Topic: Offline vs online wallet (Read 765 times)

Thats awesome. I'll set up a node then! I was just a little worried bout my AT&T failing out on me.

Not yet, anyway. If you have decent broadband, it shouldn't run much slower with Bitcoin-Qt and/or Litecoin-Qt running in the background.

http://www.ubuntu.com/download/help/create-a-usb-stick-on-windows

Here ya go!

knives thank you for this post.
I totally agree with you 

Hello,

I don't understand all this paranoia with offline wallets and the rest. An encrypted TrueCrypt container with the wallet + wallet encryption (bitcoin-qt 8 support encryption of the wallet.dat), should be enough to keep the "bad guys away" even if the steal your wallet.

Keeping regular backups or even syncing the container with a service like google drive, dropbox and the like will keep you safe.

However, these are the 2nd line of security. The first line of security is a computer (normal avg joe computer) that has:

1) Original Windows or MacOSX installed. If you don't want to pay use Linux and/or (Free/Net/Open)BSD.

2) If you use windows, pay for an antivirus or use MS Antivirus which is pretty good.

3) Update your software regularly.

4) Disable Java in your browser! Seriously you don't need that.

5) Enable a firewall

6) If you travel a lot buy a VPN. Connecting through public WiFi's all the time can be an issue on a computer that holds say 1.000 BTC.

7) Use encryption as much as you can BUT better *not* to use full disk encryption and use software like PrayProject which would help get-back your laptop as a last line of defense (If your important data such as wallet, important emails, etc. are encrypted there's no problem as long as you have a backup). Full disk encryption protects the data if the computer is stolen, but there's no way for the attacker to boot without resetting (erasing) everything so.. there's no "last line of defense" here. If you choose this path and the laptop/computer is stolen, then you're left with the backup. It's amazing how stupid laptop thieves are and how well programs like PreyProject work.

Don't download torrents (okay except from audio and video) or illegal software in that computer. If you need a program, buy it!

9) Use firewalls! IF you don't understand how they work (seriously, it's complicated to understand how a firewall works without knowing how network, packet filtering and the rest works) use a user-friendly commercial (yes pay for it!) firewall which monitors incoming and outgoing connections! MacOSX has the awesome LittleSnitch, costs a few bucks but it's worth the price!

10) Stay informed! User your RSS reader, or whatever you use to read news (you read news online right?) to at least KNOW when something big (like a javascript vunl) hits computers.


I believe that 99 out of 100 users that get attacked do not use half of these measures. If you do, you are certainly not going to need all that insanity of offline-online wallet like if your operating a bank.

HOWEVER, if you pass a threshold where your amount of BTC CAN be considered *big*, let's say 1.000 BTC ( now worth 46000 USD) then I'd say setup a computer with full disk encryption and the rest in your basement, offline keep your wallet there etc. but until you reach 500 BTC.. that's insanity imho. (the amounts are subjective of course)

This sounds good. Can you point to a guide for creating such bootable disk?

Oooh good Idea. That would actually work out. Get a Bootable USB stickk that has truecrypt encryption would be even better. I'm going to write a Bootable USB running Tails, and see if I can have MultiBit connect to my networked wallet file on Google Drive with truecrypt encryption. I will also check if accessing blockchain.info from Tor is reasonable and possible. I wouldnt see why they would block Tor Exit nodes.

But for the most part, Tails, or even Ubuntu on a Bootable USB with Blockchain.info would be perfectly reasonable. I would use Tails personally to prevent against ARP Poisoning and other packet attacks. For the mainstream user though, Ubuntu would work fine.

Perhaps running a liveCD in a virtual machine for the sole purpose of logging on to blockchain might be the best of both worlds then?

That may or may not be true, depending on what payment process services will develop in the future, but either way it's completely off topic.

I believe in the use of Offline wallets. Only if you are very aware of the proper ways to use a computer. I've seen plenty of examples of viruses that extract your wallet file. Webwallets can help hedge against direct downloading of your wallet by a virus, but keyloggers can bypass that. Just be careful. Webwallets are the most convenient wallet method by far though.


Would running a Bitcoin Node use vast amounts of my network bandwidth? I'd run one if it didnt slow down my home internet.

With bitcoin you'll have to wait 10 min to go out of the store with the bread.

It's not very well endowed actually
Plus, I would feel nervous having any significant amount of money in a full client that doesn't run in a live CD, in which case it would be impractical (for example if I were to run it once a month, it would take days to synchronise). I just ran my client 2 days ago and it's still syncing with the network for example.

Webwallets (blockchain.info being one of the best) are quite convenient, but if you're serious about Bitcoin and your computer is endowed with plenty of resources, I am a strong advocate of running a full Bitcoin-Qt node, as the bitcoin.org page also seems to agree. It helps the Bitcoin network, whether you mine or not.

So, you would go for blockchain and back it up, as opposed to a completely local client?

That you need to backup the blockchain.info wallet

Hello,
What do people think on online wallet services such as blockchain.info, compared to using/managing your own wallet in your local pc/USB stick/dropbox?