Topic: Is this practice safe? (how to avoid keylogger when I type pass?) - page 2. (Read 2585 times)

Of course, you can be hacked in any system. Especially if you are careless.

At the same time, no one can enter your system, execute a program or plant a trap without it having "holes". There's no magic to get access to your system that I know of.

After you have your system installed, you just have to keep in mind to offer as less potential holes as possible, like:
  1.Is your system running a SSH server?
  2.Is your system running a Remote Desktop server?
  3.Is your system running a Web server?
  4.Running, downloading all programs you found on the internet (e.g. joe's blog).
  5.More things I do not know about?

Configuring or doing any of that in a careless manner will make you a very easy target to other people plant and run any software they wish after every startup. Even if you're running Linux.

I am not sure about Windows, past experiences told me it is vulnerable out of the box... While most Linux implementation is not (that I know of). It will depend on what the user will do that will open or close doors to outside attackers.

Also, keep in mind to update your system regularly. Some serious bugs are fixed every now and then.

Well how do you go around certifying it? Im pretty certain that my computer is clean, but then again, as long as your computer is connected the internet, there is a posibility that you are infected with something that has been customized and has never been detected by any of the existing av/firewall software, or maybe it is but you are unlucky and it hasn't been detected by the ones that you have installed.

I have considered installing linux on another partition just for the sake of running core in a less harsh environment than Windows but even then it doesn't solve the problem of being to connected to the internet anyway, and I don't trust this "you can't get hacked in linux" stuff.

Obviously, it will store all data then send when you are online. Any properly coded "keylogger" will do this.

The solution is to certify your system does not have such software installed.

The only way to be 100% sure is to use a computer that never connects to the internet.  Key loggers can store what they capture and send it when you reconnect, depending on the software. 

A safer way could possibly be to run it off an external boot drive that only has Bitcoin Core on it and doesn't connect to the internet.  But even that isn't perfect safe since you have to worry about USB infections or lower level (e.g. BIOS or firmware or lower).  So it is very difficult to be sure you are 100% safe. 

Also varies by OS.

see e.g.
bad bios: http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/
usb: http://www.komando.com/happening-now/275451/the-unstoppable-usb-virus-released-to-hackers/all

etc

I use Bitcoin-qt (well now Bitcoin Core) because I have been used to it for years and honestly im too lazy to move my funds into another place, when it comes to software wallet nothing beats having the actual blockchain downloaded locally, even tho the interface is a bit archaic but I hope in the future it gets a bit better for those of us that actually use it as an actual wallet (I can't properly order receiving and sending addresses for example, it's just a big messy list)

Anyway that's for another thread, the question here was: Let's say I want to open my wallet to send a transaction, is it safe if I do this?

1) I turn on computer
2) With modem turned off I open Bitcoin Core
3) Once im inside the program I enter the pass to decrypt the wallet and be able to send transactions
4) Now I turn modem on and begin syncing then I can send the bitcoins

With this practice can I avoid any potential keyloggers or something to steal my wallet pass? Or will the keylogger still log me when im offline then send the log once I go online?

I would like to keep using Bitcoin Core, but I can't find a way to make 100% sure that when I enter the pass to decrypt wallet im not being logged.
It would be cool to be able to run Bitcoin Core in an isolated way so you can still use this software without being scared all day that you may have a keylogger but I can't think of any way.