it anyway (and in my case, install ubuntu or something) before using it for cold storage. And yeah, removing the network card sounds like a good idea after you have everything settled. Also, why not just use paper wallets? I feel like this laptop could be used for something useful. Up to you though.
|
|
|
|
Light
|
|
July 04, 2014, 12:32:09 AM |
|
Yeah a laptop without a wireless card is a perfectly fine solution. Formatting the machine and installing a Linux derivative would be best given that malware is rarer on Linux and Linux is generally friendlier with older machines whose specs aren't as good. Plus nearly all the cold storage software (Armory/Electrum) is compatible with most forms of Linux.
|
|
|
|
Relnarien
|
|
July 04, 2014, 01:24:41 AM |
|
Is it okay to use a refurbished laptop to make a cold wallet as long as I remove the wireless card? Can an encrypted wallet with over 30 characters(random, numbers, LC letters, Capital letters, and special characters) still easily be hacked without using a keylogger to obtain the password?
In reality, you don't even need to keep a wallet.dat file if you just need a cold storage Bitcoin address. Storing your cold storage address on a clean computer that has never been connected to the Internet is indeed a secure solution, but it's much less secure than not having a digital copy of your wallet at all. Since you won't be touching the funds on that address anyway (at least not for the foreseeable future), there is no reason to make it accessible to any Bitcoin client. Personally, what I would do is extract the private key of a newly generated address and write it down on a piece of paper. I would then store that piece of paper somewhere safe. But for most intents and purposes, assuming that you are not a high value target, then yes, your solution is secure enough.
|
|
|
|
Benjig
|
|
July 04, 2014, 03:38:26 AM |
|
And also, why dont you make a second backup on a usb memory stick? I mean the hd of that laptop can die and you will have problems.
|
|
|
|
Bernard Lerring
|
|
July 04, 2014, 05:04:50 AM |
|
How about this idea:
Download and install Tails Linux onto a USB stick. Save a copy of the bitaddress.org HTML file onto the Tails USB stick. Put it into a new directory if you want.
Run Tails Linux on the old laptop and open the bitaddress.org HTML file in Tails' secure browser. Make sure the laptop is never connected to a WiFi network whilst you're doing this.
Generate an address and private key using the Web page. Write them down, double and triple checking your work.
Shutdown Tails. Boot windows/Linux/whatever and send coins to your new, secure address.
You could even remove the hard drive from the old laptop if you want to be sure that no information is being left behind and your only key is on the piece of paper.
|
|
|
|
Mr Crabs
Member
Offline
Activity: 91
Merit: 10
|
|
July 04, 2014, 08:03:17 PM |
|
Instead of a laptop why don;t you use a raspberry pi? They're very cheap.
|
|
|
|
ALToids
|
|
July 04, 2014, 08:55:19 PM |
|
Keep you offline wallet simple. Don't go into overly complicated tasks that you've never done before because you will probably make an error.
|
|
|
|
InwardContour
|
|
July 05, 2014, 03:38:51 AM |
|
As long as you never connect the Laptop to the internet in the future you should be okay. There would always be the possibility that the RNG would somehow be compromised, but I would doubt it as the refurbished laptop market is large compared to the bitcoin market.
|
|
|
|
Bernard Lerring
|
|
July 05, 2014, 03:56:52 AM |
|
I assume by RNG you mean random number generator? The bitaddress.org file has this covered by generating its own random entropy based on human interaction when it loads into your browser.
It could maybe be a little more sophisticated than just using random mouse movement and key clicking but that is down to if you are super-paranoid.
In any case, one can check out ones new address on blockchain.info before depositing to make sure that the randomness is good.
|
|
|
|
anivia
Newbie
Offline
Activity: 56
Merit: 0
|
|
July 05, 2014, 04:05:01 AM |
|
Isnt it better for do this with a paper wallet? for cold storage. or am i wrong..
|
|
|
|
danpe
Newbie
Offline
Activity: 43
Merit: 0
|
|
July 05, 2014, 04:28:01 AM |
|
Is it okay to use a refurbished laptop to make a cold wallet as long as I remove the wireless card? Can an encrypted wallet with over 30 characters(random, numbers, LC letters, Capital letters, and special characters) still easily be hacked without using a keylogger to obtain the password?
did you reformat the laptop ?
|
|
|
|
single-mom
Newbie
Offline
Activity: 7
Merit: 0
|
|
July 05, 2014, 06:27:58 AM |
|
Seem okay, remove wlan and lan port for more security.
|
|
|
|
InwardContour
|
|
July 05, 2014, 08:12:58 PM |
|
In any case, one can check out ones new address on blockchain.info before depositing to make sure that the randomness is good.
All that blockchain.info will tell you is if the address has been used before. An attacker, could, in theory set up the computer to generate a number out of 10,000 possibilities instead of the (for all intensive purposes - we are not going to run out of BTC addresses) infinite possibilities that it should generate for a private key. The attacker would simply need to watch those 10k addresses and withdraw funds once a TX is made to the address.
|
|
|
|
Bernard Lerring
|
|
July 05, 2014, 08:52:47 PM |
|
We've been through this before. The chances of a collision, and therefore an attacker generating a private key for your cold storage address, is minimal.
If you have a better idea how to validate security of a newly generated address I'd love to hear it.
|
|
|
|
InwardContour
|
|
July 06, 2014, 04:07:23 AM |
|
We've been through this before. The chances of a collision, and therefore an attacker generating a private key for your cold storage address, is minimal.
If you have a better idea how to validate security of a newly generated address I'd love to hear it.
But if an attacker makes the possible number of addresses that could be used smaller then the chances are greater. The issue/concern here is that the BTC address created would not be truly random.
|
|
|
|
ALToids
|
|
July 06, 2014, 05:13:00 AM |
|
We've been through this before. The chances of a collision, and therefore an attacker generating a private key for your cold storage address, is minimal.
If you have a better idea how to validate security of a newly generated address I'd love to hear it.
But if an attacker makes the possible number of addresses that could be used smaller then the chances are greater. The issue/concern here is that the BTC address created would not be truly random. The probability is so low it should not even be considered an option. It would be like worrying about a nearby star going hypernova and killing us all.
|
|
|
|
Bernard Lerring
|
|
July 06, 2014, 05:31:42 AM |
|
If there's a method for creating an address/key pair offline with greater random entropy than bitaddress.org then I would be interested in doing that.
I've asked about terminal scripts to do just that on these forums and the general consensus seems to be that bitaddress.org.html used offline and correctly is very safe.
|
|
|
|
micheline
Newbie
Offline
Activity: 42
Merit: 0
|
|
July 06, 2014, 02:19:16 PM |
|
Of course you could use a laptop for cold storage. But I think it is more safe is using a paper wallet.
It depends how often you want to access the coins.
|
|
|
|
silvestar
Legendary
Offline
Activity: 1134
Merit: 1002
|
|
July 06, 2014, 05:44:19 PM |
|
We've been through this before. The chances of a collision, and therefore an attacker generating a private key for your cold storage address, is minimal.
If you have a better idea how to validate security of a newly generated address I'd love to hear it.
But if an attacker makes the possible number of addresses that could be used smaller then the chances are greater. The issue/concern here is that the BTC address created would not be truly random. The probability is so low it should not even be considered an option. It would be like worrying about a nearby star going hypernova and killing us all. If you are talking about the general problem of bitcoin address collision, you shouldn't worry about that as there is a total of 2^160 addresses (you know the number is big, but you probably don't realize how big it is). If you are talking problem of a bad RNG, then there may be a problem (check https://bitcoin.org/en/alert/2013-08-11-android for your information).
|
|
|
|
|