I still can't see how you might get my long random password which I never exposed to an online computer (just generated while running offline in a Live environment and printed out to a paper with a non-smart printer) by following me on Facebook.
Good luck with that. I rarely post anything meaningful.
This is why I am concerned if I need to periodically refill the keypool manually.
It would look like shutting down the node, copying the wallet.dat, booting up an offline PC, refilling the keypool after scanning a QR code with a webcam, copying the wallet.dat back, restarting the daemon...
I personally am not much of a hacker (black hat at least), but I know/talk to people who are, and you are their favorite type of victim. So confident they are secure that it makes it so easy to get an attack in right under their nose because they are absolutely convinced they are invincible.
I'm not saying it would be easy, or that it even would work on you, that is up to a million factors, a non-negligible one of which is pure chance, but if a good, determined hacker wants to RAT your computer and they know a fair amount about you, it is going to happen. If I have access to a server you own, assuming the hosting company has your real contact information, I am going to have your address within a few days from *most* companies, if I wasn't able to already have it through other means. And if I have your address, and as I said, determined enough, most consumer routers have vulnerabilities in them, especially if you don't have the latest firmware. So once I've compromised your router, it is a matter of time watching your traffic until I find something I can exploit, and boom, RAT'ed.
But even more so, as you said, you printed it off. Maybe I'll just break into your house and look around when you're at work.
(By I in the above I mean a nefarious hacker, which I personally am not.)
1.) For $700, most of what I said is not realistic, but for $2000, $5000, $10,000? You bet your ass it is to some people.
2.) You might think everything I just said is ludacris, but I can assure you, it happens, a lot more often than you would think if you didn't have knowledge of it.
About the keypool, if the node is already running, why would you need to refill the keypool offline, all you would have to do is login to the node and run "./darkcoind keypoolrefill" and then backup the latest wallet. Realistically you could setup a cron script to do it that would be just as secure as doing it manually. (if someone got access to the server, they have the wallet, them finding out you encrypted it with a key and then pushed it into a S3 bucket named "wedding_photos.zip" (bonus points if you made the archive actually contain wedding photos which would fool *most* hackers if they got their hands on it) wouldn't matter, they would be able to download it straight from the server)
