Topic: HOWTO: create a 100% secure wallet - page 23. (Read 276221 times)

Is there a short version or should ppl go through 107 pages ?

btw. great first post, thanks

Thanks for the helpful information in this thread. 

People are just ridiculous when it come to the security of there pc's ,They could just keep the data in a flash and use it with a disconnected computer with the bigger wallets and have a small wallet for day-day payments.

Good informations for first time users.

WHat about mtgox is that a good place or safe enough to keep coins in.  I figure its safe considering they are the largest.  What are your thoughts on how safe is it to keep in mtgox or blockchain or bitfloor or any online service

Great safety tip. Could just have an entire pc that sits in the corner with linux on a CF drive instead of all the live CD part.

Thats a lot of information, it will take me days to get through everything. Ohhhh

Yo dawg, I heard you like virtual machines....

If your extremely paranoid, you just have a chip implanted with your private key

My buddy is very paranoid, he encrypted his key. And then he encrypted it again with a mbit encryption, printed it out and it now resides in a high security bank with member only access. (all devices he used were brand new before he used them, and he melted most of them afterwards.)

Anybody who is very paranoid and knows what hackers can do, will never keep their key on a networked device. (not even with 10 layers of visualization)

For the people who know nothing about computers, just print out the key and put it in your home vault. (or preferably a banks vault)

Encrypting the key on paper, is only useful when you want nobody but you to be able to access them. (or could help in other situations where you prefer two factor authentication, for example you could give a relative the key (or multiple relatives each a different part of the key  ), knowing that they will only get access to the deposit box when you die. Hence not letting the bitcoins get lost forever)

Also if you are VERY paranoid, then you could have Virtual Machine inside Virtual Machine, protecting your stuff.

thanks for the info.

this is really helpful.

What you have to keep in mind, is you have your spending account, and saving account.

Saving account, you basically want to put this on paper and put it in a safe deposit box in a bank. (why, unless you are planning to spend major money, you shouldn't have to access this account, hence it will be only once every couple of weeks/months, putting it on paper basically guarantees that hackers will not be able to get to it, but thieves will, hence the safe deposit box)

Your spending account could be anything, online service (not recommended) or a multi layer encryption on a computer/hardcopy.

The idea of the spending account is, to have the quick access to your money, without suffering to much risk of losing money. For example, a hacker will not easily go for a single bitcoin, but if he knows you have a 1000 bitcoins in your wallet on your computer... In the end as long as the hacker is good enough... it will get hacked... the only way to completely prevent hacking, is either non-networked, or hard-copy. Hence your 1 to 10 BTC are easy to keep in any wallet, (atm) but the moment you start talking about bigger money, you have to start thinking about good to great security.

So yes, if you want a saving account (in a bank) you want to be able to access often, thats a hassle. If you want to be able to get access to a lot of coins without really locking them up, spread them over your addresses, thats why you can generate basically unlimited addresses. Keep in mind though, that hardcopy is still a very smart thing to do. As if somebody hacks your wallet with all your keys... the spreading over address is useless. (mutliple wallets is what you want)

If you thinking about moving them back and forth over the currency market, then it all depends how much you are willing to invest. (note that the initial registration for fiat(usd, euro, pounds) to bitcoin and vice versa is an hassle that takes a couple of days) Haven't gotten into that yet, and not really sure yet how to do that... because when their end up a lot of money in the wallet... I would kinda want a second pc, non-networked, who would print out my private keys, which I would just have to scan on my regular pc with the QR code, to do the payments. (and if becoming that big of a trader, a VPN connection or something like that to the exchange network would be really nice too... so the chances of Man in the Middle attacks are slim to none too)

Think of your wallet as digital gold, keep in mind that hackers are able to get into any computer that is on the internet, as long as they have a big enough incentive (enough money). And then start thinking about how you want to secure your digital gold, so it stays easy access for you, but impossible / near impossible for hackers / thieves. Here it all comes down to what are you willing to sacrifice for safety of your wallet.

i myself use a mac, i know there ware some account stealer for osx also, but still is much more safe than windows.

The blockchain.info wallet is great for everyday use, and for keeping track of BTCitcoins in your safe offline savings, but don't use it as safe savings store.

Too much work. Why not use a web-based service like blockchain.info?

Got a Q: is it generally a slowish process to send money from the kind of offline wallet described in the OP? I've read people talking about the bitcoin client syncing something and that taking many hours. I'm not too savvy in this field...

I try to keep my coins liquid, I want to be able to sell them fast. If I deposit coin to an offline wallet using the live-CD/USB-method, does it generally slow down the flow of my BTC?

If yes, then am I correct when thinking that setting up a whole computer never connected to internet would be a better option? Meaning, having the bitcoin client installed all the time?

Thanks. Still quite baffled by this security aspect.

Pretty simple, create a secure wallet using the tutorial at the start of this topic. This should be your savings account. (you never want this file on a networked computer) (this is also the account with the big amount of money you have, preferably multiple sharing this amount (so if you happen to accidentally lose one, you don't lose all your money))

The wallet on your laptop you can use as your "spending account".

The simplest way to put it is, any wallet you have an a networked computer or at some service, you should handle like your real wallet. (don't put all your money in it, etc. accept risk of loss / stolen)
Besides those you should create a very secure wallet (not networked, preferably offline/paper) which would be the same as your savings account (hence put it in a big bank vault or something) (protect these wallets, which at some point might contain a lot of money, like your life-savings account, and think what you would do to protect your life-savings account.)

Personally, I have 500 saving account addresses, 50% of these is hard-copy paper. Stored at several locations. (bank safety-deposit boxes are great, as they are also fire resistant, and you can put all those papers in there, if you encrypt it, they will still need a pass-phrase to get to the BTC's) The other 50% is on USB / Flash drives, bought specifically for this purpose, which have not been used for anything else. These are also stored in vaults on hard to get locations, spread out. Every single address, I can get to in at least 3 different locations, so technically I shouldn't be able to lose my private keys.

The only problem is, due to the nature of BTC you preferably only want to use an address once. (to keep anonymity up) So after 500 txns I run out of addresses, and I have to visit all my backup locations again to update their backups. (with extra newly generated addresses)

You can take this up any scale you want... or down if you like. Though looking at that the fact that a BTC is currently 100 euros... Hackers are going to try more often to steal bitcoins, and the only way to really protect from a hacker, is making sure the data is not networked in any way. (aka offline) So the better sense of security you have now, the less amount of surprises you'll see in the future. (you other wise might find out at some point... that one of your accounts is empty... while you didn't spend any.)

Hi

I am a newbie and I have installed bitcoin qt wallet on my laptop.
I did this before discovering these forums.
I have not yet secured it and have got no bitcoins or made any transactions, but since reading this post https://bitcointalk.org/index.php?PHPSESSID=9fjpqnfrrleq40pbu8q9t4ig96&topic=17240.msg222383#msg222383 I am a bit worried that I have made myself vulnerable and would love to know what I can do to make my laptop secure again.

Many thanks

Let me improve that for you:
   "Awesome Tutorial!"

The moment I got some BTC to spare I'll definitely donate some to the guy who made this