HOW are bitcoins stored?

[teukon]

What if I buy a new HD and use it just for bitcoins, without my original HD, and then I turn off computer, unplug HD, plug the other one, so on so forth? Will that prevent trojans or can they be in other devices than HD, e.g. boards, cards, etc?

In other words, instead of an offline "whole computer", is it enough to have just an offline HD, or is there some weakness to using 2 HDs with one computer? And by 2 HDs I mean they are connected just one at a time, never together, each one has its own OS, etc. Just the same Mobo and cards.

This strategy will provide a lot of extra security in my opinion (95%+ of the way to dedicated offline computer).  The second drive with its own operating system could reasonably well be trusted to hold your private keys provided this system never sees the internet.  Disconnecting and reconnecting the first drive sounds like overkill (the OS should be configured to just ignore it) but disconnecting and reconnecting the second drive (which will likely contain sensitive information) is a small gain.

With this setup you'd probably want to install Bitcoin Core + Armory on the main machine and Armory on the second.  You can then use Armory on the second to create private keys and sign transactions.  You'll almost certainly want to create a second "hot" wallet on your main system.

Depending on your motherboard and preferred OS, you may find a USB drive to be a cheaper and more convenient home for your second OS than an HDD or SSD.  In either case, you should treat this second drive as you would a paper wallet (unless you encrypt the drive or wallet with a passphrase with significant entropy).

[BitNerd]

What if I buy a new HD and use it just for bitcoins, without my original HD, and then I turn off computer, unplug HD, plug the other one, so on so forth? Will that prevent trojans or can they be in other devices than HD, e.g. boards, cards, etc?

In other words, instead of an offline "whole computer", is it enough to have just an offline HD, or is there some weakness to using 2 HDs with one computer? And by 2 HDs I mean they are connected just one at a time, never together, each one has its own OS, etc. Just the same Mobo and cards.

This strategy will provide a lot of extra security in my opinion (95%+ of the way to dedicated offline computer).  The second drive with its own operating system could reasonably well be trusted to hold your private keys provided this system never sees the internet.  Disconnecting and reconnecting the first drive sounds like overkill (the OS should be configured to just ignore it) but disconnecting and reconnecting the second drive (which will likely contain sensitive information) is a small gain.

With this setup you'd probably want to install Bitcoin Core + Armory on the main machine and Armory on the second.  You can then use Armory on the second to create private keys and sign transactions.  You'll almost certainly want to create a second "hot" wallet on your main system.

Depending on your motherboard and preferred OS, you may find a USB drive to be a cheaper and more convenient home for your second OS than an HDD or SSD.  In either case, you should treat this second drive as you would a paper wallet (unless you encrypt the drive or wallet with a passphrase with significant entropy).

1. If an offline HD is 95% as secure as an offline computer, what are the 5% of insecurity?

2. I didn´t know I could use a usb as main HD with OS. How to do that?

3. Supposing I already have 2 HDs working fine, how to transfer files from one to another without the risk of transfering malware to the offline HD in the process?

[teukon]

1. If an offline HD is 95% as secure as an offline computer, what are the 5% of insecurity?

Easily less than 5%; probably less than 1%.  I'm just leaving a tiny window for malicious firmware, BIOS viruses, and so forth.  This is basically irrelevant.  Bear in mind that even the ideal offline computer setup entails some risk.  Can you trust Bitcoin Core?  Can you trust Armory?  Can you trust my advice?

There's risk in everything.

2. I didn´t know I could use a usb as main HD with OS. How to do that?

That's going to depend on your OS of choice.  You may also want to look up "LiveCD"s, especially in conjunction with Bitcoin, to see if others have already done the hard work (of course, avoid dodgy-looking reputationless setups).

3. Supposing I already have 2 HDs working fine, how to transfer files from one to another without the risk of transfering malware to the offline HD in the process?

Only copy across using the offline system.  You should not execute anything on your first drive while your offline system is running, but a good OS will be able to ensure that while allowing you write access to the first drive.

[QuestionAuthority]

I'm impressed OP, you have come a long way toward understanding Bitcoin. If I had to spend this much time learning about the ACH/EFT system to use Debit Cards I would have given up on them. The good news is, there are easier and safer methods for using Bitcoin being created every day. Someday people will use the blockchain to send money through some business and probably not even know it. You're obviously bright enough and motivated enough to use it now. If you keep reading and start using it you shouldn't have a problem.

[jonald_fyookball]

1. If an offline HD is 95% as secure as an offline computer, what are the 5% of insecurity?

Easily less than 5%; probably less than 1%.  I'm just leaving a tiny window for malicious firmware, BIOS viruses, and so forth.  This is basically irrelevant.  Bear in mind that even the ideal offline computer setup entails some risk.  Can you trust Bitcoin Core?  Can you trust Armory?  Can you trust my advice?

There's risk in everything.

How do you know one drive doesn't catch malware that maps a network drive and
connects to the other one... (or you forget and do it yourself somehow)
that's the 1-5% or whatever risk.

But yeah, risk can be mitigated, never eliminated.
Can't live your life hiding under the bed. 

[moriartybitcoin]

stored in online wallets like Xapo, BlockChain, BitArmored, etc.

OR in offline wallets like Electrum, Multibit, etc.

Pluses and minuses to both .. equal chance you will lose your bitcoins no matter which method you choose, in my opinion

[malaimult]

Right now your safest bet is to use the hardware wallet Trezor.

But for that normal people need to invest money, and the average person is not going to spend 100$ just to have bitcoins.

That´s right. Is there a no-cost way to generate and use my private keys, without ANY chance of they being stolen?

There is always going to be a chance that your money is going to be stolen. This is true regardless of if you are using bitcoin, fiat or physical assets (like gold for example). You really just need to be able to manage your risk so that there is a very low chance that your money will get stolen.

For the very new user (who is using small amounts of money), you should use a service like coinbase and enable 2fa which should keep your money sufficiently safe.

For larger amounts and once you have a better understanding of how bitcoin works, you will need to use a computer that has never touched the internet to create a private key (and to have the computer never subsequently touch the internet)