Topic: please stop using the bitcoin client on your home computers to store your BTC - page 2. (Read 4213 times)

Yes, that worked out so well with Mt. Gox and MyBitcoin.

It's the ratio of mortality between airplane to car travel.

LOL seriously!?  Thread about security:  don't learn about security, just give your money to other people.

Great security advice right there.

Don't think, let us do the thinking for you.  We're the ones who have a vested interest in thinking, not you.  Why should you think?  Do you really NEED to think to get by when I could just think FOR you?

Do you see how absurd that is?

I was.
I even skim over the threads with the few people who have still not reclaimed their accounts and stolen funds before the fiasco to see how they are coming along, some have and some haven't.

That time delayed swift kick in the ass, hurt them quite a bit with reputation. However it indeed made them much more resilient. As well as upping the bar on security across the entire board, so much so that some exchanges use that utmost important factor of security as their main selling point.
We don't see those inquisition/crusades threads anymore toting a raging boner for full disclosure either.

It sounds like you have your area covered, been around long enough, so my best guess it that this thread isn't really for you.

I know its not perfect, but i think its the best security/ease of use ratio we are going to get without dedicated devices (which i agree are needed, but may be a while coming, and even then this approach will have advantages) it could be set up so that if you plug it in while in windows a box will pop up telling you you need to reboot the computer with the drive inserted, and a nice big button saying "help me use ChromeCoin" that would place a boot loader entry that pointed to the drive, yes it would be annoying and a little heavy handed, but certainly simple enough.

The main problem with that is, how to teach people to boot a flash drive on a computer. its not even a simple task for even tech people that fix computers. the main problem is that almost every motherboard does it differntly. on 3 of my computers heres how i do it

1: i go into the boot menu and set the flash drive to #1
2: push f12 while booting up and select the flash drive
3: is not able to boot from flash.

I do love the idea though.

As i said in countless other threads, we need specific bitcoin hardware, weather it be a bitcoin certified sticker on cheap laptops, bitcoin credit cards with all the hardware needed on them or even smartphone sized bitcoin devices, or smartphones themselves branded as bitcoin certified.

If we had enough capital, we could buy like 10 of these http://www.newegg.com/Product/Product.aspx?Item=N82E16834215131 and reformat them and install only the stuff required to have a dedicated bitcoin machine that will only have bitcoin installed. it would also only allow bitcoin related connections so it would be secure against common attacks.

I agree with OP.

Until someone creates a drop-dead easy app that does all the exciting stuff in the previous post, there will continue to be a stream of incidents of mainstream users' bitcoin wallets being compromised by hackers & trojans.

What we need for this situation is actually quite simple to make. Take chromium OS, package in a headers only Bitcoin client and a strong encryption program. Create two partitions, one for chromium OS the other for wallet storage, the wallet storage partition is of course encrypted. This entire setup can fit on a small flash drive, and can easily be made into a simple 'Create secure Bitcoin flash drive' program that even a monkey could use (insert flash drive, press button) To make it even simpler you could sell Flash drives pre installed with this software.  on first boot the user will chose his password and the encrypted volume will be created. I think chromium OS (or something similar) is best suited for this task for a few reasons.

1) Its lunix based, and as such brings with it a measure of security.
2) It is bare bones, totally lacking anything but a web browser, this may hinder the porting of the Bitcoin client, but it will help security, less programs mean less potential holes.
3) Its fast to start (even off of a old flash drive on a slow machine less than 10 seconds) people do not want to spend 10 minutes just waiting for a single purpose system to boot.
4) Google has already coded the OS to preform a self check on start up and restore it self to a original state if unauthorized changes are made, this is an excellent anti-virus move since all user data is in the encrypted wallet partition
5) Its already mostly coded and its open source, making this task an approachable one, if still difficult.   



I think this would be the best approach for the creation of a secure, fast, and simple environment to store and handle Bitcoins.

At the end of the day it's going to come down to trust with whomever you use.

We just opened today http://bitprotection.info  we provide a backup solution for peoples wallet's.  If you loose your wallet the game is over. We saw this happening to much and figured at some point someone has to step in and try to offer a way to help people protect what they own. We can't stop stolen coins but we can sure help protect your Bitcoin Wallet 

storing your own BTC in a wallet you made on a computer not connected to the net, ie the ubuntu live cd method, you are almost guaranteed to not get your coins stolen. as soon as we get the ability to export private keys easily, we will even be able to print them out and be able to realistically type them back into the computer.

I am pretty sure that "most bitcoin-related services" work just as well with an e-wallet. Some services like BitLotto and your RaffleBit don't, but none that I have used. In fact, those are the only two I can name of the top of my head.

As a bitcoin web service developer/service provider: I wouldn't have a problem with this for the average end user, were it for one simple fact. Wallet providers don't consistently enough route the outbound address of a user back to that user's account. Most bitcoin-related services require an original client that will give users access to any bitcoin generated by the service, so until it becomes industry standard with wallet operators to route payments from outbound addresses back to the account they originated from, I won't be supporting them.

I can take care of myself, thank you very much. Last time I checked, public websites/servers are the least secure places on the internet aside from people who link surf. Remember MTGox incident?

*This isn't intended for security experts
**rant alert!

It was great in the beginning, the client was bitcoin's harbinger,
but now it's a completely new game that requires a level of security,
that isn't here or foreseeable yet. It's talked about, but it's still far away.

Out of maybe 20-40 issues I've seen since signing up to this forum the people with the most bitcoins lost due to theft, computer or even user failure was from running the client.

The real options right now that is not widely spread to new people, and is actually turning people away is not knowing to entrust your stake with an exchange or online wallet.
The people that run exchanges and online wallets have so much more to lose than you, so please use them.

If their site goes down, their business goes down, therefore the site being up and secure is of the utmost importance to them. This can be relied on, as trust and security is interdependent to them. If one is lost the other is taken for as long as the imbalance is happening.

Remember to do your own research into this.
If running the client is the most secure method for your situation, and you are not at Mensa level, I'm the only person telling you to reflect on this rant. I don't like seeing people pissed off, confused and just being kind of hateful and hugely skeptical toward and of one another. 

So, if after all the research you have done, all of this is still becoming way to daunting for you, use an exchange or online wallet. You will feel so much better having that layer of detachment and you might even notice no transaction fees. After that all you have to really be mindful of is managing all of your passwords, and the computer you are using.

/end of line