Thoughts on the security of this method?

Este Nuno

legendary

Activity: 826

Merit: 1000

amarha

Quote from: Abdussamad on June 05, 2014, 07:46:22 PM

Quote from: Este Nuno on June 05, 2014, 02:24:05 AM

I know this isn't 100% secure or anything, but realistically is this a reasonable course of action to secure some coins?

1. USB flash drive of Linux Mint or Ubuntu

2. While connected through direct LAN cable internet go download Electrum.

3. Create wallet and write down seed on paper(double, triple check seed ect.)

4. Write down receiving address from wallet.

5. Shutdown computer and send bitcoins from non secure source to the receiving address that was written down.

How does that sound as far as a decent way to have some coins secured? If I need to access them I can boot up from the USB flash and restore the wallet from its seed.

Save the master public key to a file and use that to create a watch only wallet for your online system. This will give you unlimited addresses and offline spending capabilities i.e. a proper offline wallet.

https://electrum.org/tutorials.html#offline-mpk

offline pc being your PC booted off a live disc. Online being it booted of your regular OS.

Ah, this is quite good. Sign transactions completely offline. Thanks for that information.

Abdussamad

legendary

Activity: 3612

Merit: 1564

Quote from: Este Nuno on June 05, 2014, 02:24:05 AM

I know this isn't 100% secure or anything, but realistically is this a reasonable course of action to secure some coins?

1. USB flash drive of Linux Mint or Ubuntu

2. While connected through direct LAN cable internet go download Electrum.

3. Create wallet and write down seed on paper(double, triple check seed ect.)

4. Write down receiving address from wallet.

5. Shutdown computer and send bitcoins from non secure source to the receiving address that was written down.

How does that sound as far as a decent way to have some coins secured? If I need to access them I can boot up from the USB flash and restore the wallet from its seed.

Save the master public key to a file and use that to create a watch only wallet for your online system. This will give you unlimited addresses and offline spending capabilities i.e. a proper offline wallet.

https://electrum.org/tutorials.html#offline-mpk

offline pc being your PC booted off a live disc. Online being it booted of your regular OS.

Light

hero member

Activity: 742

Merit: 502

Circa 2010

Quote from: Este Nuno on June 05, 2014, 01:55:12 PM

With Electrum I'm under the impression that I don't have to use any backups at all as long as I have my seed.

So far it looks fine. Just make sure you have multiple backups of your seed, if you want you could always encrypt a txt file of it with a long password you remember and store that somewhere are well.

vm1990

legendary

Activity: 1540

Merit: 1002

Quote from: Este Nuno on June 05, 2014, 01:55:12 PM

Quote from: Silvercube146 on June 05, 2014, 12:35:26 PM

Quote from: vm1990 on June 05, 2014, 06:53:34 AM

Sounds pretty secure, I just store mine in encrypted files and keep them in a few places. There's always a chance you make loose the USB drive and don't forget its not reccomended to use flash drives for long term storage. Pen drives degrade over time.... Apparently Shocked

Keep this in mind. Make sure to use a long unique password for the wallet and be sure to have multiple backups.

For added security you could put the wallet in an encrypted container as well.

The key here is multiple backups.

You wouldn't want a dodgy usb drive to be the reason you lost your bitcoin.

With Electrum I'm under the impression that I don't have to use any backups at all as long as I have my seed.

Not 100% sure on that as I don't use electrum, I always use bitcoin qt, never had any bitcoins stolen from it and just put a heavy encryption on it, I think a lot of people now go over the top with security just don't do anything silly and you'll be pretty safe, no viewing unchecked websites or dodgie downloads and your pretty much secured.

Este Nuno

legendary

Activity: 826

Merit: 1000

amarha

Quote from: Silvercube146 on June 05, 2014, 12:35:26 PM

Quote from: vm1990 on June 05, 2014, 06:53:34 AM

Sounds pretty secure, I just store mine in encrypted files and keep them in a few places. There's always a chance you make loose the USB drive and don't forget its not reccomended to use flash drives for long term storage. Pen drives degrade over time.... Apparently Shocked

Keep this in mind. Make sure to use a long unique password for the wallet and be sure to have multiple backups.

For added security you could put the wallet in an encrypted container as well.

The key here is multiple backups.

You wouldn't want a dodgy usb drive to be the reason you lost your bitcoin.

With Electrum I'm under the impression that I don't have to use any backups at all as long as I have my seed.

Silvercube146

newbie

Activity: 32

Merit: 0

Quote from: vm1990 on June 05, 2014, 06:53:34 AM

Sounds pretty secure, I just store mine in encrypted files and keep them in a few places. There's always a chance you make loose the USB drive and don't forget its not reccomended to use flash drives for long term storage. Pen drives degrade over time.... Apparently Shocked

Keep this in mind. Make sure to use a long unique password for the wallet and be sure to have multiple backups.

For added security you could put the wallet in an encrypted container as well.

The key here is multiple backups.

You wouldn't want a dodgy usb drive to be the reason you lost your bitcoin.

Este Nuno

legendary

Activity: 826

Merit: 1000

amarha

Quote from: vm1990 on June 05, 2014, 10:46:27 AM

Quote from: Este Nuno on June 05, 2014, 07:04:13 AM

Quote from: vm1990 on June 05, 2014, 06:53:34 AM

Sounds pretty secure, I just store mine in encrypted files and keep them in a few places. There's always a chance you make loose the USB drive and don't forget its not reccomended to use flash drives for long term storage. Pen drives degrade over time.... Apparently Shocked

With this thought nothing would be stored on the USB drive. If it works the way I think it does all of the information I need to access the wallet is stored in the twelve word seed provided by Electrum. This way the only way I could lose the bitcoins here are through some sort of Linux vulnerability, an issue with Electrum, or something physically stealing my written down seed in real life.

Or maybe my ISP could do a man in the middle attack? Not that it's likely, but is that an issue as well? Since I'm downloading Electrum from a live internet connection. I guess thinking about it that way means that it could be my ISP, or Electrum's web server or anything inbetween...

Thinking that way you better avoid bitcoin all together Cheesy

at some point somewhere there's always as small chance someone could get your coins, I personally wouldn't go to these extremes, if I where storing a mass amount of bitcoins and even then it would be split into smaller amounts among a lot of wallets,

A man in the middle attack wouldn't be very effective as the address is generated on your side only block data comes through the isp,

There is no 100% sure way to keep bitcoins perfectly safe no matter what anyone says if you can access your bitcoins then so could someone else

I think a lot of people use Armory offline storage cold wallets and I think those are considered safe. Once they're in there as long as the computer isn't connected to the internet there shouldn't be anyway to access them.

I'm just thinking that my method is a bit easier and more flexible since I can get the coins back easily by restoring my wallet from my seed. But I also want to make sure I'm not making any big mistakes.

vm1990

legendary

Activity: 1540

Merit: 1002

Quote from: Este Nuno on June 05, 2014, 07:04:13 AM

Quote from: vm1990 on June 05, 2014, 06:53:34 AM

Sounds pretty secure, I just store mine in encrypted files and keep them in a few places. There's always a chance you make loose the USB drive and don't forget its not reccomended to use flash drives for long term storage. Pen drives degrade over time.... Apparently Shocked

With this thought nothing would be stored on the USB drive. If it works the way I think it does all of the information I need to access the wallet is stored in the twelve word seed provided by Electrum. This way the only way I could lose the bitcoins here are through some sort of Linux vulnerability, an issue with Electrum, or something physically stealing my written down seed in real life.

Or maybe my ISP could do a man in the middle attack? Not that it's likely, but is that an issue as well? Since I'm downloading Electrum from a live internet connection. I guess thinking about it that way means that it could be my ISP, or Electrum's web server or anything inbetween...

Thinking that way you better avoid bitcoin all together Cheesy

at some point somewhere there's always as small chance someone could get your coins, I personally wouldn't go to these extremes, if I where storing a mass amount of bitcoins and even then it would be split into smaller amounts among a lot of wallets,

A man in the middle attack wouldn't be very effective as the address is generated on your side only block data comes through the isp,

There is no 100% sure way to keep bitcoins perfectly safe no matter what anyone says if you can access your bitcoins then so could someone else

Este Nuno

legendary

Activity: 826

Merit: 1000

amarha

Quote from: vm1990 on June 05, 2014, 06:53:34 AM

Sounds pretty secure, I just store mine in encrypted files and keep them in a few places. There's always a chance you make loose the USB drive and don't forget its not reccomended to use flash drives for long term storage. Pen drives degrade over time.... Apparently Shocked

With this thought nothing would be stored on the USB drive. If it works the way I think it does all of the information I need to access the wallet is stored in the twelve word seed provided by Electrum. This way the only way I could lose the bitcoins here are through some sort of Linux vulnerability, an issue with Electrum, or something physically stealing my written down seed in real life.

Or maybe my ISP could do a man in the middle attack? Not that it's likely, but is that an issue as well? Since I'm downloading Electrum from a live internet connection. I guess thinking about it that way means that it could be my ISP, or Electrum's web server or anything inbetween...

vm1990

legendary

Activity: 1540

Merit: 1002

Sounds pretty secure, I just store mine in encrypted files and keep them in a few places. There's always a chance you make loose the USB drive and don't forget its not reccomended to use flash drives for long term storage. Pen drives degrade over time.... Apparently Shocked

Este Nuno

legendary

Activity: 826

Merit: 1000

amarha

I know this isn't 100% secure or anything, but realistically is this a reasonable course of action to secure some coins?

1. USB flash drive of Linux Mint or Ubuntu

2. While connected through direct LAN cable internet go download Electrum.

3. Create wallet and write down seed on paper(double, triple check seed ect.)

4. Write down receiving address from wallet.

5. Shutdown computer and send bitcoins from non secure source to the receiving address that was written down.

How does that sound as far as a decent way to have some coins secured? If I need to access them I can boot up from the USB flash and restore the wallet from its seed.

Topic: Thoughts on the security of this method? (Read 825 times)