Author

Topic: Wall Observer BTC/USD - Bitcoin price movement tracking & discussion - page 1712. (Read 26716281 times)

legendary
Activity: 3962
Merit: 11519
Self-Custody is a right. Say no to"Non-custodial"
Multisig solves a lot of potential security issues without making things complex (which is a security issue by itself). It really should be the standard in case of managing anything else than pocket change.
https://www.youtube.com/watch?v=sjS5qF65Yos
Shamir Backup seems like the best option to me. for a casual anyway.

Pretty easy and safe and secure.
https://www.youtube.com/watch?v=p7WkAN0Gac4
I am not resting assured from those two videos, so in that regard, I have my doubts that shamir backups are a slam dunk as better than multi-sig.. including that multi-sig allows for not having to bring all the keys together at the same place (even though surely Antonopolis had pointed out one of the dangers to have the  public keys for all three but maybe only needing the private keys for two)

It seems that one of the dangers that bitebits was wanting to lesson is the potential problems of being reliant on one manufacturer, but sure, if you end up overcomplicating your matters, then you become your own danger to yourself.
That response was to his assertion that it should be a default.

Oh thanks for highlighting that.. because some times some of us are getting into complications that we do not sufficiently understand the trade-offs, and it took me a bit of time to even start to use the passphrase, but it seems really to be a great feature and not very difficult to use.. but at the same time.. each of us should be attempting to at least have increasing levels of security if the size of our stash is going up, but we have to be careful about not rushing into things that we don't sufficiently understand, which is part of what Antonopolis had been seeming to want to point out in that first video that you linked.
legendary
Activity: 2380
Merit: 1823
1CBuddyxy4FerT3hzMmi1Jz48ESzRw1ZzZ

Explanation
Chartbuddy thanks talkimg.com
sr. member
Activity: 812
Merit: 257
PredX - AI-Powered Prediction Market

Explanation
Chartbuddy thanks talkimg.com

how to create stamp bitcoin uodate prize like this sir? an tutorial??
legendary
Activity: 2380
Merit: 1823
1CBuddyxy4FerT3hzMmi1Jz48ESzRw1ZzZ

Explanation
Chartbuddy thanks talkimg.com
legendary
Activity: 2380
Merit: 1823
1CBuddyxy4FerT3hzMmi1Jz48ESzRw1ZzZ

Explanation
Chartbuddy thanks talkimg.com
legendary
Activity: 2380
Merit: 1823
1CBuddyxy4FerT3hzMmi1Jz48ESzRw1ZzZ

Explanation
Chartbuddy thanks talkimg.com
legendary
Activity: 2380
Merit: 1823
1CBuddyxy4FerT3hzMmi1Jz48ESzRw1ZzZ

Explanation
Chartbuddy thanks talkimg.com
sr. member
Activity: 812
Merit: 257
PredX - AI-Powered Prediction Market
Hmm... A possible scenario of Bitcoin price movement near future, firstly When it was shared with me I thought buddy (Not Chart Buddy) was spamming and I said " What is the weightage he shared somebodies analysis.. It looks worth being asked by the members how much weightahe this analysis owns as per speculation the target is to touch the $22k ~ $19k and a steight journey towards the dead wnd of $200k.

Beautiful green tree bro, bitcoin morning in a tropical country. Cheesy
legendary
Activity: 966
Merit: 1042
#SWGT CERTIK Audited
Hmm... A possible scenario of Bitcoin price movement near future, firstly When it was shared with me I thought buddy (Not Chart Buddy) was spamming and I said " What is the weightage he shared somebodies analysis.. It looks worth being asked by the members how much weightahe this analysis owns as per speculation the target is to touch the $22k ~ $19k and a steight journey towards the dead wnd of $200k.

legendary
Activity: 2380
Merit: 1823
1CBuddyxy4FerT3hzMmi1Jz48ESzRw1ZzZ

Explanation
Chartbuddy thanks talkimg.com
legendary
Activity: 2380
Merit: 1823
1CBuddyxy4FerT3hzMmi1Jz48ESzRw1ZzZ

Explanation
Chartbuddy thanks talkimg.com
legendary
Activity: 3836
Merit: 4969
Doomed to see the future and unable to prevent it
Multisig solves a lot of potential security issues without making things complex (which is a security issue by itself). It really should be the standard in case of managing anything else than pocket change.
https://www.youtube.com/watch?v=sjS5qF65Yos

Shamir Backup seems like the best option to me. for a casual anyway.

Pretty easy and safe and secure.

https://www.youtube.com/watch?v=p7WkAN0Gac4

I am not resting assured from those two videos, so in that regard, I have my doubts that shamir backups are a slam dunk as better than multi-sig.. including that multi-sig allows for not having to bring all the keys together at the same place (even though surely Antonopolis had pointed out one of the dangers to have the  public keys for all three but maybe only needing the private keys for two)

It seems that one of the dangers that bitebits was wanting to lesson is the potential problems of being reliant on one manufacturer, but sure, if you end up overcomplicating your matters, then you become your own danger to yourself.

That response was to his assertion that it should be a default.
legendary
Activity: 2380
Merit: 1823
1CBuddyxy4FerT3hzMmi1Jz48ESzRw1ZzZ

Explanation
Chartbuddy thanks talkimg.com
legendary
Activity: 3962
Merit: 11519
Self-Custody is a right. Say no to"Non-custodial"
I grabbed some silver.

I am stacking more btc.
Why silver?  Physical silver comes at a premium you can't recover - it's nearly CA$10 an ounce on ounce coins right now (25%) and you'll get spot when you sell unless you're brave enough to do it privately but it's not worth the risk imo.  Are you a closet prepper Phil?
I buy from sellers I know on btc talk

I grabbed 40 oz for 988.

which is 24.65 an oz

just A bit over spot.

I am looking to have four investments

silver
btc
fed bonds
real estate.

I do have some of each along with mining income and pensions.

Of course equities usually fit into the way that people diversify their assets, and you had mentioned that you had a form of 401k .. which would allow you to have some exposure to equities and bonds through that too... depending on how diversified that you might have that, but there are ONLY 5 fund categories in that one anyhow..

Surely, silver, gold and other commodities is a kind of a category in which bitcoin might not completely be able to completely replace their physicality. so there could be some limited use cases in having some exposure to them.. perhaps?

Multisig solves a lot of potential security issues without making things complex (which is a security issue by itself). It really should be the standard in case of managing anything else than pocket change.
https://www.youtube.com/watch?v=sjS5qF65Yos

Shamir Backup seems like the best option to me. for a casual anyway.

Pretty easy and safe and secure.

https://www.youtube.com/watch?v=p7WkAN0Gac4

I am not resting assured from those two videos, so in that regard, I have my doubts that shamir backups are a slam dunk as better than multi-sig.. including that multi-sig allows for not having to bring all the keys together at the same place (even though surely Antonopolis had pointed out one of the dangers to have the  public keys for all three but maybe only needing the private keys for two)

It seems that one of the dangers that bitebits was wanting to lesson is the potential problems of being reliant on one manufacturer, but sure, if you end up overcomplicating your matters, then you become your own danger to yourself.
legendary
Activity: 2380
Merit: 1823
1CBuddyxy4FerT3hzMmi1Jz48ESzRw1ZzZ

Explanation
Chartbuddy thanks talkimg.com
legendary
Activity: 1722
Merit: 2213
It looks like FTX will be selling $200,000,000 worth of crypto every week for the next 17 weeks… This will start next week. This downward pressure on the market will likely hold prices somewhat in check until the end of the year. I’d imagine once this is behind us (and the mtgox coins are distributed) it should be the final hurdle before launch.

They only held Shitcoins, no-one cares.

When Shitcoins tumble all the tards run from the sinking ship.

And they run to King Daddy.

*edited for lack of coffee brain

They chatter says they hold $268 in Bitcoin (7.8%), which isn't a lot tbf. $16m per week per week liquidating that would be. Other altcoins will get rekt though as there is already no liquidity to prop up a lot of prices.

I'm thinking it's time for another flush out of altcoins as Bitcoin continues sideways, maybe even a bit to the upside.
legendary
Activity: 3962
Merit: 11519
Self-Custody is a right. Say no to"Non-custodial"
I grabbed some silver.

I am stacking more btc.

Hard to get excited about stacking the shitcoin also known as silver, but hey if you have ways to get it and ways to sell it that are comfortable to you, then you are likely one or two steps ahead of a lot of "us" mostly non-commodity holding normies.. and not even conceding the stacking of silver to be a good idea (even if you might be able to figure out the sourcing and/or the ways to liquidate).

[edited out]
Speaking of how to take care of our hardware devices, I always remember an interesting film on that very topic - it's worth watching if you haven't seen it already.
https://www.youtube.com/watch?v=hf97ofTlZhk (Schloss Bitcoin (2020) - deutscher Kurzfilm - Crime Black Comedy Subtitles in English, French & more)

Yeah.. I watched that from another time that you had posted it... it is quite good in a kind of nerdy way, as you seem to be suggesting, and I also forwarded it to some folks in real life.. and then also I posted it once or twice in other places on the forum without remembering exactly that you had been the one that posted it previously.

..... Another thing to note is that the attacker does not have an immediate indication that the correct passphrase was found, because ALL possible passphrases (even "wrong" ones) result in valid (albeit empty) wallets. So, the attacker will need to check the blockchain against ALL passphrase candidates, and reject those that result in empty wallets.

I don't really disagree with what you are saying here overall AlcoHoDL - however, there is a bit of a difference between entering a passphrase that leads to a previously used location versus one that leads to a bunch of empty wallets (that thereby presumptively would have to be created since the route had not previously been attempted).

In other words, if you enter in passphrase that leads to empty wallets, Trezor will provide a message:

"This hidden wallet is empty.  To make sure you are in the correct hidden wallet, please type the passphrase again."

And it thereby allows you to enter the passphrase again to confirm or to just exit out.

There is another box that you can check that says: "I understand passphrases cannot be retrieved."

On the other hand, if you enter a valid passphrase that has value contained therein, it will not give any message or prompt, but just open up to the wallet and the balances of the various accounts therein will be shown.


By the way, reading through some of this triggered me into looking into the decoy pin feature, and I surely do not see how to set up a decoy pin.  I did not even know such a feature existed on Trezor even though I heard that some other devices (such as cold card) has such a feature.. and they also have the brick me pin.. and I don't really like the idea of a brick me pin, but I do like the idea of erasing all the data... but I still cannot find how to enable such a feature on the Trezor..

Ok.. I just found it, and it appears that you have to use a "terminal window" in order to set it up, which seems a bit confusing to me.. and goes to show that some of us (including yours truly) are spoiled by GUI interfaces.

https://trezor.io/learn/a/create-wipe-code-to-erase-device

I particularly liked vapourminer's "Trezor wipe-restore" method. Never thought of it, and it does make sense for those not using their Trezors often (myself included).

My use of the trezor seems to go in streaks.. and there could be several weeks that I am using it, but then not using it for months or even years.. and maybe these kinds of activities can vary - including that we might want to actually test out our device and system at least once a year and perhaps more often..   I have some recent business activities that are likely going to cause me to have to start to access the trezor more often, but surely I can see guys going more than a year without even touching their device.. which then could go to questions about whether we for sure know if our trezor is missing.. hahahahaha.. depending on how secure we might be in terms of placing it next to the TV remote or next to our computer, or in the bedroom between the mattresses or in a safety deposit box in the next city over or in our parents cellar safe or in another country that we visit once every two years.. hahahahaha

It's a trade-off, with potentially dire consequences at either extreme. I choose the middle ground, i.e., a PIN and passphrase that are complex enough to deter even a seasoned thief/hacker, but memorable enough to reside in the neurons of my brain -- that last part could potentially be dangerous in case of amnesia or head injury.

Don't forget the dangers of hypnotism.. or gosh are there truth syrums that someone could put into your drink. and maybe you really don't want to know certain things without having to consult with some kind of way to put some pieces together.. but if you enter your pin or passphrase (or even your 12/24 words) enough, it might get committed to your short term and even long term memory.. is that a good thing or not?.. I do know that the longer I take to access some of my information, it can sometimes seem very complicated, even though I had previously thought (a couple years earlier) that I had created a pretty straight forward system.. but then does it really work..

By the way, I have a little bit of a story, and I am not sure how much I should tell, but I had a situation in which I needed the seed phrase that was supposed to be in three parts and I was missing one of the parts (for reasons), and so I knew that I had two back ups of the three parts, and so I called up a life-long friend, and he surely is not very technical and even though talked with him about bitcoin several times, his eyes glaze over while he is looking at how complicated his flip phone is or that he is trying to get his remote on his TV to work.. (he doesn't have internet).. but anyhow.. I called him up, and I asked him if he could go to the location in which one of the pieces was located, and I would give him the code to get in, and then I would give him instructions about how to get to it while we were on the phone live, and he said o..k.. and he would call me when he was at the location.  It took about 5-10 minutes just to get to locating the place where the words were, and I told him that it would probably be 8 words, and he told me that it is only 4 words.. and then I remembered that it was a 12 word split up instead of a 24 word split.. and so when he read me the 4 words, he mentioned that one of the words was "xxcxxxxx", and I said that does not even sound like a real word, and he read it several times and told me that is what it says.  I said o.k... so I wrote down the 4 words, and I told him that I would let him know if I had any problems in terms of getting access to the wallet that I was wanting to get, but I would have to do it in a few hours.

So when I put together all 12 words, and I typed in the "xxcxxxx"  by the time I got to the second letter, there was already a suggestion that had the word to be "xxrxxxx".. so my friend could have had sworn that the word the one with the "c" and neither of us even thought about the word with the "r".. so sometimes simple mistakes can be figured out, but some kinds of more complicated mistakes might be a lot more difficult to resolve.

Oh.. and by the way,. the whole time my friend was telling me that he was not even going to try to remember anything that I was telling him.. a kind of courtesy message to say that he was recognizing and appreciating that I was sharing private financial information with him.. but part of the reason that I picked him to do it was that I already considered him to be someone who I could trust with that information and even more information than he might be comfortable knowing about.

I'm glad we're having this discussion, it certainly helps us all be more aware of the potential dangers and act accordingly.

ditto
legendary
Activity: 2380
Merit: 1823
1CBuddyxy4FerT3hzMmi1Jz48ESzRw1ZzZ

Explanation
Chartbuddy thanks talkimg.com
hero member
Activity: 938
Merit: 1891
bitcoin retard
It looks like FTX will be selling $200,000,000 worth of crypto every week for the next 17 weeks… This will start next week. This downward pressure on the market will likely hold prices somewhat in check until the end of the year. I’d imagine once this is behind us (and the mtgox coins are distributed) it should be the final hurdle before launch.

how much BTC do they hold?


I hope this is still accurate  Cheesy

FTX's Bitcoin Balance Plunges to Just 1
https://www.coindesk.com/business/2022/11/08/ftxs-bitcoin-balance-plunges-to-just-one

hero member
Activity: 938
Merit: 1891
bitcoin retard
So not bragging about your holdings is another easy security layer.

Part of the reason why 0.63 BTC will have to be downgraded, at some point.

@AlcoHoDL, Trezor vulnerability is something that has been known for years, there was a lot of discussion about it in the technical discussion boards, but luckily every user can protect himself by setting a passphrase, and there is also another option, which is the use of an SD card.

When it comes to passphrase, the conclusion is that they should be at least 37 characters long :

A physical access to a Trezor One, Trezor T, Keepkey, or B-wallet allows an attacker to extract the 12/24-words within a few minutes using a low-cost setup (~100$), with a very high reproducibility (we had 100% success). We finally proved it can be fully automated allowing anyone to use it in case someone would sell the Extraktor box (similar to old Playstation hacks). This attack can not be fixed. The only mitigation is to use a strong passphrase: we recommend 37 random characters to maintain the same level of security.

For those who are interested in how to protect themselves additionally with the help of an SD card :

Trezor T (2.3.0) and Trezor One (1.9.0) firmware update

Also, one thing I forgot is that it is possible to set a so-called fake PIN that can be left as a bait, and if it is entered, all data from the hardware wallet will be deleted.

The Wipe Code
Another exciting new feature is the wipe code that acts as a “self-destruct PIN” that erases your Trezor if someone tries to unlock your device without your consent. If the wipe code is entered into any PIN entry dialog, then all private data will be immediately erased from your Trezor and the device will be reset to factory defaults. You can write the wipe code somewhere near your Trezor as a decoy PIN, so if someone tries to unlock the device without your consent, they will cause it to erase itself. You can also use the wipe code to reset your Trezor without using a host device. This update can be enabled on both Trezor models.
A 128 bits PIN should do the trick as well, as it is used to encrypt the seed on the chip.

(Please let me know if you think I'm wrong)

I still have problems with the need for 37 random characters for the 25th word.. and let's say if someone just has 10-15 somewhat random characters, then how long is it going to take to break into the Trezor?

Remember each time that we log into the device and sometimes we might get disconnected and have to log in again, it can take quite a bit of time to be logging in these 37 random characters each time...

I am not going to say how many digits that I actually use, and  I also am not going to give any hints either... and it is bad enough that I said that I use such a device, in theory.

By the way, we have a long term member in these here parts that swears by that piece of crap, aka Ledger, and surely there are probably quite a few members who may or may not be in the closest about their use (and apparent belief) in the Ledger crap.

~snip~
A 128 bits PIN should do the trick as well, as it is used to encrypt the seed on the chip.

(Please let me know if you think I'm wrong)
You are definitely right, considering that I am not a user of Trezor, I was not even aware that in 2021 they increased the maximum PIN length to even 50 digits, and they say that 39 digits is quite enough to protect the seed from hacking. It's actually a good thing for those who for some reason don't want to use a passphrase or maybe don't even know such an option exists - although it's an option they always recommend to advanced users.

Everyone should use the passphrase.. and it should not be considered advanced... and maybe using 37 random characters might be considered advanced.

But I still wonder if a relatively short password might just be considered a less advance version. and is better than no password at all.. so why do we have to have a need to overly complicate matters by suggesting so much complication, when surely it must add quite a bit of difficulty to just have a shorter 25th word in there (or 13th word seems to be more standard) rather than no extra word (passphrase) at all.

In other words, why let the perfect be the enemy of the good?

We have a lot of cases where users wonder why they don't see anything on their balance even though they have the correct seed, and then it turns out that they actually added an extra password without which the seed creates a completely new set of addresses.

It might be a bit impractical to enter a PIN that's 39+ digits long, but for the average user it's probably easier than setting a passphrase.

Oh I see that the 39+ pin is different from the extra word...and that 39 character pin would resolve the other issue regarding a hacker getting ahold of the physical device and breaking into it.. so that still leaves the issue of the 13th or 25th word actually not needing to be very complicated, and a 8-15 character passphrase may well make it quite difficult to get at the wallet because they would first need to know (or suspect) that such a wallet (or extra portal to a wallet) actually exists in connection with the 12 or 24 word seed that was extracted from the device.

Some thoughts:

If nobody can access your seed your won't need any passphrase, if the seed was created with sufficient entropy ...which should always be questionable though!
Also, you are right, even a short passphrase will leave anyone who gets your seed in doubt if there even is a hidden passphrase wallet and if it makes sense to put in the work to look brute force for any.

A 128 bits phrase can secure your seed with the same security the seed secures your BTC, if that's what you want/need for ease of mind.

Nice thing: totally independent from all that passphrase science is the PIN which can secure your Trezor 100% against seed extraction from the open source chip. If the PIN is strong enough, your device will be worthless to any attacker.



Multisig solves a lot of potential security issues without making things complex (which is a security issue by itself). It really should be the standard in case of managing anything else than pocket change.

using several wallets to send transactions can be a pain though
Jump to: