Pages:
Author

Topic: Computers, Phones & Devices CANNOT be used to Keep Wallets - Safety for Dummies - page 2. (Read 5386 times)

legendary
Activity: 980
Merit: 1004
Firstbits: Compromised. Thanks, Android!
Assuming we're talking about savings wallets, or other wallets that won't need to be accessed very much, I'm surprised no one has mentioned CDs.

1) Send the bitcoins to the savings wallet.

2) OPTIONAL: Keep copies of one or more public key(s) from the wallet to add funds later. If you do this, you could create an empty wallet in step #1.

3) Burn the wallet to two or more CDs. Test the CDs, even re-import one of the wallets to ensure all went well.

4) Securely shred the wallet from the computer. Done!

At this point, most folks should be able to handle it. They can simply store the CDs in various places, just like with cash. Note that those with a little technical knowledge who can remember their password for a while can encrypt the wallet first.
legendary
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
Not trolling but this thread sparked this idea up. Soon people will have there Bitcoin addresses printed on their body as tattos so they can scan their money when they go to the market. This is the part where the Christians say "OMG THE APOCOLYPTIC CURRENCY HAS AWOKEN!!!". But in reality I'm highly religious so not trying to offend anybody here.

That would have to be a centralized currency, not a decentralized one, like bitcoin, and it's completely off topic to boot.  Wink
Not entirely off-topic, I was trying to give suggestions as what mediums we could safely store addresses(obviously not private keys) but also adding a religious pun to it.

Safety of address isn't realy an issues?

Every used key is know anyway... Also, you need private key to make a payment...

About the safety of addres isn't issues...question. If someone has your private keys someone the jig is up if someone takes it and then asks for you address.
Thats what I was intending to mean about safety anyways.

Hmm, I'm not in to math, but can't you connect public and private key to each other, if you know the limited pool of public-keys(the chain)?

Yeah your correct. My imagined scenario is this. If they have access to your private keys they 100.99(Repeating of course) have your public key regardless....
hero member
Activity: 728
Merit: 500
Not trolling but this thread sparked this idea up. Soon people will have there Bitcoin addresses printed on their body as tattos so they can scan their money when they go to the market. This is the part where the Christians say "OMG THE APOCOLYPTIC CURRENCY HAS AWOKEN!!!". But in reality I'm highly religious so not trying to offend anybody here.

That would have to be a centralized currency, not a decentralized one, like bitcoin, and it's completely off topic to boot.  Wink
Not entirely off-topic, I was trying to give suggestions as what mediums we could safely store addresses(obviously not private keys) but also adding a religious pun to it.

Safety of address isn't realy an issues?

Every used key is know anyway... Also, you need private key to make a payment...

About the safety of addres isn't issues...question. If someone has your private keys someone the jig is up if someone takes it and then asks for you address.
Thats what I was intending to mean about safety anyways.

Hmm, I'm not in to math, but can't you connect public and private key to each other, if you know the limited pool of public-keys(the chain)?
legendary
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
Not trolling but this thread sparked this idea up. Soon people will have there Bitcoin addresses printed on their body as tattos so they can scan their money when they go to the market. This is the part where the Christians say "OMG THE APOCOLYPTIC CURRENCY HAS AWOKEN!!!". But in reality I'm highly religious so not trying to offend anybody here.

That would have to be a centralized currency, not a decentralized one, like bitcoin, and it's completely off topic to boot.  Wink
Not entirely off-topic, I was trying to give suggestions as what mediums we could safely store addresses(obviously not private keys) but also adding a religious pun to it.

Safety of address isn't realy an issues?

Every used key is know anyway... Also, you need private key to make a payment...

About the safety of addres isn't issues...question. If someone has your private keys someone the jig is up if someone takes it and then asks for you address.
Thats what I was intending to mean about safety anyways.
hero member
Activity: 812
Merit: 1022
No Maps for These Territories
Note for step (3), if you don't use for full amount, remainder must be transfered to new keypair from step (1). Once you have key-pair on device which is connected to net, you can't entirely dismiss possibility of it being compromised.
+1 So you have to either take the risk that the other coins with the key will be stolen, or you have to send the change to a new pre-generated keypair.

====

The client support for this would be

One of:
1) a "send from private key(s) not in wallet" option, in which the private key(s) are provided by some external provider (OCR from webcam/scanner/user entered, whatever). The keys will be secure wiped from memory after use. This is not 100% secure of course, as someone could intercept it at multiple stages.

2) or simply import the private keys into the wallet. The problem with this is that it will be part of your wallet forever, so the on-paper key is no longer secure in any way. Then again, if you send the change to a new pre-generated keypair, this is not a problem.

(2) is by far the easiest to implement (it is already in a pull request, just needs UI...) so it has my preference.

and

A pre-programmed and easy sendmany. Import a list of public keys from a file, send each one a configurable amount.

Or even better, import a list of (address,label,amount) tuples from a CSV file or list of URLs. This is even more general. An external program as used for off-line key generation can easily generate these as well.

Quote
This is the part where the Christians say "OMG THE APOCOLYPTIC CURRENCY HAS AWOKEN!!!"
Yeah yeah please don't spam this thread, we're working hard to save humanity from the (financial) Apocalypse here Smiley
hero member
Activity: 728
Merit: 500
Not trolling but this thread sparked this idea up. Soon people will have there Bitcoin addresses printed on their body as tattos so they can scan their money when they go to the market. This is the part where the Christians say "OMG THE APOCOLYPTIC CURRENCY HAS AWOKEN!!!". But in reality I'm highly religious so not trying to offend anybody here.

That would have to be a centralized currency, not a decentralized one, like bitcoin, and it's completely off topic to boot.  Wink
Not entirely off-topic, I was trying to give suggestions as what mediums we could safely store addresses(obviously not private keys) but also adding a religious pun to it.

Safety of address isn't realy an issues?

Every used key is know anyway... Also, you need private key to make a payment...
legendary
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
Not trolling but this thread sparked this idea up. Soon people will have there Bitcoin addresses printed on their body as tattos so they can scan their money when they go to the market. This is the part where the Christians say "OMG THE APOCOLYPTIC CURRENCY HAS AWOKEN!!!". But in reality I'm highly religious so not trying to offend anybody here.

That would have to be a centralized currency, not a decentralized one, like bitcoin, and it's completely off topic to boot.  Wink
Not entirely off-topic, I was trying to give suggestions as what mediums we could safely store addresses(obviously not private keys) but also adding a religious pun to it.
member
Activity: 84
Merit: 10
I yam what I yam. - Popeye
Gee, my USB drives cost...$8!

and they have a whole linux operating system on them

they boot easily to almost any modern computer

and I've got them backed up in multiple places

FUD sucks

Nothing you are doing is ultimately "safe". USB drives fail. Or do you own some brand of super USB drive none of us know about?

What part of "multiple" did you not understand?
hero member
Activity: 728
Merit: 500
Instead of hackers, i'll worry about arsonists. lol
Also a good point. So you'd at least want multiple copies.

Create keys offline, print them on paper.
Indeed. A possible workflow would be:

1) Preferably on a device without network connection you want to run an application that generates a number of keypairs. The private keys are printed to paper (or some other hyper-secure place), the associated public keys (addresses) are written to an USB stick or digital medium.

2) The bitcoin client on an online device is then used to send BTC to the public keys generated in step (1). It sends a configurable number of BTC per address.

3) When you want to spend the BTC, the private keys can be scanned/retrieved as needed, for the amount you want to take out.

So (1) happens outside the bitcoin client, (2) and (3) happen inside it.


Note for step (3), if you don't use for full amount, remainder must be transfered to new keypair from step (1). Once you have key-pair on device which is connected to net, you can't entirely dismiss possibility of it being compromised.
sr. member
Activity: 364
Merit: 251
Not trolling but this thread sparked this idea up. Soon people will have there Bitcoin addresses printed on their body as tattos so they can scan their money when they go to the market. This is the part where the Christians say "OMG THE APOCOLYPTIC CURRENCY HAS AWOKEN!!!". But in reality I'm highly religious so not trying to offend anybody here.

That would have to be a centralized currency, not a decentralized one, like bitcoin, and it's completely off topic to boot.  Wink
legendary
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
Not trolling but this thread sparked this idea up. Soon people will have there Bitcoin addresses printed on their body as tattos so they can scan their money when they go to the market. This is the part where the Christians say "OMG THE APOCOLYPTIC CURRENCY HAS AWOKEN!!!". But in reality I'm highly religious so not trying to offend anybody here.
hero member
Activity: 812
Merit: 1022
No Maps for These Territories
Instead of hackers, i'll worry about arsonists. lol
Also a good point. So you'd at least want multiple copies.

Create keys offline, print them on paper.
Indeed. A possible workflow would be:

1) Preferably on a device without network connection you want to run an application that generates a number of keypairs. The private keys are printed to paper (or some other hyper-secure place), the associated public keys (addresses) are written to an USB stick or digital medium.

2) The bitcoin client on an online device is then used to send BTC to the public keys generated in step (1). It sends a configurable number of BTC per address.

3) When you want to spend the BTC, the private keys can be scanned/retrieved as needed, for the amount you want to take out.

So (1) happens outside the bitcoin client, (2) and (3) happen inside it.

(Optionally you could buy the paper/certificates for (1) from some trusted vendor. You really need to trust that guy though to not store your private keys anywhere else)
legendary
Activity: 2940
Merit: 1090
You could make multiple copies, whatever the media.

Cheap easy media would be useful for that, so you could in effect make yourself a bunch of cards (whether paper or cardboard or plastic or engraved platinum is partly a matter of taste), in various denominations, and duplicate them.

Maybe have an app that asks not only how much you want in your hand but also in what denominations and media and how many copies of each.

So you could click icons or whatever to tell it gimme twenty ones, only one copy of each, twenty twos, two copies of each of those will do, ten fives, just two copies of those is fine too, ten twenties, better gimme three copies of each of those, and twenty hundreds, gimme five copies of each of those, one printed on the secure printer in the secure room in the possibly offsite place...

-MarkM-
hero member
Activity: 728
Merit: 500
If you don't trust your computer abilities enough to make your own securely, get a paper bitcoin wallet from Casascius or someone you do trust to do it right. Encode by hand the private key (see link in my sig) with an unbreakable one-time code. You can then put the encoded private key into emails or whatever. As long as you don't forget your passphrase, you're completely safe.

In five years' time when you want to cash out your now-hopefully-fat wallet, only then does the plaintext private key get near an internet-connected computer.

Adding an other layer is good, if you are absolutely sure you can remember the key for decoding.

Personaly for extreme security I support multiple keys even for this, best with geographicly separated copies.

full member
Activity: 140
Merit: 100
If you don't trust your computer abilities enough to make your own securely, get a paper bitcoin wallet from Casascius or someone you do trust to do it right. Encode by hand the private key (see link in my sig) with an unbreakable one-time code. You can then put the encoded private key into emails or whatever. As long as you don't forget your passphrase, you're completely safe.

In five years' time when you want to cash out your now-hopefully-fat wallet, only then does the plaintext private key get near an internet-connected computer.
sr. member
Activity: 364
Merit: 251
John Smith,
   What would be the precise method for getting these it to paper in these formats?
(The base58 or QR-codes)   - "Save As"? You need the original program for either one first? Can you explain a little, please.
hero member
Activity: 728
Merit: 500
Create keys offline, print them on paper.

Import one for daily use for phone, keep only the ammount of cash you would normaly keep on person something which loosings isn't a major deal for you, be it equivalent for 50€ or 1000€.

Don't stack all the coins on one address.

One more idea, which need some work. Way to export private-key+bunch of transactions. So you could bring one key active and move BTC from it(burn the key it might be lost at this point), without compromising any part of your entirely off-line wallet. Most secure way would likely be to burn it on CD, and run ones connected to chain on network.

So store on one key, and when you need the BTC move all the BTC from it to other storage and day-to-day use wallet. So, every storage key is used only onces.


Paper or write only media is most secure, USB-sticks can carry infections... Anyway we can't ever get rid off issues on end point devices, but before it can be secured quite fine...
sr. member
Activity: 364
Merit: 251
What about the fact that paper is archaic
Archaic is an advantage here. It's the only place hackers cannot get to.

People are starting to realize this as hacking is becoming more and more prevalent all over the world.

Too many flashy techie cosy user friendly solutions running away with your money Wink


Agreed. You make an excellent point.
Instead of hackers, i'll worry about arsonists. lol
hero member
Activity: 812
Merit: 1022
No Maps for These Territories
What about the fact that paper is archaic
Archaic is an advantage here. It's the only place hackers cannot get to.

People are starting to realize this as hacking is becoming more and more prevalent all over the world.

Too many flashy techie cosy user friendly solutions running away with your money Wink
sr. member
Activity: 364
Merit: 251
You could have a few keys... stash each one with a certain amount of BTC, and scan in only the keys for the amount you need. Or stash everything into one key even... but then an attacker could potentially intercept the one private key when you scan it someday to take some coins out.

This would all need a user-friendly management application, but it's not rocket science.

So, you believe, ultimately, paper may be better than a credit card and reader?
I'm thinking, safest and easiest without compromising one for the other.
All methods have their use. If you want to spend the coins, loading them into a card, phone or your local PC makes more sense. For secure and potentially long term storage, paper wins IMO.



That's very helpful. I think we need a non-techie section or a "for dummies" section, so some can learn and understand without too much techno jargon. That's really the only way bitcoins will gain mainstream acceptance. Dummies have to be able to figure it all out and use it.
Pages:
Jump to: