Wallet protection ideas for the super paranoid...

[Zerbie]

Hi all,

I've been thinking about how I can protect my BitCoins long term.  Here is what I have so far.

1. Find an old offline computer and install an SSD and the latest Ubuntu and don't connect it to the internet.  Use an SSD because it will quickly erase free space once it is turned on and any type of forensics becomes near impossible.  This makes it difficult for 3rd parties to recover deleted wallet files.  If you use a conventional HD, the data will hang around for a lot longer and make it easier for forensics to recover any wallet files on your computer.
2. When creating the user account, be sure to check the option to encrypt the user's home directory.
3. Use CD or DVD to move the BitCoin application to the users directory.  Don't use a memory stick, as they have known vulnerabilities with driver hacks.  Use md5sum to verify the BitCoin application matches the known BitCoin check sum.
4. Unpack BitCoin into the user's home directory.
5. Start BitCoin.  This will create a wallet file and a receiving address.  Copy the receiving address and pate it into a new file called "buckets.txt".  Label the first receiving address in this file as "bucket1".  Stop BitCoin and rename the wallet file to bucket1.
6. Repeat step 5 until you have around 5 to 20 bucket files and addresses.
7. Use a CD or DVD to move 5 to 20 image files to the Ubuntu computer.  The images can be anything, just keep in mind that family photos or other identifying images could be a problem.  The idea will be to hide the wallet file among files that look important, but are not.
8. Encrypt each individual bucket file with a secure password.  (Use something with 20 or more characters.  You can use the same password, as we are going to separate each bucket to limit our exposure.  Use different passwords, if your memory can handle it.)
9. Use stenography to combine each wallet/bucket file with an image.
10. Delete the bucket files and copy a large number of files around to make sure the blocks are over written.
11. Buy 5 to 20 NEW thumb drives (less if you want to double up on your wallet files).  Copy one stenography image to a thumb drive along with a few other random files that look important (but are not).  Repeat for all the thumb drives.  You may want to put more than one per thumb drive for redundancy, in case one thumb drive gets lost.... but this increases your exposure to someone who may know what the images contain.
12. Buy enough PVC piping and end caps to hold the thumb drives and reward notes, along with PVC piping glue and sand paper.
13. Create 5 to 20 notes with your name and address and a $30 reward for the return of the thumb drive if it is found.
13. What you are going to do is to encase and a thumb drive along with the reward notice in a small PVC pipe with end caps.  The container MUST be water proof or the contents will be destroyed.  Eventually you will need to access the PVC contents, so make sure there is enough space to cut the PVC pipe with a hack saw without damaging the thumb drive.
14. Now grab a GPS, a shovel and go bury the thumb drives around your city or county.  Make note of each location so you can come back later to recover the data.
15. Once you are sure everything is set, delete everything from the SSD and reformat it.
16. Each PVC container will now be a BitCoin bucket, and you will be able to send BitCoins to these buckets, even if they are just thumb drives buried in the dirt.  Using your buckets.txt file, send BTC to the various buckets as you see fit.
17. If anyone uses violence to extract BTC from you, take them to one of your buckets and insist that this is your only stash.  Also, since your buckets are distributed, you don't have to risk all your BTC at once when you go to "make a withdrawal".

Suggestions, comments?


EDIT: Thumb drives are used instead of CD or DVD because CD and DVD storage start to degrade in 5 to 10 years.  Thumb drive data storage has a much longer data storage time.

[1714846933]

1714846933

[1714846933]

1714846933

[witkamp]

I am sure some one has looked into using USB tokens like goldkey or some spyrus hardware token.

Does any one know any problems using existing hardware tokens for wallet key storetage?

Thanks

[sunray]

Thanks for posting your long backup regimen - there are some good ideas here.

I would definitely encrypt each thumb drive at the drive level.  That's super easy to do in Ubuntu: right click the drive and choose Format, then choose the type "Encrypted, compatible with Linux".  If you do that and choose a reasonably long passphrase, nobody is going to be able to read the drive without your passphrase.  If you're confident that nobody else knows the passphrase, you could even skip the stenography, I think (but it sounds like you want to be supremely cautious).

How sure are you that the information in the thumb drives will last indefinitely?  I haven't been able to find much online about how long they will retain information - there is some speculation that it's about 10 years, but if a drive fails you could lose a lot of money  I would definitely copy each wallet onto at least 2 and possibly 3 drives.  Alternatively, you could back up your wallet to paper.  I've considered doing the following:

1. Create a file F1 with random data.  This will be a one-time pad.
2. Create a file F2 by XOR-ing your wallet with F1.
3. Generate a QR image from F1 and print it out.
4. Generate a QR image from F2 and print it out.
5. Store the two paper images in separate secure locations.

Either paper image is useless by itself.  If you scan in both images into files and then XOR them together, you'll have your wallet back.

[sunray]

Here's one more tip.  Every time I run Bitcoin, I use the -datadir option so that the data directory is on an encrypted thumb drive which I have mounted.  That way, my wallet is never ever written to my main hard drive.  If you do this when you create your initial wallet, you shouldn't have to worry that any trace of it will remain on your main drive.

[commlinx]

Here's one more tip.  Every time I run Bitcoin, I use the -datadir option so that the data directory is on an encrypted thumb drive which I have mounted.

One thing you've have to watch with that is the FLASH write endurance. I know they have internal wear-levelling but I've noticed under Windows the Bitcoin client seems to pretty much continually write small amounts to a couple of database files.

[sunray]

One more point.  With the approach you've outlined above, you need to protect buckets.txt from tampering.  You could store it on an encrypted drive and/or digitally sign it.  If someone can overwrite buckets.txt with a set of addresses they own, then you'd start sending money to them rather than to you without your even realizing it.

[Zerbie]

Thanks for posting your long backup regimen - there are some good ideas here.

I would definitely encrypt each thumb drive at the drive level.  That's super easy to do in Ubuntu: right click the drive and choose Format, then choose the type "Encrypted, compatible with Linux".  If you do that and choose a reasonably long passphrase, nobody is going to be able to read the drive without your passphrase.  If you're confident that nobody else knows the passphrase, you could even skip the stenography, I think (but it sounds like you want to be supremely cautious).

How sure are you that the information in the thumb drives will last indefinitely?  I haven't been able to find much online about how long they will retain information - there is some speculation that it's about 10 years, but if a drive fails you could lose a lot of money  I would definitely copy each wallet onto at least 2 and possibly 3 drives.  Alternatively, you could back up your wallet to paper.  I've considered doing the following:

1. Create a file F1 with random data.  This will be a one-time pad.
2. Create a file F2 by XOR-ing your wallet with F1.
3. Generate a QR image from F1 and print it out.
4. Generate a QR image from F2 and print it out.
5. Store the two paper images in separate secure locations.

Either paper image is useless by itself.  If you scan in both images into files and then XOR them together, you'll have your wallet back.

Cool ideas. 

Thumb drive encryption is cool, but my first line of defense is to make the data look as if it is not encrypted.  That way, if someone finds the thumb drive, it will look like semi-important information, but not something worth stealing or initiating violence over.

I missed the thumb drive life span.  CD's and DVD's (the green and blue ones) only last a few years before having potential problems.  Thumb drives have a shelf life of about 10 years.  Paper is a very good idea, as it has a much longer shelf life.  But putting it on paper has the disadvantage of looking like something encrypted.

[Zerbie]

One more point.  With the approach you've outlined above, you need to protect buckets.txt from tampering.  You could store it on an encrypted drive and/or digitally sign it.  If someone can overwrite buckets.txt with a set of addresses they own, then you'd start sending money to them rather than to you without your even realizing it.

Good point.  Perhaps I could burn it to a CD-R and write my signature on the outside.

[sunray]

Here's one more tip.  Every time I run Bitcoin, I use the -datadir option so that the data directory is on an encrypted thumb drive which I have mounted.  That way, my wallet is never ever written to my main hard drive.

Actually I've now realized that this makes Bitcoin run extremely slowly, so I don't recommend this.  Instead, it's better to use a data directory on your main hard drive, but have wallet.dat be a symbolic link to a wallet file on an encrypted thumb drive.

[m4rkiz]

Use an SSD because it will quickly erase free space once it is turned on and any type of forensics becomes near impossible.  This makes it difficult for 3rd parties to recover deleted wallet files.  If you use a conventional HD, the data will hang around for a lot longer and make it easier for forensics to recover any wallet files on your computer.

exactly opposite - hdd data can be shredded easily, you never can be sure if wear levelling mechanisms allowed to actually delete some content on ssd

[...]

just use truecrypt with long password that you will remember

EDIT: Thumb drives are used instead of CD or DVD because CD and DVD storage start to degrade in 5 to 10 years.  Thumb drive data storage has a much longer data storage time.

that time is about data in mlc chip itself, there is no way to be sure that usb stick will live longer than 5 years, especially if you have cold winter tin soldering can be gone after first year

there is no way to know if usb stick will survive more than year, there will be a problem with decrypting stenography and encrypted data unless you use exactly same software, burring things into the ground is no good until you put them like 2-3 meters under - as cold, floods and or construction can destroy them easily

instead i would have combination of mediums like pendrive, micro sd card, cd, dvd, blueray, printed copy, and sata disk

three - four sets in different location, perhaps at least one abroad

plus heavily encrypted failsafe backup stored online

most dangerous scenario is data loss and data leak, and i doubt that my backup needs to be interrogation safe

[RodeoX]

Vladimir, I think I enjoy reading your posts the most.  And, this thread title has you written all over it.
Just to add something related to the thread...
Bury the USB stick in a pelican box, on property you own if possible. Mark it with a steel rod so that you can find it with a metal detector 50 years later. Mount with antique USB reader.

[PwrLeveld]

snip
15. Once you are sure everything is set, delete everything from the SSD and reformat it.
snip

Facepalm.jpg
Did you not see that an SSD can never be securely erased escept for destroying the actuall drive. It has to do with the fact that the drive adress is not a specific part on a ssd and changes so your data never gets full dleted. I think thats how it works.

[kgo]

Tattoo a bitbill-style QR code onto your newborn infant's head, and never speak of it again...

[Zerbie]

Use an SSD because it will quickly erase free space once it is turned on and any type of forensics becomes near impossible.  This makes it difficult for 3rd parties to recover deleted wallet files.  If you use a conventional HD, the data will hang around for a lot longer and make it easier for forensics to recover any wallet files on your computer.

exactly opposite - hdd data can be shredded easily, you never can be sure if wear levelling mechanisms allowed to actually delete some content on ssd

just use truecrypt with long password that you will remember

SSD wear leveling and the way free space must be prepared is an extra level of protection.  See this article about protection:

http://news.techworld.com/security/3263093/ssd-fimware-destroys-digital-evidence-researchers-find/

EDIT: Thumb drives are used instead of CD or DVD because CD and DVD storage start to degrade in 5 to 10 years.  Thumb drive data storage has a much longer data storage time.

that time is about data in mlc chip itself, there is no way to be sure that usb stick will live longer than 5 years, especially if you have cold winter tin soldering can be gone after first year

there is no way to know if usb stick will survive more than year, there will be a problem with decrypting stenography and encrypted data unless you use exactly same software, burring things into the ground is no good until you put them like 2-3 meters under - as cold, floods and or construction can destroy them easily

I misquoted the life of a CD and DVD... The blue and green are not rated for more than a year or two.  USB sticks are rated for around 10 or so years.

In an air tight PVC pipe underground, a memory stick is in a better environment than above ground.  Above ground, you have more extreme temperature and humidity fluctuation.

instead i would have combination of mediums like pendrive, micro sd card, cd, dvd, blueray, printed copy, and sata disk

three - four sets in different location, perhaps at least one abroad

plus heavily encrypted failsafe backup stored online

most dangerous scenario is data loss and data leak, and i doubt that my backup needs to be interrogation safe

Granted.  My approach lacks redundancy, but can be tweaked to have two or three copies of each bucket in different PVC pipes.  Having a copy abroad is a good idea, but not practical if you cannot travel safely to another country.

Your suggestion of online backup exposes you to 3rd party knowledge of something encrypted, and the potential violence that entails.  For example, in the U.K. you are required to provide the keys to encrypted data on your computer, or face jail time if you refuse.  With your method, you have just exposed your BitCoins to seizure by the state.  With my method, there would be nothing encrypted on my computer.

[mewantsbitcoins]

Even better idea is to use truecrypt
http://www.truecrypt.org/docs/?s=plausible-deniability

[Zerbie]

Your suggestion of online backup exposes you to 3rd party knowledge of something encrypted, and the potential violence that entails.  For example, in the U.K. you are required to provide the keys to encrypted data on your computer, or face jail time if you refuse.  With your method, you have just exposed your BitCoins to seizure by the state.  With my method, there would be nothing encrypted on my computer.

  As a purely theoretical exercise:

  All you need in UK is plausible deniability. One way to get it is to use a bunch of decoys. For example, encrypt many files with various random stuff in it (like pr0n, warez, mp3's etc..) with various easy and medium difficulty passwords. Somewhere among those decoys there is an encrypted file with the real stuff and strong passphrase. Do not name it 'my.bitcoin.treasure.crypto', 'big.titty.crypto' is probably a better name.

  Once you are compelled by law to reveal your passwords you give them some of the passwords you can remember, some other can be brute forced since they are weak. Some passwords are just happened to be forgotten, you are happy to comply with court order to the best of your ability but somehow you forgot a few passwords, you are very sorry and apologetic about it. Here you go, plausible deniability, you walk free.

  Read Sun Tzu's 'Art of War' for more good ideas.

<shrug> Yes, I don't know much about U.K. law.  But what happens when BitCoins increase in value such that those coins are now worth a billion Euro?  Your common thug might not have enough knowledge to take your BitCoins, but for a billion, there is bound to be a few smart and vicious people out there willing to do some violence.

[mewantsbitcoins]

Now I wonder if there ever was a case in UK where court was not satisfied with the supplied passwords. From technical standpoint there is no way to prove that hidden volume exists

[NghtRppr]

terrorist rocket pants

Is that a rocket in your pants or are you just happy to see me?

[kgo]

Now I wonder if there ever was a case in UK where court was not satisfied with the supplied passwords. From technical standpoint there is no way to prove that hidden volume exists

Actually, there's no way to prove it DOESN'T exist.  You can prove it DOES exist by opening it up.  If you don't have hidden partition, the prosecution (or interrogator)  says you're just lying and you really do, and there's no way to prove your innocence.

[mewantsbitcoins]

Now I wonder if there ever was a case in UK where court was not satisfied with the supplied passwords. From technical standpoint there is no way to prove that hidden volume exists

Actually, there's no way to prove it DOESN'T exist.  You can prove it DOES exist by opening it up.  If you don't have hidden partition, the prosecution (or interrogator)  says you're just lying and you really do, and there's no way to prove your innocence.

But the last time I checked it's *NOT guilty* until proven otherwise. If I say there's no hidden volume and they have no evidence that's a pretty lousy case in IMHO. It's the same as me saying prosecution was paid to put me behind bars. Just my word against theirs