Topic: Tech Support for Unobtanium Newcomers - page 2. (Read 6118 times)
Is this tech support? Why not put 'tech support for newbies' in the title? Or 'unobtanium tech support' or something like that. Just an idea
@BitcoinNational, you're very kind to post my site there but it's quite unnecessary. Appreciated though! Cheers.
@cragV good stuff ... http://www.dataretriever.com.au/ ... keep that link handy too if anyone needs PRO data recovery.
here is another cross posting from Ian
here is another cross posting from Ian
Regarding backup procedure.
Backup work load should be proportional to risk. Backing up after each transaction should not be an issue as long as your equipment is reliable. I'd hate to be running a point of sale running a backup process after each sale. It's dependent on individual usage and environment.
Step 1. Research and decide upon a backup procedure that adequately fits the situation at hand.
Crypto's are a new one for me and I'm only 90% happy with my current scenario (I have to many alts it can be a pain to keep up), though I'd still rather have them in my hands than a web wallet. Community is great, take advantage of that shared knowledge and experience. If you have the time, always lean towards more backup.
Step 2. Have reliable equipment.
I use SSD's in all my computers to eliminate shock damage, though the downside is a less recoverable media in case of equipment failure. I maintain regular hardware tests to compensate. The cost is higher but it lowers risks considerably. You wouldn't cross a desert in a 10 year old voltswagon which might die any moment. Don't store your wealth on a 10 year old ex government laptop which might die at any moment. If you don't have the cash to completely replace, consider always keeping your Hard Drives Fresh and never let them cook in overheating scenarios.
Step 3. Backup to alternate reliable equipment.
I have a double USB backup used alternatively. It's relatively cheap and easy, though the Bitcoin block chain might be a problem soon.
Step 4. Backup to alternate reliable equipment in an alternate physical location.
I have an external SSD for this part. This is intended to be my cold storage unit. Robust and shock proof it will stay in an alternate location. I also have a NAS which will when enough funds justify the effort and maintenance be part of a live backup system which can store the most precious of data live in cloud storage.
Step 5. Test your backup process.
No point doing all this work if your doing it wrong. Make sure it works. Test with small amounts.
As a side note some of my wallet backups are not encrypted. This is really bad, don't do this. Always encrypt. I saw it said earlier but it should be re-iterated. If someone gets hold of an old backup file (you throw out a computer, someone hacks drop box) they can unlock your new protected super secure encypted wallet (not really but they get access to the money and completely ignore your new better backup habits). If like me you think the risks are low and you don't hold a lot of coin remember when you do hold a lot of coin and the risks become greater to move to a new address. Send your coins to yourself at a new address. As a tech guy I am surprised by how much stuff people leave on old hardware. I'm surprised we haven't heard a story about how a tech guy found a cache of bitcoin son somebodies pc yet. Though they might not be so quick to brag about it
Backup work load should be proportional to risk. Backing up after each transaction should not be an issue as long as your equipment is reliable. I'd hate to be running a point of sale running a backup process after each sale. It's dependent on individual usage and environment.
Step 1. Research and decide upon a backup procedure that adequately fits the situation at hand.
Crypto's are a new one for me and I'm only 90% happy with my current scenario (I have to many alts it can be a pain to keep up), though I'd still rather have them in my hands than a web wallet. Community is great, take advantage of that shared knowledge and experience. If you have the time, always lean towards more backup.
Step 2. Have reliable equipment.
I use SSD's in all my computers to eliminate shock damage, though the downside is a less recoverable media in case of equipment failure. I maintain regular hardware tests to compensate. The cost is higher but it lowers risks considerably. You wouldn't cross a desert in a 10 year old voltswagon which might die any moment. Don't store your wealth on a 10 year old ex government laptop which might die at any moment. If you don't have the cash to completely replace, consider always keeping your Hard Drives Fresh and never let them cook in overheating scenarios.
Step 3. Backup to alternate reliable equipment.
I have a double USB backup used alternatively. It's relatively cheap and easy, though the Bitcoin block chain might be a problem soon.
Step 4. Backup to alternate reliable equipment in an alternate physical location.
I have an external SSD for this part. This is intended to be my cold storage unit. Robust and shock proof it will stay in an alternate location. I also have a NAS which will when enough funds justify the effort and maintenance be part of a live backup system which can store the most precious of data live in cloud storage.
Step 5. Test your backup process.
No point doing all this work if your doing it wrong. Make sure it works. Test with small amounts.
As a side note some of my wallet backups are not encrypted. This is really bad, don't do this. Always encrypt. I saw it said earlier but it should be re-iterated. If someone gets hold of an old backup file (you throw out a computer, someone hacks drop box) they can unlock your new protected super secure encypted wallet (not really but they get access to the money and completely ignore your new better backup habits). If like me you think the risks are low and you don't hold a lot of coin remember when you do hold a lot of coin and the risks become greater to move to a new address. Send your coins to yourself at a new address. As a tech guy I am surprised by how much stuff people leave on old hardware. I'm surprised we haven't heard a story about how a tech guy found a cache of bitcoin son somebodies pc yet. Though they might not be so quick to brag about it
"One Delta Ten Tango"
I have it on good authority that the One Delta Ten Tango issue was identified as being a clear-cut case of Papa Echo Bravo Kilo Alpha Charlie with special emphasis on the papa. Not much you can do about that except remove all user rights and turn it off and on again. Anyway, onto more pressing matters...
Things to consider when planning your backup strategy
Everyone says to "make a backup". Make sure you understand how to do this and to make an informed decision on storage mediums and the need for risk management. A few rules of thumb:
- always keep encrypted wallets
- keep multiple copies of your data in multiple (SECURE!) physical locations. It's not much good having a wallet.dat file backed up in three places if they're:
- all on the same hard drive, as it may fail or suffer logical or physical damage.
- all on the same computer, as it may suffer electrical damage, be destroyed in a fire, or be stolen.
- all on the same desk with a copy on your computer and a copy on your external hard drive or USB flash drive/s, as fire and theft remain a consolidating risk.
- all in the same house, as fire and theft remain unaccounted for.
- if using an automated process for your backups, make sure you periodically test your backups! No use running daily backups if it's failing to save it where you think it is, or not at all!
Where to keep your backups
It's fine to keep one on your computer and one on your locally-connected external hard drive, as you're budgeting for the possibility of failure, corruption/accidental deletion, and so on. However, it is a good idea to also keep at least another copy:
- in a bank vault, which is expensive but pretty safe; and/or,
- on a backup tape that is stored in a safe deposit box somewhere; and/or,
- on an encrypted USB flash drive that you keep on your car key-ring or person at all times; and/or,
- on a paper copy in a lock-box or safe place that isn't in your house; and/or,
- in a locked/fire-proof box in your locked shed or garage; and/or,
- in a locked drawer at work or at a trusted family/friend's home or workplace; and/or,
- in an online, encrypted folder (if your philosophy allows such trust in cloud storage); and/or,
- scrawled in your own personal obfuscated or encrypted code in invisible/UV marker on the back of your outhouse door; and so on.
All of the above have various risks, expenses and inconveniences associated with them. Each person's situation is a little different so the idea is to consider the risks to your own data and the budget and resources you have to safely keep multiple copies of your most important data, including off-site backups in most cases.
In short, keep your wallet backups encrypted, safely stored and geographically separate as budget and resources allow.
"One Delta Ten Tango"
TECH SUPPORT THREAD = activated
TECH SUPPORT THREAD = activated
Great little summary from two very helpful posters. Thanks for sharing! I have a few thoughts to add that are probably already assumed for many, but may bear repeating for general consumption. In no particular order:
- Use a secure computer: ensure you perform your wallet creation and encryption on a known-secure computer. Never do this on a public computer or even on a work computer, as all of this is often monitored or at least susceptible to malicious software including key loggers, remote session logging or viewing, and so on. It's easier than you may realise to use computers for malicious purposes, even if you trust the owner (such as an employer or library network, etc.)
- No, really - make sure: ensure your known-secure computer really is known-secure. Keep your Windows or Apple updates current, use up-to-date anti-virus software and employ safe browsing practices. Taking that last point a bit further, you'd ideally not set up your encrypted wallet on a computer that is also used to access more shady parts of the web, including torrent sites, binary/alt groups, seedy forums or gallery/video sites... whatever places you'd be uncomfortable mentioning to your grandmother should ideally be accessed from a LIMITED user account rather than the single-user/Administrator account that is so commonly employed on Windows computers at least. You get the idea.
- Use the latest wallet: ensure you have downloaded the latest, official wallet software for whatever coin you're using. Get it from the official coin page rather than from forum links, etc.
- Employ good password strength and security: don't use easily-guessed number combinations or common password phrases such as 'god', 'sex', 'power', 'password', etc. Don't have the password written in any insecure location, or ideally at all (that includes the typical post-it note stuck under your keyboard - it's about as secret a place as a door key under the mat or pot plant). Try to use longer key phrases rather than focusing on just being complex. XKCD illustrates this nicely.
There are probably a few other things but that's what I've got for now. You can be as cautious as you want with encryption and address management, but if its all done on a compromised computer or with weak password theory, you may be wasting your time! In short, approach all of this with common sense and caution for best results! Cheers.
- Use a secure computer: ensure you perform your wallet creation and encryption on a known-secure computer. Never do this on a public computer or even on a work computer, as all of this is often monitored or at least susceptible to malicious software including key loggers, remote session logging or viewing, and so on. It's easier than you may realise to use computers for malicious purposes, even if you trust the owner (such as an employer or library network, etc.)
- No, really - make sure: ensure your known-secure computer really is known-secure. Keep your Windows or Apple updates current, use up-to-date anti-virus software and employ safe browsing practices. Taking that last point a bit further, you'd ideally not set up your encrypted wallet on a computer that is also used to access more shady parts of the web, including torrent sites, binary/alt groups, seedy forums or gallery/video sites... whatever places you'd be uncomfortable mentioning to your grandmother should ideally be accessed from a LIMITED user account rather than the single-user/Administrator account that is so commonly employed on Windows computers at least. You get the idea.
- Use the latest wallet: ensure you have downloaded the latest, official wallet software for whatever coin you're using. Get it from the official coin page rather than from forum links, etc.
- Employ good password strength and security: don't use easily-guessed number combinations or common password phrases such as 'god', 'sex', 'power', 'password', etc. Don't have the password written in any insecure location, or ideally at all (that includes the typical post-it note stuck under your keyboard - it's about as secret a place as a door key under the mat or pot plant). Try to use longer key phrases rather than focusing on just being complex. XKCD illustrates this nicely.
There are probably a few other things but that's what I've got for now. You can be as cautious as you want with encryption and address management, but if its all done on a compromised computer or with weak password theory, you may be wasting your time! In short, approach all of this with common sense and caution for best results! Cheers.
Introduction: the Unobtanium community is committed to 'tech support' for newcomers -- it's how you get people to invest rather than speculate! Feel free to ask and ask and ask.
This is Benefactor
https://bitcointalk.org/index.php?topic=527500.4040
‘This is how you should do it:
1. Start a new wallet.
2. Add a bunch of receive addresses, (like 20, more than you think you need for a loong time.)
3. Download blockchain.
4. Encrypt wallet.
5. MAKE A BACKUP.
5.5 Optional: Make additional backups as needed and store in safe places.
6. Test wallet by receiving a small amount, ( < 0.11 UNO.)
6.5 Test wallet by sending that amount.
7.0 Optional for long-term wallet. (Ignore this step for your petty cash hot wallet(s).): Create a list of the receive addresses, so you can send to them. List must have addresses perfectly copied - no errors!
7.1 Optional for long-term wallet. (Ignore this step for your petty cash hot wallet(s).): Take wallet completely offline. {Programs/Roaming/Unobtanium} move all directories if you know what you are doing! Your cold storage wallet doesn't have to be online for the blockchain to know those addresses are receiving additional funds while it is offline. Just check the blockchain, not your cold storage wallet, to verify you have the funds. Worst case is you only need the private keys on your backed-up wallet.dat file. (Also make sure you never get confused which wallet.dat goes to which wallet, and don't overwrite them, etc.)
8. Optional, but mandatory if applicable: If you EVER add a single new receive address or change the passphrase or de-encrypt, you need new backups.
9. Send funds to existing, backed-up receive addresses, and enjoy your Unobtanium!!!’
This is Mike
https://bitcointalk.org/index.php?topic=527500.4060
‘Well, transactions don't matter as those are stored inside the blockchain. But if you add or remove a send or receiving address, then yes, backup! The sending addresses don't matter much, but if you have a bunch, then having to re-enter them at some point sucks
Also, NEVER keep an un-encrypted copy around!
If you create a new wallet, the initial wallet.dat will always contain the first receiving address, un-encrypted. Suppose you back that up and then encrypt the wallet.dat, and back that up as well. Now you send 100UNO to your default address, thinking you are safe because the wallet has been encrypted. But the original wallet.dat still exists, contains the same private key and is not encrypted.
Anyway, now you have 100UNO in the first address. You add a second address and send 15UNO to that. And someone else sends you 20UNO to your first address.
You wallet shows you have 135 UNO. You backup the wallet (do it once in a while anyway)
Now someone finds your unencrypted wallet.dat and imports that into his wallet application. He now has full access to the original address as that is stored inside the wallet.dat without password or anything! After syncing he sees 120UNO and sends them to another address. You lose the coins! Your wallet will show the transaction, 120UNO out, and 15UNO remain because the un-encrypted wallet.dat does not contain a private key for the second address that was added later so the thief does not have access to that.
Hope this sheds a bit of light on the importance of encryption and backing up ’
This is Benefactor
https://bitcointalk.org/index.php?topic=527500.4040
‘This is how you should do it:
1. Start a new wallet.
2. Add a bunch of receive addresses, (like 20, more than you think you need for a loong time.)
3. Download blockchain.
4. Encrypt wallet.
5. MAKE A BACKUP.
5.5 Optional: Make additional backups as needed and store in safe places.
6. Test wallet by receiving a small amount, ( < 0.11 UNO.)
6.5 Test wallet by sending that amount.
7.0 Optional for long-term wallet. (Ignore this step for your petty cash hot wallet(s).): Create a list of the receive addresses, so you can send to them. List must have addresses perfectly copied - no errors!
7.1 Optional for long-term wallet. (Ignore this step for your petty cash hot wallet(s).): Take wallet completely offline. {Programs/Roaming/Unobtanium} move all directories if you know what you are doing! Your cold storage wallet doesn't have to be online for the blockchain to know those addresses are receiving additional funds while it is offline. Just check the blockchain, not your cold storage wallet, to verify you have the funds. Worst case is you only need the private keys on your backed-up wallet.dat file. (Also make sure you never get confused which wallet.dat goes to which wallet, and don't overwrite them, etc.)
8. Optional, but mandatory if applicable: If you EVER add a single new receive address or change the passphrase or de-encrypt, you need new backups.
9. Send funds to existing, backed-up receive addresses, and enjoy your Unobtanium!!!’
This is Mike
https://bitcointalk.org/index.php?topic=527500.4060
‘Well, transactions don't matter as those are stored inside the blockchain. But if you add or remove a send or receiving address, then yes, backup! The sending addresses don't matter much, but if you have a bunch, then having to re-enter them at some point sucks
Also, NEVER keep an un-encrypted copy around!
If you create a new wallet, the initial wallet.dat will always contain the first receiving address, un-encrypted. Suppose you back that up and then encrypt the wallet.dat, and back that up as well. Now you send 100UNO to your default address, thinking you are safe because the wallet has been encrypted. But the original wallet.dat still exists, contains the same private key and is not encrypted.
Anyway, now you have 100UNO in the first address. You add a second address and send 15UNO to that. And someone else sends you 20UNO to your first address.
You wallet shows you have 135 UNO. You backup the wallet (do it once in a while anyway)
Now someone finds your unencrypted wallet.dat and imports that into his wallet application. He now has full access to the original address as that is stored inside the wallet.dat without password or anything! After syncing he sees 120UNO and sends them to another address. You lose the coins! Your wallet will show the transaction, 120UNO out, and 15UNO remain because the un-encrypted wallet.dat does not contain a private key for the second address that was added later so the thief does not have access to that.
Hope this sheds a bit of light on the importance of encryption and backing up ’
Jump to: