Topic: For beginners: Create a Bitcoin wallet securely and privately (Read 278 times)

Until proven, this is complete BS. You made this up, didn't you?

If your watch-only wallet is connected to a third party node, then you're as well exposing your IP and your Bitcoin address to a third party node that you don't know who controls. If you must tell people to avoid using block explorers because of privacy reasons, you must also advise them to connect their wallets to only their own node, if not they do not still gain any privacy.

I will have to disagree on this that using a block explorer is better than a watch only wallet. Once you constantly use a block explorer your IP gets attached to that address except if you hide the IP by using Tor for that, an attacker can actually watch over your address and that’s one of then main reasons you see people getting attacked with dust Payment. Also if you have your watch watch only wallet which is harmless because public key cannot be used to access your wallet even if it is compromised. You can still create an unsigned transaction using watch only wallet.

I support this method when compared to using a wallet within a closed OS system (like Windows for example), but I also have to support the idea that making this kind of use within a public/shared computer doesn't suit my thread model at all. Like LoyceV said, most public computers do not allow you to boot from other sources and you will never know 100 % what other users have done previously in that computer (or what kind of system is in check to safeguard them).

By using a hardware wallet at least you are restraining your private keys in a device outside the public/shared computers. Do note that updating the firmware of such devices in a malicious infected public/shared computer can also compromise your private keys (see, for example, in Trezor case[1]).

---

[1]https://forum.trezor.io/t/under-any-circumstances-could-a-firmware-update-or-malware-posing-as-update-ever-extract-wallet-seed/12964

Let's face it: if you don't own a computer (or smartphone for that matter), you probably shouldn't be using Bitcoin.

I don't trust my phone, but I still trust it more than any computer not under my control.

If you really insist on using Bitcoin no public computers, you should use a hardware wallet.

I agree but for people who don't have a computer or laptop, they will have to do it like one of very last options. They can do it with smart phone if possible and it is more individually but phone is not secured enough.

Anyway when they use Tail OS on a public, shared computer, they must only do it with a hot wallet that they afford to lose all bitcoins inside.

If they want to check balance only, they can do it with any Bitcoin block explorer. It is even safer than Import their public address and get a Watch only wallet.

Because a Watch only wallet on USB drive, that is plugged in carelessly can bring malwares back to their main computers.

List of useful Bitcoin block explorers

The reason I would not use this as an advice to a beginner is that they barely know any thing about Bitcoin and they will need their Seed every time they want to check their Balance, Spend or Receive.

They could use Block Explorers, but that is not recommended either.  Not the best idea to give a Server queries of your own Addresses.

But how do they Spend and Receive otherwise?  They will need to keep the Seed around and pull it every time they need to use Electrum, because Tails is amnesic.  You do not want that Seed to be lost.  If you forget where you put it and Tails forgets about it too, what do you do.  And the more often you take it out of the hiding spot, the more likely you forget where you put it or become more negligent with it.

For beginners (and people far from IT), hardware wallet is the simplest and most reliable device (intuitively simple and understandable). Creating USB with Tails OS stick may be an overwhelming task for many, although this solution can be used as an alternative (inferior due to security) to hardware wallets.

Hardware wallet's cost (technically safe and from a reputable supplier) varies between $70-100 (majority in the market). This price will be unattractive only for those investors whose investments amount to $100-200, but then the question arises whether one should bother with investments of such amounts at all.

Doing this on a public PC is, of course, not recommended, because how do you imagine entering a seed phrase to access a BTC-wallet when there are a lot of people around you and there is a risk that the administrators of this public place (or hackers) will spy on the data you enter.

You can always get the cheapest laptop (even bought secondhand) and use it for interacting with a BTC-wallet. Just don’t talk about "cost isn't always appealing" (of this device) again. If you are ready to invest in bitcoin, then a used laptop should not be a problem.

This isn't a guide for individuals seeking quick gains through crypto trading.  It's designed for those genuinely interested in possessing digital property, bitcoin.  I've successfully introduced close relatives to Bitcoin, but I've observed that they struggle with setting up their wallets correctly.  They can't simply download random software onto their primary computers.  Advising them to do so would be irresponsible.

Suggesting a reputable hardware wallet is indeed wise, don't get me wrong, but the cost isn't always appealing.


I never advised to do this on a public computer. 

Tails is a good operating system for the ones who care about security and also for the ones who want to create their own Bitcoin wallet with Electrum. One can easily create his/her own Bitcoin wallet with Electrum that's preinstalled on Tails OS, and after each restart one can use that wallet just by entering its seed phrase. It's a good setup for the ones who are new to personal wallets and who don't really trust Windows operating system or has the technical knowledge to install software on Linux operating system. Tails makes their job easy because it comes with preinstalled Electrum wallet and that anyone can use without much hassle.

The only problem one can face by using Tails on public computers or someone else's computer is by presence of hardware keyloggers because Tails can protect users from software based keyloggers as it always starts fresh but it can't protect users from hardware based keyloggers, and that's why one should be careful when importing his/her wallets seed phrase in someone else's computer or a public computer because if a physical keylogger is present on that computer then the hacker can easily access that person's seed phrase which was copied by physical keylogger present on that computer.

Not really for beginners because it's too complicated for them to understand cause they think exchange is the only safe place to store cryptos. I recommend them to start using Electrum as their first step towards securing their funds and once they accumulate decent chunk then they have to opt for an HW or Air gapped device where we can say it's most possible security for our funds is ensured.

He can request bitcoins from his phone, whether by scanning the QR code or just typing in the address.  All he needs is a separate device for regular stuff, and he can fire up Tails to access his wallet every time by recovering the seed.

Now, I'm not saying this is the perfect or safest method out there, but it's definitely better than what most folks are doing.  Let's face it, a lot of people struggle with understanding or bothering with security.  Whenever I suggest people to get into bitcoin, they always ask me which app they should use on their phone.  We can't move forward like that.  Then again, I can't exactly suggest setting up a wallet on an airgapped computer to someone who doesn't even know what Linux is, right?  So, I think this guide kinda sits in the middle ground.  What do you think?

How does that help a new Bitcoin user? He now has an address on a system he doesn't use for anything else. Chances are he'll email the address to himself, and lose his Bitcoins using CTRL-C CTRL-V on his Windows reboot with malware.

Not really. A hardware key logger is still possible. It's better to avoid entering any sensitive information (including email passwords or even identifying data like email addresses) on public computers. Besides, most public computers won't allow you to boot from your own device.

If you privately own your coin, then why having it on a public computer? That is risky and I will prefer to use my device instead which is private and not public.

If it is small part of the coins, I will prefer to use my phone instead of public computer. For larger part of my coins, I will prefer airgapped device or hardware wallet that is airgapped. I will prefer to store small part of my coins on an online PC.

Tail OS is a good solution for people who have to use public computers and have to share computers with other people.

Years ago Chikito shared a guide on Install Tail OS too.
How to Install Tails OS on USB flash drive for Wallet Purpose.

Be careful for safety and security is better than cure so even with Tail OS, I recommend people should not connect their main wallets even with Tail OS at a public computer. They can do it with a wallet that is used to store small part of their bitcoins. If it is a wallet that stores main part of their bitcoins, they must be more careful and only do it at home, with their personal computer.

Tails OS is also open source. It also comes with Electrum which will be a good option for those that wants to setup an airgapped wallet.

Nice guide by the way mate. Though I haven't tried the tails operating system before I'll still prefer Installing a Linux system on my computer since it's also open sourced and I'll just create an  airgapped wallet instead.
You should have also stated in your guide op, on how they could store their seed. You had just told to write it out then what next? Firstly as a novice in the crypto space, you should know that you literally own the keys to your funds and if you are unable to keep them safe. You will end up loosing your funds.

Some ways you can store your seedphrase include
Securing Your Seed Phrase with Washers,
writing it down and storing a temperature moderate environment( not too cold and not too hot). Avoid storing your seed online as it's considered unsafe and exposed to risk.

If any of the statements below apply to you, then you're in the right place:

• You aim to either establish a Bitcoin wallet or have already done so but are uncertain about its correctness. 
• You prefer not to invest in a hardware wallet yet still desire decent security measures. 
• You lack proficiency in computer security. 

While numerous guides illustrate how to create a wallet securely, I initiate this thread because I believe there isn't a straightforward guide tailored for those less technically inclined.  If you're a Bitcoin enthusiast who has successfully introduced family members, such as siblings, cousins, or spouses, to the concept, feel free to share this guide with them.  And if you happen to be that relative seeking guidance, continue reading!

Is this 100% secure?

No, nothing offers absolute security.  However, this method provides a higher level of security compared to simply downloading software onto a computer running a closed-source operating system like Windows, potentially alongside other malicious programs operating in the background.

What do I need?

• A computer with a minimum of 2 GB RAM, which typically includes any desktop or laptop found in your home. 
• A USB stick with at least 8 GB of storage space. 
• A few minutes of your time. 

You need the USB stick for installing Tails:  an operating system that prioritizes your security and privacy.  In Tails, all your online activities are routed through the Tor network, and once your computer is shut down, all traces of your activities are erased.

How can I install Tails?

There's no simpler OS installation process.  Simply visit the Install Tails page, select the operating system you're currently onto, follow the instructions, and within minutes, you'll have successfully installed it on your USB stick.

Alright, so I've completed the installation.  What's next?

If you've followed the Tails guide step-by-step (installing the OS on the USB stick, restarting the computer, selecting to start from the USB stick in the boot loader), you should encounter a welcoming screen:


Simply click on "Start Tails" to proceed.  After a brief moment, you'll see:


Select "Connect to Tor automatically" to establish your connection to Tor.

Now, how do I create my wallet?

Navigate to "Applications" (found at the top left of your screen), then in the "Internet" category, open the "Electrum Bitcoin wallet."  From there:

• Name your wallet, then click "Next."
• Choose "Standard wallet," and click "Next."
• Opt for "Create a seed," and proceed by clicking "Next."
• Write the seed on paper and carefully read the warning provided.
• Confirm the seed phrase to ensure accuracy, then click "Next."

That's it.  You're now ready to receive bitcoins to this wallet.  Your balance is managed by Electrum servers, which operate without knowledge of your IP address.  With no background malicious programs, it's just you, the Bitcoin wallet, and an open-source operating system focused on security and privacy.

---

Is this "airgapped"?

No, it's not.  Since it's connected to the internet, it's not airgapped.  Using a Bitcoin wallet on an airgapped computer provides higher security than this setup.  However, implementing such a solution may exceed the complexity covered in this guide.