Electrum: Verifying the download's authenticity using signature or other means?
I frankly do not see how a non-technical person would have much chance of verifying that the Electrum executable is authentic using signatures. If this is important to do -- if there is a danger that one could accidentally download a malicious version of Electrum -- then how can this verification be explained so that anyone can do this?
Could Bitcoin be the catalyst that finally makes the typical computer user take security seriously? (Also, how to build a secure offline computer)
With all the inevitable posts from new users jumping head first into this 'magic internet currency' from malware infected systems using weak and/or duplicate passwords and no proper backups who then go on to mysteriously lose all their shiny new Bitcoin, it made me realize that money is a powerful motivator. Depending on how much is lost it will probably only take one or two instances of losing money before most people start to understand what we tech guys have been trying to tell you this entire time. While we're on the subject, I will repost for you a comment I made to the security guide (permalink here) detailing my procedure for building a secured offline system for anyone wishing to protect large (and small) amounts of Bitcoin.
Take an old computer and first epoxy the ethernet port so it is not able to go online. Remove or disconnect any WiFi and/or Bluetooth cards, and any other networking components. Disconnect and/or disable any microphones and speakers.
Install Windows completely formatting the drive in the process. Many users here will tell you to avoid Windows and use Linux but since this computer is completely offline it does not much matter. Use your preferred OS. I additionally uninstalled and/or disabled certain services critical for networking but otherwise unneeded for normal operation. It is also good to disable any other unnecessary services. Be sure to disable autoplay. Set the BIOS to not automatically boot from CD or USB. You can set up BIOS security as well but if you do, be sure document the passwords.
Install TrueCrypt and fully encrypt the system drive. All software installers and other files will need to be transferred via a thumb drive. Use an extremely strong password that you do not use elsewhere. MEMORIZE THIS PASSWORD AND WRITE IT DOWN TEMPORARILY ON A PIECE OF PAPER!!! NEVER ENTER THIS PASSWORD INTO ANY OTHER COMPUTER OR DEVICE. Let the encryption process complete 100% before proceeding. Reboot the system and test to ensure you are able to decrypt the drive and log in to the operating system.
Install Armory, KeePass, Foxit PDF, CutePDF writer, and Eraser. You may wish to install Electrum as well. You will need a printer so it may be necessary to load a driver for it as well. If possible, use a printer without network capabilities or persistent memory.
Create a KeePass file. I always secure KeePass with a key file in addition to a password. Do not use the same password for the KeePass file as you used to encrypt your drive. This password should also be memorized. DO NOT ENTER YOUR TRUECRYPT PASSWORD INTO THE KEEPASS FILE! You can however enter your windows and bios passwords if you like. I also configure KeePass to generate random 30+ character passwords using upper, lower, and numeric.
I generate my wallets in Armory. Since this computer is offline Armory does not require a great deal of resources and will not download the blockchain. Note that you will not be able to check balances from this system. I secure each wallet with a separate KeePass generated password and document these in the KeePass file. I then generate watching only wallets that I store to a folder on the offline computer and also attach them to the associated KeePass entry for ease of access. DO NOT ATTACH YOUR ACTUAL WALLET, OR ANY DIGITAL OR PAPER BACKUPS TO KEEPASS! I also create a paper backup and save this on the offline computer using CutePDF Writer as well as a digital backup of the wallet file. Since Armory creates deterministic wallets, these are the only backups you will ever need. Print the paper backups and place them into a tamper evident envelope. Keep this in a secured location such as a safe deposit box. NOTE: This can also be done using Electrum but Armory has a much better interface and multi-wallet support. The online version of Armory however does require a robust computer and a full download of the blockchain. I will use Electrum only if I expect that the specific wallet I am generating will be the only wallet monitored on an online system with limited resources.
Create a text file on the offline computer documenting the TrueCrypt password and key files, KeePass password and key files, the operating system and BIOS passwords, as well as instructions on how to access the offline computer, TrueCrypt file, KeePass file, paper wallets, key files, and any other critical information they may need. Print this out, place it in a temper evident envelope, and keep it in a second secured location available to whomever might need access to it in case of death or an emergency. Be sure you and they have access to unencrypted copies of your key files. You can now destroy the paper on which you originally wrote your TrueCrypt password.
Create a TrueCrypt file on the offline computer. For simplicity you can use the same encryption password as you did for the HDD earlier but you may also wish to add a key file. Place copies of the KeePass file, digital backups, watch only backups, and anything else you may ever need should the offline computer fail. Optionally, you can also add the paper backups and written instructions (read paragraph in italics for considerations). You can now copy the TrueCrypt file to a thumb drive and from there various other locations from where it may be reliably accessed.
You may wish to choose not to store copies of the paper backups in the TrueCrypt file. The paper backups are enough in themselves to fully restore your wallets and spend funds, therefore, if somebody does manage to open your TrueCrypt file, they would have total control over your Bitcoin. By not storing the paper backups in the TrueCrypt file, you ensure someone would need access to both the digital backups (stored in the TrueCrypt file) and the passwords (stored in KeePass) to move funds. The same holds true for the offline computer. If you do choose not to save the paper backups (or delete them using Eraser), even if somebody manages to decrypt your drive they will still need to open KeePass to spend your Bitcoin. For this to be effective however, you must be sure not to copy the instructions file you created earlier into the TrueCrypt file, or in the case of the offline computer, you should use Eraser to delete it, because it contains your KeePass password. The main disadvantage to not including these files would be if, unbeknownst to you, one of your digital wallet files were corrupt. If this were the case and for some reason you cannot access the paper backup you could lose your coins. You can test the integrity of an offline wallet without compromising security by signing a message from the offline computer using the private key then, from another computer, validating the signature against the public key. IMPORTANT: IF FOR ANY REASON THE TRUECRYPT FILE IS EVER DECRYPTED FROM A SYSTEM OTHER THAN ANOTHER OFFLINE COMPUTER OVER WHICH YOU HAVE COMPLETE CONTROL, ALL YOUR WALLETS AND ENCRYPTION KEYS SHOULD BE CONSIDERED COMPROMISED. IF THIS OCCURS, I ADVISE YOU TO REPEAT THIS ENTIRE PROCESS USING COMPLETELY DIFFERENT PASSWORDS AND TRANSFER ALL BITCOIN TO THE NEW WALLETS!!! Even though the KeePass file does contain all of your wallet passwords, since it holds neither any wallet backups nor your TrueCrypt password, even if an attacker gains access to this file your Bitcoin will be secure. Still, if you suspect the KeePass file to have been compromised you should again at the very least create new wallets using different passwords and move your coins (and don't forget to back them up again!) That is it. You can now set up a fully operational copy of Armory (or Electrum) on an online system and import your watching only wallets as well as your KeePass file. These can be copied unencrypted from the offline computer to a live system via a thumb drive. (Just be sure that you are not also copying your actual wallets, digital or paper backups, or instructions file.) This way you can track balances and receive Bitcoin. If you ever need to spend any Bitcoin, you can create the transaction from your online computer and sign it with the offline computer using a thumb drive (Armory makes this very easy). For added convenience, you can import a full digital backup of one or more of your wallets to hold smaller amounts of Bitcoin on your live system so you don't have to sign minor transactions offline. Just remember that whichever wallets you do bring online should never again be considered as secure as those kept completely offline.
Safety of open source Bitcoin wallet software/apps
Open source software are considered safe/safer because the source code can be audited/reviewed. This thread is not about the source code, but the potential risk caused by the compilation process, or in other words, the possibility that the software/apps aren't complied from the claimed source code. Here is a link about some version of TrueCrypt's Windows executable being suspicious: https://blog.cryptographyengineering.com/2013/10/14/lets-audit-truecrypt/
[T]he Windows version of TrueCrypt 7.0a deviates from the Linux version in that it fills the last 65,024 bytes of the header with random values whereas the Linux version fills this with encrypted zero bytes. From the point of view of a security analysis the behavior of the Windows version is problematic. By an analysis of the decrypted header data it can’t be distinguished whether these are indeed random values or a second encryption of the master and XTR key with a back door password. From the analysis of the source we could preclude that this is a back door… As it can’t be ruled out that the published Windows executable of Truecrypt 7.0a is compiled from a different source code than the code published in “TrueCrypt_7.0a_Source.zip” we however can’t preclude that the binary Windows package uses the header bytes after the key for a back door.
Bitcoin client comparison? Ease of use, functionality, security etc..
Hey everyone, I've recently started using bitcoins, and been trying to figure out the best way to store them.. There are a bunch of desktop clients available, each with it's ups and downs, supporting different features, and using different amount of resources.. I wanted to find a nice overview of them all, but so far I'm not finding anything that I wanted to know.. So I think we should have some kind of wiki page, that describes them in more details. Explains how to start using each of them, and how to ensure it's safe. For example, to try and secure my wallet files, I'm storing them in a TrueCrypt volume, that's archived to the cloud. This way they are backed up to multiple locations, incase my machine dies, and are also encrypted, in case one of the machines is compromised! I'm not sure if that's overkill or not :) I thought I'd start with a short write-up of my opinions on some of the clients and my impressions of them. It's by no means a comprehensive review (that would take a lot more space than a single reddit post). All of this is just a subjective view on each of the clients.. I hope more people will add to it, maybe even compoling a nice and informative comparison of all the popular clients!
Bitcoin-QT: The official client. Somewhat basic in functionality, advanced functions (like backing up the private key) available through the "debug" window., but works well for a lot of people.. You can backup the wallet.dat file in the TrueCrypt volume to secure the coins, but the client will store the main working copy of the wallet file in %APPDATA% in Windows - leaving it potentially compromised, unless you encrypt the wallet file (part of the client's functionality). There's no obvious way to change the storage location. The downside (upside for some?) of the client is that it stores the whole blockchain.. (almost 15GB atm) Initial synchronisation takes a lot of time.. If you don't use it for some time, you'll have to synchronise again, which takes time (and CPU resources btw).. At the end of the day, the wallet is as secure as your machine is. No support for paper wallets / watch-only wallets / offline storage, transactions.. But for basic use - it works perfectly fine.
Bitcoin Armory: A popular powerful client, runs "on top" of Bitcoin-QT, which means the blockchain is also stored on the local drive.. On top of that, the Armory client will also build a local database to manage it, which means it needs more storage on it's own.. (at the moment, that's an extra 16GB on top of the blockchain!). Also, the synchronisation status is not very helpful, just saying the % synchronised.. At least Bitcoin-QT states how many weeks/days you are behind, so you can somewhat estimate how soon the sync will work. The Armory client supports multiple wallets, compared to the official client, which can be stored separately. The wallets use (correct me if I'm wrong?) a deterministic key to generate the private keys, which means if you backup your wallet in cold storage - you can restore it at any point, and restore all the new addresses generated after the backup - a very useful feature. The Armory client has more advanced functionality like paper backups (described above), offline wallets and offline transactions, and a lot more.. Some features are missing, like importing watch-only addresses. You can though create a watch-only backup of a wallet, and import that on a different machine, but if you only have an address - not supported atm. The client seems rather powerful, but also feels a bit clunky and hard to use.. Some functionality is missing, and just strange (not all private key formats are supported.. even if most other clients have no problems with them)
MultiBit: A lite bitcoin client, that doesn't store the whole blockchain locally. This makes it a lot easier to start using, even on a new machine. It will only synchronise a part of the blockchain that is relevant for a specific address, which means you save on both time and storage when using it, but it can be (potentially, but quite unlikely) compromised, if the only nodes it can see are rogue. It also supports multiple wallets, you can select where to store the wallet files, and they can be password protected as well. You can store them on a TrueCrypt volume, to secure it even more. The app is still relatively simple to use, while providing more functionality than just the basics. Compared to Armory and Bitcoin-QT, you can also create a portable installation, which can be stored on a USB key / True Crypt volume along with the key files.
Electrum: This is one of the clients I've hardly used so far.. It has a full and a portable version! With the portable version I can store they keys where I want, and keep them secure as I see fit. As MultiBit, it doesn't store the full chain, but instead will use a server to keep and manage the blockchain. But nothing is stopping you from running your own electrum server and connecting to it, if you're worried. The client seems rather simple, but powerful at the same time. Same as Armory - it will create a seed that will be used to generate addresses. The nice thing is that it will generate multiple receiving addresses, and will also maintain change addresses, which (if I'm right) means that each transaction will not reuse the same address twice, unless you force it to. My only gripe so far with it is that it's the only client so far where you can't send to multiple addresses in one transaction, forcing only a single recipient per transaction.. I hope that'll change in the future :(
Using Electrum and Bootable Ubuntu USB to Create a Secure Cold Storage Wallet
Here is a short guide that is hopefully newb friendly for creating a cold-storage wallet with Electrum. All you will need is at least one USB flash drive with at least 2 GB of free space, your PC, and pen & paper.
The first step is to create a bootable Ubuntu flash drive. Ubuntu is a free open source Linux distribution that is very newb friendly, don't be intimidated. Assuming you are a Windows user just follow, these directions on how to make a bootable Ubuntu USB drive.
You will need The Universal USB Installer, as well as the Ubuntu .iso image file. Choose the 32 bit version to be safe. Download both, plug in your USB flash drive, and launch the installer. Select Ubuntu in Step 1 in the installer. Then in Step 2 browse and locate the Ubuntu .iso image file you downloaded. Then in Step 3 select the drive you have inserted, as well as click the box to format the drive and erase contents. Do NOT set a persistence as this will reduce the security. Then click create and wait for it to finish.
Once done creating your Ubuntu bootable drive, you will shut down your computer. Then with the USB stick plugged in you will boot the computer up. The computer should boot into the Ubuntu stick instead of your regular hard drive. If it failes to do so, then when booting press F4 or other command to enter BIOS menu. Then go to boot order options and change the boot priority so that it boots to an external/usb device first before the main hard drive.
Once booted into Ubuntu, make sure to click "try ubuntu". You are only trying it out on the USB, and not installing it onto your main hard drive. The reason for using the bootable drive is everything exists in memory and mostly disappears when you shut down Ubuntu.
Once booted, you can connect your internet connection to download Electrum. Go to the software center on the left side bar, it looks like an orange shopping bag. Search for "electrum" and then download and install Electrum. After this its very important to DISCONNECT the internet and NEVER turn it back on until you shut down Ubuntu.
(It would be more ideal to install electrum in a complete cold environment, but I have heard that could cause some problems with Electrum at this time and it is best to install it while connected to the internet. But if you want true cold storage you must have zero internet connection at the time of creating the wallet. Since we are disconnecting before Electrum creates the seed, we should be good.)
Once the internet is disconnected, then go ahead and launch Electrum. Choose the option of creating a new wallet, and write down the seed phrase on paper. Also record some of your public addresses. Also you can enlarge electrum to the entire screen then click on "wallet" on the top left, then click "Master Public Key", and you can copy the Master Public Key which will allow you to reconstruct all of your addresses for that seed. The Master Public Key can also be used to create a watch only wallet in Electrum, just choose "watch only option" when creating the wallet and when prompted enter your Master Public Key.
At this point you are done, just shut down Ubuntu to make sure the evidence of the seed is erased. Then you can send Bitcoins to your cold storage wallet. You have effectively created a very secure cold storage wallet, in my opinion. To restore the cold wallet, just launch electrum and choose "restore wallet" option, type in your seed, and voila you have a hot wallet ready to spend again. Extra:Using Truecrypt Encryption Bonus tutorial is if you would prefer to save your seed on another USB or digital device. It is not recommended to do this, unless the seed in encrypted. Even then I would only leave it on a USB and not plug it into any hot device just to be safe. I would recommend Truecrypt although its possible the NSA has hacked Truecrypt, so use at your own risk.
To install truecrypt on Ubuntu, I have found this seems to be the best method using the PPA by Stefan Sundin. Open a terminal and execute the following commands:
Hit enter after each command. If it asks permission, press y. Sometimes I had problems getting commands to work in the past. For some reason first installing flash from the software center fixes the problem, but I have no idea why.
Once installed then just type "truecrypt" in the terminal and press enter, and truecrypt will launch. Then go ahead and click the create volume button. Choose create an encrypted file container and click next. Click Standard Truecrypt volume and click next. Then select a name and location for your file and click next. Then I usually choose AES-TwoFish-Serpent encryption algorithm and RIPEMD-160, then click next.
Choose a size for the file, probably 5 MB is enough, but by all means choose more if you want to hold more files. Click next and make sure to choose a SECURE password for the file. If you don't pick a good enough password it will be brute forced easily. Use numbers, letters, capitals, lowercase, symbols, and make it long as possible. Try to have it something you can memorize if possible. Then click next. Then format it as FAT, and click next. Move your mouse around for entropy and then click Format, and your truecrypt container has been created.
Then click exit, and go back into truecrypt's interface. Click the first slot in the rows, and then click "select file" underneath. Choose the file container you just created. Then click mount and type your password to mount the container. Once mounted you have access to the container and can drop files inside, and access the contents as well. Once done, dismount the file, and save it where appropriate.
I think this is a decent easy to follow tutorial. Hopefully this can help some newbies out, if I made any mistakes please feel free to correct me. Edit: Sorry formatting sucks.
So my bitcoin is pretty secure right now (TrueCrypt containers in [mostly] offline computer), but it's been a couple of years so I think it's time I upgraded to fully offline. I plan to: - Install a fresh copy of Windows onto a spare SSD by USB booting my laptop. - Download and install Electrum, write down the 12 seed words on paper and put it in my safe. - Transfer my bitcoin to the address in the Electrum client. I might encrypt the whole OS with TrueCrypt, but physical security is not really an issue for me. My main concern is that I've picked up something on my current host, so will need to virus + spybot + adaware + malwarebytes that computer before I decrypt the container and send the bitcoin across. I'll also need to destroy the several backups I have spread across multiple hard drives...I know they will be empty but it's confusing to have so many TrueCrypt containers. Anyone have extra suggestions or tips? PS. I'm pretty set on moving to Electrum because of the seed/recovery feature and ease of use. I'm not a fan of pure paper wallets because change addresses etc. get annoying.
Free tools to keep your Bitcoins safe in a windows environment (for dummies)
There are a lot of windows users who are losing bitcoins because their lack of knowledge in basic computer security. I would like to offer some easy to use free software and practices to help protect your bitcoins. (I'm not affiliated with any of the companies mentioned) Software:
The Three Legged Stool of safe storage. I've given a lot of thought about how I can safely store my Bitcoins. I want to share my method in the hope others may find this helpful and any discussion could also help me. I'm not intending this as a beginners guide to cold storage, plenty already exist. But people, both new and familiar with cold storage, can benefit from the applications and ideas I'm suggesting here. The Three Legged Stool, what's this about? There are just three ways to unintentionally lose your coins: Leg 1, They can be stolen Leg 2, They can be physically lost Leg 3, You can forget how to access them The snag is that anything done to improve security to one Leg tends to increase the risk of loss caused by being out of balance with the other two Legs. For example, to protect your coins against Leg 1 (being stolen) you may hide the coins private key in a password protected container somewhere in your house. My point is that you have reduced the risk of Leg 1 (getting them stolen) but at the same time increased the risk of Leg 2 (physically lost) and Leg 3 (forget the password). This is especially true with long term storage. Equally, not using a password protects against Leg 3 but increases the risks from Leg 1 and is of no help against Leg 2. The objective is a balanced stool, keeping your coins safe and also always available for spending. How it can be done: My preferred method is using Paper Wallets with BIP38 encryption. With secure passwords, these are so safe you can keep multiple copies of the same wallet all over the place. Keep copies at work, at home, at your parents house and even carry the private key QR code with your phone in case you want to spend a chunk of Bitcoins unexpectedly. Brute force attacks on BIP38 wallets are so slow, I can't think it's possible to crack a strong password of let's say 10 random letters, numbers and symbols. So this is total protection against Leg 1 and Leg 2 but forget that password Leg 3.... and your coins are gone forever! Here's the clever bit. So how can you guarantee never to forget that complex wallet password? Yes! There's an App for that, "Infinite Password Generator" (IPG) is truly brilliant. https://play.google.com/store/apps/details?id=yuku.infinitepassgen.app The only permission this App has is to access Google Play payment services so I don't think it can give any secrets back to the developer. Install this app and make backups of the APK, save backups on several devices in case it's ever removed from Google Play. If you change your phone you will want to be able to install IPG from your APK backups and it's best not to update this App. If you do update it then always check it is generating the same passwords using the procedure explained below. IPG generates complex passwords by combining your own "Master Password" with a Keyword. As an example, your Master Password must be something you can NEVER forget like the house number and road name you lived in as a child. The Keyword is a unique identifier for this Paper Wallet, maybe a name and incrementing sequence number like wallet3. IPG combines these two fields to generate a secure repeatable password you can use as the input to the BIP38 encryption. IPG let's you save its configuration settings and you need to do this: Fill in the Master Password, put your name in the Keyword field, press Show and select the type and length of BIP38 password you want then press Copy (to the clipboard). Now, paste the generated password over the Personal notes (optional) field. Next, delete the Master Password field and Save, then exit IPG. Open IPG and Load your saved file, fill in Master Password then Copy/paste the generated password under the original copy of the password and if you did this all correctly you will have generated exactly the same password, confirming you put in the Master Password correctly. Now change the Keyword field to your chosen Wallet Identifier, let's use my example above wallet3 and this will generate the required unique password for that BIP38 Paper Wallet you're about to make. I would write 3 as a hint on all copies of this Paper Wallet to make sure I don't forget the full Keyword. The next Paper Wallet I generate being wallet4, marked 4. Also I paste a copy of the IPG generated password into a Truecrypt encrypted container as a last chance disaster recovery. Final steps to use IPG safely. You must close this App correctly otherwise it stays a while in memory containing all your secret information. Then you need to clear the clipboard of the wallet password and I've been using an App called Clipboard Autoclear+ to do this. https://play.google.com/store/apps/details?id=de.tactilesoftworks.clipboardsentinel I've used two Paper Wallet generators, my favorite is https://www.bitaddress.org but it's a bit cumbersome to produce multiple copies of the same wallet. I also like https://bitcoinpaperwallet.com because they can produce Testnet Wallets which is a coin identical to Bitcoin but uses valueless coins purely to be for testing purposes. Google Testnet Wallets for more info. Spending from your Paper Wallet is easier to do than explain and I started by using the Blockchain.info Android App. But this has let me down with an error message "insufficient funds" and I see many complaints about this problem. I wrote to Blockchain.info about it but got no reply. Since then I moved to Mycelium Wallet https://play.google.com/store/apps/details?id=com.mycelium.wallet and have had no problems with this. Also they do a Testnet version of Mycelium which is incredibly useful. In Mycelium you just scan your Paper Wallets public address to watch how many Bitcoins there are in them. When you want to spend from the Paper Wallet, first run IPG, load the file and fill in the passwords then copy the Paper Wallet password to the clipboard. During the Send transaction Mycelium will ask to scan the wallet Private Key, it then asks for the BIP38 password which you can paste in from IPG and the amount of Bitcoin to send and off it goes. A couple of important points to consider if you're not spending the full amount from the Paper Wallet. Once your private key has been used like this you really should send the remaining Bitcoins the next Paper Wallet in the sequence called, using my example, wallet4. That's because once a private key has been used or exposed to an online device, it's no longer safe to consider it as cold storage. If you don't spend all the coins on your Paper Wallet it's likely you will get back change and you must be sure the Wallet App you're using supports this or your change will disappear as a donation to the mining community. Mycelium and Blockchain.info Wallets automatically look after sending your change back to the Paper Wallet's corresponding public address. OTHER APPS MIGHT NOT DO THIS SO BE CAREFUL. Generating Paper Wallets should be done on an offline device such as an old Android phone factory reset and only used for this purpose or a bootable Linux USB. In conclusion this approach overcomes my doubts about my ability to remember long term secure passwords, possibly years after I made them up, because I shouldn't forget the Master Password as it's something so personal to me and the Keyword is almost attached to the Paper Wallet. Leg 3 is dealt with and Legs 2 and 3 now take care of themselves. I do hope some of you find these ideas helpful. The developer of IPG Yukuku does not make any provision for donations and I would happily make a donation for this excellent App that is also available for Windows. Disclaimer, these ideas are for your consideration and debate only. I take no responsibility whatsoever for any losses that may arise however they are incurred. I have absolutely no connection or financial interest in any of the applications I have referred to here.
What techniques/strategies do you guys use to keep your BTC safe?
I've made a separate user account on my ubuntu netbook with a different pass. While on my netbook, I changed my password algoritm stuff for all of my emails and created a new email exclusively just to deal with bitcoin stuff. I'm going to create truecrypted containers for my wallet and put backups on services like Ubuntu One, dropbox and USBs. I'm not going to use my windows desktop to deal with any bitcoin transactions. I'm sure this is overkill but are there any safety techniques that you guys use when dealing with bitcoin?
This is my work-flow for cold storage and BTC management. Any gaping holes?
Preparing my cold-storage wallet: 1. Using my Windows laptop, go to Bitaddress.org and save the web page on a USB stick 2. Download Ubuntu and burn the ISO onto a DVD 3. Boot my Windows laptop into Ubuntu. Make sure I am off-line. 4. Insert the USB stick and open the Bitaddress.org file. Go to the Bulk Wallet tab and create 10 public/private keys 5. Copy the public/private keys into Notepad and save it on my USB stick. Remove it from my laptop. 6. Plug the USB stick into a desktop PC that is directly connected to my printer and is off-line. Print two copies of the 10 pubic/private keys 7. Keep one copy in a locked fireproof box hidden in my home and one copy in a bank safe box 8. Option: Also scan or photograph a copy and keep it in my TrueCrypt vault on my PC. 9. Erase the notepad file on my USB stick. Buying and storing my BTC: 1. Purchase BTC via Coinbase using my everyday Windows laptop - but using 2FA 2. Only keep a small amount of BTC in my Coinbase account for spending. 3. Send the rest (in increments of 0.5 BTC) to the various addresses that I have listed on my hard-copy print out. 4. For reference, keep a spread-sheet in TrueCrypt of just the Public addresses and amount I have deposited. Spending, Selling and/or refilling my on-line Coinbase wallet: 1. Import the complete contents (0.5 BTC) of a cold-storage wallet into Coinbase using the online import wallet function. 2. Since I have now risked exposure of the private key for this address, I will never use it again. 3. Spend or sell BTC as needed 4. If I don't need the entire 0.5 BTC that I have transferred into Coinbase, I will send the change back to the next open address in my bulk wallet. To me this seems like a simple and safe method to save and manage my Bitcoins. Is there very much risk here?
Ok, I'm finally splitting up my Bitcoin into multiple wallets. It's not much unfortunately, but some of it goes to my brother, some is for savings, and some is for general spending. I want to take my savings wallet offline, and I want my spending wallet to have some form of double authentication. Was wondering what are the best ways to do this? For offline, is having a copy on multiple Encrypted USB drives and just deleting it from any internet connected computer good enough? Brain wallet sounds like a pain, plus seems to be only possible on Windows right now. And it honestly scares the crap out of me to think of deleting all copies of the wallet file, and if I'm not willing to delete it, then really why do i need a brain wallet? For spending, is there a really simple way to make a normal USB stick into an Authenticator rather than buying something and figuring out how to make it work with a wallet? I want something where i have to have both a USB stick (or maybe some other code) in addition to my password to spend any Bitcoin. Preferably something stupid easy, plug in USB, open wallet, type in password, spend. I'd like to not have to open an application like Truecrypt or something.
Some questions about the blockchain, wallet.dat, and Truecrypt on Windows
1) Do I need to download the entire blockchain before I can send bitcoins from the official bitcoin client, even if blockexplorer.com says my address has received them? The blockchain is taking a long time for my client to download and my balance is unchanged. (On getblockchain.com, the blockchain is currently 475MB compressed and 1.42GiB uncompressed, although the site is more targeted to linux users.) 2) After following the Bitcoin wiki regarding Truecrypt, if I launch bitcoin.exe with the -datadir option pointing to a Truecrypt container file that contains wallet.dat, does the ever-growing blockchain also have to be in that container file? Can I point the client to one location for the blockchain and another location for the wallet file? 3) Can I leave the blockchain in its normal directory and do I just need to copy wallet.dat out of the Truecrypt container file when I need it? (Or decompress it with 7-zip or decrypt it with GPG4win?) Wouldn't it then be vulnerable to trojans like Infostealer.Coinbit or the metasploit module bitcoin_jacker.rb? 4) Will the plaintext wallet issue be obsolete by version 0.4.0.0 of the official client? And will a headers-only client make it so every user doesn't have to download a neverending blockchain?
Hi :) I have BitCoin and the DB installed in an 8GB TrueCrypt volume. I quit it when it had 250MB spare. So, I created a new 12GB volume and tried to copy the data from the 8GB one to the 12GB one, but it said "Drive Full" before I finished. Windows claims 263MB free on the 8GB volume, but if I highlight the contents, right click and choose "Properties" it says the drive contains 12.1GB. Chkdsk is happy. I'm guessing there's some SymLinking going on, but the .dat file dates differ, so I'm puzzled what's going on. Something might have b0rked? I might have to move to a lite client, particularly as I'm temporarily living in a nursing home and have 6GB a month to play with; but not aware that any client can import the bitcoin-qt wallet. Cheers, Mike.
Looking to keep my bitcoin data portable and encrypted however the large amount of blockchain data is problematic. I'd like to use bitcoin, truecrypt and googledrive. Is this possible?
Hey there, so I'm looking to store my wallet.dat in a truecrypt volume located on my google drive. It looks like with the stock bitcoin windows app, I would have to move the entire data directory. This wouldn't be a problem if the blockchain wasn't so huge. Is there a more lightweight app that would do this? Perhaps a better way? The reason I'm having an issue is because to point Bitcoin.exe to my wallet.dat (which is located on a truecrypt volume in my googledrive folder) I have to point the entire data directory like so: bitcoin.exe -datadir=y:\Bitcoin The problem with that though is the blockchain data is HUGE and I don't want it filling up my googledrive. So I guess my questions are:
Is there a portable light weight version of the bitcoin app that would handle this better?
Is there a flag that won't redirect the ENTIRE bitcoin data folder and only point to where the wallet.dat file is?
Is there a way to just omit the blockchain data somehow?
Thanks in advance, sorry if this has been covered before. I did a search but nothing came up.
I've recently been approached by family members who want to use bitcoin, but I'm thinking about how to do that in hte best way. I've been using bitcoin-qt + truecrypt, but this seems quite burdensome, yet I do not want to make tem trust online wallets, since that defeats the purpose. I've heard that electrum is a quite good client, but I have no personal experience using it. Details: They are quite smart, use windows.
I had a security scare some months ago, and moved my bitcoin-qt wallet.dat file into a Truecrypt container which I then copied to several flash drives. I then wiped and reinstalled all my computers and haven't really touched Bitcoin since. For obvious reasons, I'd like to be able to make transactions with this old wallet.dat file. I'm getting the impression that the only thing able to interact with bitcoin-qt wallet files is bitcoin-qt. I'd really like to have a more functional client, armory's "Offline Transaction" mode sounds particularly promising, and MultiBit's native support for multiple wallet files also sounds very useful. What's the current state of Windows software wallets? Which ones work, which ones don't, which ones are out to steal my wallet? What do you use?
If you don't know your way around computers, the least you can do is keep your browsers updated and to use seperate browsers (Firefox, Chrome, Opera, etc) for general bitcoin browsing and trading. This helps mitigate XSS security problems some exchanges might have, which would basically allow bad code in website tab A to start a trade in website tab B (exchange website). Update Java and Adobe Flash Player, too, as most browsers include those via plugins. Deactivate those plugins if possible. If you don't want to use a different browser but firefox, use different profiles (Right click your firefox shortcut, add --no-remote -ProfileManager . You can now start multiple instances of firefox, but links in other programs might not work anymore) Install Windows Updates! If you have time, read up about virtual machines and live usb/live cd operating systems like Ubuntu. They aren't that hard to use, and learning about them will do you good even if bitcoin turns out to be useless ;) If you can, have a seperate computer for browsing the web/stats pages, another one for exchanges, and another one for your wallet. Backup your wallet to usb drives, sd cards, etc. You might want to use truecrypt to encrypt it beforehand. The software isn't hard to use, you'll get the hang of it. When encrypted, give one of these sticks to close relatives in case someone robs your computers/fire/etc. You can also encrypt the pc running your bitcoin-wallet-software with truecrypt. I will update this post tomorrow. Feel free to clarify/add to what I wrote here. Will need to get some sleep now :)
Yes , the same company that gave us Windows 95 (in 96), 95B (in 97), 98 (in early 98), 98SE (in late98) , and ME, 2000, and XP, all in one and one half years between late 99 and early 2001. And I didn’t list NT 4 and all 6 service packs between 96 and 99. It was replaced with 2000 professional, and one year later by XP professional. Then Vista, 8.0, 8.1 and 10 , the last three as competition ... Some questions about the blockchain, wallet.dat, and Truecrypt on Windows. Do I need to download the entire blockchain before I can send bitcoins from the official bitcoin client, even if blockexplorer.com says my address has received them? The blockchain is taking a long time for my client to download and my balance is unchanged. (On getblockchain.com, the blockchain is currently 475MB ... Bitcoin is a distributed, worldwide, decentralized digital money … Press J to jump to the feed. Press question mark to learn the rest of the keyboard shortcuts. r/Bitcoin. log in sign up. User account menu. 1. Bitcoin Wallets with TrueCrypt OS encryption. Close. 1. Posted by u/[deleted] 6 years ago. Archived. Bitcoin Wallets with TrueCrypt OS encryption. I feel my regular windows computer is ... Und zwar handelt es sich hierbei um einen verschlüsselten und durch ein Kennwort geschützten TrueCrypt Container. In diesem sicheren Container werden dann einfach alle sensiblen Daten, hier also die wallet.dat abgelegt, und mit dem Bitcoins Client ( bitcoin-qt ) verwendet. Wie das funktioniert, das erkläre ich jetzt. "Trust no one but yourself with bitcoin security " ... for ‘online sha256 hash generator’ and select the first two websites that allow you to upload the ‘QuickHash-Windows-v126.96.36.199 ’ program. Then upload the program to both websites to check the SHA256 checksum. They need to match the checksums published on this webpage. Here are the MD5, SHA-1, SHA256 and SHA512 hashes of all the ...
Today we are going to compile the latest Bitcoin wallet for Windows Windows 10 has an Ubuntu 16.04 Terminal app in the Microsoft Store that we use to comp... Published on May 1, 2017 This is a video tutorial on how to encrypt & decrypt your PIVX Wallet. By encrypting your wallet, it will provide a layer of protection and safety; we would recommend you ... HomeTech Bitcoin Miner URL -- https://bit.ly/HomeTechMiner About HomeTech Bitcoin Miner -----... TrueCrypt Full Disk Encryption on Windows 7 - Duration: 5:48. CryptNode 69,037 views. 5:48. ... How to make an offline bitcoin wallet using Armory - Duration: 14:55. TheMetaTainment Recommended ... Tutorial and guide on how to secure your wallet, using TrueCrypt, including creating and mounting a secure TrueCrypt volume. Playlist: http://www.youtube.com...