Topic: Securing your savings wallet - page 4. (Read 8363 times)

how common is it to have a laptop keylogged?  i thought that was more a function of physically attaching a device to the keyboard wire on a desktop?

The problem is that encryption doesn't protect you from a Bad Person that obtains access to your system.  Your wallet may be encrypted, but it has to be decrypted for a moment in order to sign transactions.  That means that, at some point (unless you never spend any coins, only receive them), your private keys will be sitting unencrypted in RAM.  If someone has root access to your system, they can write a program to copy the program's memory space as soon as it detects you've unlocked it.

It's not easy for an attacker to do.  Not every attacker gets root/admin access.  But there's also a lot of nasty viruses/malware out there, and people get infected all the time.  And part of the reason it's so difficult to secure computers against them is because they're constantly changing and developing new ones.  In fact, the threat vectors are the ones you don't know about yet (because the ones we do know about have generally been patched already).

If you really want to do the online computer thing, I recommend it be done on a system or OS that has good A/V and is not used for web-surfing.  It should have a minimal amount of software installed, and minimal interaction with the internet.   It's sole purpose should be for your Bitcoin software.   And in fact, that's very much like what you're asking for...

I just wanted to point out that for most users, hearing the phrase "Securing your savings wallet" is synonymous with "I want to keep a couple hundred dollars worth of BTC online, but I want to store my $30k in savings in the most secure way possible."  For most people, $30k is not something you compromise with, you just get the best thing out there, even if it's a little inconvenient.  I'd like to believe that Armory is not only "the best thing out there", but also rather convenient once you get past the load times

Unfortunately, it's very difficult to quantify what the security difference is, because most of it is based on what we don't know -- Bad People are finding new ways to attack systems, all the time ...

Since I'm using encryption I believe all I should need to be very safe is protection against keylogging. With my current setup, rightly or wrongly, that's the only thing I'm worried about. And I thought having a USB with Ubuntu is a solution for that.

Now is this having my wallet secured? You tell me! Is encryption + keylogging protection enough or are there other attack vectors I'm missing and are way too risky to remain exposed to?

hazek,

I don't think that anything you said is outrageous or unreasonable, with minor exception.  My point was more that there is a gap between the supply and the demand on the end-user-software spectrum.

The caveat is that any system that is online has an order of magnitude more attack surface than one that isn't.  I'm not saying that there's no security to an online system, I'm saying that this thread is about "securing your savings wallet" which many users don't consider secure unless there's a physical/manual gap between the internet and your keys.   I misread your statements, thinking that you were like other users who wanted the cold-storage, but also wanted all the other features that haven't been combined into any existing cold storage solution, yet.  Since that's not the case, your options are significantly wider.  I was simply trying to bridge your understanding between "reasonable" and "reasonable-but-doesn't-exist-yet-you-might-need-to-find-a-compromise."  

If you are interested in simply a more-secure online solution, then that's a discussion worth having.  And it probably won't include Armory (eventually it will have a lite mode, though).

Well no, there is no label on it saying it's carrying money so how would anyone know to force me to give something up they don't know I have? But yea sure, it's safer keeping it at home but I'm not going for 100% security.

the only other thing i'd say is carrying your USB stick around is less safe than if you had it home in a safe on whatever medium.  theoretically at gunpoint you could be forced to cough up the pw for the USB.  if at home, the thief would have to catch you at home, force you to open the safe, and then cough up the pw which all would be less likely or more difficult.

i hear ya.  actually i've been interested in a good USB solution for a long time as well.   more out of curiosity than anything.  as discussed before, the 2 USB solutions i'm aware of using Armory are:

https://bitcointalksearch.org/topic/m.1200623

https://bitcointalksearch.org/topic/m.1207465

So what if it gets stolen? It's encrypted with a +30 characters..

you may think that carrying your savings wallet around with you on a USB stick is safer than leaving it at home in a safe but i'm not so sure about that.  what if you lose it or it gets stolen from you?  what's wrong with leaving your offline savings wallet at home on a netbook in a safe?

It would also help if someone explained what attacks are possible on a machine running ubuntu with a firewall up. I don't understand if this is safe or not.

etotheipi, ty for your reply I didn't take it the wrong way but please you too don't take this the wrong way.

You are approaching my requirements as a developer instead of as an user. For instance as far as I know right now, running linux with an encrypted home directory already is all the security I need even if I connect to the internet. I'm not looking for impenetrable air gap solution that a bank or an exchange might consider. No, what I'm looking for is a peace of mind easy to setup and easy to use solution that will be good enough.

Here is what I fear, I fear keylogging and viruses which is what I understand is the only way my wallet can be stolen or my bitcoins spent by someone else and all I need is something that will protect me against that.


Here's my Christmas wish list for safe storage:
- a bootable encrypted USB stick with ubuntu on it
- stripped down Ubuntu running only the essentials, allowing only the most necessary connections
- a light client that will hold the wallet file on the USB stick at all times
- the option to easily communicate addresses between my spending wallet and my savings wallet while using this USB ubuntu setup
- piece of mind that when I visit blockchain.info there is no chance something malicious could be installed on my USB ubuntu and rob me


How I'd use this? Well right now I'm using only blockchain.info. If I had such a USB stick, every time I'd want to transfer money between my spending wallet to my savings wallet or the other way around I'd simply reboot my laptop, boot the USB stick, open firefox, go to blockchain info and upload a private key or send a transaction from my light client while knowing nothing bad can happen.

To be frank if you think this is asking to much you're delusional. Users such as myself, who have little clue about linux and and don't want to have a bitcoin client running eating up my connection, eating up my hard drive and eating up my RAM and don't want a 30 step solution will lose their mind with Bitcoin because of worrying they might get robbed. And I discovered this problem just now.. It's fucking hard to setup an easy to use and yet secure plugplay savings wallet and using anything else is just too risky. I thought I was safe with an encrypted backup on my email with a strong pw and two factor authentication on blockchain but it turns out that if I get key logged and an attacker gets to my email and gets to the backup he can simply decrypt my wallet and steal my money. Since I realized this 5 days ago it's all I'm thinking about and what I need to do to fix this security hole.

I don't want a perfect solution but I do want a user friendly solution that will be just good enough in 99.999% cases so I can have some peace of mind. The best such option right now is paper wallets if you're willing to deal with printing stuff and can accept the risk of being robbed the moment you're transferring your bitcoins from it.


But please, listen to what I'm telling you as a USER, even if all of this sounds outrages to you I promise you I'm not alone who feels this way, and if you want a lot of users you need to listen to us, no matter how ridiculous our wishes and needs. I can even tell you the armory solution doesn't sound bad until you get from the offline mode to the online mode. If I could use blockchain.info + offline armory I'd be a happy camper.

Here's some questions about your requirements:

(1) Do you want to be able to use unique addresses for each deposit into the wallet?
(2) Will the addresses be distributed to other users for receiving payments, or only used for your own deposits?
(3) Does it matter how often you have to backup?   
(4) Does it matter how easy/convenient it is to move the coins once it's in savings?
(5) Does it matter how easy/convenient it is to monitor coins in your savings?
(6) Are you afraid of running scripts, or must you have a GUI?

If the Bitcoin community was bigger, and the developer community was bigger, there might be enough competition in the client market that you can ask for whatever you want and someone will have made it already.  But at the moment, it sounds like you are asking for cold-storage, but chose requirements that are in conflict with existing cold storage solutions.  I think you are going to have to pick a partial solution, and tweak your own CONOPs (concept of operations) to better achieve your goals using these partial solutions.

You have made one of your requirements not to have the blockchain, at all.  That's a fine requirement, as long as you're willing to give up some security (being a lite node dependent on full nodes you don't own comes with risks), and willing to limit your options to clients that don't require the blockchain.  That leaves... very little.   I guess electrum with offline wallets using the command line.  Or a variety of hack-it-together-yourself solutions which are fragile and very inconvenient (and error prone). 

However, if you remove your no-blockchain requirement, suddenly you have Armory, which was designed specifically for the reasons you are requesting.  You can have your top-notch encrypted in offline storage, with the ability to watch your funds without having private keys online, requires only a single backup the first time you create the wallet, produces an infinite number of unlinkable addresses to use for yourself or distribute to others, and gives you a way to actually move the funds out of cold storage without having to execute 37 command line calls (it takes 60 seconds once you understand the process).  And all packaged in a nice GUI with built-in instructions, and 6+ months of testing with end-users.

However, if you're going to make no-blockchain your unbreakable requirement, you're going to give up a lot of other features that may be useful to you.  You can require A, and as a consequence give up B,D,E,F,and J.  Or you can acknowledge that giving up A might be worth getting B,D,E,F and J (whatever those may be). 

I'm not trying to be annoying or degrading.  My only point is that I made Armory with offline wallets for exactly the reasons you are requesting, but your inflexibility to waver on the no-blockchain requirement might be blinding you to what is otherwise a fantastic solution.  If you are going to stick to it, you might consider electrum + command-line.  That's the only structured solution I know that does offline wallets without the blockchain.  If you don't want blockchain or deal with the command-line, then you're going to have to go with an internet-connected solution that is kind of contrary to the original goal.  If you insist on no-blockchain + no command-line + no internet, then I think you're out of luck  (maybe the electrum devs will work on making an offline wallet GUI).

Hmm well I made another installation of 12.04 now, but following that guide for how to setup a firewall I now run into two problems:
1) I did:
But this didn't work after a reboot..

2) but once actually typed in sh ipt.sh which I setup as instructed (c/ped it) it started blocking browsing... I couldn't even ping anything. Did I do something wrong or do I need do change something?

I'd really appreciate anyone who could help me out with this. Thanks in advance!

No problem.
If that is something you feel must be done while on this system, you should be fine. I can't see why but okay.

Thanks for your help again.


Yeah I only meant for sites like blockchain.info so I can easily fund my day to day wallet.

QR Codes on paper are a digital form.  Just an extremely durable and low density medium.

1)
If you want it to be secure, probably a not good idea not to use this system running just a usb to go to websites that you don't trust 100%.
It's holding your backup/savings wallet, if you want it for dual purposes, use another usb or HD that matters less if it gets comprises. Saying that most such sites infect windows based machines and have no effect on linux ones. That is what the anti-virus is there for, incase you do something stupid, since that is how most virii get on peoples computers.

2)
Yes, I would make sure you install 12.04.

3)
Unless you made your usb partitioned for specific folders, easiest way is to open up any folder, click on it's properties and you can see it's free space just like in windows.

4)
Software Center will allow you to install/uninstall anything you want to. There is plenty of things you don't need, but 4Gb sticks might be too small, unless you get a specifically trimmed down version of 12.04 ubuntu. Personally I would of gone with 8-16Gb sticks, not much can be done now. Btw don't bother with setting any swap space, realistically you system shouldn't have a need to use it, so that will save some space. Think Xubuntu uses up less space than vanilla ubuntu.

Great, thanks for your help. Mind answering a few more questions?
1) is that firewall enough to protect me even if I'm connected and happen to visit a compromised site? Can a script drive by still install something on my system without me knowing and having to allow it?
2) should I update to 12.04 (I don't mind the work if it's somehow better for my bottom line - security)
3) do you happen to know how I can check how much free space is left on the USB, I'm a linux noob and I couldn't find that anywhere?
4) is there a way to trim down Ubuntu and uninstall some tools if I should notice I'm running out of space (I bought two 4GB sticks specifically for this purpose)?

The article is telling how to install and configure a firewall and antivirus for ubuntu so really I'd say it's done a okay job of making sure it's secure atleast from the outside. It's abit outdate since most would install 12.04 now, but it's easy to adapt to that.
Of course the client like electrum you still need to make sure you follow sensible precautions and secure it, lock it, which I kinda remember it bugging me to do.

I prefer Electrum over multibit. I don't know enough about the later to be honest. Thin clients are ideal for those who want to install to a usb, where you don't have the room (or want a lot of writes) for the blockchain, but your private key isn't shared, so no risk there.

http://electrum-desktop.com/
https://bitcointalksearch.org/topic/electrum-bitcoin-client-for-the-common-users-friendly-and-instant-100502 (electrum thread here)

So I now have a USB stick with ubuntu on it following this guide: http://squarethought.wordpress.com/2011/06/26/bitcoin-on-a-stick-usb/

Would someone be so kind to explain to me how secure this is with a network connection enabled after I exactly followed that guide? Also what are the risks of using either multibit or electrum clients for my savings wallet?