Pages:
Author

Topic: . - page 2. (Read 64536 times)

legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
June 04, 2012, 11:00:34 PM
#85
@etotheipi

The offline computer can have an offline antivirus, anti-malware, anti-rootkit software installed. It is updated by virus definition files offline through the USB. Serial cables (as in the RS232?) are non-existent on modern computers and you can consider them obsolete.

Personally, I don't have enough bitcoins to justify an offline computer for the purpose of cold storage, and I think I know relatively enough about malware to prevent it from affecting my daily computer usage despite not having installed anti-virus software (they slow down my computer so much that I notice it.)

Your software is interesting though and I might just download and try it out.

@fivemileshigh

That's almost how I do it. I generated some key pairs and they're backed up on paper and encrypted and rar'd with recovery records, and then protected from damage. I haven't actually printed them out to paper but will do it soon.

A piece of paper, printed using a dot-matrix impact printer (because laser toner sticks and inkjets smudge), optionally laminated, stored in a folder or envelope, in a safe is cheaper than a used mini laptop / netbook.

I'm actually looking for a decent font to print out my private keys and so far I've come up with Courier, Consolas and Lucida (fax / mono). I prefer monospaced font for this purpose.
full member
Activity: 136
Merit: 100
June 04, 2012, 04:01:42 PM
#84
How do you guys feel about bitaddress.org paper wallets for offline storage? Pdf's backed up as physical paper in a secure location and as a file on an encrypted disk image on email/dropbox/various usb sticks (25+ char. pwd)?
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
June 04, 2012, 12:49:32 PM
#83
I made a pretty comprehensive tutorial for using cold storage in Armory:  Using Offline Wallets in Armory

Get an old laptop, and it's 7 steps to get setup.  Then 7-8 steps to actually execute a transaction.  But of course, this is all with a pleasant graphical user interface with directions shown along the way, so the steps are a lot easier than the alternatives! 

Offline wallets/cold storage is exactly what inspired me to make Armory in the first place! 

The only potential point of failure is USB viruses.  And those viruses would have to be highly-targeted:  your private keys never touch any computer that will ever touch the internet.  So a USB virus would have to be fully automated and exploit autorun vulnerabilities to even have a chance.  In the future, I will support serial cables to close this tiny little gap, for the super-paranoid.

legendary
Activity: 1176
Merit: 1011
June 04, 2012, 12:02:28 PM
#82
You should try Wuala.com. ( it also accept Bitcoin as payment: http://www.wuala.com/bitcoin )
It has many features like Dropbox, but it also include a local encryption before the upload Wink
I only just discovered about this Wuala thing, but this is pretty awesome!

Looking into Wuala right now, didn't try it yet but so far it seems a big improvement over Dropbox:

  • Encrypted locally, which is extremely important for sensitive data (such as your wallet)
  • 5GB instead of 2GB in the free plan (well even 2GB is already WAY more than you need to backup your wallet)
  • Ability to have multiple sync folders on your computer (as opposed to just one global 'Dropbox folder')

Looks pretty nice so far.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
May 31, 2012, 08:43:14 PM
#81
I personally prefer generating a completely random private key / public key pair than using deterministic methods to create / recreate a wallet (or bunch of keys), as there is the risk (no matter how small) of the method to be discovered and the whole wallet compromised.
donator
Activity: 1464
Merit: 1047
I outlived my lifetime membership:)
January 12, 2012, 10:11:50 PM
#80
...or generate an address, write down the private key on paper...destroy the digital copy, put paper somewhere safe. Now your savings address is as safe as it can be from hackers.
sr. member
Activity: 252
Merit: 250
January 11, 2012, 04:28:50 PM
#79
One could also use a USB stick with hardware write protection, boot a Linux distribution and use a Bitcoin client with deterministic wallets. On each boot, you recreate the wallet from the mnemonic code and nothing is ever written to the USB stick. Nothing to backup, nothing to steal for hackers. As long as the system is not hacked while running the Bitcoin client (you should keep it running just enough to do transactions, then shut down), it should be pretty safe.

For example: BitSafe-Electrum - https://bitcointalksearch.org/topic/bitsafe-fork-with-electrum-included-54376

which is made of BitSafe - https://bitcointalksearch.org/topic/opensource-live-usb-os-bitsafe-a-safety-deposit-box-for-your-bitcoins-46916
and Electrum - https://bitcointalksearch.org/topic/announce-electrum-lightweight-bitcoin-client-50936
legendary
Activity: 1764
Merit: 1002
January 11, 2012, 12:50:33 PM
#78
Buy a cheap computer and never let it connect to the internet.
Download bitcoin on another computer and put it on a usb stick.
Install it on the new computer.
Create a wallet on it with 1,000,000 addresses (a big file harder to steal).
Encrypt it.
Copy the wallet back to the usb stick with at least one address for the wallet in a text file.
Trash the new computer (hammer nails through the hard drive and bury the hard drive).
Store the wallet in multiple locations.
Send all bitcoins you own to the address you saved.
Never access you savings wallet ever again.

a better cheaper version of this is to download Ubuntu onto a Live CD.  start up your system off the CD and download Bitcoin and create a wallet.  note down one address and email it to yourself.

copy the wallet.dat over to a few Ironkeys and spread them around town.

shut down Live CD session and all data is wiped from RAM.
legendary
Activity: 980
Merit: 1008
January 11, 2012, 11:01:28 AM
#77
^ That would work. But as soon as you connect to the internet, your bootable USB stick might be compromised.
newbie
Activity: 46
Merit: 0
January 10, 2012, 07:48:03 PM
#76
What about putting the wallet on a Truecrypt protected bootable USB stick that only has Bitcoin stuff on it and is only used for Bitcoin.  Then there would be no possibility of keyloggers or other background processes spying out your password.

I tried to set up a USB stick like this last year but was unsuccessful, but if somebody who knows what they are doing could do this and upload the image, it would surely make many people feel more secure.
hero member
Activity: 955
Merit: 1002
October 02, 2011, 12:17:13 PM
#75
Buy a cheap computer and never let it connect to the internet.
Download bitcoin on another computer and put it on a usb stick.
Install it on the new computer.
Create a wallet on it with 1,000,000 addresses (a big file harder to steal).
Encrypt it.
Copy the wallet back to the usb stick with at least one address for the wallet in a text file.
Trash the new computer (hammer nails through the hard drive and bury the hard drive).
Store the wallet in multiple locations.
Send all bitcoins you own to the address you saved.
Never access you savings wallet ever again.
sr. member
Activity: 350
Merit: 250
October 01, 2011, 05:54:50 PM
#74
Anybody trademark cryptocoin yet?
legendary
Activity: 1050
Merit: 1000
October 01, 2011, 11:49:08 AM
#73
Bitcoin isnt worth anything now its been trademarked by a lawyer.
take your sites down before it's too late!!
legendary
Activity: 980
Merit: 1008
October 01, 2011, 11:46:12 AM
#72
^ The market seems to disagree you with.
hero member
Activity: 686
Merit: 500
Wat
October 01, 2011, 10:52:37 AM
#71
Bitcoin isnt worth anything now its been trademarked by a lawyer.
legendary
Activity: 980
Merit: 1008
October 01, 2011, 10:37:06 AM
#70
I see. I think I'm going for Truecrypt, also because it's had some years for people to find holes in its encryption implementation, while the Bitcoin client's implementation is fairly new.
hero member
Activity: 991
Merit: 1011
September 29, 2011, 10:55:32 AM
#69
the wallet encryption only protects the private keys, so an attacker cannot spend your coins. he can, however, see the balance in your wallet and on each individual address. so if thats an issue for you, you might use truecrypt in addition to the wallet encryption. truecrypt cannot protect a wallet thats in use, so for a regularly running bitcoin client the clients wallet encryption is still the best solution.
legendary
Activity: 980
Merit: 1008
September 29, 2011, 06:40:32 AM
#68
I was about to fire up a live Ubuntu USB with Truecrypt as this guide suggest, when I realized that the new client (0.4) that I'm going to run on the USB Live disk, already has the ability to encrypt my wallet.
Is there any reason to encrypt the wallet using Truecrypt when the client itself supports it?
legendary
Activity: 873
Merit: 1000
June 27, 2011, 03:05:31 AM
#67
I hadn't understood where plausible deniability was important.  Then I read:
  TrueCrypt User Held in Contempt of Court
http://forums.truecrypt.org/viewtopic.php?t=23969
http://news.ycombinator.com/item?id=2693599
member
Activity: 115
Merit: 11
I like long walks on the beach, shaving my head...
June 10, 2011, 03:35:28 PM
#66
This is essentially how I use my normal wallet! With that said, I wonder how many people just getting into Bitcoin would be overwhelmed just by steps 1-4.

Exactly! What does THIS mean?
4  create a truecrypt disk with image stored on this USB drive so that all bitcoin files and datadir and
therefore wallet.dat are on this truecrypt disk and make a .bat or .sh file which starts bitcoin client from this USB drive.

I now see that the wallet is one of the weakest aspects of bitcoin so far. This is going to continue causing misery for so many!
Pages:
Jump to: