Oh,and
3)Suggesting people "might want to make multiple copies" is bad advice. People should *definitely* have more than one copy of their wallet. As you say, "losing your wallet.dat is worse than someone stealing it." but also: Flash drives go bad. Files get corrupted. Things get misplaced. Mistakes happen. 2 validated copies is a bare minimum. I would say that "probably want to make more than two copies (and keep 2 copies on each storage device)" is better advice.
In the early 90's, I became unable to unlock my PGP secret key - the passphrase I remembered and was sure was correct no longer worked. Was the file corrupted, or did I somehow misremember it? I'll never know for sure. The key wasn't backed up, so I couldn't try or compare with a backup.
Topic: HOWTO: create a 100% secure wallet - page 70. (Read 276221 times)
I read a lot of suggestions about an offline wallet. If I have a computer that is completely and entirely disconnected from the Internet -- it never connects to a network under any circumstances -- how can I get a transaction it generates onto the network?
I can obviously move the blockchain files between computers, but how will the online client react if it sees data in the files that wasn't there previously? Will it identify "unsent transactions" or something like that and forward them to the network?
I can obviously move the blockchain files between computers, but how will the online client react if it sees data in the files that wasn't there previously? Will it identify "unsent transactions" or something like that and forward them to the network?
I guess you'll just have to trust them when they said "highly unlikely" on the Bitcoin wiki weaknesses section: https://en.bitcoin.it/wiki/Weaknesses#Generating_tons_of_addresses
Ok, here comes this newbie's first post....
A couple issues:
1)Typo: "walled.dat".
2)There's no protection against MITM attack when you download that LiveCD - people need to ensure that the LiveCD image they download hasn't been trojaned on its way to them. Checking securely obtained SHA hashes, PGP/GPG keys ... very important and worth mentioning! Ditto for the bitcoin client.
OP says: "I think it makes sense to trust both the Ubuntu LiveCD as well as the client from bitcoin.org for now." Well, it makes sense if you ensure they are what you think they are -- you have to trust someone.
-=>MATTTT>--
A couple issues:
1)Typo: "walled.dat".
2)There's no protection against MITM attack when you download that LiveCD - people need to ensure that the LiveCD image they download hasn't been trojaned on its way to them. Checking securely obtained SHA hashes, PGP/GPG keys ... very important and worth mentioning! Ditto for the bitcoin client.
OP says: "I think it makes sense to trust both the Ubuntu LiveCD as well as the client from bitcoin.org for now." Well, it makes sense if you ensure they are what you think they are -- you have to trust someone.
-=>MATTTT>--
Nice info thanks.
I read a lot of suggestions about an offline wallet. If I have a computer that is completely and entirely disconnected from the Internet -- it never connects to a network under any circumstances -- how can I get a transaction it generates onto the network?
You can use armory or brainwallet to sign the transaction offline, and broadcast it using brainwallet. 
I read a lot of suggestions about an offline wallet. If I have a computer that is completely and entirely disconnected from the Internet -- it never connects to a network under any circumstances -- how can I get a transaction it generates onto the network?
I can obviously move the blockchain files between computers, but how will the online client react if it sees data in the files that wasn't there previously? Will it identify "unsent transactions" or something like that and forward them to the network?
I can obviously move the blockchain files between computers, but how will the online client react if it sees data in the files that wasn't there previously? Will it identify "unsent transactions" or something like that and forward them to the network?
being kinda new on this whole bitcoin thing the wallet security was one of my big concerns (and yes, I tend to be a little paranoid).
having an OS on an usb device is actually a great solution. All I came up with was actually buying a simple computer and never ever accessing internet on that.
thanx for showing me a waaaay simpler method
having an OS on an usb device is actually a great solution. All I came up with was actually buying a simple computer and never ever accessing internet on that.
thanx for showing me a waaaay simpler method
Thanks for the informative post OP. I appreciate your effort 
Guys, I cannot stress this enough. If you're going to use a Live CD or USB, ad majorem dei gloriam, PLEASE use TAILS. Tor is just about the best thing that happened to BitCoin in terms of security during transactions.
i edited my post above right after typing
Is it safe to backup my wallet on dropbox?
HELL NO! Well unless you encrypted it with a strong password. But Dropbox (i.e. their employees) can access your data. And depending on where they host their data, so can the particular 3rd party hosting / cloud storage company (maybe Amazon or whatever).Not saying these companies are untrustworthy, but you simply don't want to take this risk. Especially because IF your coins disappear, there's no way to proof it was them.
Wuala.com (an alternative to Dropbox) is safer because encryption occurs client side there.
Then again, you shouldn't have an unencrypted wallet on your PC anyway. Suppose someone breaks in and takes your PC. Or you lose your laptop or whatever. Simply do NOT mess around with your money.
Is it safe to backup my wallet on dropbox?
HELL NO! Well unless you encrypted it with a strong password. But Dropbox (i.e. their employees) can access your data. And depending on where they host their data, so can the particular 3rd party hosting / cloud storage company (maybe Amazon or whatever).Not saying these companies are untrustworthy, but you simply don't want to take this risk. Especially because IF your coins disappear, there's no way to proof it was them.
Wuala.com (an alternative to Dropbox) is safer because encryption occurs client side there.
Then again, you shouldn't have an unencrypted wallet on your PC anyway. Suppose someone breaks in and takes your PC. Or you lose your laptop or whatever. Simply do NOT mess around with your money.
Put in safety box is the most secure lol.
First you have to set measure what is secure for you.
e.g.:
-you want noone to know you holding Bitcoin
-you wand noone to see your transaction
-you are confident noone knowing that a transaction is connected to you
-you just want to be the only one to spend your coin
if you wanna have all of that, it is hard - but still possible or at least plausible deniable with Bitcoin.
But never forget, that it was never intended to be "not known" anyhow - it was just meant to be pseudonymous and free of central control.
e.g.:
-you want noone to know you holding Bitcoin
-you wand noone to see your transaction
-you are confident noone knowing that a transaction is connected to you
-you just want to be the only one to spend your coin
if you wanna have all of that, it is hard - but still possible or at least plausible deniable with Bitcoin.
But never forget, that it was never intended to be "not known" anyhow - it was just meant to be pseudonymous and free of central control.
There's no 100% secure wallet just as there exists no 100% effective contraceptive
I am hoping Bitcoin QT clients encryption is safe enough for the time being while I only have minimal bitcoins but it looks like ill have to look into wallet security a lot more.
Im guessing there would be a way to have my wallet stored on a usb stick for saftey
Im guessing there would be a way to have my wallet stored on a usb stick for saftey
There is a way. And it's already been discussed on the thread's OP.
I am hoping Bitcoin QT clients encryption is safe enough for the time being while I only have minimal bitcoins but it looks like ill have to look into wallet security a lot more.
Im guessing there would be a way to have my wallet stored on a usb stick for saftey
Im guessing there would be a way to have my wallet stored on a usb stick for saftey
I would agree that the best practice is to keep your wallet on media not connected to the internet for routine storage (and have backups)
Cool
Brainwallets are a great idea; just don't forget the phrase if you are storing a lot of money!
Jump to: