Generate a paper wallet from a offline linux computer that has never and will never touch the internet. and never use an offchain/third-party wallet, always have full access to your coins.
-ranochigo
I do this.
I boot up Ubuntu via a USB key using "try it now" instead of a full installation.
I have a local copy of bitaddress.org saved.
Then I generate some addresses and save to a USB key. Copy public addresses then stash away the USB key.
This way, the private addresses never gets online.
Someone brought up BIOS-based viruses, though. Would it be possible for someone to have the key snagged and stored in the BIOS somehow, then when you load up the computer normally and go online, it would send in the information? I've been pretty amazed at the tricks people have come up with in the past...
I did. The BIOS has no memory, but however, it does not need to have so. It can just transmit the data from the USB stick to the hard drive, and then upload it to the hacker whenever the PC is online.
Is this a legitimate fear, though, or just something that may or may not actually be possible? I'm not familiar enough with the BIOS to know how this all works.
And you can short it out to reset it prior to running any wallet generator on the system, right?
To be on the safe side, you can download the stock BIOS and flash it before turning it into a cold wallet.
As far as I know, the malware can be flashed into the BIOS, and it will execute commands made by a hacker. It probably will keylog everything and save that into your hard drive, and it will upload it once it has an internet connection, so the OS doesn't make a difference.
It's a fear, but it's highly unlikely to happen, to be honest. I'm just suggesting 100% protection here.
