Bitcoin Forum
December 11, 2016, 08:11:33 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Bitcoin Wallet Security Methodology  (Read 1877 times)
davidspitzer
Sr. Member
****
Offline Offline

Activity: 476



View Profile WWW
June 18, 2012, 12:42:01 PM
 #1

I have been contemplating my Bitcoin wallet and have adapted several well tested methodologies which seems to satisfy my two big concerns:

Security
Backup and Restore:


Here is my approach - I would love to hear feedback and your thoughts on it:


I am using Bitcoin Wallet Software 0.6.2
I use Google Drive. (storage prices are very cheap)
I Downloaded and installed TrueCrypt
In my Google Drive Folder on my PC, I create a 10 Gig TrueCrypt Container, using a very strong password

Note:Out of the box, if you upload a TrueCrypt container to Google Drive, it will appear in their system just fine. However, if you later make updates to anything in the container, it will not sync with Google Drive, meaning your files in the cloud will never be the most current version. There is a simple fix to this:

1. Open TrueCrypt.
2. In the Menu, Click Settings, then Preferences.
3. Uncheck: Preserve modification timestamp of file containers.
4. Click the Ok Button.

Now, when you make any change in the file, the file’s timestamp will change, which is how Google Drive knows a file has changed. This will trigger Google Drive to Sync the file.

I Mount the container as M:\ (letter is not important only that its consistent)

I copy the Bitcoin Wallet Software to M:\ and Run it once to download all the network data then quit the software
On my computer I go to my User... AppData...Roaming... and move the Bitcoin folder to the M:\
I Create a shortcut on the root of the M:\ with this launch string to look for the data in the new spot:
M:\bitcoinsoftwarefoldername\Mbitcoin.exe -datadir=M:\Bitcoin


From then on I can just mount the encypted Drive and use the icon to launch my wallet
I can also backup the unmounted drive file onto a thumb drive for offline backup although Google Drive allows me to distribute the file to all of my machines just by loading the Google drive software on it.

anyway that is my setup

I also have an online blockchain.info wallet that I use as my "checking account" I move small chunks of coins from my secured wallet "savings account" on my desktop to the Blockchain.info wallet for purchases etc
 


btclag.org - Bitcoin Legal Advocacy Group
- CAMPBX Exchange
1481443893
Hero Member
*
Offline Offline

Posts: 1481443893

View Profile Personal Message (Offline)

Ignore
1481443893
Reply with quote  #2

1481443893
Report to moderator
1481443893
Hero Member
*
Offline Offline

Posts: 1481443893

View Profile Personal Message (Offline)

Ignore
1481443893
Reply with quote  #2

1481443893
Report to moderator
1481443893
Hero Member
*
Offline Offline

Posts: 1481443893

View Profile Personal Message (Offline)

Ignore
1481443893
Reply with quote  #2

1481443893
Report to moderator
Bitcoin mining is now a specialized and very risky industry, just like gold mining. Amateur miners are unlikely to make much money, and may even lose money. Bitcoin is much more than just mining, though!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481443893
Hero Member
*
Offline Offline

Posts: 1481443893

View Profile Personal Message (Offline)

Ignore
1481443893
Reply with quote  #2

1481443893
Report to moderator
Boussac
Legendary
*
Offline Offline

Activity: 1173


e-ducat.fr


View Profile WWW
June 18, 2012, 02:50:10 PM
 #2

Interesting.
However what does the whole process tell us about the usability of a heavy mobile client requiring secure backups ?
That's why I recommend the Paytunia thin client for android : most people don't want to worry about backups and are better off with a wallet hosted on a backend server.

Besides, last time I tried to update Bitcoin Wallet on my Galaxy SII, I had to root the device to recover my key because some bug prevented me from signing any more transactions.

davidspitzer
Sr. Member
****
Offline Offline

Activity: 476



View Profile WWW
June 18, 2012, 02:52:15 PM
 #3

Interesting.
However what does the whole process tell us about the usability of a heavy mobile client requiring secure backups ?
That's why I recommend the Paytunia thin client for android : most people don't want to worry about backups and are better off with a wallet hosted on a backend server.

Besides, last time I tried to update Bitcoin Wallet on my Galaxy SII, I had to root the device to recover my key because some bug prevented me from signing any more transactions.

I use a mobile client only for transitory funds (checking) the secured desktop wallet for the majority of my funds (savings)

btclag.org - Bitcoin Legal Advocacy Group
- CAMPBX Exchange
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2002



View Profile
June 18, 2012, 05:51:08 PM
 #4

I Downloaded and installed TrueCrypt
In my Google Drive Folder on my PC, I create a 10 Gig TrueCrypt Container, using a very strong password

10 gig?  Yowza. 


Anyway, remember that a TrueCrypt volume is only as secure as your operating system.  If you have malware doing keylogging even a TrueCrypt with a very strong password does you no good.

For some, only an offline wallet that has an air gap to the network is considered to be safe enough.

Lumpy
Full Member
***
Offline Offline

Activity: 237


View Profile
June 18, 2012, 06:32:17 PM
 #5

For my savings, I've been using an offline brainwallet. I reboot into a clean USB Linux distro with no network access and use it to generate a Bitcoin address. I use the tools from brainwallet.org (downloaded to my flash drive) and a certain passphrase that is about 25 letters/symbols/numbers to generate the keypair. Then, I copy the public Bitcoin address to a text file, reboot, and send coins there. The private key isn't recorded anywhere, but both myself and my wife know the passphrase very well.

In the few cases that I've had to send money from savings, I've used Electrum's offline capabilities: Reboot into offline Linux USB, generate keypair, import keypair, make offline transaction, reboot, send transaction.
nayrB16
Member
**
Offline Offline

Activity: 61


I was lucky enough to solve block 121306


View Profile
June 18, 2012, 07:59:43 PM
 #6

I just make a 10mb container put my savings wallet in there and upload it to Google drive and personal external hard drive then use different wallet for checking.

edit: I'm also thinking about uploading private keys to LastPass secure note

Haha! I'm the only one to control Bitcoin address 1HjtErSHNEHtY347LouvsFq5KesHkEZLAV
coretechs
Donator
Sr. Member
*
Offline Offline

Activity: 362



View Profile
June 18, 2012, 09:08:15 PM
 #7

For my savings, I've been using an offline brainwallet. I reboot into a clean USB Linux distro with no network access and use it to generate a Bitcoin address. I use the tools from brainwallet.org (downloaded to my flash drive) and a certain passphrase that is about 25 letters/symbols/numbers to generate the keypair. Then, I copy the public Bitcoin address to a text file, reboot, and send coins there. The private key isn't recorded anywhere, but both myself and my wife know the passphrase very well.

This.

I never understood the point in copying encrypted files all over the place and doing the hokey-pokey rain-dance between each step when you can just create a paper or brain wallet for secure cold/offline storage.

http://bitcoindoc.com - The Rise and Rise of Bitcoin | http://nxtportal.org - Nxt blockchain explorer
davidspitzer
Sr. Member
****
Offline Offline

Activity: 476



View Profile WWW
June 18, 2012, 09:09:55 PM
 #8

I'm a big fan of distributed backup.

btclag.org - Bitcoin Legal Advocacy Group
- CAMPBX Exchange
coretechs
Donator
Sr. Member
*
Offline Offline

Activity: 362



View Profile
June 18, 2012, 10:12:01 PM
 #9

I'm a big fan of distributed backup.

Me too, that's why I leave it to the blockchain!  If you have a lot of keys you need to backup then by all means secure your wallet.dat.  But if you just want to have a few secure offline/cold addresses, a paper or brainwallet is hard to beat.

Do you backup your secure TrueCrypt password in multiple locations?  If not you are exposing yourself to the same risk as losing/forgetting a brainwallet key so you might consider that for your backup scheme.

http://bitcoindoc.com - The Rise and Rise of Bitcoin | http://nxtportal.org - Nxt blockchain explorer
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!