ebliever (OP)
Legendary
 Offline
Activity: 1708
Merit: 1035
|
 |
February 21, 2015, 08:28:07 PM |
|
One idea I've thought about is a system where you have multiple accounts like others have mentioned, but with different levels of time delays. So you'd have one with instant access and a small amount of funds. Then for larger holdings you would put them for example in an account that has a built in 24 hr, 3 day, or week delay for withdrawals. If say the week delay account is accessed with a private key the funds wouldn't move for a week and a system would notify you, say through email, that the funds have been marked for withdrawal. If no action is taken, after 7 days the funds are moved, but if within those 7 days the private key is re-entered, the funds are moved to another long term address previously designated by the initial account creator. So if anyone was attempting to hack an exchange wallet for example the owners would have 7 days to notice this, re-enter the private key, which would then re-direct those funds to another predetermined long term account.
Just an idea and one I haven't thought through that much so I'm sure there's some problems and obviously isn't applicable to bitcoin as presently constructed.
Some exchanges (for example Allcrypt, and Coinbase's cold wallet) have time delay options. Just keep in mind these are not inherent to the bitcoin protocol, so to utilize this kind of security we would necessarily have to be trusting a 3rd party with our bitcoins. But I do think it's an example of the kind of good practices everyone should use as bitcoin becomes a significant portion of their investments. |
Luke 12:15-21
Ephesians 2:8-9
|
|
|
|
|
|
|
|
|
|
|
|
I HATE TABLES I HATE TABLES I HA(╯°□°)╯︵ ┻━┻ TABLES I HATE TABLES I HATE TABLES
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
|
hhanh00
|
|
February 22, 2015, 06:39:32 AM |
|
When you keep it simple, it's not so difficult. For example:
Electrum on cold storage and Mycellium for online usage.
- 2 seeds to keep = 2x12 words
- top off Mycellium from time to time
What's not to like?
|
|
|
|
teukon
Legendary
Offline
Activity: 1246
Merit: 1002
|
|
February 22, 2015, 09:24:51 AM |
|
Multisig should be avoided to prevent the risk that any one signature authority is lost (for any reason), preventing access to the account.
This is why N-of-N multisig should be avoided. For example, as a best practice I might recommend using a multisig account requiring 3 approvals/passwords. Then store Password A on my computer with backups on DVD and my brother's computer in another state. Password B is on my cell phone, with backups in my wife's cell phone and a secured cloud storage account. And Password C is on a paper certificate in a safe in my house, with hardcopies with my mother's house in a 3rd state and a safe deposit box.
Multisig works on both fronts. You can, for example, arrange for there to be three passwords protecting funds such that any one password is useless but any two passwords give access. This is called 2-of-3 multisig and is more common than the 3-of-3 multisig you describe above. This can be done for any integers M and N with 1 <= M <= N. Larger values of N are more complex. When M is far from 1, theft is unlikely. When M is far from N, loss is unlikely. |
|
|
|
|
ebliever (OP)
Legendary
Offline
Activity: 1708
Merit: 1035
|
|
February 22, 2015, 02:02:06 PM |
|
Multisig should be avoided to prevent the risk that any one signature authority is lost (for any reason), preventing access to the account.
This is why N-of-N multisig should be avoided. For example, as a best practice I might recommend using a multisig account requiring 3 approvals/passwords. Then store Password A on my computer with backups on DVD and my brother's computer in another state. Password B is on my cell phone, with backups in my wife's cell phone and a secured cloud storage account. And Password C is on a paper certificate in a safe in my house, with hardcopies with my mother's house in a 3rd state and a safe deposit box.
Multisig works on both fronts. You can, for example, arrange for there to be three passwords protecting funds such that any one password is useless but any two passwords give access. This is called 2-of-3 multisig and is more common than the 3-of-3 multisig you describe above. This can be done for any integers M and N with 1 <= M <= N. Larger values of N are more complex. When M is far from 1, theft is unlikely. When M is far from N, loss is unlikely. Good suggestion. This would simplify matters compared to the 3X3 example I gave. Perhaps a 3 of 5 multisig would provide both robust defense against theft while also tolerating loss of 2 of the passwords. Even 2 of 4 might be acceptable if secured well. |
Luke 12:15-21
Ephesians 2:8-9
|
|
|
Remember remember the 5th of November
Legendary
Offline
Activity: 1862
Merit: 1011
Reverse engineer from time to time
|
|
February 22, 2015, 05:48:27 PM |
|
If it was me, I'd store my private key in some DNA(read up on DNA storage) and then place it on my heart, for extra security.
|
BTC:1AiCRMxgf1ptVQwx6hDuKMu4f7F27QmJC2
|
|
|
hashman
Legendary
Offline
Activity: 1264
Merit: 1008
|
|
February 22, 2015, 11:48:08 PM |
|
You need to consider different wallets for different uses. Nobody is never going to lose a satoshi, that just doesn't make sense.
I might throw a week's spending cash on a device which I have a backup for at home. While I'm out, somebody fools me and I send coin to the wrong address. Whoops!
I mess up a digit when sending.. whoops!
Somebody sticks a knife in my face and tells me to empty the wallet. whoops!
I walk through a casino, whoops!
These things we try to avoid but over a lifetime you can't close all security holes on your smallest spending wallet.
Larger, life changing sums, will be kept in multisignature trust funds with family and managers holding keys redundant and backed up. Sure, this makes it a pain in the ass to spend but that is the tradeoff.
|
|
|
|
|
ebliever (OP)
Legendary
Offline
Activity: 1708
Merit: 1035
|
|
February 23, 2015, 02:31:18 PM |
|
I'd like to thank everyone again for their contributions, and summarize my own Lessons Learned thus far. Best practices:
1. Utilize multi-sig for a M of N access requirement. (That is, needing to input M passwords out of N total passwords on file to access an account.)
2. Utilize 2 or more accounts with higher security on long-term, high value accounts and easier access with day-to-day small value accounts.
3. If using trusted 3rd parties, a time delay feature for significant withdrawals provides additional protection.
4. It probably makes sense that trusted 3rd parties arise which provide insurance for their accounts, for people who won’t/can’t manage their own bitcoin holdings securely.
5. The trusted 3rd parties can in principle utilize technological solutions (retinal scanners, DNA, etc.) as substitutes for passwords for security.
My comment: Institutions and software (such as wallets) can implement a M of N security solution fairly easily, and in fact many already do. The use of security questions like “What is your mother’s maiden name” in addition to password are in essence just such an approach. And although cheesy, they probably do provide a fairly good level of security against lost/compromised passwords in real life terms.
I like the idea of a 3 out of 5 access level, because a hacker would need to obtain at least 3 passwords to breach the account, and at the same time you’d need to lose 3 of the 5 passwords to become unable to access your own account. That strikes me as a reasonable and robust level of security for my “long-term” holdings. Throw in a moderate (and user-configurable) time delay for major withdrawals (with notifications sent out by email/text/etc.) and the account becomes even more secure.
For day-to-day use, something like 2-factor authentification (password plus smartphone app) is probably reasonable, with a way to recover if and when the smartphone falls into a toilet.
Overall I feel a lot better about long term security of my BTC based on this feedback. The key will be in software developers releasing software to support M of N security and time delays with notification (both at an institutional level and in personal wallets), and educating the masses on what to do and why they need to do it to keep their bitcoins safe.
|
Luke 12:15-21
Ephesians 2:8-9
|
|
|
|
hhanh00
|
|
February 23, 2015, 03:13:29 PM |
|
These recommendations are fine though you don't need to go that far to be safe.
If you are willing to go through it, go for it. But the people who got hacked were nowhere near that level of security.
1.
- They heard about hacks and thought: "This looks difficult, I'll probably mess up."
- or they just trusted their exchange because they trust their bank.
Either way, they got robbed by their exchange.
2.
- They kept their bitcoin on their online computer or used a password they store on Dropbox.
Bottom line, bitcoins that you have on an online computer can be hacked. Some may argue that they have utmost security on their computer and maybe they do but it's them not us.
Now that there are so many hacks, people get scared and go the other extreme.
It's actually easy to avoid being hacked and it takes little effort... **Cold Storage** for your main stash.
No one has ever being hacked from cold storage (if it's done properly).
Using complex processes may end up costing you more if you mess up. IMHO, it's better to stick with simple things when they have the same level of security.
|
|
|
|
ebliever (OP)
Legendary
Offline
Activity: 1708
Merit: 1035
|
|
February 23, 2015, 06:05:15 PM |
|
I'm not all that sanguine about cold storage for a couple reasons:
1. An article came out about a month ago that described how hackers could release cold wallet software that would generate non-random keys. The hackers could monitor the blockchain for identifiable transactions and would then have free access to anything in the supposedly safe cold wallet forever after. (Could this be what happened to Gox?)
2. There seems to be a perception (correct or not) that funds in cold storage are safer because the password is in hardcopy or offline. But it still exists in some form, so the risk of it being stolen still exists. So cold storage is not a game-changer for me; it may be a bit more secure, but it's not bulletproof.
I hope you are right about current hacks being of the "lowest hanging fruit" in terms of poor security. It would be great if someone developed a global measure of bitcoin theft that could be measured over time to see if things are getting better or worse. Something as simple as # bitcoins reported stolen / average # of bitcoins in existence for each year.
|
Luke 12:15-21
Ephesians 2:8-9
|
|
|
ebliever (OP)
Legendary
Offline
Activity: 1708
Merit: 1035
|
|
February 23, 2015, 06:12:53 PM |
|
By the way, here's a tip I learned (and proved out and implemented myself) this morning about Google Authenticator:
When you first set up an account on Google Authenticator, you either scan a QR code or manually type in a 16-character alphanumeric key. If you save the QR code or key you can use it to set up a duplicate copy of Google Authenticator on another device at a later date - very useful if your smartphone gets run over.
Just be careful not to store the GA codes on the smartphone running GA, or with the passwords for the account(s) in question.
|
Luke 12:15-21
Ephesians 2:8-9
|
|
|
|
MakingMoneyHoney
|
|
February 23, 2015, 06:19:03 PM |
|
I'm not all that sanguine about cold storage for a couple reasons:
1. An article came out about a month ago that described how hackers could release cold wallet software that would generate non-random keys. The hackers could monitor the blockchain for identifiable transactions and would then have free access to anything in the supposedly safe cold wallet forever after. (Could this be what happened to Gox?)
2. There seems to be a perception (correct or not) that funds in cold storage are safer because the password is in hardcopy or offline. But it still exists in some form, so the risk of it being stolen still exists. So cold storage is not a game-changer for me; it may be a bit more secure, but it's not bulletproof.
Though there could be a program out there (released or just currently being made) to generate non-random keys for paper wallets, no one has seen it yet, as far as I'm aware. Many people suggest this site, https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html, and the source has been released, and I would think if it was set up that way, someone would have noticed it by now. But please, correct me if I'm wrong. |
|
|
|
|
|
hhanh00
|
|
February 23, 2015, 06:48:50 PM |
|
I'm not all that sanguine about cold storage for a couple reasons:
1. An article came out about a month ago that described how hackers could release cold wallet software that would generate non-random keys. The hackers could monitor the blockchain for identifiable transactions and would then have free access to anything in the supposedly safe cold wallet forever after. (Could this be what happened to Gox?)
2. There seems to be a perception (correct or not) that funds in cold storage are safer because the password is in hardcopy or offline. But it still exists in some form, so the risk of it being stolen still exists. So cold storage is not a game-changer for me; it may be a bit more secure, but it's not bulletproof.
I hope you are right about current hacks being of the "lowest hanging fruit" in terms of poor security. It would be great if someone developed a global measure of bitcoin theft that could be measured over time to see if things are getting better or worse. Something as simple as # bitcoins reported stolen / average # of bitcoins in existence for each year.
1. The article in question refers to compromised software. If you use compromised software, all bets are off - that should go without saying. The details of the attack are well known to anyone who read about these signatures. I suppose it still generates page views. 2. 2FA - multisig - etc. doesn't change anything for me. They have their applications for sure but they don't introduce more intrinsic safety, on the contrary. Ultimately, you choose what you want to use. |
|
|
|
Cryddit
Legendary
Offline
Activity: 924
Merit: 1122
|
|
February 23, 2015, 08:32:11 PM |
|
Though there could be a program out there (released or just currently being made) to generate non-random keys for paper wallets, no one has seen it yet, as far as I'm aware. Many people suggest this site, https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html, and the source has been released, and I would think if it was set up that way, someone would have noticed it by now. But please, correct me if I'm wrong. Nothing prevents people from releasing source code for a key generation technique different from the one they are actually using. Never. EVER. Use a key generated by someone who is not you, to store your money. |
|
|
|
|
|
MakingMoneyHoney
|
|
February 23, 2015, 08:45:10 PM |
|
Though there could be a program out there (released or just currently being made) to generate non-random keys for paper wallets, no one has seen it yet, as far as I'm aware. Many people suggest this site, https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html, and the source has been released, and I would think if it was set up that way, someone would have noticed it by now. But please, correct me if I'm wrong. Nothing prevents people from releasing source code for a key generation technique different from the one they are actually using. Never. EVER. Use a key generated by someone who is not you, to store your money. Do you know of a good guide to creating a paper wallet by yourself, (I know people mention dice-rolling). I've never seen a guide on how to get it working though. |
|
|
|
|
tzpardi
Member
Offline
Activity: 66
Merit: 10
|
|
February 25, 2015, 02:49:44 AM |
|
By the way, here's a tip I learned (and proved out and implemented myself) this morning about Google Authenticator:
When you first set up an account on Google Authenticator, you either scan a QR code or manually type in a 16-character alphanumeric key. If you save the QR code or key you can use it to set up a duplicate copy of Google Authenticator on another device at a later date - very useful if your smartphone gets run over.
Just be careful not to store the GA codes on the smartphone running GA, or with the passwords for the account(s) in question.
Thanks, that is useful to know. |
|
|
|
|
JeromeL
Member
Offline
Activity: 554
Merit: 11
CurioInvest [IEO Live]
|
|
February 25, 2015, 06:13:52 PM |
|
I think we're going to end up seeing hardware wallets more, and hopefully cheaper.
I'm not terribly familiar with the HW wallets out there, so I have to ask: What happens if a HW wallet is lost/broken/eaten by a rhinoseros? How do you access your account in that case? When you set up a hw wallet, you get a seed (for trezor it's a 24 words seed) that you need to write done on paper. You can also encrypt that seed with a password. If your hw wallet gets lost, broken, whatever, you can recover all your funds using your seed. You can buy another hw wallet or input the seed in conventional wallets like multibit or armory. And recover your funds. If btc becomes more valuable, I was thinking splitting up the seed and hand different pieces to trustworthy family members living in different regions with some kind of riddle with personal questions so they can find out the password. So if something bad happens to me, My funds won't be lost for ever. |
|
|
|
|
stevenh512
|
|
February 26, 2015, 07:49:27 AM |
|
Though there could be a program out there (released or just currently being made) to generate non-random keys for paper wallets, no one has seen it yet, as far as I'm aware. Many people suggest this site, https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html, and the source has been released, and I would think if it was set up that way, someone would have noticed it by now. But please, correct me if I'm wrong. Nothing prevents people from releasing source code for a key generation technique different from the one they are actually using. Never. EVER. Use a key generated by someone who is not you, to store your money. The wallet generator mentioned is based on bitaddress.org and any random numbers are generated in your browser, this means you can download it (as a .zip, or the source code published on GitHub) and run it on an offline computer. Nobody is generating your keys for you with bitcoinpaperwallet.com or bitaddress.org and if you use them on an offline machine they're both as secure an option as any other I can think of for making paper wallets. You can also use dice, a deck of cards or whatever external source you can think of to provide entropy instead of trusting your offline machine to generate random numbers.. just make sure you're providing enough entropy. Do you know of a good guide to creating a paper wallet by yourself, (I know people mention dice-rolling). I've never seen a guide on how to get it working though.
1 - Download the wallet generator from bitaddress.org or bitcoinpaperwallet.com (or their source code on GitHub), whichever one you prefer. 2 - Open the html file in a browser on an offline computer. For this, I use an Ubuntu or Linux Mint live DVD with my laptop's wifi disabled and nothing plugged into the ethernet port. Follow the instructions on the page to generate a paper wallet. 2a - (optional) If you don't trust your computer to generate random numbers, get some dice and follow the instructions to generate them (in the "print front" page on bitcoinpaperwallet, "wallet details" page on bitaddress). The bitcoinpaperwallet page also tells you how to use a deck of cards, but I personally trust a good set of casino dice a lot more than my own card shuffling ability. 2b - (optional) You can BIP38 encrypt your private keys. Choose a strong passphrase that you'll be able to remember. 3 - Print your wallet. Cut and fold as appropriate. 3a - (optional) Laminate your wallet. You won't be able to write on it with a pen, but it'll be protected from fading and water damage. 3b - (optional) Print it on Teslin, it'll be waterproof as soon as the ink dries, no need to laminate. Reboot and enjoy. As far as I can tell, you won't be able to provide your own entropy on the "paper wallet" page of bitaddress.org but you can always print the "wallet details" page. edit: Always make sure you save a copy of the wallet generator you used, especially if you BIP38 encrypted your keys. You want to make sure you can decrypt those in the future, plus you'll always have a copy of the paper wallet generator if you want to make more wallets. If you use BIP38, it doesn't hurt to create a "throwaway" wallet just for the purpose of sending a small amount to it and sending that money right back to your hot wallet.. just to make sure you can it works before you trust it with larger amounts of money. Sending back to your hot wallet is easy with Electrum, GreenAddress, Blockchain and probably quite a few other desktop and online wallets.. just sweep the private key (decrypt it first if you used BIP38). |
This signature intentionally left blank.
|
|
|
|
MakingMoneyHoney
|
|
February 27, 2015, 08:16:54 PM |
|
Though there could be a program out there (released or just currently being made) to generate non-random keys for paper wallets, no one has seen it yet, as far as I'm aware. Many people suggest this site, https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html, and the source has been released, and I would think if it was set up that way, someone would have noticed it by now. But please, correct me if I'm wrong. Nothing prevents people from releasing source code for a key generation technique different from the one they are actually using. Never. EVER. Use a key generated by someone who is not you, to store your money. The wallet generator mentioned is based on bitaddress.org and any random numbers are generated in your browser, this means you can download it (as a .zip, or the source code published on GitHub) and run it on an offline computer. Nobody is generating your keys for you with bitcoinpaperwallet.com or bitaddress.org and if you use them on an offline machine they're both as secure an option as any other I can think of for making paper wallets. You can also use dice, a deck of cards or whatever external source you can think of to provide entropy instead of trusting your offline machine to generate random numbers.. just make sure you're providing enough entropy. Do you know of a good guide to creating a paper wallet by yourself, (I know people mention dice-rolling). I've never seen a guide on how to get it working though.
1 - Download the wallet generator from bitaddress.org or bitcoinpaperwallet.com (or their source code on GitHub), whichever one you prefer. 2 - Open the html file in a browser on an offline computer. For this, I use an Ubuntu or Linux Mint live DVD with my laptop's wifi disabled and nothing plugged into the ethernet port. Follow the instructions on the page to generate a paper wallet. 2a - (optional) If you don't trust your computer to generate random numbers, get some dice and follow the instructions to generate them (in the "print front" page on bitcoinpaperwallet, "wallet details" page on bitaddress). The bitcoinpaperwallet page also tells you how to use a deck of cards, but I personally trust a good set of casino dice a lot more than my own card shuffling ability. 2b - (optional) You can BIP38 encrypt your private keys. Choose a strong passphrase that you'll be able to remember. 3 - Print your wallet. Cut and fold as appropriate. 3a - (optional) Laminate your wallet. You won't be able to write on it with a pen, but it'll be protected from fading and water damage. 3b - (optional) Print it on Teslin, it'll be waterproof as soon as the ink dries, no need to laminate. Reboot and enjoy. As far as I can tell, you won't be able to provide your own entropy on the "paper wallet" page of bitaddress.org but you can always print the "wallet details" page. edit: Always make sure you save a copy of the wallet generator you used, especially if you BIP38 encrypted your keys. You want to make sure you can decrypt those in the future, plus you'll always have a copy of the paper wallet generator if you want to make more wallets. If you use BIP38, it doesn't hurt to create a "throwaway" wallet just for the purpose of sending a small amount to it and sending that money right back to your hot wallet.. just to make sure you can it works before you trust it with larger amounts of money. Sending back to your hot wallet is easy with Electrum, GreenAddress, Blockchain and probably quite a few other desktop and online wallets.. just sweep the private key (decrypt it first if you used BIP38). Thanks. I'm adding information on rolling dice to create paper wallets in my guide. And I previously used Ubuntu/Offline/Offline printer to create a paper wallet with the zipped files from bitcoinpaperwallet's site. I also found this website on dice-rolling: http://www.swansontec.com/bitcoin-dice.html |
|
|
|
|
ebliever (OP)
Legendary
Offline
Activity: 1708
Merit: 1035
|
|
March 16, 2015, 08:24:02 PM |
|
http://www.coindesk.com/bitgo-update-expands-security-controls-for-consumers/Multi-sig for individual users with BitGo. While regular folks may be slow to adopt it, I predict 2015 will see a marked drop in BTC losses among companies/exchanges/organizations as they migrate to multi-sig. Couldn't happen too soon; an exchange I used up until a few weeks ago (Allcrypt) just announced their BTC wallet was emptied over the weekend. That's eerie because that's the 2nd time I've left an exchange shortly before it collapsed (Mintpal). And for that matter, I was able to profit in the chaos surrounding Cryptorush's end as well (lost $20 when it shut down, but profited several times that amount in the final day as people struggled to extract funds.)
|
Luke 12:15-21
Ephesians 2:8-9
|
|
|
CreationLayer
Member
Offline
Activity: 101
Merit: 10
|
|
March 17, 2015, 12:52:00 AM
Last edit: March 17, 2015, 01:04:38 AM by CreationLayer |
|
http://www.coindesk.com/bitgo-update-expands-security-controls-for-consumers/Multi-sig for individual users with BitGo. While regular folks may be slow to adopt it, I predict 2015 will see a marked drop in BTC losses among companies/exchanges/organizations as they migrate to multi-sig. Couldn't happen too soon; an exchange I used up until a few weeks ago (Allcrypt) just announced their BTC wallet was emptied over the weekend. That's eerie because that's the 2nd time I've left an exchange shortly before it collapsed (Mintpal). And for that matter, I was able to profit in the chaos surrounding Cryptorush's end as well (lost $20 when it shut down, but profited several times that amount in the final day as people struggled to extract funds.) There should be a more secure 2fa on withdrawals and account activity for platforms. Phishing and other issues will result in a lot of users getting hacked potentially even with insurance, it costs the business significant amounts. Google 2fa/sms/authy are all text based and generated on a time seed which is vulnerable to multiple attack vectors, any time you use a text based 2fa it's like typing a private key in. I wish more exchanges would use clef... public/private key crypto with anti-phishing. http://sakurity.com/blog/2015/03/15/authy_bypass.html/ Anyways, multi-sig should really be ubiquitous and I still don't understand why companies choose to keep all funds in one "hot wallet". It costs almost nothing to split funds amongst multiple wallets, and have distributed multi-sig keys. Sorry to hear you lost funds, I think this mass incompetence of putting all eggs in one basket with one key is ridiculous. The main issue is that waiting for a withdrawal on an exchange is annoying and makes users worry. Without this mass hot wallet with direct access from the platform means wallets have to be cycled and requires more complex architecture. Simply put the small players don't have the staff or development to protect customers in the same manner, a wallet provider adding this feature is per user, and separate while an exchange is one wallet or a few wallets for everyone  |
|
|
|
|
