. | Bitcointalksearch.org

Aneelal

newbie

Activity: 14

Merit: 0

Quote from: Rludd on December 06, 2017, 11:29:37 AM

Quote from: Bamel on December 06, 2017, 11:29:12 AM

Quote from: Amial on December 06, 2017, 11:28:40 AM

Quote from: Usine on December 06, 2017, 11:27:59 AM

Quote from: Renr on December 06, 2017, 11:27:41 AM

Quote from: Stianyd on December 06, 2017, 11:27:16 AM

Secure against what? Against random hackers trying to steal your coins, they are pretty solid. Against malware that compromises your PC, they are designed to be highly resistant. Against disassembly and hardware hacking of the device, possibly not so much. Against rubber hose cryptography, not at all. They also can't prevent you from sending your coins to an address given on a spoof email or web page (although fiat bank accounts aren't immune to that either). You also need to think carefully about writing down the device seed and then keeping it secure; if someone can steal the seed they don't need the device.
(Actually the Trezor, and possibly other devices, do have a defense against rubber hose cryptography: you can have an arbitrary number of secret passwords with other wallets behind them, and the attacker has no way of knowing if you have revealed all of them. But then maybe they just keep on beating you to be sure)

To a point. I would worry about plugging that thing in 10 years from now and it doesnt work.
I run a VM on my desktop that contains my desktop wallets. The VM is backed up to multiple sources both local and in the cloud. that way if the VM or my desktop crash, I can always just get a new computer, install HyperV, and import the VM from backup.

They are more secure than any other option that you have readily available right now.

I'm skeptical. I had a Ledger HW wallet which I used to hold coin while traveling.
I initialized on my phone using mycelium, wrote down the seed excluding 5 words, and carried the seed in a notebook I always had with me (the seed was written in the middle of other normal writing).
2 months go, the entire wallet was swept. I lost most of my savings. I have no idea how this happened.
I'm moving towards multisig solutions.

Could the 5 remaining words have been found by brute-forcing? Brute-forcing 12 words isn't feasible, but 5 is way easier, considering this is exponential. (assuming phone compromission)
But that would be a targeted attack (which could be possible, you're the one that could know if this should be in your treat model)

Of course not. Nothing is 100% secure. But it's more secure than everything else at least for now.

I've got a pretty big bounty that says that they are...

Rludd

newbie

Activity: 28

Merit: 0

Quote from: Bamel on December 06, 2017, 11:29:12 AM

Quote from: Amial on December 06, 2017, 11:28:40 AM

Quote from: Usine on December 06, 2017, 11:27:59 AM

Quote from: Renr on December 06, 2017, 11:27:41 AM

Quote from: Stianyd on December 06, 2017, 11:27:16 AM

Secure against what? Against random hackers trying to steal your coins, they are pretty solid. Against malware that compromises your PC, they are designed to be highly resistant. Against disassembly and hardware hacking of the device, possibly not so much. Against rubber hose cryptography, not at all. They also can't prevent you from sending your coins to an address given on a spoof email or web page (although fiat bank accounts aren't immune to that either). You also need to think carefully about writing down the device seed and then keeping it secure; if someone can steal the seed they don't need the device.
(Actually the Trezor, and possibly other devices, do have a defense against rubber hose cryptography: you can have an arbitrary number of secret passwords with other wallets behind them, and the attacker has no way of knowing if you have revealed all of them. But then maybe they just keep on beating you to be sure)

To a point. I would worry about plugging that thing in 10 years from now and it doesnt work.
I run a VM on my desktop that contains my desktop wallets. The VM is backed up to multiple sources both local and in the cloud. that way if the VM or my desktop crash, I can always just get a new computer, install HyperV, and import the VM from backup.

They are more secure than any other option that you have readily available right now.

I'm skeptical. I had a Ledger HW wallet which I used to hold coin while traveling.
I initialized on my phone using mycelium, wrote down the seed excluding 5 words, and carried the seed in a notebook I always had with me (the seed was written in the middle of other normal writing).
2 months go, the entire wallet was swept. I lost most of my savings. I have no idea how this happened.
I'm moving towards multisig solutions.

Could the 5 remaining words have been found by brute-forcing? Brute-forcing 12 words isn't feasible, but 5 is way easier, considering this is exponential. (assuming phone compromission)
But that would be a targeted attack (which could be possible, you're the one that could know if this should be in your treat model)

Of course not. Nothing is 100% secure. But it's more secure than everything else at least for now.

Bamel

newbie

Activity: 28

Merit: 0

Quote from: Amial on December 06, 2017, 11:28:40 AM

Quote from: Usine on December 06, 2017, 11:27:59 AM

Quote from: Renr on December 06, 2017, 11:27:41 AM

Quote from: Stianyd on December 06, 2017, 11:27:16 AM

Secure against what? Against random hackers trying to steal your coins, they are pretty solid. Against malware that compromises your PC, they are designed to be highly resistant. Against disassembly and hardware hacking of the device, possibly not so much. Against rubber hose cryptography, not at all. They also can't prevent you from sending your coins to an address given on a spoof email or web page (although fiat bank accounts aren't immune to that either). You also need to think carefully about writing down the device seed and then keeping it secure; if someone can steal the seed they don't need the device.
(Actually the Trezor, and possibly other devices, do have a defense against rubber hose cryptography: you can have an arbitrary number of secret passwords with other wallets behind them, and the attacker has no way of knowing if you have revealed all of them. But then maybe they just keep on beating you to be sure)

To a point. I would worry about plugging that thing in 10 years from now and it doesnt work.
I run a VM on my desktop that contains my desktop wallets. The VM is backed up to multiple sources both local and in the cloud. that way if the VM or my desktop crash, I can always just get a new computer, install HyperV, and import the VM from backup.

They are more secure than any other option that you have readily available right now.

I'm skeptical. I had a Ledger HW wallet which I used to hold coin while traveling.
I initialized on my phone using mycelium, wrote down the seed excluding 5 words, and carried the seed in a notebook I always had with me (the seed was written in the middle of other normal writing).
2 months go, the entire wallet was swept. I lost most of my savings. I have no idea how this happened.
I'm moving towards multisig solutions.

Could the 5 remaining words have been found by brute-forcing? Brute-forcing 12 words isn't feasible, but 5 is way easier, considering this is exponential. (assuming phone compromission)
But that would be a targeted attack (which could be possible, you're the one that could know if this should be in your treat model)

Amial

newbie

Activity: 28

Merit: 0

Quote from: Usine on December 06, 2017, 11:27:59 AM

Quote from: Renr on December 06, 2017, 11:27:41 AM

Quote from: Stianyd on December 06, 2017, 11:27:16 AM

Secure against what? Against random hackers trying to steal your coins, they are pretty solid. Against malware that compromises your PC, they are designed to be highly resistant. Against disassembly and hardware hacking of the device, possibly not so much. Against rubber hose cryptography, not at all. They also can't prevent you from sending your coins to an address given on a spoof email or web page (although fiat bank accounts aren't immune to that either). You also need to think carefully about writing down the device seed and then keeping it secure; if someone can steal the seed they don't need the device.
(Actually the Trezor, and possibly other devices, do have a defense against rubber hose cryptography: you can have an arbitrary number of secret passwords with other wallets behind them, and the attacker has no way of knowing if you have revealed all of them. But then maybe they just keep on beating you to be sure)

To a point. I would worry about plugging that thing in 10 years from now and it doesnt work.
I run a VM on my desktop that contains my desktop wallets. The VM is backed up to multiple sources both local and in the cloud. that way if the VM or my desktop crash, I can always just get a new computer, install HyperV, and import the VM from backup.

They are more secure than any other option that you have readily available right now.

I'm skeptical. I had a Ledger HW wallet which I used to hold coin while traveling.
I initialized on my phone using mycelium, wrote down the seed excluding 5 words, and carried the seed in a notebook I always had with me (the seed was written in the middle of other normal writing).
2 months go, the entire wallet was swept. I lost most of my savings. I have no idea how this happened.
I'm moving towards multisig solutions.

Kesecer

newbie

Activity: 28

Merit: 0

Quote from: Usine on December 06, 2017, 11:27:59 AM

Quote from: Renr on December 06, 2017, 11:27:41 AM

Quote from: Stianyd on December 06, 2017, 11:27:16 AM

Secure against what? Against random hackers trying to steal your coins, they are pretty solid. Against malware that compromises your PC, they are designed to be highly resistant. Against disassembly and hardware hacking of the device, possibly not so much. Against rubber hose cryptography, not at all. They also can't prevent you from sending your coins to an address given on a spoof email or web page (although fiat bank accounts aren't immune to that either). You also need to think carefully about writing down the device seed and then keeping it secure; if someone can steal the seed they don't need the device.
(Actually the Trezor, and possibly other devices, do have a defense against rubber hose cryptography: you can have an arbitrary number of secret passwords with other wallets behind them, and the attacker has no way of knowing if you have revealed all of them. But then maybe they just keep on beating you to be sure)

To a point. I would worry about plugging that thing in 10 years from now and it doesnt work.
I run a VM on my desktop that contains my desktop wallets. The VM is backed up to multiple sources both local and in the cloud. that way if the VM or my desktop crash, I can always just get a new computer, install HyperV, and import the VM from backup.

They are more secure than any other option that you have readily available right now.

Compared to what? Your phone? Or your shitty windows box? Fuck yea. Are they 100% secure. Maybe.

Usine

newbie

Activity: 28

Merit: 0

Quote from: Renr on December 06, 2017, 11:27:41 AM

Quote from: Stianyd on December 06, 2017, 11:27:16 AM

Secure against what? Against random hackers trying to steal your coins, they are pretty solid. Against malware that compromises your PC, they are designed to be highly resistant. Against disassembly and hardware hacking of the device, possibly not so much. Against rubber hose cryptography, not at all. They also can't prevent you from sending your coins to an address given on a spoof email or web page (although fiat bank accounts aren't immune to that either). You also need to think carefully about writing down the device seed and then keeping it secure; if someone can steal the seed they don't need the device.
(Actually the Trezor, and possibly other devices, do have a defense against rubber hose cryptography: you can have an arbitrary number of secret passwords with other wallets behind them, and the attacker has no way of knowing if you have revealed all of them. But then maybe they just keep on beating you to be sure)

To a point. I would worry about plugging that thing in 10 years from now and it doesnt work.
I run a VM on my desktop that contains my desktop wallets. The VM is backed up to multiple sources both local and in the cloud. that way if the VM or my desktop crash, I can always just get a new computer, install HyperV, and import the VM from backup.

They are more secure than any other option that you have readily available right now.

Renr

newbie

Activity: 28

Merit: 0

Quote from: Stianyd on December 06, 2017, 11:27:16 AM

Secure against what? Against random hackers trying to steal your coins, they are pretty solid. Against malware that compromises your PC, they are designed to be highly resistant. Against disassembly and hardware hacking of the device, possibly not so much. Against rubber hose cryptography, not at all. They also can't prevent you from sending your coins to an address given on a spoof email or web page (although fiat bank accounts aren't immune to that either). You also need to think carefully about writing down the device seed and then keeping it secure; if someone can steal the seed they don't need the device.
(Actually the Trezor, and possibly other devices, do have a defense against rubber hose cryptography: you can have an arbitrary number of secret passwords with other wallets behind them, and the attacker has no way of knowing if you have revealed all of them. But then maybe they just keep on beating you to be sure)

To a point. I would worry about plugging that thing in 10 years from now and it doesnt work.
I run a VM on my desktop that contains my desktop wallets. The VM is backed up to multiple sources both local and in the cloud. that way if the VM or my desktop crash, I can always just get a new computer, install HyperV, and import the VM from backup.

Stianyd

newbie

Activity: 14

Merit: 0

Secure against what? Against random hackers trying to steal your coins, they are pretty solid. Against malware that compromises your PC, they are designed to be highly resistant. Against disassembly and hardware hacking of the device, possibly not so much. Against rubber hose cryptography, not at all. They also can't prevent you from sending your coins to an address given on a spoof email or web page (although fiat bank accounts aren't immune to that either). You also need to think carefully about writing down the device seed and then keeping it secure; if someone can steal the seed they don't need the device.
(Actually the Trezor, and possibly other devices, do have a defense against rubber hose cryptography: you can have an arbitrary number of secret passwords with other wallets behind them, and the attacker has no way of knowing if you have revealed all of them. But then maybe they just keep on beating you to be sure)

Aneelal

newbie

Activity: 14

Merit: 0

Quote from: Usine on December 06, 2017, 11:21:40 AM

Quote from: Renr on December 06, 2017, 11:21:13 AM

Quote from: Aneelal on December 06, 2017, 11:00:44 AM

Not paying attention to where you send the btc.
not backing up your shit
backing up your shit and storing the backup improperly (or in the open or near flames)
not secure enough pin
not keeping your btc secret

No. The most glaring defect of hardware wallets is the presence of the physical device itself, which identifies you as an owner of bitcoins. It's like painting a bullseye on your back. How can you answer “What bitcoins, sir?” to the customs officer, when he's looking right at your Trezor or Ledger device? Or to your nosy neighbor? Or to the random house guest?
Use an online/offline software wallet with freely-available, open source code. Never put your keys on a network-connected machine. Sign all your transactions offline. Memorize your seed mnemonic. That way, wherever you go, your bitcoins go with you. Invisibly, without leaving any physical trace.
Once you've arrived at your new location, buy a Raspberry Pi and an SD card and download and install the wallet software on it for use as a signing machine. Sign transactions using your mnemonic, so your seed is never stored on any physical medium. Run a full node with a watch-only wallet for broadcasting transactions and tracking your balances.
Difficult? Yes, but true security is always difficult. All the “easy” solutions involve relinquishing control to some trusted third party, and reliance on third parties is exactly what Bitcoin was created to free us from.

I am not a big fan of having to keep the master seed of hardware wallets stored. Even if you keep it somewhere safe, someone can still get to it and have access to your funds. So this is my setup: *1) Live-usb ubuntu, network disconnected. *2) Generate addresses using bitcoin paper wallet downloaded offline site, printing PDFs. *3) Save these PDF on an encripted container using veracrypt, with a very strong password. This encripted file you can store safely online on google drive or something. *4) Split your BTC across some addresses, thinking of how you'll use them. Keep the public addresses handy. *5) When you want to use it, just boot ubuntu again, open the PDF, and use a mobile phone wallet like Mycelium to import the private key using QR Code. *6) Spend the amount needed and send the remaining amount to a new paper wallet and don't use the old one anymore.
Edit: never type the veracrypt password anywhere but the ubuntu live cd and dont store it online.

"Bitcoins? Oh, you must mean my U2F device. That's for two factor authentication."

Rludd

newbie

Activity: 28

Merit: 0

Quote from: Bamel on December 06, 2017, 11:22:48 AM

Quote from: Amial on December 06, 2017, 11:22:25 AM

Quote from: Kesecer on December 06, 2017, 11:22:02 AM

Quote from: Usine on December 06, 2017, 11:21:40 AM

Quote from: Renr on December 06, 2017, 11:21:13 AM

Quote from: Aneelal on December 06, 2017, 11:00:44 AM

Not paying attention to where you send the btc.
not backing up your shit
backing up your shit and storing the backup improperly (or in the open or near flames)
not secure enough pin
not keeping your btc secret

No. The most glaring defect of hardware wallets is the presence of the physical device itself, which identifies you as an owner of bitcoins. It's like painting a bullseye on your back. How can you answer “What bitcoins, sir?” to the customs officer, when he's looking right at your Trezor or Ledger device? Or to your nosy neighbor? Or to the random house guest?
Use an online/offline software wallet with freely-available, open source code. Never put your keys on a network-connected machine. Sign all your transactions offline. Memorize your seed mnemonic. That way, wherever you go, your bitcoins go with you. Invisibly, without leaving any physical trace.
Once you've arrived at your new location, buy a Raspberry Pi and an SD card and download and install the wallet software on it for use as a signing machine. Sign transactions using your mnemonic, so your seed is never stored on any physical medium. Run a full node with a watch-only wallet for broadcasting transactions and tracking your balances.
Difficult? Yes, but true security is always difficult. All the “easy” solutions involve relinquishing control to some trusted third party, and reliance on third parties is exactly what Bitcoin was created to free us from.

I am not a big fan of having to keep the master seed of hardware wallets stored. Even if you keep it somewhere safe, someone can still get to it and have access to your funds. So this is my setup: *1) Live-usb ubuntu, network disconnected. *2) Generate addresses using bitcoin paper wallet downloaded offline site, printing PDFs. *3) Save these PDF on an encripted container using veracrypt, with a very strong password. This encripted file you can store safely online on google drive or something. *4) Split your BTC across some addresses, thinking of how you'll use them. Keep the public addresses handy. *5) When you want to use it, just boot ubuntu again, open the PDF, and use a mobile phone wallet like Mycelium to import the private key using QR Code. *6) Spend the amount needed and send the remaining amount to a new paper wallet and don't use the old one anymore.
Edit: never type the veracrypt password anywhere but the ubuntu live cd and dont store it online.

You might find it easier just to memorize your master seed and store it only in your head. The risk of forgetting it is no greater than the risk of forgetting a password. And there's no physical backup to get lost, stolen or hacked.
I use the MMGen wallet and do all my address generation and signing offline using a memorized seed.
https://github.com/mmgen/mmgen

Nope! https://www.wired.com/story/i-forgot-my-pin-an-epic-tale-of-losing-dollar30000-in-bitcoin/

So what happens when you forget your "very strong password"?

You don't forget it, you write it down and store it safely, preferably in two or more places.
You may ask how is this different from the seed for a Trezor/Ledger. Its a password for a file. If you have the password but not the file, you have nothing. This does not happen with seeds from wallets, because they can be used to recover a wallet to a fully operational state.

Bamel

newbie

Activity: 28

Merit: 0

Quote from: Amial on December 06, 2017, 11:22:25 AM

Quote from: Kesecer on December 06, 2017, 11:22:02 AM

Quote from: Usine on December 06, 2017, 11:21:40 AM

Quote from: Renr on December 06, 2017, 11:21:13 AM

Quote from: Aneelal on December 06, 2017, 11:00:44 AM

Not paying attention to where you send the btc.
not backing up your shit
backing up your shit and storing the backup improperly (or in the open or near flames)
not secure enough pin
not keeping your btc secret

No. The most glaring defect of hardware wallets is the presence of the physical device itself, which identifies you as an owner of bitcoins. It's like painting a bullseye on your back. How can you answer “What bitcoins, sir?” to the customs officer, when he's looking right at your Trezor or Ledger device? Or to your nosy neighbor? Or to the random house guest?
Use an online/offline software wallet with freely-available, open source code. Never put your keys on a network-connected machine. Sign all your transactions offline. Memorize your seed mnemonic. That way, wherever you go, your bitcoins go with you. Invisibly, without leaving any physical trace.
Once you've arrived at your new location, buy a Raspberry Pi and an SD card and download and install the wallet software on it for use as a signing machine. Sign transactions using your mnemonic, so your seed is never stored on any physical medium. Run a full node with a watch-only wallet for broadcasting transactions and tracking your balances.
Difficult? Yes, but true security is always difficult. All the “easy” solutions involve relinquishing control to some trusted third party, and reliance on third parties is exactly what Bitcoin was created to free us from.

I am not a big fan of having to keep the master seed of hardware wallets stored. Even if you keep it somewhere safe, someone can still get to it and have access to your funds. So this is my setup: *1) Live-usb ubuntu, network disconnected. *2) Generate addresses using bitcoin paper wallet downloaded offline site, printing PDFs. *3) Save these PDF on an encripted container using veracrypt, with a very strong password. This encripted file you can store safely online on google drive or something. *4) Split your BTC across some addresses, thinking of how you'll use them. Keep the public addresses handy. *5) When you want to use it, just boot ubuntu again, open the PDF, and use a mobile phone wallet like Mycelium to import the private key using QR Code. *6) Spend the amount needed and send the remaining amount to a new paper wallet and don't use the old one anymore.
Edit: never type the veracrypt password anywhere but the ubuntu live cd and dont store it online.

You might find it easier just to memorize your master seed and store it only in your head. The risk of forgetting it is no greater than the risk of forgetting a password. And there's no physical backup to get lost, stolen or hacked.
I use the MMGen wallet and do all my address generation and signing offline using a memorized seed.
https://github.com/mmgen/mmgen

Nope! https://www.wired.com/story/i-forgot-my-pin-an-epic-tale-of-losing-dollar30000-in-bitcoin/

So what happens when you forget your "very strong password"?

Amial

newbie

Activity: 28

Merit: 0

Quote from: Kesecer on December 06, 2017, 11:22:02 AM

Quote from: Usine on December 06, 2017, 11:21:40 AM

Quote from: Renr on December 06, 2017, 11:21:13 AM

Quote from: Aneelal on December 06, 2017, 11:00:44 AM

Not paying attention to where you send the btc.
not backing up your shit
backing up your shit and storing the backup improperly (or in the open or near flames)
not secure enough pin
not keeping your btc secret

No. The most glaring defect of hardware wallets is the presence of the physical device itself, which identifies you as an owner of bitcoins. It's like painting a bullseye on your back. How can you answer “What bitcoins, sir?” to the customs officer, when he's looking right at your Trezor or Ledger device? Or to your nosy neighbor? Or to the random house guest?
Use an online/offline software wallet with freely-available, open source code. Never put your keys on a network-connected machine. Sign all your transactions offline. Memorize your seed mnemonic. That way, wherever you go, your bitcoins go with you. Invisibly, without leaving any physical trace.
Once you've arrived at your new location, buy a Raspberry Pi and an SD card and download and install the wallet software on it for use as a signing machine. Sign transactions using your mnemonic, so your seed is never stored on any physical medium. Run a full node with a watch-only wallet for broadcasting transactions and tracking your balances.
Difficult? Yes, but true security is always difficult. All the “easy” solutions involve relinquishing control to some trusted third party, and reliance on third parties is exactly what Bitcoin was created to free us from.

I am not a big fan of having to keep the master seed of hardware wallets stored. Even if you keep it somewhere safe, someone can still get to it and have access to your funds. So this is my setup: *1) Live-usb ubuntu, network disconnected. *2) Generate addresses using bitcoin paper wallet downloaded offline site, printing PDFs. *3) Save these PDF on an encripted container using veracrypt, with a very strong password. This encripted file you can store safely online on google drive or something. *4) Split your BTC across some addresses, thinking of how you'll use them. Keep the public addresses handy. *5) When you want to use it, just boot ubuntu again, open the PDF, and use a mobile phone wallet like Mycelium to import the private key using QR Code. *6) Spend the amount needed and send the remaining amount to a new paper wallet and don't use the old one anymore.
Edit: never type the veracrypt password anywhere but the ubuntu live cd and dont store it online.

You might find it easier just to memorize your master seed and store it only in your head. The risk of forgetting it is no greater than the risk of forgetting a password. And there's no physical backup to get lost, stolen or hacked.
I use the MMGen wallet and do all my address generation and signing offline using a memorized seed.
https://github.com/mmgen/mmgen

Nope! https://www.wired.com/story/i-forgot-my-pin-an-epic-tale-of-losing-dollar30000-in-bitcoin/

Kesecer

newbie

Activity: 28

Merit: 0

Quote from: Usine on December 06, 2017, 11:21:40 AM

Quote from: Renr on December 06, 2017, 11:21:13 AM

Quote from: Aneelal on December 06, 2017, 11:00:44 AM

Not paying attention to where you send the btc.
not backing up your shit
backing up your shit and storing the backup improperly (or in the open or near flames)
not secure enough pin
not keeping your btc secret

No. The most glaring defect of hardware wallets is the presence of the physical device itself, which identifies you as an owner of bitcoins. It's like painting a bullseye on your back. How can you answer “What bitcoins, sir?” to the customs officer, when he's looking right at your Trezor or Ledger device? Or to your nosy neighbor? Or to the random house guest?
Use an online/offline software wallet with freely-available, open source code. Never put your keys on a network-connected machine. Sign all your transactions offline. Memorize your seed mnemonic. That way, wherever you go, your bitcoins go with you. Invisibly, without leaving any physical trace.
Once you've arrived at your new location, buy a Raspberry Pi and an SD card and download and install the wallet software on it for use as a signing machine. Sign transactions using your mnemonic, so your seed is never stored on any physical medium. Run a full node with a watch-only wallet for broadcasting transactions and tracking your balances.
Difficult? Yes, but true security is always difficult. All the “easy” solutions involve relinquishing control to some trusted third party, and reliance on third parties is exactly what Bitcoin was created to free us from.

I am not a big fan of having to keep the master seed of hardware wallets stored. Even if you keep it somewhere safe, someone can still get to it and have access to your funds. So this is my setup: *1) Live-usb ubuntu, network disconnected. *2) Generate addresses using bitcoin paper wallet downloaded offline site, printing PDFs. *3) Save these PDF on an encripted container using veracrypt, with a very strong password. This encripted file you can store safely online on google drive or something. *4) Split your BTC across some addresses, thinking of how you'll use them. Keep the public addresses handy. *5) When you want to use it, just boot ubuntu again, open the PDF, and use a mobile phone wallet like Mycelium to import the private key using QR Code. *6) Spend the amount needed and send the remaining amount to a new paper wallet and don't use the old one anymore.
Edit: never type the veracrypt password anywhere but the ubuntu live cd and dont store it online.

You might find it easier just to memorize your master seed and store it only in your head. The risk of forgetting it is no greater than the risk of forgetting a password. And there's no physical backup to get lost, stolen or hacked.
I use the MMGen wallet and do all my address generation and signing offline using a memorized seed.
https://github.com/mmgen/mmgen

Usine

newbie

Activity: 28

Merit: 0

Quote from: Renr on December 06, 2017, 11:21:13 AM

Quote from: Aneelal on December 06, 2017, 11:00:44 AM

Not paying attention to where you send the btc.
not backing up your shit
backing up your shit and storing the backup improperly (or in the open or near flames)
not secure enough pin
not keeping your btc secret

No. The most glaring defect of hardware wallets is the presence of the physical device itself, which identifies you as an owner of bitcoins. It's like painting a bullseye on your back. How can you answer “What bitcoins, sir?” to the customs officer, when he's looking right at your Trezor or Ledger device? Or to your nosy neighbor? Or to the random house guest?
Use an online/offline software wallet with freely-available, open source code. Never put your keys on a network-connected machine. Sign all your transactions offline. Memorize your seed mnemonic. That way, wherever you go, your bitcoins go with you. Invisibly, without leaving any physical trace.
Once you've arrived at your new location, buy a Raspberry Pi and an SD card and download and install the wallet software on it for use as a signing machine. Sign transactions using your mnemonic, so your seed is never stored on any physical medium. Run a full node with a watch-only wallet for broadcasting transactions and tracking your balances.
Difficult? Yes, but true security is always difficult. All the “easy” solutions involve relinquishing control to some trusted third party, and reliance on third parties is exactly what Bitcoin was created to free us from.

I am not a big fan of having to keep the master seed of hardware wallets stored. Even if you keep it somewhere safe, someone can still get to it and have access to your funds. So this is my setup: *1) Live-usb ubuntu, network disconnected. *2) Generate addresses using bitcoin paper wallet downloaded offline site, printing PDFs. *3) Save these PDF on an encripted container using veracrypt, with a very strong password. This encripted file you can store safely online on google drive or something. *4) Split your BTC across some addresses, thinking of how you'll use them. Keep the public addresses handy. *5) When you want to use it, just boot ubuntu again, open the PDF, and use a mobile phone wallet like Mycelium to import the private key using QR Code. *6) Spend the amount needed and send the remaining amount to a new paper wallet and don't use the old one anymore.
Edit: never type the veracrypt password anywhere but the ubuntu live cd and dont store it online.

Renr

newbie

Activity: 28

Merit: 0

Quote from: Aneelal on December 06, 2017, 11:00:44 AM

Not paying attention to where you send the btc.
not backing up your shit
backing up your shit and storing the backup improperly (or in the open or near flames)
not secure enough pin
not keeping your btc secret

No. The most glaring defect of hardware wallets is the presence of the physical device itself, which identifies you as an owner of bitcoins. It's like painting a bullseye on your back. How can you answer “What bitcoins, sir?” to the customs officer, when he's looking right at your Trezor or Ledger device? Or to your nosy neighbor? Or to the random house guest?
Use an online/offline software wallet with freely-available, open source code. Never put your keys on a network-connected machine. Sign all your transactions offline. Memorize your seed mnemonic. That way, wherever you go, your bitcoins go with you. Invisibly, without leaving any physical trace.
Once you've arrived at your new location, buy a Raspberry Pi and an SD card and download and install the wallet software on it for use as a signing machine. Sign transactions using your mnemonic, so your seed is never stored on any physical medium. Run a full node with a watch-only wallet for broadcasting transactions and tracking your balances.
Difficult? Yes, but true security is always difficult. All the “easy” solutions involve relinquishing control to some trusted third party, and reliance on third parties is exactly what Bitcoin was created to free us from.

Stianyd

newbie

Activity: 14

Merit: 0

Quote from: Aneelal on December 06, 2017, 11:00:44 AM

Not paying attention to where you send the btc.
not backing up your shit
backing up your shit and storing the backup improperly (or in the open or near flames)
not secure enough pin
not keeping your btc secret

One nice trick I've heard is a malware that changes your copy text, so you copy a destination address, it gets changes but when pasting but you don't notice, and process to securely sign the tx with your hardware wallet.

Giric

newbie

Activity: 14

Merit: 0

Quote from: Stianyd on December 06, 2017, 11:13:39 AM

Quote from: Giric on December 06, 2017, 11:13:08 AM

Quote from: Aneelal on December 06, 2017, 11:00:44 AM

Not paying attention to where you send the btc.
not backing up your shit
backing up your shit and storing the backup improperly (or in the open or near flames)
not secure enough pin
not keeping your btc secret
пocтoяннaя ccылкaembedcoxpaнитьнaчaльный

Not keeping your seed secret (hint split 2 copies of the seed into 3rds and store 2 different 3rds in each of 3 locations)

And don't tell anyone, not your wife, not your boyfriend, not your siblings.... No one!

And also malware (just a malicious browser extension is enough) that changes the addresses that you see in your browser.
It seems pretty difficult to protect against these attacks at a reasonable cost. Any idea? (better that always double-checking on a second device that it dedicated to that. Without much stuff installed on to limit the risks)

Aneelal

newbie

Activity: 14

Merit: 0

Quote from: Stianyd on December 06, 2017, 11:13:39 AM

Quote from: Giric on December 06, 2017, 11:13:08 AM

Quote from: Aneelal on December 06, 2017, 11:00:44 AM

Not paying attention to where you send the btc.
not backing up your shit
backing up your shit and storing the backup improperly (or in the open or near flames)
not secure enough pin
not keeping your btc secret
пocтoяннaя ccылкaembedcoxpaнитьнaчaльный

Not keeping your seed secret (hint split 2 copies of the seed into 3rds and store 2 different 3rds in each of 3 locations)

And don't tell anyone, not your wife, not your boyfriend, not your siblings.... No one!

Sounds like an exciting treasure hunt!

Rludd

newbie

Activity: 28

Merit: 0

Quote from: Bamel on December 06, 2017, 11:16:37 AM

Quote from: Amial on December 06, 2017, 11:16:09 AM

Quote from: Usine on December 06, 2017, 11:14:56 AM

Quote from: Renr on December 06, 2017, 11:14:08 AM

Quote from: Stianyd on December 06, 2017, 11:13:39 AM

Quote from: Giric on December 06, 2017, 11:13:08 AM

Quote from: Aneelal on December 06, 2017, 11:00:44 AM

Not paying attention to where you send the btc.
not backing up your shit
backing up your shit and storing the backup improperly (or in the open or near flames)
not secure enough pin
not keeping your btc secret
пocтoяннaя ccылкaembedcoxpaнитьнaчaльный

Not keeping your seed secret (hint split 2 copies of the seed into 3rds and store 2 different 3rds in each of 3 locations)

And don't tell anyone, not your wife, not your boyfriend, not your siblings.... No one!

So what happens when you die and your total networth is lost on the blockchain?

We all get a little richer

You could have a dead man switch where private keys are only released upon death

Sounds like you have the making of the next overvalued ICO

Except you don't need an ico for that. I'm pretty sure theres email services with dead man switches as features. Just put your clues/instructions for private keys in the email.

Bamel

newbie

Activity: 28

Merit: 0

Quote from: Amial on December 06, 2017, 11:16:09 AM

Quote from: Usine on December 06, 2017, 11:14:56 AM

Quote from: Renr on December 06, 2017, 11:14:08 AM

Quote from: Stianyd on December 06, 2017, 11:13:39 AM

Quote from: Giric on December 06, 2017, 11:13:08 AM

Quote from: Aneelal on December 06, 2017, 11:00:44 AM

Not paying attention to where you send the btc.
not backing up your shit
backing up your shit and storing the backup improperly (or in the open or near flames)
not secure enough pin
not keeping your btc secret
пocтoяннaя ccылкaembedcoxpaнитьнaчaльный

Not keeping your seed secret (hint split 2 copies of the seed into 3rds and store 2 different 3rds in each of 3 locations)

And don't tell anyone, not your wife, not your boyfriend, not your siblings.... No one!

So what happens when you die and your total networth is lost on the blockchain?

We all get a little richer

You could have a dead man switch where private keys are only released upon death

Sounds like you have the making of the next overvalued ICO

Topic: . (Read 3248 times)