Topic: . - page 3. (Read 64536 times)

The LiveCD laptop is still more secure against keylogging malware. I feel like entering your password on an everyday, internet connected machine is scary. It would be cool if you could plug a keyboard straight into the ironkey.

buy this for ~$70 depending on retailer
https://www.ironkey.com/basic

keep wallet.dat savings in a truecrypt container on it. ironkeys have a mouse keyboard you can use to defeat keyloggers to open your truecrypt file. brute force and even physical attack on ironkeys is pointless they self delete after 10 tries or from physical tampering

to remember a giant password that you don't want to have to write down for security risk, or you don't trust Bruce Schneier's twofish encrypyted Password Safe for whatever reasons then grab a dvd/book and use parts of it to make the password.

Example:

Grab your copy of Battletoads lying around and use the UPC and first sentence to make a pass: http://www.sega-mag.com/jeux/cover/Megadrive/Battletoads-Megadrive-EUR.jpg

alternate shift + caps

9&4#6%6!0^4&WtEdQkYbBaTbPa,ItTgRM,AtGe!
39 char pass you'll never forget as long as battletoads doesn't get thrown out

Yes, with the Dead Man's Switch You can program in several layers of transfer. After 30 days, the money could go to your close family. After a year, it could go to some website you sign up for that will specialize in determining your identity in more conventional ways and give the money back to you or your next of kin. Or you could make it go to some favorite charity. You could also have it go to a miner, but I'm not sure what the point is. I guess if a lot of people did this it would bring bitcoin transaction fees down.

One last thing to remember is that when the money finally disappears, it makes every other bitcoin user a bit richer, exactly the opposite of inflation. So in a sense, even then it's not completely lost to the world.

Vladimir said: Amnesia could be a very expensive illness in bitcoin land, take care. You've been warned!

This got me thinking. We all die and suffer accidents in ways that often stretch our imagination to envisage. It has always been thus. Today we still occasionally find roman coins hidden by people who through bad luck or bad planning or a bit of both were unable to retrieve their fortunes (See 1) the story of a find of a crock of roman gold coins that weighed 25 stone, or (2) the moving story of a family on the run from the Nazis who burried their fortune in a London house that was bombed and then found 50 years later.

The point is this can NEVER happen with bitcoin. In some ways its a good thing, undoubtedly this removes the incentive for someone to "arrange"an accident for me. But it also seems sad and in a way deficient that while a store of value manufactured in roman times, still serves as exactly that now, even though we do no know who it belonged to, and that a store of value from WW2 was returned successfully to the descendants of the person who hid it, this cannot happen with bitcoin. Could it be that after say 100 years a lost coin is returned to something like a mining pool?  Is there any other way to return or re-mint lost bitcoins?

1) http://www.dailymail.co.uk/sciencetech/article-1292990/Chef-Dave-Crisp-discovers-largest-hoard-Roman-coins-Somerset-field.html
2) http://www.bbc.co.uk/news/uk-england-london-13128903

This may be a stupid question, but if the wallet file just contains a private key, would it be possible to simply write the key down on a piece of paper and then take a magnet to your hard drive if you're paranoid about your security already being compromised? Obviously you'd need to be very sure not to lose that piece of paper, but this would give you time to set up a truly secure system.

I had some "fun" trying to import a key to my workstation that was exported from my dedicated offline savings laptop. It didn't go very well.

In the end I decided for now that the savings laptop is probably enough. It's a little old laptop with a clean debian installation, no outward-open services except the bitcoin client, and it connects to the net through a NAT. I only connect it when I need to make a withdrawal. I decrypt the wallet and start bitcoin to xfer coins out, and then re-encrypt it, copy off the backup, and shred the original before shutting it down.

It's not ideal but it's far more functional than the totally-offline setup I had going. IMO it's very very unlikely that laptop is or will be compromised. I look forward to better key-management tools. Maybe it's time for a bounty?

John, I've been reading up on your threads -- great stuff! I like the idea of some tools being integrated into bitcoin itself, because it makes that part more authoritative (lots of people looking at it, good maintenance schedule).

I think you could get some really good security combining some of these ideas. For small checking accounts, you'd just use the standard Bitcoin client, probably on an encrypted volume, with backups. For large savings accounts:

1. Never use the standard Bitcoin client -- it connects to the Internet.
2. All sensitive work is done on an offline, LiveCD box. (See https://www.privacy-cd.org/)
3. The LiveCD has a command line tool that generates a new wallet with as many accounts as you want.
4. It requests a pass phrase, generates the wallet, and spits out the account codes in plain text. Signs all this stuff.
5. The pass phrase isn't stored anywhere, it's just used to encrypt the wallet and then forgotten. You can test that you entered the pass phrase correctly by attempting to decrypt the wallet on the LiveCD box. (This "verify" step should be a standard feature of the tool. It lets you feel safe that you can transfer money to the account.)
6. Copy the signed package to a USB drive and then to your regular computer and upload it all over the place.
7. Now transfer lots of bitcoins to one or all of the new addresses in the usual way.
8. To spend, use another tool on the internet computer to download the minimum amount of data needed to sign the transfer. This could be part of the standard client.
9. Export another signed package to the USB drive. Insert USB in the LiveCD box.
10. On the LiveCD box, run a transaction tool. It will ask you for an amount to transfer, recipient address to send to (or maybe let you choose from the original batch you generated), and your pass phrase. It will then write a certified transaction package to the USB drive.
11. On the internet box, use yet another tool to send in the transaction to bitcoin. This could also be part of the standard client.
12. Monitor with an online app, or another tool, or both.

This sounds like a ton of steps, but a lot of them are being done inside the tools and transparent to the user. They're all just a matter of moving a USB disk around and running a few commands. They've been thoroughly tested and they reassure you by acknowledging that you have the right pass phrase and that all your data has been checked for integrity. Ultimately, they could be consolidated into the standard client on the internet box, and an offline gui on the LiveCD box. This is also nothing new, I'm mostly paraphrasing John's previous steps, but it helps me organize it for myself and hopefully others.

1. We don't have to worry much about keyloggers or malware on the LiveCD box because: A. How would they get there? B. How would they send the intercepted data out? We still have to worry about physical keyloggers, but that's a threat most people don't have to worry about, and there are physical ways to handle that. Eventually there could be dedicated devices instead of the LiveCD box.

2. Make sure your pass phrase is really strong.

3. The biggest remaining danger is that you forget your pass phrase. I think the dead man's switch is a good way to approach this. You might have to do the whole USB shuffle once a month, but it would be great if this were built into the tools. You could even have your bitcoins sent to some online trusted entity after a year of no activity, as a final backstop.

See also:

Deterministic wallet
John's vaporware approach
Private key and wallet import/export
Private key import

Agreed.  I personally have put only a fraction of 1% of my BTC into the keys that I generated with my homegrown script, cited earlier in the thread.  I would put more in, but I first want to prove I can get the BTC out, which will require another round of vaporware to condense.  Even if successful, I will want to test successfully about 100 times to become confident that it doesn't sometimes fail.  Some more vaporware might help: transaction validation code extracted from a popular client.  And even then, to store a lot of wealth, I would probably distribute it among several addresses.


My genkey.py is open-source, though not well tested as far as I know.  Are you thinking of a friendly front end for the key generator, plus an offline transaction signer and a patch to allow the official client (or BitcoinJ) to import and broadcast the transaction?  I plan to do this eventually (minus the friendly front end).  I might be encouraged to hurry up for some BTC.

There are some solid solutions in this thread, which are especially relevant to people who have tens of thousands of dollars in bitcoins. The problem is that executing the steps is hugely dangerous in itself. If you're paranoid about your computer being infected with keylogging malware that will send off your wallet pass phrase to a thief, you should be even more paranoid that you're screwing up one of the steps, or that there's a tiny bug in your vaporware. Unless you're a well known target, the chances of you screwing up are probably vastly higher than somebody remotely paying attention to everything you do on your computer.

Personally, I'd much rather use a simple but fully functional open source tool, that's successfully being used by thousands of people and is open to public scrutiny, than any homegrown scripts and protocols. I just don't trust myself enough. Can we get an open source project like this going? I'd be willing to put in a bounty.

Does your wallet contain your life savings or just pocket change? It's up the individual to assess how important it is... how would you feel about losing it?

I think anyone with more than just a bit of pocket change should be paranoid about their wallet.dat.

Actually, even if you only have 0.01 btc... can you really say for sure how much USD that's going to be worth in a year or two?

How likely is it that someone who's using Ubuntu, looks at porn in firefox, and frequently saves image files (of teh girlies, obv), but doesn't download anything else or visit any really shady sites (cp, snuff, terrorist sites, etc.) has a compromised system? Should I be worried about losing my wallet and taking steps immediately, or am I being paranoid?

Password card? What? Limiting all possible passwords to only hundreds combinations to test?

Sorry, no. Password card is bad tool.

Great, thanks for the reply.  Between liveCD and the blockexplorer, I think I'm set.  Although liveCD (like bartPE, no?) is probably not 100% bulletproof either, but it adds a satisfactory level of obfuscation.

In what environment do I create the wallet?  Inside of liveCD?  Surely not in Windows, at least not a windows account that has or will ever see the interweb.  Can I run the bitcoin client and generate my savings wallet inside of liveCD?

Thanks.

There are different solutions to this. One of the most simple would be to copy your addresses somewhere and check them on blockexplorer or another similar site to see what the balance is. That way you don't have to run the client and don't risk losing your coins.

Another solution would be to store your wallet on an usb drive (with or without truecrypt), and only access it from a livecd environment.

A third solution could be a combination of both: have two wallets, one with your savings, safely stored away and handled with great care, and another wallet with much less in it, that isn't that much of a risk to lose.

Of course I believe CIA is stronger then PRC Government

password of WinRAR is not secure at all, don't use it!

if you are using symbol on keyboard to be the WinRAR password, The Government of PR.China is able to crack it in several seconds, the have a rainbow table for it, I was notified that couples of year ago, when I study in collage, on teacher is working for Government as a developer, he told me that.

Remember !

Don't use WinRAR to crypt your data anymore!

I'm not sure I understand the solution here.  This might be a bit long, so maybe it should be moved to it's own thread, but it seems relevant.

Disclosure: I am Noob.  Please correct me with anything I misunderstand; I am NOT here to dictate my vision of reality.  The only thing keeping me from having bitcoins right now is wallet security.

I see two security issues:
1) Loss of wallet by catastrophe (machine failure, localized sinkhole, terrorist bombing of my house, etc)
Lets strike issue '1' off the list.  It seems clear to me that a secure, encrypted backup stored in a variety of places is an obvious solution to machine failure.

Which leaves us with:
2) Loss of wallet contents due to theft of private key (trojans, keyloggers, posting private key on the bathroom stall, etc...)

My understanding of TrueCrypt is that it simply but securely locks a volume.  Which is great for backups, but once the password is entered, and the user has access to the volume, doesn't the computer and any peeping-toms also have access to the volume?  Key question here; if not, then my points are moot, but if so, all it takes is a couple milliseconds on a dirty computer viewing your savings account for a patient 'trojan' (or whatever you smart hacker people use) to nab the key, no?  And to me, I assume all computers are dirty all the time, since you can never really know.

Is it just impossible to completely secure the wallet?  Is it just an accepted risk that checking your savings is a window of attack, and should be done rarely, only when necessary, and only from a virgin system?  Should I assume that I can only check my savings account after reinstalling a new system?  Would that even be enough to guarantee security?

Thanks,
Paranoid Believer

I just use Wuala. Got a free 10GB account when I bought a lacie external disk ^^

Being new I will tell you, it's very overwhelming. However I need to figure something out because I've been at this for a mere five days and have already been robbed. I made the mistake of using slush's service and didn't realize the user id and password needed to be separate from my site login credentials.

Someone used my worker's public login credentials for the site login and changed the wallet address and the payout threshold to .01 and cleaned me out!

Pathetic. Some lurker out there is probably watching for new users who continually make this mistake and steal from them. I guess in the open source world people do expect things for free. I do realize thought that there's a bad apple in every crowd. I'm just pissed.

Is there anything at all I can do with the wallet address they forgot to change? 

for those with poor memory
you still need to rember a color and row or something.

http://www.passwordcard.org/