Pages:
Author

Topic: Here is why they say to store your seed "offline" - page 2. (Read 585 times)

mk4
legendary
Activity: 2870
Merit: 3873
📟 t3rminal.xyz
what about protonmail?  if you had to store it in the cloud would that be the best option?

Probably better than most options, but still — no. Seriously, just grab a hardware wallet/s, write down the backup, and hide that backup.

Tbh if you're asking about options with cloud storage, you're probably not capable of securing your backup in a digital manner proficiently.
hero member
Activity: 510
Merit: 4005
what about protonmail?  if you had to store it in the cloud would that be the best option?

Proton Mail is pretty good, because they (claim to) do actual client-side encryption (i.e. they are unable to decrypt your data). The thing is, how do you verify that claim?

Even if you do a point-in-time security audit on their code, nothing prevents them from "accidentally" including some JavaScript into your session that leaks your encryption key to them.

Good security is (partially) about reducing the number of things that you have to trust not to let you down. With that in mind, learning how to do things for yourself (if you're able) is recommended.
full member
Activity: 1792
Merit: 186
what about protonmail?  if you had to store it in the cloud would that be the best option?
legendary
Activity: 3038
Merit: 2162
When people talk about storing private keys "online", they generally don't mean cloud storage. They mean hot wallets or custodial wallets. And the reason why many choose to store their coins "offline", aka use cold storage is because they are in full control of their coins and the coins are exposed to a much smaller number of threats when compared to other methods.
legendary
Activity: 2520
Merit: 1233
Any valuable data is a crucial component when storing it online.
That's why those seed phrases or any information that can be leaked to your valuable belongings shouldn't store in the cloud or any online storage provider to avoid such possible consequences of scam.  It should be on a piece of paper and kept in your closet or much better a safety vault.

Good thing that the Amazon cloud services provider announced this which is they also care about their reputation and I think 18 months is enough time for users to retrieve their files and important data out of that cloud service.  
legendary
Activity: 1526
Merit: 1359
I have read about more than one instance of a user storing a seed phrase or private key in the drafts of some email provider...

This is a horrible thing. Every time I hear something like that, it makes me want to cry for a little while.
sr. member
Activity: 1190
Merit: 469
While i agree there's lots of time before their service shut down, i have small concern about how they notify their customer. According to the news, currently they only use email to notify their customer. I expect most people only open their email when they need to register or recover their online account, unless their job regularly use email. Additionally, it's likely their email buried with lots of promotional content unless they opt out from it manually.

Which is why in these types of situations there are going to be people with Amazon Drive accounts that lose their data. Say they went on a 2 year vacation when they come back, their data is gone! Maybe Jeff Bezos has a backup for them but no guarantee.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
It would be much better if you have quoted some important notes why storing your private keys or seed phrase offline is the best choice and why it is much safer compared to storing it online or using usb or hard drive. Though storing it using usb is not that safe because if you plan to access your account then you need to insert your usb and that usb is now exposed to the internet. You wouldn't know that your computer is infected with malware that is possible to steal your wallet.
legendary
Activity: 2212
Merit: 7064
Do you know what cloud storage actually is? Someone else's computer. Why would you store your seed phrase on someone else's computer? Do you know who can access that computer? Do you know how good that computer's security is? What if that person stops letting you access their computer? An incredibly stupid thing to do.
But it's safe and encrypted right? Right??
Or maybe you could be a presidents son that stores your whole weird life on iCloud and than someone hacks it and posts everything in public.  Cheesy
It's crazy to store anything or any sensitive information on any cloud service, and it's even more crazy to keep bitcoin seed words and passwords there.
Best option for seed words is to keep them offline on paper or metal, and for everything else it's not that hard to set up your own self-hosted ''cloud''.
legendary
Activity: 2268
Merit: 18771
Wow I love this thank you for this enlightenment am usually use to saving my phrase and passwords on my emails but now am not taking chances I word clear everything and save they offline properly.
Great that you are now going to secure your seed phrases properly, but simply deleting everything from the cloud storage is not sufficient. Again, think of cloud storage as someone else's computer. If you say to them "Delete this file" and they say "Ok, I've deleted it", you have absolutely no proof whatsoever that the data is actually deleted. And even if it is deleted, it probably isn't properly shredded and could be recovered. And even if it is shredded, it is probably backed up on more than one other server somewhere and could still be accessed.

Instead, you should consider whatever seed phrases or private keys you had stored online permanently compromised. Create some brand new wallets with the seed phrases backed up only via non-electronic means (i.e. pen and paper), and then transfer all your coins out of your old wallets in to these new ones.
sr. member
Activity: 966
Merit: 391
Underestimate- nothing
Not just your seed phrase / private keys, but any data you really care about is too risky to exclusively store in the "cloud". Always make sure you have local copies of important stuff.

Also, never store anything sensitive without encrypting it first. There are data breaches all the time, and this can easily lead to your bitcoin disappearing and your accounts being hacked.

TLDR: The only thing cloud storage is good for is (client-side) encrypted backups. But if you don't know exactly what you're doing, just avoid it altogether.
Wow I love this thank you for this enlightenment am usually use to saving my phrase and passwords on my emails but now am not taking chances I word clear everything and save they offline properly.
legendary
Activity: 2268
Merit: 18771
Take for example, there is no way a company as big as Amazon would want to shut down a service without announcing it first and giving their customers who use that service time to transfer their documents to another company that provides the same service(like they just did in this case).
I have read about more than one instance of a user storing a seed phrase or private key in the drafts of some email provider, who have shut down without warning. Amazon might have given a warning, but many won't.

So the major reason why storing seeds and private keys online is frowned at is because of hack, most especially for newbies who don't know how to use strong passwords for their account security, and some also do not know how to use 2FAs, such account can easily be hacked, so this is why it is better to keep your seed phrases offline for better security.
This isn't the most likely attack either. Even if I used a truly random password of 500+ characters along with a hardware key 2FA, I would still never store anything valuable on the cloud (i.e. someone else's computer). You have absolutely no idea how good their security is, if your data is transferred securely, stored securely, how many times it is copied, in how many servers all around the world it is stored, where these servers are, who can access these servers digitally, who can access these servers physically, and so on. Even if your account is not hacked there are a million ways that your data could be stolen or lost.
sr. member
Activity: 1190
Merit: 469
Amazon is providing approximately 18 months notice they are shutting down their service. That is more than ample time for someone to make arrangements to store their backups elsewhere if they chose to store their backups online.
In this case, maybe. But there have been plenty of cloud providers in the past who have provided little to no notice, and there will be plenty more in the future.

That's right. This Amazon situation is the best case scenario you see in these type of situations where the service provider decides to pull the plug.  
 

Quote from: Fivestar4everMVP
You are exactly wrong in your subject, that Amazon is shutting down their service has nothing to do with why peeps shouldn't store their seed or private keys online.
It's one of the reasons. Just highlighting that you can't trust online cloud storage providers at all. As well, not all of them are as nice as Amazon. As o_e_l_e_o pointed out.

To say nothing of how shady cloud storage providers can just close your account and delete all your files without your permission and not have to explain why. it happens.


Quote
The reason why it is said never to store your seed or private keys online is due to how easy it might be to get hacked...

That's one of the reasons.

But back to this Amazon situation. There will most likely be people that don't migrate their data away from Amazon Drive for a variety of reasons. One of them being they never knew the service was shutting down. Yes, isn't that hard to believe? But its' true.
legendary
Activity: 2422
Merit: 1083
Leading Crypto Sports Betting & Casino Platform
You are exactly wrong in your subject, that Amazon is shutting down their service has nothing to do with why peeps shouldn't store their seed or private keys online.
The reason why it is said never to store your seed or private keys online is due to how easy it might be to get hacked, and not because of the service itself shutting down.
Take for example, there is no way a company as big as Amazon would want to shut down a service without announcing it first and giving their customers who use that service time to transfer their documents to another company that provides the same service(like they just did in this case).
So the major reason why storing seeds and private keys online is frowned at is because of hack, most especially for newbies who don't know how to use strong passwords for their account security, and some also do not know how to use 2FAs, such account can easily be hacked, so this is why it is better to keep your seed phrases offline for better security.
legendary
Activity: 2268
Merit: 18771
Do you know what cloud storage actually is? Someone else's computer. Why would you store your seed phrase on someone else's computer? Do you know who can access that computer? Do you know how good that computer's security is? What if that person stops letting you access their computer? An incredibly stupid thing to do.

Amazon is providing approximately 18 months notice they are shutting down their service. That is more than ample time for someone to make arrangements to store their backups elsewhere if they chose to store their backups online.
In this case, maybe. But there have been plenty of cloud providers in the past who have provided little to no notice, and there will be plenty more in the future.
hero member
Activity: 3136
Merit: 591
Leading Crypto Sports Betting & Casino Platform
If you are aware of the risks that storing anything important such as seeds or private keys online then it's your call. Basically, you have an idea on how to keep those things confidential despite being not recommended in doing so. I've known people that have been doing that but of course, not for their keys but for some important login details and information which eases them from their tasks and businesses. It could be done for crypto-related stuff but if you're also aware of those breaches that have happened, you'll never do this when you're aware that a hacker might find and crack it. As for Amazon, the point is actually good, what if the cloud storage you're using suddenly collapsed or announces an immediate closure but for someone who understands the importance of keeping your keys safely through the manual way of writing it down, this is out of choice.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
/

Amazon is providing approximately 18 months notice they are shutting down their service. That is more than ample time for someone to make arrangements to store their backups elsewhere if they chose to store their backups online.

With that being said, there are plenty of reasons to not store your backups in the cloud or online, such as the potential for the service provider having a security breach, your account being hacked via various means, or your account password being reset via phishing.

Even if your private keys are encrypted, an adversary would have an unlimited number of attempts to decrypt your private keys, until you become aware of the breach and move your coin.
full member
Activity: 1834
Merit: 166
Even if Amazon has decided to shut down it's cloud storage then also you should not be storing your seeds over there and only offline ways should be used for it.If some bad actor or hacker gained access to your keys or seeds through cloud then your funds will be gone so why use these ways in first end.It is advisable never to have digital copy of them and you are saying about Amazon services which can easily involved in data leak so don't trust them at all.
mk4
legendary
Activity: 2870
Merit: 3873
📟 t3rminal.xyz
That's just one thing, but people are against storing your backup digitally(or worse, on the cloud) mostly because of potential breaches. Writing your backup down on a piece of paper or etched on a steel sheet automatically removes the risk of hacking.
legendary
Activity: 1372
Merit: 2017
Well no, I do not agree with the title of the thread. That amazon is going to shut down its cloud service has nothing to do with what is usually said about saving your seeds offline.

Amazon is going to stop providing a service and if you store things in that cloud, you will have to find another service if you want to continue storing them in a cloud.

Saving things in a cloud has its advantages and should always be done with information that is not too sensitive, as mentioned above.

But saving your seeds offline is often said because from the moment you have them online, there is a risk that they will be stolen by hackers, and for that it doesn't matter if Amazon Drive stops its service on Dec. 31, 2023.
Pages:
Jump to: