BowieMan
Full Member
Offline
Activity: 154
Merit: 100
Is there life on Mars?
|
|
July 20, 2014, 11:26:02 AM |
|
It's great, that you pay such a great deal of attention to your bitcoins in order to not get them stolen. But the general publich will never want to invest such an amount of work. This needs to be solved until bitcoin can hit mainstream in any way!
|
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ PRIMEDICE The Premier Bitcoin Gambling Experience @PrimeDice ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
|
|
|
Soros Shorts
Donator
Legendary
Offline
Activity: 1617
Merit: 1012
|
|
July 20, 2014, 11:47:27 AM |
|
On the topic of defeating keyloggers, I have a text file containing bits of my passphrase mixed amongst random text. When I want to enter the passphrase, I open the text file and copy & paste using the mouse the relevant pieces into the password field.
I know how most key loggers work, and most do not capture the clipboard contents.
|
|
|
|
barangunel
Newbie
Offline
Activity: 11
Merit: 0
|
|
July 20, 2014, 12:09:46 PM |
|
too much security but you don't really need them all
|
|
|
|
chaosPT
|
|
July 20, 2014, 12:11:49 PM |
|
How much bitcoin are you storing with that secure way ?
|
|
|
|
LiteCoinGuy
Legendary
Offline
Activity: 1148
Merit: 1011
In Satoshi I Trust
|
|
July 20, 2014, 12:15:05 PM |
|
to be honest, its not so difficult to store the btc safe:
just make sure your pc is maleware free , encrypt the wallet and store it offline is enough.
but: no mainstream user will go trough 10 steps to secure the btc. as more and more people join in, more and more btc will be stolen. we need mainstream-solutions were people can store it online (with insurance) or on a device like trezzor.
|
|
|
|
BCEmporium
Legendary
Offline
Activity: 1218
Merit: 1000
|
|
July 20, 2014, 12:18:50 PM |
|
I'd been keeping my bitcoins since 2011, and isn't that difficult. Just that I use Linux, have no Win computer, and store some of them under different approaches, including "in the outer space" (brainwallets)
|
|
|
|
AliceWonder
|
|
July 20, 2014, 02:21:29 PM |
|
I'd been keeping my bitcoins since 2011, and isn't that difficult. Just that I use Linux, have no Win computer, and store some of them under different approaches, including "in the outer space" (brainwallets)
I can not recommend brain wallets because too many people will choose pass phrases that eventually get cracked, and there is no way for next of kin to get the funds if you die. Paper wallets can be imported by next of kin and can contain private keys generated using a high entropy random generator.
|
|
|
|
ensurance982
|
|
July 20, 2014, 02:43:02 PM |
|
I've also never had any bitcoin stolen. I try to keep them all safe in my purse!
|
We Support Currencies: BTC, LTC, USD, EUR, GBP
|
|
|
Bitcoinpro
Legendary
Offline
Activity: 1344
Merit: 1000
|
|
July 20, 2014, 02:56:57 PM |
|
Windows 8.1
did you disable all non core services especially networking assistance etc
no doubt you just installed the most major trojan horse delivery system in the world
and your calling this setup secure some how ? i would go with linux though
also recommend some self evaluation of the programming code,
as always your level of security is proportional to the size of the funds your storing
|
WWW.FACEBOOK.COM
CRYPTOCURRENCY CENTRAL BANK
LTC: LP7bcFENVL9vdmUVea1M6FMyjSmUfsMVYf
|
|
|
FUR11
Sr. Member
Offline
Activity: 378
Merit: 250
FURring bitcoin up since 1762
|
|
July 20, 2014, 04:05:13 PM |
|
I've also never had any bitcoin stolen. I try to keep them all safe in my purse!
That's actually not a bad idea! Keep a (distributed!!!) part of your private keys with you, so you can recover it by combining it with other distributed parts of the key you hide somewhere else. That way you don't lose your stash when someone should steal your purse!
|
|
|
|
pedrog
Legendary
Offline
Activity: 2786
Merit: 1031
|
|
July 20, 2014, 05:57:25 PM |
|
The only criticism I can make is the use of closed source proprietary software...
For cloud storage something like SpiderOak does the trick.
|
|
|
|
BCEmporium
Legendary
Offline
Activity: 1218
Merit: 1000
|
|
July 20, 2014, 08:17:53 PM |
|
I'd been keeping my bitcoins since 2011, and isn't that difficult. Just that I use Linux, have no Win computer, and store some of them under different approaches, including "in the outer space" (brainwallets)
I can not recommend brain wallets because too many people will choose pass phrases that eventually get cracked, and there is no way for next of kin to get the funds if you die. Paper wallets can be imported by next of kin and can contain private keys generated using a high entropy random generator. If you have your wallets protected with strong passwords, if you die your next kin can't get to them either. Paper wallets can get stolen IRL. Ideally NEVER keep all the eggs in the same basket: never keep all your coins in the same place/method. As secondary measure scan the public keys (addresses) to your watch-only blockchain app, if you use this, for keep an eye at cold storage.
|
|
|
|
tavitavi
Newbie
Offline
Activity: 20
Merit: 0
|
|
July 20, 2014, 08:19:30 PM |
|
I see alot of posts in general forum as well as Indian forum about Bitcoins getting stolen .. I am gonna explain how I store my Bitcoins .. Please find any fault with this method, and make sure to comment This is what I follow (Semi Cold Storage) A dedicated laptop with finger print scanner. Installed Original Windows 8.1 ( pirated may have keyloggers) this laptop is only for syncing Bitcoin Core ... The wallet in this PC will be used to only receive funds. No web browsing .. Strictly syncing Bitcoin Core copy of wallet.dat double encrypted and stored offline. (Bank Locker , not in India , just in case of natural disaster) Daily backup of wallet.dat to secure online storage (never use dropbox / google drive) PM for details on this ( do not want to share in public) password for wallet.dat not stored online , not written on papers.. use brain wallet .. make sure its 20 characters with atleast 5 special characters All accounts made should for online storage should be new , never used , onetime password .. activated with 2FA from Android Phone Do not Root your android phone , do not install random apps , and NEVER install anything from outside the PLAYSTORE No WIFI .. I even removed WIFI Drivers .. Only Ethernet connection. Firewall Installed (home network) Just for fun - Installed Hitman Pro and Norton 360 Laptop is connected to Internet maybe once a week , remaining time switched off and battery removed . Use http://blockchain.info/ to check daily Never share your real identity online .. hackers can just hack your facebook account and ask for bitcoin .. 2FA , ALWAYS BK Thanks, I'm just gonna email this to my grandma so she can get on this bitcoin train that is clearly flawless
|
|
|
|
beaknuke
|
|
July 20, 2014, 08:21:10 PM |
|
perhaps u better off converting 95% of your BTC to fiat and be done with it all
|
|
|
|
Cryptopher
Legendary
Offline
Activity: 1789
Merit: 1008
Keep it dense, yeah?
|
|
July 21, 2014, 12:31:40 AM |
|
double encryption is ok.. unless the encryption becomes corrupt. or you get amnesia. Alzheimer's and forget passwords. i would still have passwords wrote down. but done in a way that is not obvious. some people have a random book in their house and they use the first letter of every line of a certain page to make up the password. so for instance this post will make up the password 'dissoo'. but yea, choose a novel with atleast 20 lines per page, one of those small print novals. or have the first letter of the first word of each page and have a 200 page novel to create a 200 character password other methods for online passwords is to have a simple sha hashing script (check sourcecode), use the novel words idea then add the websites name to that password. and SHA it EG SHA("bitcointalkdissoo") And use that sha'd phrase as the password you type into websites, that way each site is unique If you get amnesia or are generally forgetful then if you forget the password then you're likely to forget the cipher in which you used to generate the password in the first place.
|
Sign up to Revolut and do the Crypto Quiz to earn $15/£14 in DOT
|
|
|
jubalix
Legendary
Offline
Activity: 2618
Merit: 1022
|
|
July 21, 2014, 04:41:46 AM |
|
why would you connect to the internet at all with hardware used for use if wallet.dat and private keys?
sign transactions, then use a usb to transfer, or copy over a single private key import and spend all back to a private key that has always been offline.
there is no need to snych the bitcoin cold storage computer to the internet ever. Put a screwdriver through your ethernet/wifi if you have it.
|
|
|
|
chennan
Legendary
Offline
Activity: 1316
Merit: 1004
|
|
July 21, 2014, 08:34:49 AM |
|
It's great, that you pay such a great deal of attention to your bitcoins in order to not get them stolen. But the general publich will never want to invest such an amount of work. This needs to be solved until bitcoin can hit mainstream in any way!
yes,many people don't like these fussy steps to secure their wallet. Easy solution needs to come out before it goes mainstream.
|
|
|
|
Elwar
Legendary
Offline
Activity: 3598
Merit: 2386
Viva Ut Vivas
|
|
July 21, 2014, 10:19:56 AM |
|
Not sure why you would back up your wallet.dat online. That sort of defeats the purpose of everything else.
Also, your fingerprint scanner saves the fingerprint data on your computer actually making it less secure if you actually use it instead of passwords.
For me I have a separate computer that I never ever put online, it comes with physical hard drive encryption. The BIOS is password protected, the hard drive is password protected and the Linux I installed is encrypted and password protected. That is all before getting to the Linux login.
The only thing installed on there is the Bitcoin Core which I used to create Public and Private keys which are stored in an encrypted file on the computer.
I create a separate file with just the public keys which I then burn to a CD-R.
I move the CD-R to my online computer. I send my bitcoins to the addresses on that list breaking it up into small amounts as to not attract attention to a big address. I literally just burned all CDs with any public addresses in a fire yesterday.
I do not trust USB drives as I do not trust that there could not be extra software built into the hardware or part of the USB software (look up thumb drives and how Iran's Nuclear facilities were infiltrated).
I do keep some bitcoins online for day to day spending but if those were stolen it is not enough to be too upset about even though I use 2FA.
|
First seastead company actually selling sea homes: Ocean Builders https://ocean.builders Of course we accept bitcoin.
|
|
|
DjPxH
|
|
July 21, 2014, 11:41:30 AM |
|
On the topic of defeating keyloggers, I have a text file containing bits of my passphrase mixed amongst random text. When I want to enter the passphrase, I open the text file and copy & paste using the mouse the relevant pieces into the password field.
I know how most key loggers work, and most do not capture the clipboard contents.
That sounds awfully dangerous. How can you be sure that the majority of keyloggers or even backdoor malware actually don't transmit your clipboard contents? This seems like one of the most dangerous or naive methods I've seen
|
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ PRIMEDICE The Premier Bitcoin Gambling Experience @PrimeDice ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
|
|
|
Soros Shorts
Donator
Legendary
Offline
Activity: 1617
Merit: 1012
|
|
July 21, 2014, 11:49:01 AM |
|
On the topic of defeating keyloggers, I have a text file containing bits of my passphrase mixed amongst random text. When I want to enter the passphrase, I open the text file and copy & paste using the mouse the relevant pieces into the password field.
I know how most key loggers work, and most do not capture the clipboard contents.
That sounds awfully dangerous. How can you be sure that the majority of keyloggers or even backdoor malware actually don't transmit your clipboard contents? This seems like one of the most dangerous or naive methods I've seen My hobby is reverse engineering keyloggers (hardware & software). Yeah, I shouldn't have recommended that technique because there are other classes of malware that read clipboards and input fields directly. Still, it would work against a hardware keylogger.
|
|
|
|
|