Topic: HOWTO: create a 100% secure wallet - page 32. (Read 276221 times)
The problem with tails is adding programs and saving the data. They purposely make it difficult. Better off using liberte. much more robust.
Ok, here comes this newbie's first post....
A couple issues:
1)Typo: "walled.dat".
2)There's no protection against MITM attack when you download that LiveCD - people need to ensure that the LiveCD image they download hasn't been trojaned on its way to them. Checking securely obtained SHA hashes, PGP/GPG keys ... very important and worth mentioning! Ditto for the bitcoin client.
OP says: "I think it makes sense to trust both the Ubuntu LiveCD as well as the client from bitcoin.org for now." Well, it makes sense if you ensure they are what you think they are -- you have to trust someone.
A couple issues:
1)Typo: "walled.dat".
2)There's no protection against MITM attack when you download that LiveCD - people need to ensure that the LiveCD image they download hasn't been trojaned on its way to them. Checking securely obtained SHA hashes, PGP/GPG keys ... very important and worth mentioning! Ditto for the bitcoin client.
OP says: "I think it makes sense to trust both the Ubuntu LiveCD as well as the client from bitcoin.org for now." Well, it makes sense if you ensure they are what you think they are -- you have to trust someone.
Best way you be to just memorise if you can
would you trust an online wallet with considerable amount of bitcoins?
Very usefull information. Thank You
I think the guide to being secure doesn't need to be complex at all, though I don't know if the required technologies are available to write such a simple guide.
For example I think that an offline computer can send money without being connected to the internet. You just use your signing keys(you must also know manually how much bitcoins you have beforehand, without having any blockchain around. Here you can use blockchain.info to check that up, advised to access it through Tor. Then since you know how much you have, you use your private key on that offline computer and sign a transaction. Then you transfer that transaction with a usb key storage to your main computer which may be virus and trojan+keylogger infested and just execute the transaction. Voila!
Though are these technologies available. We would need a very simple program, one that doesn't like need the latest version of Ubuntu, not the full fledged bitcoin-qt, except if it can work in offline mode and it can allow to send Bitcoins without needing an internet connection.
The above are maybe a bit of half-baked thoughts.
For example I think that an offline computer can send money without being connected to the internet. You just use your signing keys(you must also know manually how much bitcoins you have beforehand, without having any blockchain around. Here you can use blockchain.info to check that up, advised to access it through Tor. Then since you know how much you have, you use your private key on that offline computer and sign a transaction. Then you transfer that transaction with a usb key storage to your main computer which may be virus and trojan+keylogger infested and just execute the transaction. Voila!
Though are these technologies available. We would need a very simple program, one that doesn't like need the latest version of Ubuntu, not the full fledged bitcoin-qt, except if it can work in offline mode and it can allow to send Bitcoins without needing an internet connection.
The above are maybe a bit of half-baked thoughts.
There was some very helpful information in this thread. Thank you very much!
Seems good...Since I won't have too many transactions...I don't have to backup frequently...So I would like to try safer ways...
Encrypt your wallet...makes sense. Thanks for the post!
I downloaded BitCoin and installed the program, and it shows up in my C;/Program Files, but no where in there is a wallet.dat file. Does anyone know why?
Hey guys, I've got a question for you. How big is the block chain going to get? I ask because I want to make sure the usb drive I use is actually large enough to encrypt an entire client indefinitely. So I know that as blocks get very old they're no longer saved, but aren't the new blocks larger than the old blocks? Meaning, won't the size of a full install always increase?
Or then there's the other option, of just using a 8 or 16 GB drive and using it as a full OS+bitcoin client.
Or then there's the other option, of just using a 8 or 16 GB drive and using it as a full OS+bitcoin client.
One more question, how do I create a second wallet?
If I backup my current one, how do I get a separate one for daily use?
If I backup my current one, how do I get a separate one for daily use?
Sorry I have not gone thru all 14 pages, plan to do so. I did run a search on this and did not find an answer.
Thx.
Going to backup my wallet...
Going to backup my wallet...
Will definatly take advice from this guide.
Encrypting a pendrive as we speak.
Encrypting a pendrive as we speak.
Interesting. Thanks for the info.
I want my secure wallet to be stored down-town any-place under the wing of a respected Town Hall where I'm even required to sign in with biometric, hand print, eye scan, whatever, up to the user (24/7) - protect withdrawals over certain limits.
Place it right near the coffee and donut shop.
If I keel over I want bio-metric access granted to next of kin. Maybe a fork carries my biometric authentication?
Place it right near the coffee and donut shop.
If I keel over I want bio-metric access granted to next of kin. Maybe a fork carries my biometric authentication?
A lot to know about security. Will do my best.
Security needs to be brought to the average joe for bitcoins to reach its potential. This means that always booting from a live CD or flash isn't really scalable to the masses. It needs to run on Android, iPhone and, yes, Windows.
I think we need to think about how we can create a secure sandbox environment in any environment, or leverage sandboxing currently available. This may mean doing encryption on top of encryption.
This is not to say there are not challenges. The fundamental challenge is how do you handle compromised programs running as the same user, and key loggers. But, I think it is simply important to begin the discussion with how to secure bitcoins on platforms that the mainstream will want to use, rather than invent a distro and boot process just for bitcoins -- unless, of course, you're goal is to secure 1000s of them.
I think we need to think about how we can create a secure sandbox environment in any environment, or leverage sandboxing currently available. This may mean doing encryption on top of encryption.
This is not to say there are not challenges. The fundamental challenge is how do you handle compromised programs running as the same user, and key loggers. But, I think it is simply important to begin the discussion with how to secure bitcoins on platforms that the mainstream will want to use, rather than invent a distro and boot process just for bitcoins -- unless, of course, you're goal is to secure 1000s of them.
There's no 100% security.
Jump to: