belgianwhite (OP)
Newbie
 Offline
Activity: 4
Merit: 0
|
 |
May 02, 2011, 03:04:18 PM |
|
Hi All,
I am relatively new to Bitcoin but I love what I see. I have been buying some coins from MtGox and then transferring them to my wallet at home. I have a friend that has been guiding me on the best practices which I will share here. I am very interested in what others are doing to secure their wallet, and how they use BTC in the wild.
System: Ubuntu 11.04 (32bit on a Acer Netbook) and a frew other Ubuntu systems in the background.
BTC Client: Standard 0.3.2.1 beta for linux (dloaded from btcoin)
Wallet backup: Dropbox -> Truecrypt
I copy (cp) the file over to the truecrypt folder when I update my wallet
I am curious as to what others are doing out there to back stuff up.
Thanks to all who use and create Bitcoins!
Cheers!
|
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
bracek
|
|
May 02, 2011, 05:10:08 PM |
|
encripted in e-mail attach
|
|
|
|
|
|
Prze_koles
|
|
May 02, 2011, 05:14:51 PM |
|
encripted in e-mail attach
+1 |
1FzTJh1C58m1gqnNzxLTt2ryNYkuk1YdfN
|
|
|
cypherdoc
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
May 02, 2011, 06:35:55 PM |
|
encripted in e-mail attach
that would mean the encrypted wallet would reside on my ISP's server. would i really want to leave it there? |
|
|
|
|
|
mewantsbitcoins
|
|
May 02, 2011, 06:37:36 PM |
|
encripted in e-mail attach
that would mean the encrypted wallet would reside on my ISP's server. would i really want to leave it there? Depends what email you use |
|
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
May 02, 2011, 06:38:00 PM |
|
So do you true-crypt --> email? Or some other encryption method?
|
|
|
|
|
|
mewantsbitcoins
|
|
May 02, 2011, 06:40:18 PM |
|
So do you true-crypt --> email? Or some other encryption method?
truecrypt is not a method. it's software which provides various methods for encryption. |
|
|
|
|
cypherdoc
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
May 02, 2011, 06:45:53 PM |
|
encripted in e-mail attach
that would mean the encrypted wallet would reside on my ISP's server. would i really want to leave it there? Depends what email you use why? which ISP's do u consider unsafe? |
|
|
|
|
|
mewantsbitcoins
|
|
May 02, 2011, 06:51:40 PM |
|
what i meant was your encrypted email is kept on the servers of your email provider, not your isp, unless your isp is your email provider
|
|
|
|
|
|
AaronM
|
|
May 02, 2011, 08:29:46 PM |
|
For backing up your wallet.dat, I suggest encrypting it and then using ssss, an open-source implementation of Shamir's Secret Sharing Scheme: http://point-at-infinity.org/ssss/With this, you can split your backup into, say, 5 sites, and require that any 2 (or 3 if you're more paranoid) are required to reconstruct your wallet.dat. For a given number of backup sites, you have a trade-off between loss protection and theft protection. Has anyone else used ssss besides me? |
Spare some BTC for a biology student? 1DZcEUEo9rX7LQWcYzVR6Btqj2sMqRznbB
|
|
|
cypherdoc
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
May 02, 2011, 09:09:28 PM |
|
what i meant was your encrypted email is kept on the servers of your email provider, not your isp, unless your isp is your email provider
what do you think of GoDaddy? |
|
|
|
|
|
mewantsbitcoins
|
|
May 02, 2011, 09:34:36 PM |
|
what i meant was your encrypted email is kept on the servers of your email provider, not your isp, unless your isp is your email provider
what do you think of GoDaddy? I had GoDaddy account, but had to close it due to downtime and tech support incompetence. My personal view is that company is useless. There is a detailed post by Vladimir about backing up your wallet: https://www.bitcoin.org/smf/index.php?topic=5194.msg75733What I personally do is use cascade encryption. Truecrypt has a way of encrypting data with three algorithms. If data is encrypted you can keep it anywhere. The only problem then becomes retrieving it and that's up to you and your imagination where to store it. I keep a copy of my encrypted wallet on a few of my computers, dropbox, gmail, few friends have usb sticks that i gave them and few other places that I would not want to reveal. Now I know, that whatever happens, I'll still be able to retrieve my keys from at least one of these places. Also, I think good practice is to use different keys for your everyday transactions and keeping bigger amounts - like having current and savings account. This is the philosophy of a paranoid man, but it's better be safe than sorry |
|
|
|
|
cypherdoc
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
May 02, 2011, 10:29:30 PM |
|
what i meant was your encrypted email is kept on the servers of your email provider, not your isp, unless your isp is your email provider
what do you think of GoDaddy? I had GoDaddy account, but had to close it due to downtime and tech support incompetence. My personal view is that company is useless. There is a detailed post by Vladimir about backing up your wallet: https://www.bitcoin.org/smf/index.php?topic=5194.msg75733What I personally do is use cascade encryption. Truecrypt has a way of encrypting data with three algorithms. If data is encrypted you can keep it anywhere. The only problem then becomes retrieving it and that's up to you and your imagination where to store it. I keep a copy of my encrypted wallet on a few of my computers, dropbox, gmail, few friends have usb sticks that i gave them and few other places that I would not want to reveal. Now I know, that whatever happens, I'll still be able to retrieve my keys from at least one of these places. Also, I think good practice is to use different keys for your everyday transactions and keeping bigger amounts - like having current and savings account. This is the philosophy of a paranoid man, but it's better be safe than sorry i use Truecrypt with 3 cascades as well. i know your paranoia. i had to laugh at one guy here lamenting how he is backing up his wallet multiple times on multiple computers everyday with 15 character passwords as the price of btc keeps going up. i'm doing the same thing as are you. this is crazy. again though, don't you have to back up all those copies from time to time? whats the ideal interval or does it even matter? |
|
|
|
|
cypherdoc
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
May 02, 2011, 10:30:05 PM |
|
what i meant was your encrypted email is kept on the servers of your email provider, not your isp, unless your isp is your email provider
what do you think of GoDaddy? I had GoDaddy account, but had to close it due to downtime and tech support incompetence. My personal view is that company is useless. There is a detailed post by Vladimir about backing up your wallet: https://www.bitcoin.org/smf/index.php?topic=5194.msg75733What I personally do is use cascade encryption. Truecrypt has a way of encrypting data with three algorithms. If data is encrypted you can keep it anywhere. The only problem then becomes retrieving it and that's up to you and your imagination where to store it. I keep a copy of my encrypted wallet on a few of my computers, dropbox, gmail, few friends have usb sticks that i gave them and few other places that I would not want to reveal. Now I know, that whatever happens, I'll still be able to retrieve my keys from at least one of these places. Also, I think good practice is to use different keys for your everyday transactions and keeping bigger amounts - like having current and savings account. This is the philosophy of a paranoid man, but it's better be safe than sorry i use Truecrypt with 3 cascades as well. i know your paranoia. i had to laugh at one guy here lamenting how he is backing up his wallet multiple times on multiple computers everyday with 15 character passwords as the price of btc keeps going up. i'm doing the same thing as are you. this is crazy. again though, don't you have to back up all those copies from time to time? whats the ideal interval or does it even matter? sorry, i actually mean "update" those backups from time to time? |
|
|
|
|
|
mewantsbitcoins
|
|
May 02, 2011, 10:42:03 PM |
|
In theory, you don't have to update your back ups because it's the keys that you are actually backing up. All the transactions are stored in the block chain on the network. Although, there might be a possibility of data corruption(on the medium you store the encrypted wallet) for whatever reason, so in practice it's probably not a bad idea to update your backup once in awhile. Also, it helps you to remember the password used for encryption. Doing it every few months should be more than enough.
|
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
May 02, 2011, 10:42:21 PM |
|
Safest way I can think of to secure your wallet:
1. Boot from a Live CD with no network/internet connection
2. Install Bitcoin from a new USB flash drive
3. Backup the brand new wallet.dat onto the USB flash drive, so you don't lose it
4. Send your BTC to the first address that is generated by the new Bitcoin installation.
The most useful point I'm trying to make is, a Bitcoin wallet never needs to contact the Bitcoin network EVER, and you can still receive bitcoins into it. With no network contact, there is absolutely no risk of compromise.
When ready to spend the bitcoins, simply restore the wallet, let the block chain download, and the coins will appear.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
|
skull88
|
|
May 02, 2011, 10:43:22 PM |
|
I encrypt the backup with a very long password with the help of Truecript, 1 copy on Wuala, 1 on my hdd, 1 on an usb stick and one on an external hdd. Better save than sorry, and I would get an hart attack if I lose my wallet with the current rates.  |
BTC: 1MifMqtqqwMMAbb6zr8u6qEzWqq3CQeGUr
LTC: LhvMYEngkKS2B8FAcbnzHb2dvW8n9eHkdp
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
May 02, 2011, 11:34:51 PM |
|
I have a weekly unencrypted backup going to my home server. Oh, and I only have 3 BTC. Probably makes a bit of difference when deciding on how often/securely one needs to back up.  |
|
|
|
|
cypherdoc
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
May 03, 2011, 12:10:07 AM |
|
I encrypt the backup with a very long password with the help of Truecript, 1 copy on Wuala, 1 on my hdd, 1 on an usb stick and one on an external hdd. Better save than sorry, and I would get an hart attack if I lose my wallet with the current rates. doesn't Truecrypt recommend setting up a different container or volume on each of your backup sites and then separately backing up the wallet.dat into each of them? its a pain to open and close each container. |
|
|
|
|
dacoinminster
Legendary
Offline
Activity: 1260
Merit: 1031
Rational Exuberance
|
|
May 03, 2011, 12:48:50 AM |
|
IF I ever have enough bitcoins to be worried about them, I will put my "savings account" wallet on a CD-R (or two) and put it in a safety deposit box (or two).
The neat thing is, you can still send bitcoins to the savings account while it is sitting in that metal box, and they will show up on your client when you get the CD-R out and use the wallet with bitcoin "2020 edition".
|
|
|
|
|
