Author

Topic: Best way how to prevent BTC wallet from hackers (Read 4749 times)

sr. member
Activity: 294
Merit: 250
November 21, 2014, 11:26:28 PM
#54
Replace Microsoft Windows with GNU/Linux.
I recommend Tails, then make sure to dedicate the sole purpose of that machine to your wallet and NOTHING else.

Tails is excellent. It does all connections through Tor unless you click on the clearnet browser (correct me if I'm wrong) and great for accessing an electrum wallet using just your seed written down on paper. It even wipes your RAM on shutdown so that no trace of your transactions can be recovered. Every time you boot it starts from scratch (no wallet.dat file or any history left lurking) and doesn't touch your hard disk unless you tell it to through the file manager. It has everything you need for a quick online transmission to the Blockchain and then reboot without a trace.

It gets updated regularly (about once a month) to ensure any security flaws are dealt with and there's a BTC donation address on their home page. If you have a spare $20 worth of BTC to donate I'd recommend you sent them some BTC to keep this gem of an OS going. I've donated in the past and will do again.

It's a little bit slow booting from USB but worth it. Better still, install it on a lockable SD card and flick the switch to 'lock' mode so that you're doubly sure that nothing is altered. Then when a new version comes out unlock your SD and install it before locking it again. Sweet!
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
You could look into buying a Trezor. Very secure wallets but they're a little pricey. ($120 IIRC)

What is a Trezor? I've been seeing posts about it lately but I don't know what it is. Is it a kind of an electronic gadget or something? I also saw a post earlier about this Trezor keychains? Correct me if I'm wrong but are they being used as a keychain also? If so, then it's an interesting item! Cheesy

Paper wallets are a poor mans trezor, I recommend buying a trezor.
Trezor wallets are overkill for people storing 1-10BTC. A trezor cost $119 while a paper wallet cost a few cents yet providing excellent security. If someone wants put 10BTC in a trezor, the person would have to invest ~33% of their BTC just to secure their coins. If they use a paper wallet, it would be less than 0.1% of their 1BTC. They just need a offline wallet and a open sourced wallet generator. No hackers can get your private key if you create the paper wallet on a fresh offline Linux USB drive. To prevent people with physical access to steal your BTC, encrypt the wallet with BIP38 encryption with a strong password. A paper wallet can also be water resistance if you laminate it and make a couple more copies and place them in different geographical locations to prevent fire damage too.
sr. member
Activity: 274
Merit: 250
You could look into buying a Trezor. Very secure wallets but they're a little pricey. ($120 IIRC)

What is a Trezor? I've been seeing posts about it lately but I don't know what it is. Is it a kind of an electronic gadget or something? I also saw a post earlier about this Trezor keychains? Correct me if I'm wrong but are they being used as a keychain also? If so, then it's an interesting item! Cheesy

Paper wallets are a poor mans trezor, I recommend buying a trezor.
full member
Activity: 182
Merit: 100
You could look into buying a Trezor. Very secure wallets but they're a little pricey. ($120 IIRC)

What is a Trezor? I've been seeing posts about it lately but I don't know what it is. Is it a kind of an electronic gadget or something? I also saw a post earlier about this Trezor keychains? Correct me if I'm wrong but are they being used as a keychain also? If so, then it's an interesting item! Cheesy

Trezor is a Bitcoin Hardware wallet which offers great security to your funds in the wallet. Trezor and a paper wallet are the safest ways to prevent hackers to take away the funds.
legendary
Activity: 3542
Merit: 1352
Cashback 15%
You could look into buying a Trezor. Very secure wallets but they're a little pricey. ($120 IIRC)

What is a Trezor? I've been seeing posts about it lately but I don't know what it is. Is it a kind of an electronic gadget or something? I also saw a post earlier about this Trezor keychains? Correct me if I'm wrong but are they being used as a keychain also? If so, then it's an interesting item! Cheesy
legendary
Activity: 3542
Merit: 1352
Cashback 15%
To prevent hackers from stealing you precious coins, try putting the majority of it in a cold storage that isn't connected to the internet. A hard drive or a USB may help you in doing this. Also, try printing those in a paper wallet and have multiple copies of it. Laminate them and keep it in a nice and secure place that you could think of. That is the best and cheapest method in keeping your wallets safe and secure.
legendary
Activity: 1694
Merit: 1024
You could look into buying a Trezor. Very secure wallets but they're a little pricey. ($120 IIRC)

OR buy BTChip. Its like trezor but the hardware protection is low and there is no screen but still it is very good and cheap.

   ~~MZ~~
Interesting, haven't heard of the BTChip before. I'll have to look into it, seems like a great alternative to the Trezor after a few looks at it.
sr. member
Activity: 274
Merit: 250
Paper wallets FTW!
cheapest method ever, always keep a laminated copy just in case.
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
You could look into buying a Trezor. Very secure wallets but they're a little pricey. ($120 IIRC)

OR buy BTChip. Its like trezor but the hardware protection is low and there is no screen but still it is very good and cheap.

   ~~MZ~~
legendary
Activity: 1694
Merit: 1024
You could look into buying a Trezor. Very secure wallets but they're a little pricey. ($120 IIRC)
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
Use Electrum. Install one in an offline computer and then write down the Master Public key and then install Electrum in an online computer and  choose watch-only mode and enter the Master Public Key. If you want to send BTC, create a raw transaction and then use a qrcode generator and copy-paste the raw tx in it and generate a qr code and scan it with your mobile and copy-paste it and create a document. Now connect your mobile and copy-paste the raw tx to electrum and sign it. Then, copy-paste the signed raw tx to the document. Now you can copy-paste the raw tx and push it through online services like Blockchain.info, Eligius, webbtc.com or Btc.Blockr.io .

   ~~MZ~~
hero member
Activity: 882
Merit: 500
Where am I?
Cold storage in a nice fireproof safe is the way to go.
legendary
Activity: 4228
Merit: 1313
You should use Desktop Wallets.It is safer than online wallets. Because it can store your Bitcoins on your computer’s hard drive instead of on the internet.

Bad advice.  Look up cold storage here, if you have any significant number of coins, storing them on your computer or on the internet (e.g. "the cloud") is a bad idea.
newbie
Activity: 56
Merit: 0
Cols storage or VirtualBox without access to the Internet is the best option in my opinion.
full member
Activity: 158
Merit: 100
Thanks a lot guys, some vibes of trust coming my way from your contributions. Not really paranoid...just not
into catching a bad experience that would push me away from this.

I've got unlimited data usage for my Blackberry 10 (grandfathered) I was lucky I didn't make the original contract
a business designation but as a consumer. Apparently they've phased out free unlimited data on business phones.

So I'm curious, how many gigs would my phone require to be able to take advantage of doing all of this on my phone?
I trust it more than my windows. My phone uses a gmail address as they discontinued @blackberry.com when I upgraded.
I'm wondering if it's all doable using around 10-20 gigs (need some for daily use but I could probably get by allowing 20 gigs
dedicated for BTC usage) what would be a more secure email provider than gmail? I'm guessing there's something better
available for my needs.

Again, thanks for the info, I'll work on my due diligence before deciding which is best for me.

fdyl
     
sr. member
Activity: 387
Merit: 250
Cold storage that shit!  Without a doubt
legendary
Activity: 3472
Merit: 10611
look into cold storage. i use Electrum so i will explain how to do so in electrum.
the official site: https://electrum.org/
offline transactions: https://electrum.org/tutorials.html#offline-mpk

basically you create the transaction on an offline, safe pc and then move it to an online pcto send out
legendary
Activity: 1008
Merit: 1001
Let the chips fall where they may.

Thanks for the helpful reply phillipsjk. I'd read about inscribing in 2 pieces of metal and stashing them in different locals and that does seem to be likely the safest way. I don't intend on purchasing bitcoin until I know how best to protect them.

The advantage of paper is that it is cheap and fast. You would only want to only inscribe Hierarchical Deterministic wallet seeds on metal.

Quote
I'm inclined to use my BlackBerry to purchase locally but I feel that's just as bad as using my computer. I'm ready to pull the trigger and start accumulating but the more I read the more I'm confused about how not to get scammed between transacting with a temporary wallet to my paper or metal wallet.

A trusted link or two on how to best go about this would be greatly appreciated. I live in Canada and prefer to achieve anonymity, as far acquiring and holding is concerned.

Thanks in advance,

fdyl  

You can send directly to the metal or paper; no need to temporarily store it somewhere else. The hard part would be transcribing the Bitcoin address and then generating a QR code (if needed).

If you have a relatively modern machine, Bitcoin Armory should be good. It supports "watch only" wallets, as well as multi-signature addresses. It relies on Bitcoin core to interact with the network.

Bitcoin.org has a very good Choose your Bitcoin wallet page.
hero member
Activity: 525
Merit: 500
Everyday I see at least one person complaining of losing their money. To be 100% safe I'd recommend booting from a live linux cd or usb everytime you want to use your coins. I'd say the vast majority of coins stolen are taken from windows computers after they've had a keylogger or some other virus installed.
full member
Activity: 158
Merit: 100
Well if your that paranoid use the paper wallet or brain wallet.

I searched the term brain wallet and all I got was this from LibertyOrDeath. Can someone explain how I can create one,
or several?

I expect a self coded encrypted personal phrase that only a head injury or dementia could erase is the
point?

If a little knowledge is dangerous, then even less is reason enough for paranoia.  



Brian wallets are very risky because people hopelessly underestimate the entropy of their pass-phrase.

The most secure way to store Bitcoins is with paper wallets (or something longer lasting like nickel or stainless steel) generated off-line. You should either make two copies and store them in separate locations, or create a multi-signature script/transaction such you need m of n pieces to authorize the transaction (and store those in n locations).

I saw a comment up-thread the some measures such as this may be considered over-kill. Last year around this time the price of Bitcoin went up 1000% in a month or so. If the price of Bitcoin spikes to something like $400,000 per coin, suddenly "use an anti-virus" is going to start looking seriously inadequate for protecting your 5mBTC (now worth $2000).

Bitcoin is game-changing in that it now makes previously impractical attacks profitable. I believe it is only a matter of time before a major software vendor pushes a wallet stealer in a software update. The only way to keep your Bitcoin savings safe is to keep them away from your network-connected machine in the first place.


Thanks for the helpful reply phillipsjk. I'd read about inscribing in 2 pieces of metal and stashing them in different locals and that does seem to be likely the safest way. I don't intend on purchasing bitcoin until I know how best to protect them.

I'm inclined to use my BlackBerry to purchase locally but I feel that's just as bad as using my computer. I'm ready to pull the trigger and start accumulating but the more I read the more I'm confused about how not to get scammed between transacting with a temporary wallet to my paper or metal wallet.

A trusted link or two on how to best go about this would be greatly appreciated. I live in Canada and prefer to achieve anonymity, as far acquiring and holding is concerned.

Thanks in advance,

fdyl 
legendary
Activity: 1008
Merit: 1001
Let the chips fall where they may.
Well if your that paranoid use the paper wallet or brain wallet.

I searched the term brain wallet and all I got was this from LibertyOrDeath. Can someone explain how I can create one,
or several?

I expect a self coded encrypted personal phrase that only a head injury or dementia could erase is the
point?

If a little knowledge is dangerous, then even less is reason enough for paranoia.  



Brian wallets are very risky because people hopelessly underestimate the entropy of their pass-phrase.

The most secure way to store Bitcoins is with paper wallets (or something longer lasting like nickel or stainless steel) generated off-line. You should either make two copies and store them in separate locations, or create a multi-signature script/transaction such you need m of n pieces to authorize the transaction (and store those in n locations).

I saw a comment up-thread the some measures such as this may be considered over-kill. Last year around this time the price of Bitcoin went up 1000% in a month or so. If the price of Bitcoin spikes to something like $400,000 per coin, suddenly "use an anti-virus" is going to start looking seriously inadequate for protecting your 5mBTC (now worth $2000).

Bitcoin is game-changing in that it now makes previously impractical attacks profitable. I believe it is only a matter of time before a major software vendor pushes a wallet stealer in a software update. The only way to keep your Bitcoin savings safe is to keep them away from your network-connected machine in the first place.
full member
Activity: 158
Merit: 100
Well if your that paranoid use the paper wallet or brain wallet.

I searched the term brain wallet and all I got was this from LibertyOrDeath. Can someone explain how I can create one,
or several?

I expect a self coded encrypted personal phrase that only a head injury or dementia could erase is the
point?

If a little knowledge is dangerous, then even less is reason enough for paranoia. 

legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
Just shift the coins you not going to use to cold storage or paper wallets ^Smile^
If a hacker goes through all the trouble to hack a wallet with a few Satoshi's, he is poor, and you should tip him with it.
I always leave some unprotected wallets on my computer, with a few Satoshi's, if it get's emptied, I know I have a hacker lurking and I react accordingly. ^Laugh^
sr. member
Activity: 306
Merit: 250
What is meant by "air gap"?

It means the computer signing the transactions (computer with the keys) is never connected to the internet or any other computers. It is 'air gapped' between the computer broadcasting the transaction.

This gap is bridged by various methods, some use usb drives, some mentioned usb cameras and qr codes, so the computer with the keys cannot be hacked from internet.
I don't think it is a very good idea to use USB drives to "bridge" the air gap as you could theoretically bring maleware to your cold storage computer which could potentially get your cold storage computer to sign a TX sending your bitcoin to an address that is not yours
This is a very good point. This is why using QR codes is probably the best way to get your TXs signed when dealing with your cold storage. You never want to have any hardware touch both your "hot" computer and your cold storage computer
legendary
Activity: 1638
Merit: 1010
https://www.bitcoin.com/
Don't download anything that your not sure is 100% safe.
Always use 2fa to open wallet and when sending ANY amount of BTC.
Only keep what you can afford to lose on your mobile (hot wallet)
Have a good strong password.
And i shouldn't have to say this but don't store your password on your email or dropbox ect.
hero member
Activity: 661
Merit: 502
I think you need to have a good antivirus program

Account in human error and any protection suite is useless. I don't think you have to go above and beyond to look after your wallet. Simply security practices such as not downloading random files, keeping your programs up to date and encrypting your wallet with a strong password should be more than enough.
member
Activity: 98
Merit: 10
I think you need to have a good antivirus program
hero member
Activity: 784
Merit: 500
What is meant by "air gap"?

It means the computer signing the transactions (computer with the keys) is never connected to the internet or any other computers. It is 'air gapped' between the computer broadcasting the transaction.

This gap is bridged by various methods, some use usb drives, some mentioned usb cameras and qr codes, so the computer with the keys cannot be hacked from internet.
I don't think it is a very good idea to use USB drives to "bridge" the air gap as you could theoretically bring maleware to your cold storage computer which could potentially get your cold storage computer to sign a TX sending your bitcoin to an address that is not yours
full member
Activity: 154
Merit: 100
Either use multisignature address or you can create a paper wallet that's two most secure ways.
sr. member
Activity: 252
Merit: 251
Knowledge its everything
Use Secure Linux distribution with enchanted network security & use great bitcoin wallet app (Bitcoin Core)
And encrypt your wallet.dat with cryptography security & long password

And you mustn't have a single address only with a lot of bitcoin in that address
full member
Activity: 140
Merit: 100
Well if your that paranoid use the paper wallet or brain wallet.
member
Activity: 77
Merit: 10
Don't need to overkill, getting hacked should  be very rare, just need the basic security programs and common sense not to go to suspicious sites or downloads, use virtual box or sandboxes for that
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Is not download any soft or file from file uploading sites or E mails ? Grin
What do you guys think ?

Anti-virus.
Anti-virus softwares aren't 100% foolproof. Anti-viruses cannot detect every single computer malware that exist in the world. There are plenty of FUD viruses which have signatures not recorded in the Anti virus database. Anti-virus may not always identify the virus you download. The best way is to avoid downloading shady stuffs and keep a cold storage or at least enable 2FA features on the sites you use.
sr. member
Activity: 406
Merit: 250
AltoCenter.com
Seal it in your paper wallet or tattoo your cold storage password in your Butt  Wink Cheesy Tongue
legendary
Activity: 3038
Merit: 1032
RIP Mommy
The most important is use 2FA Google authenticator!
Yes, let google rule the world! Let hem decide to have yourself access to all your wealth!

2FA is perfect, but not when it's dependent on a centralized entity.
What if they decided to block 2FA one day?

Google doesn't have access to shit. I run https://github.com/gbraad/html5-google-authenticator airgapped to get my TOTP tokens.
legendary
Activity: 1722
Merit: 1000
There are many ways to protect yourself. I'd keep your coins offline in some way, but also only use a dedicated computer for your bitcoin transactions or like others have suggested use linux or ubuntu.

I do something like this but with a harddrive.  The one has never been online.

sr. member
Activity: 406
Merit: 250
I simply use a paper wallet. I have the skills to do the air gap and dedicated machine with the wallet but paper storage is much simpler. I do keep a little on hand in my desktop for day to day stuff.
hero member
Activity: 588
Merit: 500
Cold storage is the best option.
hero member
Activity: 672
Merit: 500
What is meant by "air gap"?

It means the computer signing the transactions (computer with the keys) is never connected to the internet or any other computers. It is 'air gapped' between the computer broadcasting the transaction.

This gap is bridged by various methods, some use usb drives, some mentioned usb cameras and qr codes, so the computer with the keys cannot be hacked from internet.
full member
Activity: 532
Merit: 100
What is meant by "air gap"?
hero member
Activity: 672
Merit: 500
There is no best way for everyone. You can use a dedicated computer for bitcoin for a start. Do not do anything on it except sending bitcoin. No web browsing, no unnecessary software and no usb drives. Use only reliable internet connection and not free wifi. You can think about more advanced air gap methods later on.
legendary
Activity: 2730
Merit: 1068
Juicin' crypto
Thanks for the good info here so far guys, any other things to make note of??
legendary
Activity: 1022
Merit: 1008
Delusional crypto obsessionist
The most important is use 2FA Google authenticator!
Yes, let google rule the world! Let hem decide to have yourself access to all your wealth!

2FA is perfect, but not when it's dependent on a centralized entity.
What if they decided to block 2FA one day?
legendary
Activity: 950
Merit: 1000
Only put a few bitcoin in your hot wallet  for spending. Never open links provided by strangers or from other unknown apps. Install antivirus software to avoid keylogger, trojan horse, virus etc.
full member
Activity: 182
Merit: 100
Is not download any soft or file from file uploading sites or E mails ? Grin
What do you guys think ?

two computers,one used  as Cold storage,one uses to download block data.
member
Activity: 68
Merit: 10
There are many ways to protect yourself. I'd keep your coins offline in some way, but also only use a dedicated computer for your bitcoin transactions or like others have suggested use linux or ubuntu.
sr. member
Activity: 259
Merit: 250
Is not download any soft or file from file uploading sites or E mails ? Grin
What do you guys think ?

Anti-virus.
sr. member
Activity: 378
Merit: 250
Replace Microsoft Windows with GNU/Linux.
I recommend Tails, then make sure to dedicate the sole purpose of that machine to your wallet and NOTHING else.
member
Activity: 63
Merit: 10
Replace Microsoft Windows with GNU/Linux.

This is good advice. I only use my bitcoins when I boot from a live ubuntu operating system so it's clean everytime. It's too easy to get viruses and crap on a windows machine.
legendary
Activity: 2282
Merit: 1050
Monero Core Team
Replace Microsoft Windows with GNU/Linux.
full member
Activity: 151
Merit: 100
The most important is use 2FA Google authenticator!
I have experience using 2FA in blockchain.info using the system via Message Phone and my btc still could be stolen, even though I put the computer itself, and used personally. And there is no any suspicious software that could steal my btc.
2FA is really not going to help you very much. I assume that you would be using blockchain.info if you are suggesting to use 2FA. If this is the case then you would still be vulnerable to attacks to your computer any time that you log in.

You need to use a computer that has never been connected to the internet to create the private keys and then use blockchain.info to 'watch' the addresses that you create. Anytime that you want to send money you should use a clean USB drive to sign the TX and push the TX with your computer.
hero member
Activity: 686
Merit: 500
fb.com/Bitky.shop | Bitcoin Merch!Premium Quality!
The most important is use 2FA Google authenticator!
I have experience using 2FA in blockchain.info using the system via Message Phone and my btc still could be stolen, even though I put the computer itself, and used personally. And there is no any suspicious software that could steal my btc.
sr. member
Activity: 378
Merit: 250
Insert second password to make payment and use VIRTUAL KEYBOARD ! Then, insert 2FA authentication (Google authenticator can help you) or you can confirm payment with a message on your phone ! Be careful about keylogger, it is so much dangerous !
hero member
Activity: 658
Merit: 500
Is not download any soft or file from file uploading sites or E mails ? Grin
What do you guys think ?
Jump to: