Keeping your butts safe

[Robert Paulson]

buy an old laptop.
format it.
install linux on it.
download, install and run electrum.
write on paper the 12 word seed electrum gives you.
memorize it and repeat it every day for a week.
destroy the paper.
keep the laptop powered down, never use it for anything except sending money with electrum.

It seems like to me that this really is the only way to be 99.99% safe.

That being said, I think that this is a huuuuuuge flaw with bitcoin. 

Who really is going to go through all those steps? 

In fact, not only would people not want too, I am pretty sure most people don't know how to format a computer and definitely don't know how to install Linux. 

For Bitcoin to advance, we need a rock solid way to protect bitcoins that is soooooo safe and sooooo easy

Go look at BitKey http://bitkey.io/

Very simple process:

* Download the BitKey linux iso image,
* Burn it to a CD,
* Disconnect network and boot PC with the CD,
* Create your Electrum wallet, all software is already pre-installed and configured in that iso,
* Save Master Key to USB drive,
* Reboot PC (without CD),
* Startup Electrum and create watch only wallet with mater key.

If you need to send funds then create an unsigned transaction, boot up again with the CD, sign the transaction, boot again (without CD) and broadcast the transaction.

Does not really get simpler and more secure than that.

I have no idea who made that bitkey or if it can be trusted.
i'd rather use a trusted linux distro like debian and install electrum myself.

[RustyNomad]

buy an old laptop.
format it.
install linux on it.
download, install and run electrum.
write on paper the 12 word seed electrum gives you.
memorize it and repeat it every day for a week.
destroy the paper.
keep the laptop powered down, never use it for anything except sending money with electrum.

It seems like to me that this really is the only way to be 99.99% safe.

That being said, I think that this is a huuuuuuge flaw with bitcoin. 

Who really is going to go through all those steps? 

In fact, not only would people not want too, I am pretty sure most people don't know how to format a computer and definitely don't know how to install Linux. 

For Bitcoin to advance, we need a rock solid way to protect bitcoins that is soooooo safe and sooooo easy

Go look at BitKey http://bitkey.io/

Very simple process:

* Download the BitKey linux iso image,
* Burn it to a CD,
* Disconnect network and boot PC with the CD,
* Create your Electrum wallet, all software is already pre-installed and configured in that iso,
* Save Master Key to USB drive,
* Reboot PC (without CD),
* Startup Electrum and create watch only wallet with mater key.

If you need to send funds then create an unsigned transaction, boot up again with the CD, sign the transaction, boot again (without CD) and broadcast the transaction.

Does not really get simpler and more secure than that.

I have no idea who made that bitkey or if it can be trusted.
i'd rather use a trusted linux distro like debian and install electrum myself.

That is the beauty of it, you do not need to trust it as its only booted when you are disconnected. The moment you reboot the memory is wiped and you are back to normal. So even if there were malicious code in that it would not be able to do anything. All the code is also open source and availabel to anybody so you can go look at how its setup.

Also, for the noobs who has never worked with linux this is the ideal, you need not know anything. Just burn the CD, boot it and that's it.

[Klestin]

I wonder if and how badUSB affects devices like trezor... The only thing i could find on their "security threats" page that is somehow related to badUSB attack vectors is this :
"Reflashing the TREZOR with evil firmware

Flashing new firmware requires the user to physically respond and confirm the update on the trezor unit. 

[rokkyroad]

I'm not sure if the general population is tech savvy enough to handle bitcoin wallets. Security proofing their machines, backups, and linux can be challenging for the non-nerd.

I think the cloud is the best solution. Blockchain and Coinbase and pretty good now but still need to improve. Professionals are better equipped to safeguard bitcoin than the mainstream computer user.

Eventually, these big players will have gold plated insurance and pay interest on deposits.  
There we go; back to traditional banks. Maybe my local bank will handle my bitcoin like they do my fiat in the future. I can see them jumping on the bandwagon if they cannot squash it entirely.

[vipgelsi]

If you have 100 bitcoins then you must need an offline storage.

Yup paper wallet and split them up in smaller amounts.

[Robert Paulson]

buy an old laptop.
format it.
install linux on it.
download, install and run electrum.
write on paper the 12 word seed electrum gives you.
memorize it and repeat it every day for a week.
destroy the paper.
keep the laptop powered down, never use it for anything except sending money with electrum.

It seems like to me that this really is the only way to be 99.99% safe.

That being said, I think that this is a huuuuuuge flaw with bitcoin. 

Who really is going to go through all those steps? 

In fact, not only would people not want too, I am pretty sure most people don't know how to format a computer and definitely don't know how to install Linux. 

For Bitcoin to advance, we need a rock solid way to protect bitcoins that is soooooo safe and sooooo easy

Go look at BitKey http://bitkey.io/

Very simple process:

* Download the BitKey linux iso image,
* Burn it to a CD,
* Disconnect network and boot PC with the CD,
* Create your Electrum wallet, all software is already pre-installed and configured in that iso,
* Save Master Key to USB drive,
* Reboot PC (without CD),
* Startup Electrum and create watch only wallet with mater key.

If you need to send funds then create an unsigned transaction, boot up again with the CD, sign the transaction, boot again (without CD) and broadcast the transaction.

Does not really get simpler and more secure than that.

I have no idea who made that bitkey or if it can be trusted.
i'd rather use a trusted linux distro like debian and install electrum myself.

That is the beauty of it, you do not need to trust it as its only booted when you are disconnected. The moment you reboot the memory is wiped and you are back to normal. So even if there were malicious code in that it would not be able to do anything. All the code is also open source and availabel to anybody so you can go look at how its setup.

Also, for the noobs who has never worked with linux this is the ideal, you need not know anything. Just burn the CD, boot it and that's it.

it could infect the windows installation on your hard drive and save your keys.

[g27wr]

I have two offline wallets that split my BTC between the two. If something happens to one, I don't lose them all.

I have my public addresses as 'watch only' so I can monitor the balances.

I have my private keys stamped into metal that won't melt if the house burned down.

AND I have paper copies in another location, split up so you need both parts to complete the key.

I'm HODLing long term, so I wanted to be safe.

Wow, I must say this is very secure. Did you stamped it into silver yourself or had someone else do it?

Did it myself. You can buy a stamping kit for $15 and just practice on some metal until you get the hang of it. It was pretty fun, actually.

http://www.harborfreight.com/36-piece-14-in-steel-letternumber-stamping-set-60671.html

[RustyNomad]

it could infect the windows installation on your hard drive and save your keys.

No it cannot. No drives are mounted on startup, all is done in ram. Best is go to their site and read what it does and how its put together. I think that will give you a better understanding of how it actually works. And by the way, its is based on Debian.

Forgot to add... You do not have to run the CD on your main PC. You can run it on a second offline PC if what you mention is a big concern. In that way there is no sub system to infect.

[Robert Paulson]

it could infect the windows installation on your hard drive and save your keys.

No it cannot. No drives are mounted on startup, all is done in ram. Best is go to their site and read what it does and how its put together. I think that will give you a better understanding of how it actually works. And by the way, its is based on Debian.

Forgot to add... You do not have to run the CD on your main PC. You can run it on a second offline PC if what you mention is a big concern. In that way there is no sub system to infect.

nothing stops a malicious live cd from mounting your drives and doing what ever it wants with them including infecting the OS installed on it and leaking the keys to the drive.

indeed having a separate laptop is the way to go and even then you still have to trust that those guys didn't change the electrum they are shipping to always sign a transaction that sends all your money to them.

[687_2]

If you have a fair amount of bitcoins is it stupid to keep them all on Bitcoin Core on a computer that's just about always online?

Even with a good password?

Do you think cold storage is essential?

I think Electrum is your best choice. Make sure your client is on a fairly secure (*nix) machine and don't worry about it.

The real problem with "cold" storage is that it removes many of the benefits BTC confers - like being able to access your stash anytime you like, anywhere you like. It's nice to have some spending money on blockchain.info or in Coinbase too for mobile purchases.

[Dabs]

Serious question:

How about a fair amount of bitcoins, on Bitcoin Core, on a computer that:

1. is behind 2 routers, uPNP turned off (internet > router1 > router2 > computer)
2. is not port forwarded, therefore does not accept incoming connections (so connections are always at 8 out)
3. good password
4. is not used for anything else, only Bitcoin Core (was fresh installed OS, regardless of OS)

For added info, the routers are a service provided branded ZyXel router and a Cisco E1000 router, in that order. (Does it really matter ...)

It's essentially an "online" wallet that almost no hacker can get to (because it's behind two NATs).

Physical security is a different topic, but I've got that covered on my end.


Then I have another computer that is air-gapped for cold storage.

[chopstick]

I didn't see this question asked.

Would it be safe to store all your coins on a Trezor hardware wallet long term?

[687_2]

Serious question:

How about a fair amount of bitcoins, on Bitcoin Core, on a computer that:

1. is behind 2 routers, uPNP turned off (internet > router1 > router2 > computer)
2. is not port forwarded, therefore does not accept incoming connections (so connections are always at 8 out)
3. good password
4. is not used for anything else, only Bitcoin Core (was fresh installed OS, regardless of OS)

For added info, the routers are a service provided branded ZyXel router and a Cisco E1000 router, in that order. (Does it really matter ...)

It's essentially an "online" wallet that almost no hacker can get to (because it's behind two NATs).

Physical security is a different topic, but I've got that covered on my end.


Then I have another computer that is air-gapped for cold storage.

- Fire/flood/theft risk (unless mitigated with some kind of backup)
- Keylogger risk (true for pretty much everything except trezor style device)
- Coins perhaps inaccessible if you travel
- Potential data corruption (again unless mitigated through solid backups, which is more opportunity for fuck ups)

[jonald_fyookball]

I didn't see this question asked.

Would it be safe to store all your coins on a Trezor hardware wallet long term?

Ive heard good things generally about Trezor, but
any hardware can fail or could be destroyed in
a fire, flood, etc...so you should have a back up.

Plus there is the possibility it could be stolen.

You need to consider all those things.

[Dabs]

- Fire/flood/theft risk (unless mitigated with some kind of backup)
- Keylogger risk (true for pretty much everything except trezor style device)
- Coins perhaps inaccessible if you travel
- Potential data corruption (again unless mitigated through solid backups, which is more opportunity for fuck ups)

Thank you for your reply, but those are all covered.

Fire = encrypted backups
Keylogger = after initial set up disconnected, no further software is installed. no hardware is allowed near it. It's a clean machine, bare OS, all other services off, all other ports blocked.
Travel = that's a given, I would need to be on that particular machine. Backups will take time to set up, but can be done (same as for destruction).
Data corruption = same backups.

[PenAndPaper]

It's essentially an "online" wallet that almost no hacker can get to (because it's behind two NATs).

You are essentially a bitcoin leacher. Don't be a sissy, open up port 8333. 
(j/k do whatever makes you feel safer)

[jonald_fyookball]

- Fire/flood/theft risk (unless mitigated with some kind of backup)
- Keylogger risk (true for pretty much everything except trezor style device)
- Coins perhaps inaccessible if you travel
- Potential data corruption (again unless mitigated through solid backups, which is more opportunity for fuck ups)

Thank you for your reply, but those are all covered.

Fire = encrypted backups
Keylogger = after initial set up disconnected, no further software is installed. no hardware is allowed near it. It's a clean machine, bare OS, all other services off, all other ports blocked.
Travel = that's a given, I would need to be on that particular machine. Backups will take time to set up, but can be done (same as for destruction).
Data corruption = same backups.

Make sure initial key generation is done on clean machine as well or external random source. 
There's always the attack that could happen even on offline machines if the key generation
is from a known set.

[iwillwin]

Yes it is very very risky to keep them without a cold storage. I mean there are all sorts of people out there looking for just one chance to steal your Bitcoins !

[romerun]

Wiating for multisig support on bitcoincore gui

[Dabs]

It's essentially an "online" wallet that almost no hacker can get to (because it's behind two NATs).

You are essentially a bitcoin leacher. Don't be a sissy, open up port 8333. 
(j/k do whatever makes you feel safer)

I have a few full nodes open up. Those don't have any coins in them.

Make sure initial key generation is done on clean machine as well or external random source. 
There's always the attack that could happen even on offline machines if the key generation
is from a known set.

Of course. Make it run for a day. Then create a brand new wallet. Or generate the wallet from another offline computer. I think there's the paperwal, and for mass production there is vanitygen and bitaddress.