Pages:
Author

Topic: The best Bitcoin cold storage? - page 3. (Read 19375 times)

hero member
Activity: 686
Merit: 500
A pumpkin mines 27 hours a night
July 25, 2014, 05:56:07 PM
Oh I guess a few days ago there's been a post on reddit (I guess) about some water/fire(?)-proof paper that's supposed to be perfect for paperwallets!
newbie
Activity: 47
Merit: 0
July 22, 2014, 06:42:59 AM
To store my btc savings I used the classic ubuntu live cd method.
While disconnected from internet you have to generate a wallet.dat and put it on various usb supports.
Then save your public addresses on a text file and send your btc on the cold wallet,
finally check from a block explorer if the transaction was successful.

In the link I posted it covers TREZOR, it will be released soon, I think all preorders are booked.
sr. member
Activity: 644
Merit: 260
July 22, 2014, 06:37:15 AM
To store my btc savings I used the classic ubuntu live cd method.
While disconnected from internet you have to generate a wallet.dat and put it on various usb supports.
Then save your public addresses on a text file and send your btc on the cold wallet,
finally check from a block explorer if the transaction was successful.
newbie
Activity: 47
Merit: 0
July 22, 2014, 06:32:22 AM
I saw an interesting guide on mining bitcoins that also covers the security elements and cold storage. There is a special USB that is being developed that hold's your private signature and cannot be hacked. If you are also new to mining it is also worth a read, Mining Digital Currencies Ultimate Guide
hero member
Activity: 798
Merit: 1000
July 22, 2014, 04:33:18 AM
i just use an old usb flashdisk and little dirty  Tongue
who wants to pick it up

Just make sure you have more backups than that as USB sticks have known to stop working over a significant period of time.
legendary
Activity: 1092
Merit: 1001
Touchdown
July 22, 2014, 04:23:28 AM
I just have a paper wallet which is kept in a fire proof safe I think that's enough to be honest unless they manage to steal the safe and happen to know how to use a Bitcoin wallet.
Whether they know how to use a Bitcoin wallet is not important.  If they steal the safe, your bitcoins are gone.  That's the important bit.

I think it's easier and perfectly safe to hide an Electrum wallet seed, say in two parts, in pictures or documents, for example.  That way you can copy it to several places, including online storage or email.  No one will know they contain the seed, unless you do something daft like tag them with "Electrum" or "wallet".
full member
Activity: 1974
Merit: 101
July 21, 2014, 10:23:49 PM
i just use an old usb flashdisk and little dirty  Tongue
who wants to pick it up
hero member
Activity: 836
Merit: 1007
"How do you eat an elephant? One bit at a time..."
July 21, 2014, 09:44:38 PM
If I did own a lot of bitcoins I would just use xapo.com. I'm not trying to advertise or anything but they are fully insured, so it is simply not possible to lose your bitcoins. Also I could easily lose the private key, paper wallet, or wherever I stored it. My house could burn down, someone could steal it, too much risk.

If you don't have possession of the private keys then all you hold is a promissory note. Here is a tool I've created for myself and my clients:

http://coinkee.com

You can create something like this for yourself. Download the bitaddress.org files from the source and save them directly to a new flash drive and create a ubuntu LiveCD to boot up with before accessing the USB/bitaddress files. Don't connect to the internet and print your paper wallets using a printer cable to your printer (not wifi). Use the LiveCD and the USB for creating wallets only and for no other purpose.

Create BIP38 encrypted paper wallets with multiple copies (backups) and store them in geographically diverse locations (house, office, relative's home). Do this and you should be good to go. You can "cash" the paper wallets using wallets like Mycelium or Blockchain.info.

EDIT: You can create a custom Ubuntu LiveCD/USB with bitaddress.org pre-installed so you don't have to have a separate flash drive to hold the bitaddress files.

hero member
Activity: 588
Merit: 500
Get ready for PrimeDice Sig Campaign!
July 21, 2014, 06:57:33 PM
If I did own a lot of bitcoins I would just use xapo.com. I'm not trying to advertise or anything but they are fully insured, so it is simply not possible to lose your bitcoins. Also I could easily lose the private key, paper wallet, or wherever I stored it. My house could burn down, someone could steal it, too much risk.
sr. member
Activity: 266
Merit: 250
July 21, 2014, 06:54:10 PM
Also, the passphrase for a direct SHA256 output needs to be *very* secure, as there are already many automated brainwallet harvester out there. I don't want to imagine how much hashingpower they are throwing at this. Your brainwallet is attacked since the instant it exists.
Really? If I transfer 100 BTC to a new brainwallet, how does anyone know that the address is a brainwallet that is worth attacking? Are people attacking every address that has significant funds?
[/quote]It isn't that people are targeting specific bitcoin addresses but are rather searching the public addresses of many possible brain wallets to check for bitcoin and if there is any they will send the bitcoin to an address that they control.

With a brain wallet there is little risk that you are targeted directly, but rather have the risk that an attacker will guess your password and steal your coins.
hero member
Activity: 532
Merit: 500
Currently held as collateral by monbux
July 21, 2014, 12:58:46 PM
I just have a paper wallet which is kept in a fire proof safe I think that's enough to be honest unless they manage to steal the safe and happen to know how to use a Bitcoin wallet.
legendary
Activity: 2576
Merit: 2267
1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k
July 21, 2014, 12:51:32 PM

This brings up another little thing I enjoy doing.. making complex 2D barcodes of various types and with various texts.. I don't know why barcodes fascinate me... I can't imagine before the days of bar codes and self checkout having to wait behind a line of old farmer joes as they manually type in the price of everything by hand.. I'd go crazy!


Type? Maybe if you're one of those fancy big-city fellers.

hero member
Activity: 500
Merit: 500
April 14, 2014, 10:36:29 AM
I like to just keep offline wallet.dat files on a usb stick and a cd-r.
sr. member
Activity: 266
Merit: 250
April 14, 2014, 10:34:33 AM
Looks safe, u should also have another backup
legendary
Activity: 1764
Merit: 1031
April 14, 2014, 08:53:25 AM
If you can remember the password used to encrypt the private key, who not just make the private key the SHA256 hash of the password? Then there's no need to store anything.

True.
With the BIP0038 approach, you have both more risk (you can lose the QR code) and more security ("2 factor").
Acknowledged. My real thought here is that many of these storage options seemed designed to outlast their owners. As such they should perhaps be self-contained and not rely on a password stored within a fragile skull.

(Actually, some of them seem designed to outlast the internet.)

Quote
Also, the passphrase for a direct SHA256 output needs to be *very* secure, as there are already many automated brainwallet harvester out there. I don't want to imagine how much hashingpower they are throwing at this. Your brainwallet is attacked since the instant it exists.
Really? If I transfer 100 BTC to a new brainwallet, how does anyone know that the address is a brainwallet that is worth attacking? Are people attacking every address that has significant funds?


Yes. And the attacks are very sophisticated and powerful.
sr. member
Activity: 365
Merit: 251
April 14, 2014, 05:08:08 AM
#99
If you can remember the password used to encrypt the private key, who not just make the private key the SHA256 hash of the password? Then there's no need to store anything.

True.
With the BIP0038 approach, you have both more risk (you can lose the QR code) and more security ("2 factor").
Acknowledged. My real thought here is that many of these storage options seemed designed to outlast their owners. As such they should perhaps be self-contained and not rely on a password stored within a fragile skull.

(Actually, some of them seem designed to outlast the internet.)

Quote
Also, the passphrase for a direct SHA256 output needs to be *very* secure, as there are already many automated brainwallet harvester out there. I don't want to imagine how much hashingpower they are throwing at this. Your brainwallet is attacked since the instant it exists.
Really? If I transfer 100 BTC to a new brainwallet, how does anyone know that the address is a brainwallet that is worth attacking? Are people attacking every address that has significant funds?
legendary
Activity: 2126
Merit: 1001
April 14, 2014, 04:49:46 AM
#98
Check out the Bitcoin Firesafe.  It's a chunk of Aluminum or Stainless Steel with a QR Code of your BIP-38 encrypted key engraved into it...  so the manufacturer can't have access to your funds, and the instrument is 2-factor secure... i.e. if it is ever stolen from you, it is still useless without the password. 
If you can remember the password used to encrypt the private key, who not just make the private key the SHA256 hash of the password? Then there's no need to store anything.

True.
With the BIP0038 approach, you have both more risk (you can lose the QR code) and more security ("2 factor").

Also, the passphrase for a direct SHA256 output needs to be *very* secure, as there are already many automated brainwallet harvester out there. I don't want to imagine how much hashingpower they are throwing at this. Your brainwallet is attacked since the instant it exists.

On the other hand, BIP0038 passwords are much more difficult to calculate or to brute-force. Also, attacking your individual QR wallet can only start when someone learned the QR code. Which, normally, you will notice, with enough time to sweep it.

For this, I would recommend to cover the QR code. It's no good idea to let everyone know "hey, I spent a lot of time and money on securing my bitcoins, and here they are!". And with the QR code visible on your keychain, it's too easy for others to scan it.

Glue a picture of your significant other on it:
- Noone will steal it
- You can honestly say "that's my most precious thing I have!" :-)

Ente
legendary
Activity: 1764
Merit: 1031
April 14, 2014, 04:27:55 AM
#97
Awesome!
sr. member
Activity: 365
Merit: 251
April 14, 2014, 04:27:24 AM
#96
Check out the Bitcoin Firesafe.  It's a chunk of Aluminum or Stainless Steel with a QR Code of your BIP-38 encrypted key engraved into it...  so the manufacturer can't have access to your funds, and the instrument is 2-factor secure... i.e. if it is ever stolen from you, it is still useless without the password. 
If you can remember the password used to encrypt the private key, who not just make the private key the SHA256 hash of the password? Then there's no need to store anything.
legendary
Activity: 2126
Merit: 1001
April 14, 2014, 03:17:52 AM
#95
Check out the Bitcoin Firesafe.

Steel? Engraved? BIP0038? Finally a commercial solution which does it right!
Good work!

Ente
Pages:
Jump to: