Best way to store bitcoins safely without a hardware wallet(ledger,etc)

Captain-Cryptory

newbie

Activity: 23

Merit: 853

Quote from: bob123 on August 06, 2020, 10:52:03 AM

There are additional measures you have to take to properly hide your identity.

Sure, that is truism. A few extra measures have been mentioned in my previous post.

Quote from: Captain-Cryptory on August 06, 2020, 10:10:54 AM

It will suffer if he reuse addresses, if he put his addresses on forums, if he has a single output, a lot of "if" exists.

But the topic of privacy preservation is the vast one and it cannot be covered by 2 - 3 posts on the single forum. That is why I would recommend you to snoop through WEB articles. As to TOR, developers say it helps to hide IP and I’m inclined to believe them.

Quote from: bob123 on August 06, 2020, 10:52:03 AM

And the answer to that is: It depends.
............
But it does nothing for his privacy, no.

LOL, just knocks it down

Captain-Cryptory

newbie

Activity: 23

Merit: 853

Quote from: bob123 on August 06, 2020, 08:09:20 AM

but it mostly depends on the user behavior.

Sure, it depends. If user cut off TOR which is part of Tails his privacy will suffer. It will suffer if he reuse addresses, if he put his addresses on forums, if he has a single output, a lot of "if" exists. In principle, even TOR being turned on might harm if it’s in the hands of incompetent man . But mrkfdr didn't seem that and I guess he understands exactly what I’m saying.

Quote from: bob123 on August 06, 2020, 08:09:20 AM

Using electrum, you already reduce the degree of your privacy by a lot. Installing Tails and believing that this makes you somewhat anonymous, as you are saying, is not true and creates a false sense of anonymity.

Well mrkfdr has installed it and asked the specific questions. I gave the straight up answers. It is not my fault that you got my answers in a wrong way.

Captain-Cryptory

newbie

Activity: 23

Merit: 853

Quote from: mrkfdr on August 05, 2020, 09:55:51 AM

it's not a partial sign,air gap approach , right ?

Yeah, Tails is good for broadcasting TRXs that are already signed because it is capable to hide your identity. For cold wallet which has the ability to sign raw transaction you don't need Tails in fact, any comfortable to you OS (even Windows) on air-gapped device is appropriate.

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: Captain-Cryptory on August 06, 2020, 10:10:54 AM

Sure, it depends. If user cut off TOR which is part of Tails off his privacy will suffer. In principle, even TOR being turned on won’t save if it’s in the hands of incompetent man. But OP didn't seem that and I guess he understands exactly what I’m saying.

"Just" using Tor doesn't make you anonymous at all.
There are additional measures you have to take to properly hide your identity.

It is not as trivial as you have made it sound in your last post:

Quote from: Captain-Cryptory on August 06, 2020, 03:56:25 AM

Yeah, Tails is good for broadcasting TRXs that are already signed because it is capable to hide your identity.

Quote from: Captain-Cryptory on August 06, 2020, 10:10:54 AM

Well mrkfdr has installed it and asked the specific questions. I gave the straight up answers. It is not my fault that you got my answers in a wrong way.

Actually, he never asked about anonymity or hiding his identity. Just whether it makes sense using a bootable USB with Tails.

And the answer to that is: It depends.

It is usable, yes. It is slightly better (in terms of security) than an desktop wallet on his main OS, yes.
But it does nothing for his privacy, no.

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: mrkfdr on August 04, 2020, 03:48:58 PM

Does this makes sense? using Tails with Electrum on a bootable USB to store Bitcoins and retrieve them occasionally?

Depends on the context.

It makes sense in terms of that it works. But it is by far not comparable to a hardware wallet regarding the security.
As HCP mentioned, it is a trade off between usability and security.

Quote from: Captain-Cryptory on August 06, 2020, 03:56:25 AM

Yeah, Tails is good for broadcasting TRXs that are already signed because it is capable to hide your identity.

You are giving the impression that using tails is sufficient to preserve some degree of privacy. This is wrong.
Tails itself is just a linux distro with some tools installed. They might help you to stay more anonymous than otherwise, but it mostly depends on the user behavior.

Using electrum, you already reduce the degree of your privacy by a lot. Installing Tails and believing that this makes you somewhat anonymous, as you are saying, is not true and creates a false sense of anonymity.

HCP

legendary

Activity: 2086

Merit: 4361

Quote from: mrkfdr on August 05, 2020, 09:55:51 AM

Just o make it clear when i want to transfer BTC i have to connect to the network to make the transaction ? it's not a partial sign,air gap approach , right ?

Depends on how you want to set it up and use it...

You can either run it as a "LiveOS", but connected to the internet... in which case, it isn't a "cold storage" setup, but likely to have increased privacy due to Tails/Tor use etc...
or
You can use it purely as an offline, transaction signing setup... in which case you'd need to install "watching-only" Electrum on your normal OS, use that to create unsigned transactions, then boot up "offline" into Tails, sign the transaction, boot back into normal OS and broadcast the signed transaction

It can be done either way, you just need to figure out which option is best suited to your particular use-case. The first one is less hassle, but arguably less "secure"... the second option is more secure, but also more hassle.

Timelord2067

legendary

Activity: 3696

Merit: 2219

💲🏎️💨🚓

Quote from: mrkfdr on August 05, 2020, 09:55:51 AM

Thnx Captain !
Just o make it clear when i want to transfer BTC i have to connect to the network to make the transaction ? it's not a partial sign,air gap approach , right ?

You only need to Broadcast Your RAW Transaction once you've created the actual transaction and have the necessary raw TX without connecting the cold wallet to the net.

mrkfdr

jr. member

Activity: 47

Merit: 3

Quote from: ?? on ??

Quote from: mrkfdr on August 04, 2020, 03:48:58 PM

Does this makes sense? using Tails with Electrum on a bootable USB to store Bitcoins and retrieve them occasionally?

Yeah, it does. Make sure you have the latest version of Tails and after installing it download and install on persistent volume the latest version of Electrum. Running Electrum on tails via TOR is a good approach for to preserve you privacy. Besides tails is one of the flavors of Debian which is good protected itself.

Thnx Captain !
Just o make it clear when i want to transfer BTC i have to connect to the network to make the transaction ? it's not a partial sign,air gap approach , right ?

mrkfdr

jr. member

Activity: 47

Merit: 3

Does this makes sense? using Tails with Electrum on a bootable USB to store Bitcoins and retrieve them occasionally?

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: ?? on ??

I see these things differently. You and me have already discussed all relevant stuff and I think there is no use to start our dispute again here. You stayed with own opinion but me with mine.

As much as i value your opinion, this has nothing to do with point of view.
It is about terminology.

People refer to the internet as "the web" all the time.
Even if that is their opinion, it is simply wrong and doesn't make it right.

Same applies to wallets.
If you use the most commonly used taxonomy - storage of private keys - you either have online wallets (e.g. software-, web- or browser-based wallets) or cold-/offline wallets (paper wallets, air-gapped setups) and depending on the PoV "hybrid" ones (e.g. hardware wallets, which is quite controversial where they belong to).

Quote from: ?? on ??

You know even Ledger is not a pure hardware wallet. It has some embedded software (like OS for example) which allows it to operate.

Wait.. are you really trying to argue that hardware needs software to be usable?

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: ?? on ??

I guess you meant "cold" wallet sitting on air-gapped device that was never been online and in the future will never go online.

There is no difference between an offline- and a cold wallet.

"Offline" does not only refer to the internet, but to any communication interface (wifi, bluetooth, ..).
Therefore each cold wallet is indeed an offline wallet and each offline wallet is a cold wallet.

Quote from: ?? on ??

Some users are confused with two concept "off-line" device and "air-gapped" one and think if they turn off their WiFi or pulled Ethernet cable that would be enough.

And some users are confused with the concept of computers believing that it is some sort of magic machine.

I don't see any relevance to that topic.
If they simply just disconnect their internet connection, it doesn't make their online wallet an offline-/cold wallet.

Just because their software is running on hardware, it also doesn't make their software wallet a hardware wallet..

AB de Royse777

legendary

Activity: 2464

Merit: 3878

Hire Bitcointalk Camp. Manager @ r7promotions.com

Quote from: ?? on ??

I guess you meant "cold" wallet sitting on air-gapped device that was never been online and in the future will never go online. Some users are confused with two concept "off-line" device and "air-gapped" one and think if they turn off their WiFi or pulled Ethernet cable that would be enough.

Yes, I meant a "cold" wallet. The device will never go online.

1. From the online device take the unsigned file.
2. Sign it in the off-line device.
3. Go back and broadcast the singed file from the online device.

Timelord2067

legendary

Activity: 3696

Merit: 2219

💲🏎️💨🚓

Quote from: The Sceptical Chymist on July 21, 2020, 05:47:24 PM

Quote from: Timelord2067 on July 02, 2020, 08:44:34 AM

Shopping List: A form of sheet metal, (galvanised steel etc) an engraver a pencil and ruler and an hour or so.

Transfer your coins to a paper wallet that you have rolled offline, engrave the private key onto the sheet metal (store in a safe place until needed). Destroy the paper wallet once you have verified what you engraved is what you intended to have engraved.

Yeah, that metal idea is a pretty good one. I actually have a steelwallet that I got when I bought my ledger, and it's a pretty solid way to store seed words. Those are way too expensive IMO, however.

Ages ago the SexCoin community stumbled upon a trader who was creating jewlery with QR codes etched/printed on them for persons collecting payments but not needing to cash out immediately - more practical than being handed cash for services about to begin then being robbed of that cash later on.

https://www.etsy.com/market/qr_code_jewelry

Quote from: OneGoLuck on July 02, 2020, 09:58:54 AM

Even better, easier and cheaper, is to buy a piece of normal cheap PVC pipe used in waste water systems.
Carve your private key or seed words to that, and bury it somewhere where no-one will be building new buildings or anything in the future. Preferable to your own land or your relatives land

I'd always be concerned the pipe would be crushed or melt or some other calamity befall it.

The Sceptical Chymist

legendary

Activity: 3500

Merit: 6981

Top Crypto Casino

Quote from: Bitstarzisascam on July 02, 2020, 07:27:25 AM

What about Electrum? They do have a backup seed when you create a wallet no?

Yeah, I do believe that's one way to go as long as you can keep that seed phrase secure. All it takes is a writing instrument, some paper, and you have your coins stored offline.

I don't think there are any security risks involved before the seed phrase is actually written down, and if there are I'd like to hear about them. I know there are keyloggers and stuff like that, but I don't think the average person has to worry too much about those.

Quote from: Timelord2067 on July 02, 2020, 08:44:34 AM

Shopping List: A form of sheet metal, (galvanised steel etc) an engraver a pencil and ruler and an hour or so.

Transfer your coins to a paper wallet that you have rolled offline, engrave the private key onto the sheet metal (store in a safe place until needed). Destroy the paper wallet once you have verified what you engraved is what you intended to have engraved.

Yeah, that metal idea is a pretty good one. I actually have a steelwallet that I got when I bought my ledger, and it's a pretty solid way to store seed words. Those are way too expensive IMO, however.

ducatitalia

sr. member

Activity: 259

Merit: 250

100% Positive EBAY Feedback Since 2001

Quote from: Timelord2067 on July 02, 2020, 08:44:34 AM

Quote from: pooya87 on July 01, 2020, 10:12:15 PM

the correct name is "Casascius" and it is not offline storage, it is a physical bitcoin

I'd hardly call a gimmick silver coin with a sticker over a QR code a secure method of storage.

In any event, any of the coins that have been "slabbed" with the sticker still intact you would have no way of knowing whether or not the sticker was peeled off, the details transcribed and then carefully replaced immediately prior to encapsulation. (We'll know for certain one day into the future if someone decides to cash in the funds)

Actually, its pretty easy to know...simply check the firstbits balance...if it's still there, the coin is not tampered with. Any scammer would steal the balance asap.

Collectibles are gimmicks to some and treasures to others...market determines true numismatic value...

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: ?? on ??

If bitcoin is illegal which prevent OP from buying hardware wallet, it's likely that using VPN/Tor is illegal or blocked by government.

It is not that trivial to block VPN communication.
It can be masked to almost look like regular HTTPS traffic (assuming you are using your own VPN server).

The most common blocking techniques are by IP and Ports.
Not using a public VPN provider and connecting to an abnormal port (e.g. 443) would already help quite a lot.

Further, to prevent deep packet inspection where the traffic has to be decrypted, using a strong cipher and certificates to not connect to a man-in-the-middle is recommended.

Quote from: Bitstarzisascam on July 02, 2020, 11:16:19 AM

VPN/tor isn't banned, the only thing banned is crypto, and I just want to store a sum of bitcoins in a wallet and leave it there for months+ I don't usually use crypto to transact anyways, only holding

Then just generate a paper wallet.
You can even do so without downloading/using any wallet.

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: guigui371 on July 02, 2020, 04:19:55 PM

Finally, it is not a physical BTC, as BTC never move away from the blockchain to become an object.
Casascius coins, are collectible and a way to spend / move / trade BTC off chain (same as openDime).

technically true but "physical bitcoin" is the official term used to describe this type of products specifically Casascius coins https://en.bitcoin.it/wiki/Casascius_physical_bitcoins and it comes from the fact that they have physical form and exactly because they can be traded "physically" and are not meant to be used as wallets for storage.
whether people pealed off the security to reveal the key and claimed their coins doesn't change the nature of this product.

guigui371

legendary

Activity: 2114

Merit: 1693

C.D.P.E.M

Quote from: pooya87 on July 01, 2020, 10:12:15 PM

the correct name is "Casascius" and it is not offline storage, it is a physical bitcoin and this type is not exactly meant to be used for storage. they are designed to be used as "collectibles" for those who like having collections such as hobbyist, etc.
they also are meant to have a fixed balance (the balance that was originally put in that key) and remain that way meaning you should never spend from that key (which requires physically revealing the private key) because it makes stop being a collectible.

Well, technically they are not a "physical" bitcoin, they are just 10% of a paper wallet generated by someone else (Mike).
When I say 10% it is because the public key is not even fully displayed on the coin, just part of it, and to find your full public key you have to search for it the database about Casascius coins.
Then, unlike a regular paper wallet, the private key is concealed, and only by unpeeling the coin, you can see it.

They are definitely used to "store" coins (private keys) as there are about 44 000 BTC stored on them.
And you can definitely spend them, as about 45 000 coins loaded on Casascius have been redeemed so far (in 2019 about 530 Casascius were peeled, it is 10 a week !).

Finally, it is not a physical BTC, as BTC never move away from the blockchain to become an object.
Casascius coins, are collectible and a way to spend / move / trade BTC off chain (same as openDime).

Bitstarzisascam

jr. member

Activity: 62

Merit: 4

Quote from: bob123 on July 02, 2020, 09:11:43 AM

Quote from: Bitstarzisascam on July 02, 2020, 08:31:00 AM

What could go wrong with having a offline device to store your wallst on? Any risks I should be worried about?

Well, don't lose your device. And you should have a backup.

But the important question (which you didn't answer yet) is how often you want to send BTC.
If it is quite often, you need some form of watch-only wallet to create unsigned transactions.

And here is the difficulty. You need to make sure that you are not leaking any information (i.e. that you install / use that wallet) to your ISP (or who are you trying to hide it from?).

If you don't trust your ISP -> Use a VPN and Tor. (This btw is one of the rare cases where a VPN actually is useful; If you trust your ISP, do NOT use a VPN).
And do not use winodws. Use linux and encrypt your installation. This is important.

VPN/tor isn't banned, the only thing banned is crypto, and I just want to store a sum of bitcoins in a wallet and leave it there for months+ I don't usually use crypto to transact anyways, only holding

OneGoLuck

newbie

Activity: 13

Merit: 4

Quote from: Timelord2067 on July 02, 2020, 08:44:34 AM

Shopping List: A form of sheet metal, (galvanised steel etc) an engraver a pencil and ruler and an hour or so.
Transfer your coins to a paper wallet that you have rolled offline, engrave the private key onto the sheet metal (store in a safe place until needed). Destroy the paper wallet once you have verified what you engraved is what you intended to have engraved.

Even better, easier and cheaper, is to buy a piece of normal cheap PVC pipe used in waste water systems.
Carve your private key or seed words to that, and bury it somewhere where no-one will be building new buildings or anything in the future. Preferable to your own land or your relatives land

PVC pipe is easy to carve and lasts forever in the ground. It wont rust and metal detectors wont find it. Even house/forest fires are not a problem, because the layer of ground will protect it from heat.

One way to quickly and easily dig it to the ground is to have a battery operated drill and one of those cheap 1m drill bits. Drill a hole to ground, and then push the piece of pipe (if you selected one of those 3cm diameter pvc pipes or a small piece of a bigger pipe.) to the hole, and then just fill the small hole.

You could even dig it underwater in the bottom of a lake or something, where no-one will build anything.

Just save your bitcoin address, so you can always observe and put more coins to that address without needing to dig your private key up.

Topic: Best way to store bitcoins safely without a hardware wallet(ledger,etc) (Read 665 times)