Topic: What to do if your computer is compromised (Read 1992 times)

An air gap would be awesome. No automated trojan or bored teenager is going to get past it. You'd be safe from the two major dangers of the Internet.

I think of it more as a bitcoin vault rather than a savings wallet.

  Issue 271, Ability to sign transactions offline, would be quite useful for keeping that machine permanently disconnected.  A standalone airgap system for use as a "savings" wallet.
  - http://github.com/bitcoin/bitcoin/issues/271

I think you should definitely have a machine that has Linux on it. Not because it is more secure, it isn't. But you get a pretty secure system with a lot useful built-in tools to achieve security. You could also have that with some fancy enterprise version of Windows, but with the Windows versions most people have you have to deal with a lot of external tools and take care about security yourself.
For example you should always prefer your system's built-in disk encryption, because this is meant to protect your data. You can do a similar setup with TrueCrypt, but then you have to know exactly how you avoid each of the many mistakes. That's pretty hard. Just installing TrueCrypt doesn't do the job.
Another advantage of Linux is that you are not dependend on running software from the web. You find most thing in the distribution's repository, and over this way it is secured via cryptography that you don't get manipulated program versions.

There is a thread on how to secure your wallet. You can put it on a usb device, passkey encrypt it, delete the data from User/Roaming/Bitcoin, and direct your Bitcoin client to your encrypted files when you load it. Check the guides.

If you have a lot of money in bitcoin you should really consider dedicating a machine for a secure wallet. A cheap netbook, preferably small enough to fit in a safe, or a cheap desktop system.

as long as it isn't preggers.

i don't have the time to raise a litter of PDAs.

There is nothing you can do but total reinstall. And you really have to let stuff go to be sure that you don't carry the infection to the new system. That's a sacrifice - but it should never happen anyway.

After reading the disturbing tale of 25,000 stolen BTC ( http://forum.bitcoin.org/index.php?topic=16457.0 ), I have decided now is the time to make 100% sure my data (including bitcoins) are secure.

So here are my suggestions on how to secure your stuff. I am not security expert, so input is appreciated.

Assume your computer is compromised. Get a new, uncompromised computer with a safe internet connection (where you can be sure no one is changing your unencrypted internet data). On the new computer, create a new encrypted password file using a password manager like KeePass with a long, complicated password. This is the only password, besides the user password to your computer, that you will have to memorize. In your password manager, create new, unique, complicated passwords for every single account you have. Do not bother memorizing any of these passwords... that is what the password manager is for.

Next, assume all data stored on disk will eventually be compromised by someone. Thus, use tools like encfs or truecrypt to encrypt all data on disk. For each encrypted volume, use a different password, saved in your password manager.

For bitcoins, transfer all bitcoins out of your old wallets into new wallets. Otherwise, the money can be stolen at any time if someone has the old unencrypted wallets. Make sure the new wallets are never written to disk unencrypted; they should only ever existed on disk in encrypted form.

If you have private/public key pairs, you will need new ones.

Only place encrypted data into data storage tools like Dropbox, wuala, or tarsnap. Personally, I wouldn't ever trust a data storage service that they encrypt your data. Assume your data is compromised, and encrypt it before using their services.

You have no choice but to assume your computer is not compromised during daily use, or your passwords, and thus all your data, will be stolen. If you ever suspect that your computer has been compromised, then follow the procedure listed here. Change all passwords, rencrypted all data, and create new data (bitcoin wallets and private keys) if necessary.