Topic: HOWTO: create a 100% secure wallet - page 108. (Read 276221 times)

Cool how-to. Instead of leaving or backing up my wallet on my windows drive, I've created debian-live-6.0.1-amd64-gnome-desktop bootable SD with unetbootin. Going to be using the bootable SD to do my transactions and backing up for now on.

One problem that sucks for I, is the waiting for block count, while doing all of this on my mining machine "only one pc atm". Losing mining time to do transactions, backups etc on the live disk, but safer than sorry, I'd rather loose a few hours of mining than having my wallet somehow taken. I have more than a few years experience with debian based linux distro's. For a very fresh pc user, this how-to will be a challenge for them as a beginner. I recommend using debian live. Ubuntu has gone to garbage.

useful stuff, I've been trying to find ways to secure my investments

exceleent post, I feel more secure now.

I have none of these on my Mac, can anyone please tell me where I can find them? I have the BitCoin.app file running and have even shut it down a few times thinking that needed to happen for the files to be created the first time, no luck.

I've done an entire system locate command to try to find them with no luck...now I'm totally lost.

please don't solicit donations here.

How about using TrueCRYPT with double encryption / like whirlpool / blowfish inside of an aes / whirlpool encrypted drive. Seems to work unless somebody can compromise the system directly at the keyboard. Which is possible. Even truecrypt has ways it can be compromised even a thumb drive that is used to authenticate the boot sector of an encrypted windows or linux boot drive.

Thank you, kind sir.

As the old adage goes: "Hey there, long time listener, first time caller!"

Here's my biggest question at the moment and one I have yet to find an answer for:

I have a Mac, I am fairly new to Mac, I've been a PC guy for over 20 years...where in the hell are my files located for BitCoin that I can backup?

Yes, I have read as many forum posts as I could and yes I read the "official" BitCoin wiki. It says "By default BitCoin will put its data here: ~/Library/Application Support/Bitcoin/" but for some reason my install doesn't fall under the "by default" category, not sure why.

I've done a locate search but since this is a fairly new system the locate db didn't yet exist, I am waiting while that does it's index right now.

1) Why would my "by default" be different that everyone else's? I didn't explicitly install it in a different spot but then again I'm still new to Mac so maybe I installed it wrong or something.

2) Ok, guess I didn't have a two....

Thanks guys and glad to be on the forums!

DrDiesel

Thanks for the information!

I guess I need to go ahead and get a better OS like you said since I am using garbage...bleh

Thanks this is a big help

Thanks.  I think I like the vault/safety-deposit-box approach with redundant copies.

Dept. of Defence releases a tiny secure linux distro, USB bootable, what else you need for the secure wallet http://www.geek.com/articles/chips/u-s-dept-of-defense-offers-up-tiny-secure-linux-distribution-20110722/

1. Boot to live CD
2. Use bitcoin to generate your wallet.dat and however many keys you want.
3. Extract the public AND private keys (well, when they finally merge the PULL request on github)
    3a. on a separate sd card, store all your public keys so you can get to them later
4. PRINT the keys out on your printer, and leave some extra space and use a pen to copy them down again (printer ink can fade over years)
5. Put the keys in a security envelope, and then in a tamper-evident manila envelope.
6. Go get a 2"x5" safety deposit box at your local bank for $10/yr and put the envelope in there.
    6a. (optional) include a small sd card with the wallet.dat and plaintext keys so it's easier than importing keys manually
7. Don't forget to pay the annual lease for the SD box (perhaps pay several years in advance?)
8.
9. PROFIT

Only if they know where it is and have access to it--access being:
1.) Remote, through insecure SSH configuration, lax network share permissions, etc..
2.) Local, via an insecure account (bad password/lax permissions)
3.) Local, by taking the physical hard drive from the machine.

(1) can be avoided by keeping the machine you store your key on off of your local network and the internet, or by keeping your wallet on a removable disk/drive (and never allowing the file to touch other drives). (2) can be avoided by keeping your local user accounts secure, or by keeping the wallet on a removable(...). (3) can be avoided by keeping the file on a secure media in a secure place as with (1) and (2). (1), (2), and (3) can all be mitigated by encryption, but if a thief has your wallet (even if it's encrypted) then he only needs to crack the encryption (which will take a while) and he has your coin.

To prevent a thief who has somehow procured your ("secure") bank wallet from getting your coin, you may choose to make a new secure wallet every now and then (and transfer the funds from the old wallet to the new one). With encryption, that should be enough to prevent a thief from getting anything before you can say "Peter piper picked a peck of pickled peppers". It's up to you how long between new wallets you want to go, but I don't think you need to do it too often.

The most important point to remember is that if your (encrypted or not) wallet is ever on a non-encrypted storage medium, then it's data will remain there for anyone to scrape if they have physical access to the drive (and sometimes even without), until that data is replaced (which may take a while, unless you shred it, but it still may be there depending on the filesystem you're using). So if you can keep the wallet encrypted throughout it's entire lifetime, that would be best (particularly if it's also on a fully encrypted volume), and if you can keep it from touching your hard-drive until it can be encrypted that's good too.

Through building my rigs I've made like 5 other orders after the initial order for the rig, Dummy plugs, KVM Switches... and not to mention now a decent 16GB USB drive that is going to be exactly this. Love the guide thank u.

cant ppl still steal your wallet by emailing it to themselves then just loading up your wallet with their bitcoin program? you wont even have to open it or attempt to read it

Generally the *dat files exclusive wallet.dat. But with every client release (and patches) there seems to be consolidation along with new scattered files. If you switch wallets, --rescan, and send transactions, the following files/directories will likely change:

blk000*.dat
blkindex.dat
database/
__db.00*
debug.log

addr.dat
wallet.dat

There is not a clean separation between private, public, and temp/log data. Even wallet.dat contains many references to public data, such as the earliest relevant block. Though little if any public data makes identifying references to the wallet.dat.

thanks great guide

Is there a way i can save the current block list alongside the wallet file, so that i don't have to wait increasingly longer periods of time waiting for it to download entirely each and every time i decide to use my safe wallet?

Edit- Ok, that was already answered, appearently, so i'll rephrase: what filename does the block list has?

The client is still alpha software. It's coming.