Thanks for the EDU on this! I'm still a little foggy about wallet.dat though. Suppose I want to move my Bitcoin wallet to an encrypted drive that's taken offline/unplugged when I'm not using it. Do I simply move wallet.dat, or do I have to move the entire directory that it resides in? Also, what would happen if my wallet.dat was on a USB drive that was offline/unplugged and I disbursed BTC from my pool account to my wallet?
aTdHvAaNnKcSe
Topic: HOWTO: create a 100% secure wallet - page 119. (Read 276225 times)
Thanks for this write up. Great work.
There really is no such thing as 100% secure. Not for your wallet, a web site or anything else.
Security is an interesting business, currently the attackers have the upper hand, and the defenders are playing catchup. This has been going on since the first guy picked up a stick to whack his enemy with only to find his enemy came back with a shield and a stick. Eventually the defenders will catch up since this is really a vital issue, not just for bitcoins but for all aspects of life, including of course our digital lives.
Security is an interesting business, currently the attackers have the upper hand, and the defenders are playing catchup. This has been going on since the first guy picked up a stick to whack his enemy with only to find his enemy came back with a shield and a stick. Eventually the defenders will catch up since this is really a vital issue, not just for bitcoins but for all aspects of life, including of course our digital lives.
Thanks for this post!
Better to be safe then sorry! Good intel!
this is some really good stuff thank you!
Thanks for the guide!
THis all happend while the disk was mounted...
I understand the need for something really easy and secure, which is a legitimate concern if you're computer-illiterate but interested in bitcoin.
So, I decided to make a poll about providing an all-in-one solution: Poll for an easy security HOWTO. This would allow people like bitcoindude to use bitcoin safely with only very little prior knowledge.
Feel free to comment on it, but note that it would take me time (not _that_ much, a matter of a week or two) to give you this.
I know how to encrypt the backups of my wallet.dat, but what's the best way to encrypt the original file itself?
Quote
Is it possible (or planned) to add native encryption of the wallet.dat file to the Bitcoin client?
it's planned so it's matter of short time.
Is it possible (or planned) to add native encryption of the wallet.dat file to the Bitcoin client?
This would be ideal... Similarly, keep just enough data unencrypted so that the client can be notified of incoming transactions (similar to how BlockExplorer does it with the BitCoin address, but obviously can't accept the BTC and spend it).
Thanks for the guide!
Is it possible (or planned) to add native encryption of the wallet.dat file to the Bitcoin client?
Really really for this project. More things like this need to be out keeping it super simple.
I'm about to buy my first bitcoins. If I just avoid all forum links/email attachments with potential trojans and keep my computer away from anyone IRL, am I 100% safe? I've read a good amount of the encryption/live CD posts on this thread and others, and I plan to do that stuff eventually, but to be honest it's still annoyingly complicated for a non-geek such as myself.
can u tell me the pathway to the wallet.dat in Ubuntu?
It's located at /home/This is your solution? Ok so basically unless you are linux savvy then forget securing your wallet and what about portable devices? This is not a viable solution for the majority of people. Bitcoin is a hobby right now. The only way for people to take it seriously is if the security flaws are addressed by the software itself. Otherwise how can main stream people use it for everyday purchases? Your basically saying only people that are comfortable with installing and running linux should use it. Great that's less than 5% of people who make purchases online.
How about a real solution. Right now if you ask me bitcoins should be trading for cents not dollars. Mtgox isn't secure, the wallet.dat file can't be secured in any real way see: https://en.bitcoin.it/wiki/Talk:Securing_your_wallet#Flaws_with_argument_regarding_encryption
Why would anyone want to speculate on a currency that can vanish into thin air? The cash in my physical wallet is far more secure even walking around the most dangerous neighborhood than the methods in place to use the wallet.dat file now. Forget trying to exchange currency on mtgox which also is lunacy.
LMAO@
"You might want to make multiple copies (on multiple cards/CDs, not multiple copies of the same file on the same disk you tart)."
"You might want to make multiple copies (on multiple cards/CDs, not multiple copies of the same file on the same disk you tart)."
Perhaps a live cd for this exact purpose is needed:
https://forum.bitcoin.org/index.php?topic=19218
https://forum.bitcoin.org/index.php?topic=19218
Hello,
Obviously what you are suggesting doesn't adequately address these issues. For more info of why you cannot secure your wallet aside from the bitcoin software being able to encrypt and read an always encrypted wallet file please go here:
https://en.bitcoin.it/wiki/Talk:Securing_your_wallet#Flaws_with_argument_regarding_encryption
Bitcoin is flawed. There is no way to 100% secure your wallet until the software becomes capable of reading a wallet file that is always encrypted. Till this problem is solved we will absolutely see more trojans that will aggressively attempt to locate, copy, and transmit wallet files over the internet. This is a huge security hole.
~J
Obviously what you are suggesting doesn't adequately address these issues. For more info of why you cannot secure your wallet aside from the bitcoin software being able to encrypt and read an always encrypted wallet file please go here:
https://en.bitcoin.it/wiki/Talk:Securing_your_wallet#Flaws_with_argument_regarding_encryption
Bitcoin is flawed. There is no way to 100% secure your wallet until the software becomes capable of reading a wallet file that is always encrypted. Till this problem is solved we will absolutely see more trojans that will aggressively attempt to locate, copy, and transmit wallet files over the internet. This is a huge security hole.
~J
Jump to: