1 word LastPass FTW!
Topic: Realistically, how safe is a dedicated HD or SSD as cold storage? (Read 3447 times)
August 11, 2013, 04:33:53 AM
Quote
I always use randomly generated passwords, of the type that alternates letters and numbers. Sometimes symbols.
Ya, I use keepassx to generate strong passwords for me.
The crappy thing is every website has different requirements on which symbols and length can be used.
August 11, 2013, 01:46:49 AM
Probably safe enough if you encrypt it with a STRONG password and back it up (multiple copies!)
August 11, 2013, 01:46:01 AM
I would avoid backing up encrypted bitcoins to cloud storage considering it has been revealed that if the NSA finds you have encrypted files they can keep them as long as they want because they assume you are hiding something from them.
They will crack your 30+ character password in, maybe 300 years. Probably a lot more. Or let's be optimistic and they get to crack it 10 times faster. 30 years. Or even 100 times faster. 3 years.
Let them keep encrypted files as long as they want. They will not have access to it in the time frame they need.
More than enough time for you to make a new wallet and transfer your coins to the new wallet.
That entirely depends on what passphrase is used.
A 30 character password composed of dictionary words with a few numbers can be quite weak.
I always use randomly generated passwords, of the type that alternates letters and numbers. Sometimes symbols.
Here are a dozen examples which I just generated now, which I will never use:
Code:
riIrZrXOIkftU1h96awI8tKvJfcapiE
lBLw1JVOyd9Q5PLNYtfOhSNZsZryamt
y9IsUXORQKJcfOnovxEHnKHRfPmOGQ3
mf9a3E74COT0pAS26rAAUZizjkOwZpQ
vl5lsuN79xWWTRYF8Z1GhiFOYyvqtBK
u22rkgVAl9yxgZOKPB3dHTPjThV0twx
vpGeYMC1fmcA8AkFQEcALdkXY10iEsG
hjmAmli0Us8sLKHcZdm5dA2gbwTXjYs
fbzyClE8xcLcCnsF8sK4xwfTt9Hl7Sz
bVjmy7sDf7ClLKQierC4ghuTECR81C2
dcgUlUl5pHogjSxi24XDmTpKcCqagBe
dIRcNj242AByr6pBM2NQnZC0tUdl3UY
lBLw1JVOyd9Q5PLNYtfOhSNZsZryamt
y9IsUXORQKJcfOnovxEHnKHRfPmOGQ3
mf9a3E74COT0pAS26rAAUZizjkOwZpQ
vl5lsuN79xWWTRYF8Z1GhiFOYyvqtBK
u22rkgVAl9yxgZOKPB3dHTPjThV0twx
vpGeYMC1fmcA8AkFQEcALdkXY10iEsG
hjmAmli0Us8sLKHcZdm5dA2gbwTXjYs
fbzyClE8xcLcCnsF8sK4xwfTt9Hl7Sz
bVjmy7sDf7ClLKQierC4ghuTECR81C2
dcgUlUl5pHogjSxi24XDmTpKcCqagBe
dIRcNj242AByr6pBM2NQnZC0tUdl3UY
August 11, 2013, 01:23:06 AM
I would avoid backing up encrypted bitcoins to cloud storage considering it has been revealed that if the NSA finds you have encrypted files they can keep them as long as they want because they assume you are hiding something from them.
They will crack your 30+ character password in, maybe 300 years. Probably a lot more. Or let's be optimistic and they get to crack it 10 times faster. 30 years. Or even 100 times faster. 3 years.
Let them keep encrypted files as long as they want. They will not have access to it in the time frame they need.
More than enough time for you to make a new wallet and transfer your coins to the new wallet.
That entirely depends on what passphrase is used.
A 30 character password composed of dictionary words with a few numbers can be quite weak.
August 11, 2013, 12:50:56 AM
I would avoid backing up encrypted bitcoins to cloud storage considering it has been revealed that if the NSA finds you have encrypted files they can keep them as long as they want because they assume you are hiding something from them.
They will crack your 30+ character password in, maybe 300 years. Probably a lot more. Or let's be optimistic and they get to crack it 10 times faster. 30 years. Or even 100 times faster. 3 years.
Let them keep encrypted files as long as they want. They will not have access to it in the time frame they need.
More than enough time for you to make a new wallet and transfer your coins to the new wallet.
August 10, 2013, 05:36:26 AM
http://www.mdisc.com/ This promises 1000 years of stable storage.
I wonder when it fails after 999 years if there's still a company around to make a warranty claim. :-)
August 09, 2013, 08:58:40 PM
http://www.mdisc.com/ This promises 1000 years of stable storage.
August 09, 2013, 08:43:38 PM
Etching into stone would certainly be the best idea.
August 09, 2013, 07:42:07 PM
I would avoid backing up encrypted bitcoins to cloud storage considering it has been revealed that if the NSA finds you have encrypted files they can keep them as long as they want because they assume you are hiding something from them.
August 09, 2013, 04:16:28 PM
I think SSDs corrupt over time if unused...
Im doing paper. Ill buy a safe and house alarm one day and stick the paper and gold in there.
Im doing paper. Ill buy a safe and house alarm one day and stick the paper and gold in there.
August 09, 2013, 03:26:09 PM
I prefer the idea of copying the wallet.dat file to another hard drive and keeping it safe and disconnected.
I'm amused by the way some have gone into details about years of storage. Does anyone here really plan to hold BTC or other coins for years?
I'm mining and selling and converting to good old CASH. That seems like the best wallet idea to me.
I don't plan to hold any of my coins for more than a few months.
And for those who suggest some sort of fire box but it still gets too hot and paper discolors, here's an idea:
Get some cement blocks. Build a wall of blocks under, around, and over the fire safe. That way, even if the house burns down, the blocks will keep the hottest heat from getting to the fire box, therefore keeping its contents cooler.
Or if you are using some sort of drive to store the wallet file, seal it up in an antistatic bag, put it inside a piece of 4" PVC pipe, cap the ends, and bury it in the back yard. Lots of ways to do it.
I'm amused by the way some have gone into details about years of storage. Does anyone here really plan to hold BTC or other coins for years?
I'm mining and selling and converting to good old CASH. That seems like the best wallet idea to me.
I don't plan to hold any of my coins for more than a few months.
And for those who suggest some sort of fire box but it still gets too hot and paper discolors, here's an idea:
Get some cement blocks. Build a wall of blocks under, around, and over the fire safe. That way, even if the house burns down, the blocks will keep the hottest heat from getting to the fire box, therefore keeping its contents cooler.
Or if you are using some sort of drive to store the wallet file, seal it up in an antistatic bag, put it inside a piece of 4" PVC pipe, cap the ends, and bury it in the back yard. Lots of ways to do it.
August 09, 2013, 03:15:14 PM
if i would have a large amount of btc to save safe, i would take a offline pc connected via rs232 port
to a online pc.
a little tool to control the wallet from the online pc and a auto backup function to a 2nd hdd.
a hacker how got access to your network (vpn) and to your online pc, can not directly communicate with
your offfline pc unless he knows how your rs232 connection works and for this he would
need minimum a username and a password which is only stored on the offline pc.
so with that system i think nobody can steal your wallet unless you reveal your username and password
to control the offline pc (and in this case he still needs the commands to control the offline pc).
with that system you still have control of your wallet from everyware of the world via internet and
you have a backup if one hdd fail.
this offline pc could be a simple raspberry pi...
to a online pc.
a little tool to control the wallet from the online pc and a auto backup function to a 2nd hdd.
a hacker how got access to your network (vpn) and to your online pc, can not directly communicate with
your offfline pc unless he knows how your rs232 connection works and for this he would
need minimum a username and a password which is only stored on the offline pc.
so with that system i think nobody can steal your wallet unless you reveal your username and password
to control the offline pc (and in this case he still needs the commands to control the offline pc).
with that system you still have control of your wallet from everyware of the world via internet and
you have a backup if one hdd fail.
this offline pc could be a simple raspberry pi...
August 09, 2013, 02:40:31 PM
Regardless a SSD is NOT safe for any sort of cold storage. They go bad more frequently then HDD's and with no notice (you don't get clicking noises first for example as a warning- enough time to copy off your keys?) and there is no way (that I know of) to get salvage data from a dead SSD. At least with a dead HDD you can pay a few thousand dollars to special facility to take it apart in a clean room and recover data bit by bit.
Do not rely on SSD's for data storage.
Do not rely on SSD's for data storage.
1 word "Spinrite..."
https://www.grc.com/sr/spinrite.htm
Simply put nothing comes nowhere near what this puppy can do, and yes it can recover data off SSD's too
August 09, 2013, 01:34:48 PM
Acid free paper is still the best way to store data for long periods of time.
CDs develop errors after a decade. Magnetic media is subject to demagnitizing. Mechanical drives break.
Think about how long books have lasted. It is ironic that in the digital age, paper still have value and function.
Cold wallets are meant for long term storage of large amounts so a paper wallet stored in your safe deposit box makes sense.
or you can tattoo a QR code on your chihuahua's ass and hope he doesn't run away or that the girl at the groomer doesn't shave his ass and find the tattoo, scan it with her iPhone and run off with your fortune from mining USB erupters for 10 months.
CDs develop errors after a decade. Magnetic media is subject to demagnitizing. Mechanical drives break.
Think about how long books have lasted. It is ironic that in the digital age, paper still have value and function.
Cold wallets are meant for long term storage of large amounts so a paper wallet stored in your safe deposit box makes sense.
or you can tattoo a QR code on your chihuahua's ass and hope he doesn't run away or that the girl at the groomer doesn't shave his ass and find the tattoo, scan it with her iPhone and run off with your fortune from mining USB erupters for 10 months.
August 09, 2013, 11:41:59 AM
Regardless a SSD is NOT safe for any sort of cold storage. They go bad more frequently then HDD's and with no notice (you don't get clicking noises first for example as a warning- enough time to copy off your keys?) and there is no way (that I know of) to get salvage data from a dead SSD. At least with a dead HDD you can pay a few thousand dollars to special facility to take it apart in a clean room and recover data bit by bit.
Do not rely on SSD's for data storage.
Do not rely on SSD's for data storage.
August 09, 2013, 11:23:43 AM
Not as safe as scribbling the private keys on the back side of the edges of the wallpaper that have come off the wall in your restroom like a true cryptoanarchist! 
August 09, 2013, 04:25:12 AM
I understand backing up etc, what I do not understand is, if your computer is hacked and coins disappear how do you, or, can you retrieve them.
Are they not now in somebody else's anonymous wallet?
Are they not now in somebody else's anonymous wallet?
Yes if someone transfers bitcoins out of your account, it is almost always not possible to get them back, realistically speaking.
August 08, 2013, 11:36:37 PM
I understand backing up etc, what I do not understand is, if your computer is hacked and coins disappear how do you, or, can you retrieve them.
Are they not now in somebody else's anonymous wallet?
Are they not now in somebody else's anonymous wallet?
August 08, 2013, 11:13:44 PM
Drives in cold storage generally don't go bad
This is not the same as "unplugged drives don't go bad at all". Spinning disks are subject to age, as well as wear. SSDs leak. A disconnected drive is an unknown drive. It may be fine when you reconnect it, it might not be. The only way to find out is to connect it.
In my opinion, the bigger problem is that drives carry executable code, as well as data. Sadly, Windows isn't the only operating system that tries to execute programs on newly found disks.
I personally use boring old paper. Cheap, light, easy to store. Your paper will outlive you, even with mediocre archival practices. If you are also careful about choosing your encoding system, the paper will not be capable of storing anything but what you can see and verify visually. You can encrypt the keys stored on it, and you can use multisig too.
Jump to: