My own security: Dedicated netbook with only minimum needed software (KUbuntu 13.04, electrum deps and electrum), Only connected to secure wifi when needed to send funds. Plus a paper backup of the private key.
If I don't need to spend I use bitcoinmonitor.net so I get notified of divs and such.
Topic: ASICMminer shares secure storage plan? (Read 1225 times)
I don't think I understand what "signing" is and how it is different from encryption?
Also, if I know my private key(have in cold storage), and have this address live on a client( lets say Electrum, pw encrypted) wallet file- if my computer explodes, will I be able to take that same private key(given to me by electrum, which I wrote down by hand and put in cold storage) and continue, import to Electrum on another computer, and resume activities? Do you think this method will work for the purposes described?
If so, I would consider this reasonably secure, since in order for me to lose the funds, BOTH of the following would have to occur 1) Location of cold storage physically damaged AND 2) computer is stolen/destroyed/pw somehow stolen(But I use professional pw generator, and Keyscrambler, so this risk is very much minimized I think, except for in the case of malware taking screenshots)
Also, if I know my private key(have in cold storage), and have this address live on a client( lets say Electrum, pw encrypted) wallet file- if my computer explodes, will I be able to take that same private key(given to me by electrum, which I wrote down by hand and put in cold storage) and continue, import to Electrum on another computer, and resume activities? Do you think this method will work for the purposes described?
If so, I would consider this reasonably secure, since in order for me to lose the funds, BOTH of the following would have to occur 1) Location of cold storage physically damaged AND 2) computer is stolen/destroyed/pw somehow stolen(But I use professional pw generator, and Keyscrambler, so this risk is very much minimized I think, except for in the case of malware taking screenshots)
Setup Armory an a cheap second computer and have an offline signing computer. Import the private key from the cold wallet and as long as your backed up you should be safe.
This has the added benefit of letting you sign messages and makes reinvesting the dividends much easier.
This has the added benefit of letting you sign messages and makes reinvesting the dividends much easier.
So, I’ve recently invested a sum of money in ASICMINER direct shares. So far, I have all of these shares on one paper wallet address, which I have in secure cold storage. I realize I probably should have divided my shares among several wallets, but hindsight is 20/20. Because of the security issue, I want to avoid redeeming the private key, unless I do it once and then quickly resend to new cold storage, or something equally secure. I’m deathly afraid of any “change address” issues, as I will somehow F that up and lose a ton of $.
Should I just have Friedcat transfer/divide my direct shares amongst a few wallet addresses which I have in cold storage? Will he do it? Then I can redeem smaller amounts at a time.
Maybe I can get around this by using software to manage multiple private keys. I need something more user friendly than QT at this point, for which I couldn’t figure out how to import/export a private key. Whatever it is must be as low risk as possible. I’ve been wanting to use Armory but it requires 6 MB of RAM which I don’t have.
I could see myself importing my one wallet with all the ASICminer shares to a secure client, but not sure which one to use…Also, when a wallet is imported from cold storage to a client, does that somehow move your funds to a new private key???
Part of me says "just wait 6 months and some software will come out which makes this a no-brainer", but I need to know how to take care of this securely given the current limitations. I can't afford to take any chances on this one.
So a lot of people have given you complicated advice. One thing to bear in mind. Any share transfers are managed by Friedcat. If someone did a fraudulent share transfer, you should be able to raise it with Friedcat. (You could also say to Friedcat, please don't accept any share transfer requests from me unless they are signed by my wallet and from XYZ email address.) Please also bear in mind if you have contact info on file friedcat won't transfer your shares without contacting you. (Or at least you being cc'ed on the request to transfer.)
IE: I'd use a hot wallet, that can sign messages, to register the shares and receive the divs, and then regularly sweep any dividends into one or more cold wallets.
-helixone
Cool answers but you guys are really going down the rabbit hole here.
For me personally, my memory is shit. I'll consider this an advantage since no one can torture me for the key. My secure cold storage is already great, it's the issue of getting some(but not all) of the funds out of those wallets out as safely as possible. I saw some poster's recommend Electrum? Is that good for importing/managing/encrypting multiple wallet keys?
Also, in my post I also asked if importing ever "changes" the private key?
For me personally, my memory is shit. I'll consider this an advantage since no one can torture me for the key. My secure cold storage is already great, it's the issue of getting some(but not all) of the funds out of those wallets out as safely as possible. I saw some poster's recommend Electrum? Is that good for importing/managing/encrypting multiple wallet keys?
Also, in my post I also asked if importing ever "changes" the private key?
Use a deterministic wallet like Electrum, burn seed phrase into brain, don't worry about storage or backups ever again.
If you have a bad memory write the seed on a piece of paper, write random letters on the back of the paper behind each word (so not ABCDEFGH.. etc but e.g. BRQKEGHW.. etc). Then take a different peice of paper and write on it the numbers 1 to 12, then the letter which belongs to each word behind it (so 1 B 2 R 3Q 4K 5E 6G 7H 8W etc). Put this paper in an envelope. The cut up the first paper making sure that each word has its associated word on the flipside. Then stuff the pieces in a second envelope.
Then write your name on both envelopes and give each to a friend or relative you trust really well and ask them to keep it safe for you and don't open the envelopes. If either of them opens it it will make no sense to them. Don't tell them that you gave another envelope to the other person and don't mention Bitcoin.
To be sure you can repeat it with another pair of friends so that if one of them loses the envelope you still have a backup. And maybe a third or even fourth pair to be sure.
It work be best if these are trusted friends or family of you but they don't know each other.
This is NOT what I use to store my private keys, it's just an idea.
I think such cypher can be easily broken, Pretty confident that I can do so.
The idea is to leave them with people you really trust. And not mention Bitcoin. Of course you could divide the 12 words in to 4 groups of 3 and give them to 4 people and divide up the combination into four groups as well. But that makes it more likely you will lose the whole set. You might lose contact with them, get into a big argument with them, they could become sick or die, they could lose the envelope, the dog might eat it, etc. The more people are involved the more likely it is.
No system is perfect. But offline storage generally is better than online.
Use a deterministic wallet like Electrum, burn seed phrase into brain, don't worry about storage or backups ever again.
If you have a bad memory write the seed on a piece of paper, write random letters on the back of the paper behind each word (so not ABCDEFGH.. etc but e.g. BRQKEGHW.. etc). Then take a different peice of paper and write on it the numbers 1 to 12, then the letter which belongs to each word behind it (so 1 B 2 R 3Q 4K 5E 6G 7H 8W etc). Put this paper in an envelope. The cut up the first paper making sure that each word has its associated word on the flipside. Then stuff the pieces in a second envelope.
Then write your name on both envelopes and give each to a friend or relative you trust really well and ask them to keep it safe for you and don't open the envelopes. If either of them opens it it will make no sense to them. Don't tell them that you gave another envelope to the other person and don't mention Bitcoin.
To be sure you can repeat it with another pair of friends so that if one of them loses the envelope you still have a backup. And maybe a third or even fourth pair to be sure.
It work be best if these are trusted friends or family of you but they don't know each other.
This is NOT what I use to store my private keys, it's just an idea.
I think such cypher can be easily broken, Pretty confident that I can do so.
Use a deterministic wallet like Electrum, burn seed phrase into brain, don't worry about storage or backups ever again.
If you have a bad memory write the seed on a piece of paper, write random letters on the back of the paper behind each word (so not ABCDEFGH.. etc but e.g. BRQKEGHW.. etc). Then take a different peice of paper and write on it the numbers 1 to 12, then the letter which belongs to each word behind it (so 1 B 2 R 3Q 4K 5E 6G 7H 8W etc). Put this paper in an envelope. The cut up the first paper making sure that each word has its associated word on the flipside. Then stuff the pieces in a second envelope.
Then write your name on both envelopes and give each to a friend or relative you trust really well and ask them to keep it safe for you and don't open the envelopes. If either of them opens it it will make no sense to them. Don't tell them that you gave another envelope to the other person and don't mention Bitcoin.
To be sure you can repeat it with another pair of friends so that if one of them loses the envelope you still have a backup. And maybe a third or even fourth pair to be sure.
It work be best if these are trusted friends or family of you but they don't know each other.
This is NOT what I use to store my private keys, it's just an idea.
Use a deterministic wallet like Electrum, burn seed phrase into brain, don't worry about storage or backups ever again.
amnesia?
In that case no worries about anything.
Use a deterministic wallet like Electrum, burn seed phrase into brain, don't worry about storage or backups ever again.
amnesia?
Use a deterministic wallet like Electrum, burn seed phrase into brain, don't worry about storage or backups ever again.
So, I’ve recently invested a sum of money in ASICMINER direct shares. So far, I have all of these shares on one paper wallet address, which I have in secure cold storage. I realize I probably should have divided my shares among several wallets, but hindsight is 20/20. Because of the security issue, I want to avoid redeeming the private key, unless I do it once and then quickly resend to new cold storage, or something equally secure. I’m deathly afraid of any “change address” issues, as I will somehow F that up and lose a ton of $.
Should I just have Friedcat transfer/divide my direct shares amongst a few wallet addresses which I have in cold storage? Will he do it? Then I can redeem smaller amounts at a time.
Maybe I can get around this by using software to manage multiple private keys. I need something more user friendly than QT at this point, for which I couldn’t figure out how to import/export a private key. Whatever it is must be as low risk as possible. I’ve been wanting to use Armory but it requires 6 MB of RAM which I don’t have.
I could see myself importing my one wallet with all the ASICminer shares to a secure client, but not sure which one to use…Also, when a wallet is imported from cold storage to a client, does that somehow move your funds to a new private key???
Part of me says "just wait 6 months and some software will come out which makes this a no-brainer", but I need to know how to take care of this securely given the current limitations. I can't afford to take any chances on this one.
Jump to: