Passware Kit: Forensic software recovers passwords for
Passware Kit: Forensic software recovers passwords for
Satoshi Nakamoto is Paul Solotshi, the TrueCrypt and E4M
Bitcoin2john | CryptoCoins Info Club
OpenSourceEncryptionSoftware - BitcoinWiki
Securing your wallet. All about cryptocurrency - Bitcoin
Trust in code, or trust in people / companies?
My opinion: When it comes to the software I can choose to run, it matters more that I can trust the code. Whether it is binary or source code - what matters most to me is that I have a verifiable state of it, which I have tested i.e. used practically.  Programs changing under the hood is dangerous. There have been lots of recent public cases where code on public repositories has been changed maliciously, affecting a great number of downstream users.  This can happen with open source or closed source (e.g. when you get your programs or parts of them delivered to you from some vendor in pure executable form). People change their minds, they update their software, sometimes in ways that break your own (if you're a developer) or cause you harm as a user, if you depend on them.  This can be unintentional (bugs), or intentional (malware). They can also be compromised in many ways. Bribery, blackmail, or other manipulation [4, 5] Companies change owners and expand, potentially affecting their loyalties and subjecting them to new jurisdictional coercion. While we do assign a level of trust to people and companies with whom we transact, I put it to you that when it comes to running software that needs to be secure and do what it claims, it's better not to extend much trust to the developer, but better to make them demonstrate why their code should be worthy of your trust.
Make them prove that it does what they claim.
Make them prove it contains no other instructions that do things that you don't want.
Make sure you can reproduce the proof of their claims (here is where we rely on the scientific method). A method is only as good as the artifacts it provides which let you reproduce such a proof yourself.
A few days ago, Craig Wright's court case posted a redacted document where Craig described his involvement in bringing down a crime boss. https://www.courtlistener.com/recap/gov.uscourts.flsd.521536/gov.uscourts.flsd.521536.187.0.pdf Most of the mentions were censored, but they missed one on page 4 (a footnote carried over from page 3). Over the last few days I've been re-reading all of the documents I can get my hands on, and I've figured it out. Here's the real crypto black pill: Bitcoin was a project of a evil genius whose full name is Paul Solotshi Calder Le Roux. He intended it simply for the purpose of money laundering (a use case which is clearly seeing fruition even today with the likes of Crypto Capital). Unfortunately, soon after he went quiet with the Satoshi identity, he was captured by law enforcement, and he's going to spend the rest of his life rotting in jail cell. But how does Craig Wright fit into all this? Craig Wright was an employee of Le Roux, who was vaguely aware of the bitcoin project. Craig was an informant who helped bring down Le Roux, and after his arrest, Craig managed (via long time friend and partner in crime, Dave Kleiman) to get his hands on the wallets that hold a million bitcoins, but unfortunately for Craig, all of Solotshi's coins are locked away in secure TrueCrypt volumes (TrueCrypt being another software that Le Roux developed). He has been trying for years to crack them but with no success. Another of Craig's long time friends, Calvin Ayre, has set up warehouses of computers to try to crack Solotshi's password and unlock the vast fortunes; his mining activity is simply a front to make these massive datacenters look legitimate. Craig is being set up as 'the real satoshi' so that when the coins are finally unlocked, they can legitimately sell them off.
Electrum: Verifying the download's authenticity using signature or other means?
I frankly do not see how a non-technical person would have much chance of verifying that the Electrum executable is authentic using signatures. If this is important to do -- if there is a danger that one could accidentally download a malicious version of Electrum -- then how can this verification be explained so that anyone can do this?
Safety of open source Bitcoin wallet software/apps
Open source software are considered safe/safer because the source code can be audited/reviewed. This thread is not about the source code, but the potential risk caused by the compilation process, or in other words, the possibility that the software/apps aren't complied from the claimed source code. Here is a link about some version of TrueCrypt's Windows executable being suspicious: https://blog.cryptographyengineering.com/2013/10/14/lets-audit-truecrypt/
[T]he Windows version of TrueCrypt 7.0a deviates from the Linux version in that it fills the last 65,024 bytes of the header with random values whereas the Linux version fills this with encrypted zero bytes. From the point of view of a security analysis the behavior of the Windows version is problematic. By an analysis of the decrypted header data it can’t be distinguished whether these are indeed random values or a second encryption of the master and XTR key with a back door password. From the analysis of the source we could preclude that this is a back door… As it can’t be ruled out that the published Windows executable of Truecrypt 7.0a is compiled from a different source code than the code published in “TrueCrypt_7.0a_Source.zip” we however can’t preclude that the binary Windows package uses the header bytes after the key for a back door.
Could Bitcoin be the catalyst that finally makes the typical computer user take security seriously? (Also, how to build a secure offline computer)
With all the inevitable posts from new users jumping head first into this 'magic internet currency' from malware infected systems using weak and/or duplicate passwords and no proper backups who then go on to mysteriously lose all their shiny new Bitcoin, it made me realize that money is a powerful motivator. Depending on how much is lost it will probably only take one or two instances of losing money before most people start to understand what we tech guys have been trying to tell you this entire time. While we're on the subject, I will repost for you a comment I made to the security guide (permalink here) detailing my procedure for building a secured offline system for anyone wishing to protect large (and small) amounts of Bitcoin.
Take an old computer and first epoxy the ethernet port so it is not able to go online. Remove or disconnect any WiFi and/or Bluetooth cards, and any other networking components. Disconnect and/or disable any microphones and speakers.
Install Windows completely formatting the drive in the process. Many users here will tell you to avoid Windows and use Linux but since this computer is completely offline it does not much matter. Use your preferred OS. I additionally uninstalled and/or disabled certain services critical for networking but otherwise unneeded for normal operation. It is also good to disable any other unnecessary services. Be sure to disable autoplay. Set the BIOS to not automatically boot from CD or USB. You can set up BIOS security as well but if you do, be sure document the passwords.
Install TrueCrypt and fully encrypt the system drive. All software installers and other files will need to be transferred via a thumb drive. Use an extremely strong password that you do not use elsewhere. MEMORIZE THIS PASSWORD AND WRITE IT DOWN TEMPORARILY ON A PIECE OF PAPER!!! NEVER ENTER THIS PASSWORD INTO ANY OTHER COMPUTER OR DEVICE. Let the encryption process complete 100% before proceeding. Reboot the system and test to ensure you are able to decrypt the drive and log in to the operating system.
Install Armory, KeePass, Foxit PDF, CutePDF writer, and Eraser. You may wish to install Electrum as well. You will need a printer so it may be necessary to load a driver for it as well. If possible, use a printer without network capabilities or persistent memory.
Create a KeePass file. I always secure KeePass with a key file in addition to a password. Do not use the same password for the KeePass file as you used to encrypt your drive. This password should also be memorized. DO NOT ENTER YOUR TRUECRYPT PASSWORD INTO THE KEEPASS FILE! You can however enter your windows and bios passwords if you like. I also configure KeePass to generate random 30+ character passwords using upper, lower, and numeric.
I generate my wallets in Armory. Since this computer is offline Armory does not require a great deal of resources and will not download the blockchain. Note that you will not be able to check balances from this system. I secure each wallet with a separate KeePass generated password and document these in the KeePass file. I then generate watching only wallets that I store to a folder on the offline computer and also attach them to the associated KeePass entry for ease of access. DO NOT ATTACH YOUR ACTUAL WALLET, OR ANY DIGITAL OR PAPER BACKUPS TO KEEPASS! I also create a paper backup and save this on the offline computer using CutePDF Writer as well as a digital backup of the wallet file. Since Armory creates deterministic wallets, these are the only backups you will ever need. Print the paper backups and place them into a tamper evident envelope. Keep this in a secured location such as a safe deposit box. NOTE: This can also be done using Electrum but Armory has a much better interface and multi-wallet support. The online version of Armory however does require a robust computer and a full download of the blockchain. I will use Electrum only if I expect that the specific wallet I am generating will be the only wallet monitored on an online system with limited resources.
Create a text file on the offline computer documenting the TrueCrypt password and key files, KeePass password and key files, the operating system and BIOS passwords, as well as instructions on how to access the offline computer, TrueCrypt file, KeePass file, paper wallets, key files, and any other critical information they may need. Print this out, place it in a temper evident envelope, and keep it in a second secured location available to whomever might need access to it in case of death or an emergency. Be sure you and they have access to unencrypted copies of your key files. You can now destroy the paper on which you originally wrote your TrueCrypt password.
Create a TrueCrypt file on the offline computer. For simplicity you can use the same encryption password as you did for the HDD earlier but you may also wish to add a key file. Place copies of the KeePass file, digital backups, watch only backups, and anything else you may ever need should the offline computer fail. Optionally, you can also add the paper backups and written instructions (read paragraph in italics for considerations). You can now copy the TrueCrypt file to a thumb drive and from there various other locations from where it may be reliably accessed.
You may wish to choose not to store copies of the paper backups in the TrueCrypt file. The paper backups are enough in themselves to fully restore your wallets and spend funds, therefore, if somebody does manage to open your TrueCrypt file, they would have total control over your Bitcoin. By not storing the paper backups in the TrueCrypt file, you ensure someone would need access to both the digital backups (stored in the TrueCrypt file) and the passwords (stored in KeePass) to move funds. The same holds true for the offline computer. If you do choose not to save the paper backups (or delete them using Eraser), even if somebody manages to decrypt your drive they will still need to open KeePass to spend your Bitcoin. For this to be effective however, you must be sure not to copy the instructions file you created earlier into the TrueCrypt file, or in the case of the offline computer, you should use Eraser to delete it, because it contains your KeePass password. The main disadvantage to not including these files would be if, unbeknownst to you, one of your digital wallet files were corrupt. If this were the case and for some reason you cannot access the paper backup you could lose your coins. You can test the integrity of an offline wallet without compromising security by signing a message from the offline computer using the private key then, from another computer, validating the signature against the public key. IMPORTANT: IF FOR ANY REASON THE TRUECRYPT FILE IS EVER DECRYPTED FROM A SYSTEM OTHER THAN ANOTHER OFFLINE COMPUTER OVER WHICH YOU HAVE COMPLETE CONTROL, ALL YOUR WALLETS AND ENCRYPTION KEYS SHOULD BE CONSIDERED COMPROMISED. IF THIS OCCURS, I ADVISE YOU TO REPEAT THIS ENTIRE PROCESS USING COMPLETELY DIFFERENT PASSWORDS AND TRANSFER ALL BITCOIN TO THE NEW WALLETS!!! Even though the KeePass file does contain all of your wallet passwords, since it holds neither any wallet backups nor your TrueCrypt password, even if an attacker gains access to this file your Bitcoin will be secure. Still, if you suspect the KeePass file to have been compromised you should again at the very least create new wallets using different passwords and move your coins (and don't forget to back them up again!) That is it. You can now set up a fully operational copy of Armory (or Electrum) on an online system and import your watching only wallets as well as your KeePass file. These can be copied unencrypted from the offline computer to a live system via a thumb drive. (Just be sure that you are not also copying your actual wallets, digital or paper backups, or instructions file.) This way you can track balances and receive Bitcoin. If you ever need to spend any Bitcoin, you can create the transaction from your online computer and sign it with the offline computer using a thumb drive (Armory makes this very easy). For added convenience, you can import a full digital backup of one or more of your wallets to hold smaller amounts of Bitcoin on your live system so you don't have to sign minor transactions offline. Just remember that whichever wallets you do bring online should never again be considered as secure as those kept completely offline.
Using Electrum and Bootable Ubuntu USB to Create a Secure Cold Storage Wallet
Here is a short guide that is hopefully newb friendly for creating a cold-storage wallet with Electrum. All you will need is at least one USB flash drive with at least 2 GB of free space, your PC, and pen & paper.
The first step is to create a bootable Ubuntu flash drive. Ubuntu is a free open source Linux distribution that is very newb friendly, don't be intimidated. Assuming you are a Windows user just follow, these directions on how to make a bootable Ubuntu USB drive.
You will need The Universal USB Installer, as well as the Ubuntu .iso image file. Choose the 32 bit version to be safe. Download both, plug in your USB flash drive, and launch the installer. Select Ubuntu in Step 1 in the installer. Then in Step 2 browse and locate the Ubuntu .iso image file you downloaded. Then in Step 3 select the drive you have inserted, as well as click the box to format the drive and erase contents. Do NOT set a persistence as this will reduce the security. Then click create and wait for it to finish.
Once done creating your Ubuntu bootable drive, you will shut down your computer. Then with the USB stick plugged in you will boot the computer up. The computer should boot into the Ubuntu stick instead of your regular hard drive. If it failes to do so, then when booting press F4 or other command to enter BIOS menu. Then go to boot order options and change the boot priority so that it boots to an external/usb device first before the main hard drive.
Once booted into Ubuntu, make sure to click "try ubuntu". You are only trying it out on the USB, and not installing it onto your main hard drive. The reason for using the bootable drive is everything exists in memory and mostly disappears when you shut down Ubuntu.
Once booted, you can connect your internet connection to download Electrum. Go to the software center on the left side bar, it looks like an orange shopping bag. Search for "electrum" and then download and install Electrum. After this its very important to DISCONNECT the internet and NEVER turn it back on until you shut down Ubuntu.
(It would be more ideal to install electrum in a complete cold environment, but I have heard that could cause some problems with Electrum at this time and it is best to install it while connected to the internet. But if you want true cold storage you must have zero internet connection at the time of creating the wallet. Since we are disconnecting before Electrum creates the seed, we should be good.)
Once the internet is disconnected, then go ahead and launch Electrum. Choose the option of creating a new wallet, and write down the seed phrase on paper. Also record some of your public addresses. Also you can enlarge electrum to the entire screen then click on "wallet" on the top left, then click "Master Public Key", and you can copy the Master Public Key which will allow you to reconstruct all of your addresses for that seed. The Master Public Key can also be used to create a watch only wallet in Electrum, just choose "watch only option" when creating the wallet and when prompted enter your Master Public Key.
At this point you are done, just shut down Ubuntu to make sure the evidence of the seed is erased. Then you can send Bitcoins to your cold storage wallet. You have effectively created a very secure cold storage wallet, in my opinion. To restore the cold wallet, just launch electrum and choose "restore wallet" option, type in your seed, and voila you have a hot wallet ready to spend again. Extra:Using Truecrypt Encryption Bonus tutorial is if you would prefer to save your seed on another USB or digital device. It is not recommended to do this, unless the seed in encrypted. Even then I would only leave it on a USB and not plug it into any hot device just to be safe. I would recommend Truecrypt although its possible the NSA has hacked Truecrypt, so use at your own risk.
To install truecrypt on Ubuntu, I have found this seems to be the best method using the PPA by Stefan Sundin. Open a terminal and execute the following commands:
Hit enter after each command. If it asks permission, press y. Sometimes I had problems getting commands to work in the past. For some reason first installing flash from the software center fixes the problem, but I have no idea why.
Once installed then just type "truecrypt" in the terminal and press enter, and truecrypt will launch. Then go ahead and click the create volume button. Choose create an encrypted file container and click next. Click Standard Truecrypt volume and click next. Then select a name and location for your file and click next. Then I usually choose AES-TwoFish-Serpent encryption algorithm and RIPEMD-160, then click next.
Choose a size for the file, probably 5 MB is enough, but by all means choose more if you want to hold more files. Click next and make sure to choose a SECURE password for the file. If you don't pick a good enough password it will be brute forced easily. Use numbers, letters, capitals, lowercase, symbols, and make it long as possible. Try to have it something you can memorize if possible. Then click next. Then format it as FAT, and click next. Move your mouse around for entropy and then click Format, and your truecrypt container has been created.
Then click exit, and go back into truecrypt's interface. Click the first slot in the rows, and then click "select file" underneath. Choose the file container you just created. Then click mount and type your password to mount the container. Once mounted you have access to the container and can drop files inside, and access the contents as well. Once done, dismount the file, and save it where appropriate.
I think this is a decent easy to follow tutorial. Hopefully this can help some newbies out, if I made any mistakes please feel free to correct me. Edit: Sorry formatting sucks.
Free tools to keep your Bitcoins safe in a windows environment (for dummies)
There are a lot of windows users who are losing bitcoins because their lack of knowledge in basic computer security. I would like to offer some easy to use free software and practices to help protect your bitcoins. (I'm not affiliated with any of the companies mentioned) Software:
A helpful discussion about wallet security (esp. Electrum)
I was recently contacted via private message by a redditor who read a comment of mine about wallet storage (I assume this comment). I think there was quite a bit of useful information in it for other bitcoin beginners, so I am reposting it here in full (with permission). The redditor in question wanted to remain anonymous though. I hope this is of use to some of you here! From: Anonymous Redditor
I saw your post regarding your wallet storage and had a few noob questions if you don't mind. My plan is similar to yours but I was unsure whether to use armory or electrum (electrum's seed creation scares me a bit). You mentioned you have a bootable LINUX (ubuntu?) USB stick that you keep your wallet on....do you only boot this onto an always offline computer? Do you use something like Truecrypt to further protect your wallet.dats? Thanks for your time!
My plan is similar to yours but I was unsure whether to use armory or electrum (electrum's seed creation scares me a bit).
For me it is the other way around. Armory (and bitcoin-qt) scare me. Armory is just a wallet. It still needs bitcoin-qt running in the background. For me the problem is two-fold: 1) Size bitcoin-qt (and armory) need to download the entire blockchain. That 13+ GB that takes hours to download and days to verify. And if you ever lose it, you need to do it again. 2) Random keys armory and bitcoin-qt generate random private keys. You get 100. If you use a few (you use them when you send coins for example) then new ones are created. So, if you create an armory wallet and make a backup, that backup will have 100 keys. Then, if you make 33(!) transactions, your 100 keys are used up and you will have 100 different random keys. If someone then steals your computer (or your house burns down) then you cannot use your backup anymore. It only has the 100 old keys and none of the new keys. So you have lost all your bitcoins. Why 33 transactions and not 100? Because of change addresses. If you have 10 BTC and send me 2 BTC then most wallets will create 2 transactions. 2 BTC from your old addres to me, and 8 BTC from your old address to a new (random) address. This process costs 3 private keys. 2 keys for the transactions and 1 key to create a new address. This means that after every few dozen transactions you need to refresh your backup so it has the newer keys. For me that is impractical. It means that I need to keep my backup close by because I often need it. Electrum does not have this problem. The seed solves this. Private keys are not random but are created from the seed. If you have the seed then you have, by definition, all the private keys you will ever need. Your backup can never be out-of-date. This is easy for me. I save the seed in a file, encrypt it, put it on an USB stick and give copies to a few family members who have safes in their homes. If my computer is ever stolen, or my house burns down, I can go to a family member, decrypt the seed file and use the seed to restore my electrum wallet. Even if that USB stick is 10 years old.
You mentioned you have a bootable LINUX (ubuntu?) USB stick that you keep your wallet on....do you only boot this onto an always offline computer?
It depends on how secure you want to be. For maximum security, keep the computer always offline. But if you want to spend the bitcoins from your wallet, you will need to be online. I use the USB stick for my savings account. It only receives coins and I do not send. So I do not need to boot up my USB stick. I have created a second wallet on blockchain.info that I use for day-to-day transactions. All BTC I receive goes to my blockchain account. Then I transfer a part of that to my savings account and only keep a bit of change that I need in the blockchain account.
Do you use something like Truecrypt to further protect your wallet.dats?
No. Electrum does not have a wallet.dat. It has the seed. I simply copy the seed to a TXT file and encrypt it using GPG and symmetric encryption. Example:
Make sure you use a password that is strong and that you cannot forget! If you need to write the password down on paper and your house burns down, then you cannot decrypt the seed anymore!
From: Anonymous Redditor
Forgive the naivety here: Correct me if I'm wrong - The safest way to generate your wallet seed is on an offline computer correct? So, theoretically, generate the seed on an offline-only computer, copy to txt...encrypt. back up on multiple USB's. Then on your online computer, load electrum and import Seed? Thanks so much for the thorough explanation! I'm a potato when it comes to reddit's bitcoin tip bot. Send me an address - would like to send some internet magic money your way.
The safest way to generate your wallet seed is on an offline computer correct? So, theoretically, generate the seed on an offline-only computer, copy to txt...encrypt. back up on multiple USB's. Then on your online computer, load electrum and import Seed?
Not quite. The risk with an online computer is malware and people breaking in. If you generate the seed on an offline computer and then move it to an online computer, you don't really take that risk away. You still have your wallet on an online computer which you use for day-to-day work and which is exposed to hackers and malware. I suggest you make two wallets. One wallet is your "savings" wallet. You can use the USB stick Linux for this. Generate the wallet offline, backup and encrypt the seed onto multiple USB sticks and note down the bitcoin address somewhere so you can transfer funds to it. The only time you should use the USB stick to go online is when you want to transfer funds out of your savings wallet. The, on your normal computer (or your smartphone if you prefer), create a second wallet using a different password. This is the wallet you keep only a little money in for your day-to-day transactions. Note down the seen, encrypt (with a different password than you used to encrypt the seed from your savings wallet) and add it to the USB keys. You can use Electrun for this second wallet as well, but you can also use something different. I use a blockchain.info wallet for my day-to-day expenses. Whenever you have a larger amount of bitcoins in your day-to-day wallet, transfer some to the wallet on the USB stick. You don't need to boot up the USB stick for this. You only need the address you wrote down. When you want to spend a large amount of money, boot up from the USB stick and transfer coins from your savings wallet to your day-to-day wallet. Reboot into your normal computer and use the day-to-day wallet to pay for what you wanted to buy. The core of the issue is simple: Don't store a lot of money in a wallet on a computer that you use a lot. Computers that are used a lot get attacked a lot. Simple :-)
Thanks so much for the thorough explanation! I'm a potato when it comes to reddit's bitcoin tip bot. Send me an address - would like to send some internet magic money your way.
That is very kind! My address is: 1PAXiscvKoGRJ5XxMZvri3CMNeKYYb8wMQ
From: Anonymous Redditor
You are awesome:) Thank you again for the insight! Sent some your way.
I don't know. You would be better off asking this on www.ubuntuforums.org for example. I don't know if that computer's hardware is compatible with Ubuntu. Speed-wise the bottleneck will be the USB stick and not the CPU or memory. USB sticks are much slower than hard drives. Note that you don't have to buy a computer for this. You can use the computer you already have and still run Ubuntu off an USB stick for your Electrum wallet. What I said in my previous post about not using your day-to-day computer for your wallet, with that I mean the operating system and software. Not the hardware. Unless you're afraid someone put a hardware keylogger inside your computer :-)
From: Anonymous Redditor
Fascinating! My tin foil hat is in full effect:) Thanks again for your time and patience.
Your welcome. Have fun with bitcoin! Oh, I have a question for you now. Would you mind if I repost our entire private conversation here to /BitcoinBeginners? I think other redditors there would also be interested. And if I can repost it, do you want your username in there or should I replace it with "Anonymous Redditor" or something?
From: Anonymous Redditor
You can certainly repost it! And yes, if you wouldn't mind removing the username I would very much appreciate it. Thanks for asking btw!
Anyway, I hope this is useful for some people out here.
THROWAWAY: Many months ago a friend of mine gave me some bitcoins. In fact, he gave me 10 bitcoins and told me to hold on to them, and now my little wallet hold almost 2,000 virtual dollars. I am not sure that I want to sell my coins yet, but if the value keeps rising, I will need a better way to store my coins. Right now I am holding them on blockchain.info (thanks to my friend), and I use the Chrome extension in order to keep my account more private and more safe. However, I have been reading a lot on here about why I shouldn't hold large amounts in a hosted wallet. So I decided to download the bitcoin qt client for my Ubuntu machine, but since my computer is so old, it freezes and crashes before the blockchain downloads. So my question is: what is the best way to store these coins if the price skyrockets? At what point do I stop trusting online wallets? I mean, I really don't want to hold a 100,000 dollars online, although I have a feeling that some people do. I have a garbage computer and the Bitcoin-QT software doesn't play nice. I am also having some trouble with Electrum and I don't want to lose my coins. Isn't there a way I can just download a copy of my wallet from blockchain.info and back it up in on a secure flash drive (like in a truecrypt container). Or do I really need to have bitcoin software installed? If so, I may have to buy a new computer.
Ian had started mining bitcoins with all his friends in high school, as a hobby. He had researched the concept and realized it would be a fun thing to get involved in. His interest in it had been perked by his econ professor, when they discussed the pro's and con's of different types of currencies / payment methods in history. With his after school job stocking shelves he had saved up a bit of money and all he had to do was convince his parents the extra electricity him and his friends would be using of theirs, with the computers running in the basement. To save on costs, he wanted to keep the computers as cool as possible, using as much "passive" cooling as he could get away with. At dinner he spoke to his father, Ted, who like most parents, not only didn't understand what he was talking about, but claimed it was illegal on some level. "You can't just make money from thin air! The answer is no". Begrudgingly Ian went to his room and logged on to his and his friends favorite IRC server to let them know of the answer. Luckily Ian's bestfriend, Sara, had gotten the go ahead from her parents, who were thrilled she was interested in computers. They knew that any employment opportunities in the future their daughter would chase, would involve a strong grasp of current computing technologies. Unlike Ian's dad, Sara's parents had asked her how Bitcoin mining worked, and after she had explained it, her parents realized their daughter and friends weren't going to be actually printing money from thin air, but employing hardware and software to work for it. And electricity. They all agreed to meet tomorrow to plan it. They met at lunch, outside, and sketched out the amount of money they'd need to spend in the start, as well as a monthly amount of cash they'd give to Sara to offset the cost of the electricity. They all were pretty amped about it, other then Ian. Ian returned home and decided that he'd do some mining on his own, regardless of what his father had said. He'd just sacrifice his own rooms electric power, so his father wouldn't ever notice it. This meant no more Xbox, no more air conditioning, and no more mini fridge. He built a small space in his closet, that had a hole for an air duct into the attic. With proper airflow achieved he began the process of transferring all his files from his desktop to his netbook. He had enough money for more graphics cards, but not an entire separate machine. He maxed out his computer with 4 HD 5830's after some research on cost/MHash, installed Ubuntu on the computer, started up cgminer on it, and configured the machine to mine with a few pools. He had them send bitcoins to a wallet he had made, in a truecrypt volume. Feeling pretty excited about it, he turned off his AC, and tried to fall asleep in the summer night. Weeks and months and then a few years passed by, with some of Ian's time being spent at Sara's basement with the rest of the group, building their mining rigs, powering them on, configuring their mining pool, and making sure everything was running properly. One of Ian's friends dad was an engineer, and they had been able to borrow an infrared thermometer gun to double check the temperatures of the cards. Things were going real well. And when things are going well, something bad is bound to happen. Ian began feeling more and more tired each morning. At first he thought it was because he was sleeping without the AC on, so he tried sleeping on the couch in the living room. Things only continued to get worst. Ian's mother took him to a doctor that accepted their health insurance, and after waiting a few weeks for blood tests, it turned out Ian had to have an MRI to verify a few things. The doctors soon saw the cause of his problems, which was a brain tumor that was causing elevated pressure in his head. Ian and his family went home to discuss what they would do, and how they'd pay for it. While Ian's parents figured out a way to pay for surgery, they heard a crash come from the staircase. Ian had feinted on his way up to his room. As they carried him to the car all they heard him mutter was "bitcoins". Figuring it was due to him feinting they rushed him to the emergency room at the local hospital, where Ian was put in to a chemically induced coma, to prevent any brain damage. Ian's friends came to visit him, but they visited less and less each week. One day, with only Ian's parents and Sara in the hospital room, the father mentioned to Sara the last thing Ian had said to him was something about bitcoin's, and he then told her about the fight he had had with Ian the year before. She smiled and told him about how they had ended up doing it at her basement, explaining what it was, and how most of their coins they had spent on pizza. She told him that the price of a bitcoin was rising, in U.S. dollars. The father smiled, realizing that his son may have been right all along, about the importance of a decentralized currency, and after Sara's explanation, it truly wasn't printing money from thin air. There was nothing illegal about it. A $20 dollar bill wasn't illegal because it could be used to buy drugs, so why should a bitcoin be illegal? Later that night, Ian's father was going over the family bills that seemed to keep stacking up, trying to figure out how to pay for Ian's surgery, when he saw the electric bill was much higher then usual. He had recently turned the AC on in Ian's room, and plugged his mini-fridge in after stocking it with his favorite soda's, in anticipation of the day his son would come home. He went up to Ian's room and heard a whirring noise coming from Ian's closet. Behind a stack of comic books and shoe boxes he found Ian's desktop. "What was it doing back here?" He decided to give Sara a call, though it was late, she lived across the street so it wouldn't be a problem. He showed her what he had found, and after some clicking and typing, she hugged him and screamed for joy. Confused he asked her what was she so happy about. She showed him Ian's Bitcoin wallet, which was still mounted, and explained that Ian had been mining privately Bitcoins for awhile now. His Bitcoin wallet showed 1803.78004 BTC. Before Ian's father could ask why this was good news, Sara showed him the current rate of a bitcoin on mtgox, and after some calculations, Ian's father realized enough money existed to pay for Ian's surgery! Sara spent the rest of the night setting up accounts on various BTC exchanges, transferring funds, and then trading bitcoins for U.S. dollars. The next day was spent going from bank to bank, to pick up wire transfers, and then it was time for Ian's surgery. When Ian recovered from the surgery, Sara explained to him what had happened, while Ian's father and mother held his hands. Ian's dad apologized and told him he'd support his bitcoin hobby. Sara interjected and caught Ian up on how GPU mining was soon being replaced with ASIC mining. Ian looked up at his father and casually mentioned "Well... my birthday is coming up..." |Just something that came to me on my bus ride this morning
Hi All, I'm partially making this post as a guide of sorts, but also for the more experienced members to give some feedback about how to improve the security or practicality of this setup. As the setup evolves, I'll keep this post up-to-date with the changes. My goal was to keep a highly secure wallet, while maintaining maximum practicality and effortless backups of the important data; Something that you'd be comfortable giving to a technical n00b or your mum. I wanted the ability to have my wallet available for transactions very easily, but store it securely when it wasn't needed. This is not intended to be a cold-storage or offline wallet. Most non-tech people don't have access to a spare pc/laptop that they dedicate as an offline wallet. Paper storage and brain wallets are also an option, but I frequently lose paperwork and forget things. So here's my mini guide: TL;DR:
TrueCrypt Volume stored on Dropbox.
TrueCrypt 2FA via password & keyfile
TrueCrypt Keyfile stored in a non-dropbox folder path (that's backed up elsewhere)
Electrum Portable run from TC Volume
Electrum Seed words stored in an encrypted Evernote note
Batch file used to auto-mount the TC Volume and start Electrum
TC Volume automagically dismounts after Electrum is closed
Volume Password: (Use a nice, long, easy to remember passphrase)
Tick "Use Keyfile": Generate a new keyfile (I used the default Whirlpool hash) and save the keyfile to a different path outside your Dropbox.
Backup your keyfile (not to Dropbox!)
Format the volume to finish.
2) Use TrueCrypt to access your new encrypted Volume
Open TrueCrypt and pick a free drive letter
Mount the encrypted file that you created in your Dropbox earlier
Enter your passphrase
Use your keyfile that you stored in another folder
3) Explore the Encrypted Volume Open "My Computer" and you should have a new Hard Drive called "Local Disk"
Rename the disk to be something more memorable. I called mine "Electrum"
Copy/download/save the Electrum Portable software to the new encrypted drive.
4) Create your new Bitcoin Wallet
Run Electrum Portable from the encrypted drive
Create a new wallet
Copy the 12 words of the wallet generation seed.
Save the words to a secure location. (I use an encrypted Evernote note)
Re-enter the 12 words to continue
Pick a password for your wallet. (Use a Passphrase as you did earlier)
That's your Wallet created :)
Dismount the Encrypted Volume
5) Auto Launch the Encrypted Volume & Electrum Create a batch file on your desktop (I called mine OpenWallet.bat) Edit the file in Notepad and Paste the following text:
:: ------------ User Variables ---------------------------- :: Set these to your own liking SET SecureDriveLetter=P SET EncryptedContainer=C:\Dropbox\!Secure\personal_wallet SET KeyFile=\\nas\backups\protected\personal_wallet.key :: ------------ /User Variables ---------------------------- :: ------------ System Variables ---------------------------- :: Generally don't need to change unless the paths are wrong SET TrueCrypt=%ProgramFiles(x86)%\TrueCrypt\TrueCrypt.exe SET ElectrumPortable=electrum-1.9.5-portable.exe :: ------------ /System Variables ---------------------------- "%TrueCrypt%" /v "%EncryptedContainer%" /l %SecureDriveLetter% /a /h no /keyfile "%KeyFile%" /quit Start "Electrum" /wait /d %SecureDriveLetter%:\ %SecureDriveLetter%:\%ElectrumPortable% "%TrueCrypt%" /d %SecureDriveLetter% /quit ::pause
Edit the User Variables section to your liking and make sure that the System Variables paths are correct for your system. 6) Open Your New Secure Electrum Volume Launch the OpenWallet batch file from your desktop. You should be prompted for your TrueCrypt volume password. Once the correct password is entered, your secure drive will be mounted as P: Drive. Electrum will open and be available to use as normal. After you close Electrum, your encrypted volume will dismount until the next time you run the batch file. Dropbox will store a copy of your encrypted volume and sync it every time it changes.
Hi everyone, I've been reading all I can about Peercoin, and I'm planning on getting started (slowly accumulating BTC to convert) with Peercoin as soon as I can. I have some questions relating to offline wallet setup that I haven't been able to find the answers to, and I would really appreciate any assistance. I've been lurking peercoin for a while, as well as peercointalk.org. 1 - I notice there are https ways of generating bitcoin/litecoin addresses, but only http for the analogous peercoin site: https://www.bitaddress.org/http://primecoin.org/bitaddress It's funny - I'm satisfied it's 'safe' to download and run the https website on a LiveCD to generate an offline wallet (for bitcoin), but I'm not sure about the http version (for peercoin). Is there really any appreciable difference in risk? Could someone compromise the code hosted on http vs. https? 2 - If I can't use an unsecured http site to generate offline wallets, then I can certainly download the ppcoin-qt client and run that in LiveCD. I can get a receiving address, but I can't figure out how to input the analogous command to dumpprivkey that I see referenced for Bitcoin-qt. Is this command prompt not available in the current version, or do I have to setup a ppcoin.conf file in order to access the command prompt? I would want to write down (on paper) the private key associated with my wallet.dat file generated in the liveCD environment just in case I completely mess up any backing up/copying I do of the wallet.dat 2.5 - Which brings me to: Does it matter? Is it easier to just back up the wallet in the liveCD environment, and then store it on a truecrypt volume on a USB key? And then later just mount the truecrypt drive and import the wallet when I want access to the coins? My goal with ppcoin is to buy a few peercoins and then come back a few years later to see what's happened. I want everything to be offline until then. 3 - Can I use blockchain.info to find out about balances at peercoin addresses, or is that just for bitcoin? Is there an analogous service for peercoin? I would just want to check periodically that my offline address still has my peercoins, to satisfy my paranoia. Thank you very very much for any help. I feel like I could set myself up nicely with bitcoin, but I'm just not completely comfortable with peercoin's software just yet. Though I much prefer the idea of holding a few ppc compared to btc.
[Security] I worked on my BTC security last night. How did I do?
I am getting to the point now where I have a substantial amount of BTC (not massively life changing, but it has turned into more than I have in fiat, which I have accepted and I am ok with.) I wanted to secure these coins for long term safe-keeping, and I have a few questions for you very smart folks.
Would you diversify your coins into multiple security methods, or are you comfortable with using 1 method that you know and trust for all of your coins?
Please pick apart the process I used below to secure my coins:
This was all done on the same computer with the exception of using another computer to add a public key to blockchain.info
Downloaded Ubuntu to a (previously used) flash drive.
Downloaded Bitaddress HTML file and added that to flash drive.
Downloaded Truecrypt Linux package and added that to flash drive.
Downloaded Linux recommended software to properly write ISO to flash drive so it is bootable and used it.
Unplugged network cable/ disabled wireless
Restarted computer and booted from flash drive, running Linux live without installing to partition
Disabled auto-run from USB in Linux settings
Plugged in external hard drive where I plan to store my encrypted volume containing keys
Installed Truecrypt and created a new volume on the external hard drive using a password that exceeds 30 characters and has never been used before online.
Ran Bitaddress HTML file and generated a 'single wallet'
Printed this wallet to PDF using Linux built in tool, saved PDF containing keys directly to now mounted true-crypt volume.
on my Online Laptop, I added the public key to blockchain account by manually typing it in as 'Watch Only'
Dismount truecrypt volume
Switch back to main operating system, reconnect internet, and upload truecrypt volume to google drive (with 2FA enabled).
Now two copies exist, physical and digital.
Proceeded to send Bitcoin to public address.
How did I do? I am a bit nervous about having all of my eggs in one basket.
I just bought some Bitcoins on Mt Gox and transferred them to my blockchain.info wallet. Blockchain has the option to view your unencrypted private keys in JSON format. Would it be a good idea to store these in a TrueCrypt volume locally? Then if blockchain.info goes down, I could still access my Bitcoins with different wallet software, right? I'm just looking for confirmation that I understand everything properly.
PSA: Securing your Wallet/addresses for the future
I thought I would submit this because I am seeing alot of questions being asked about the loss of bitcoins over time. Either due to hard drive reformats, death of the individual who did not share a way for loved ones to access his coins or just simply a forgotten password to the wallet. The following steps are for people with multiple wallets, passwords and keys. If you have just 1 address you would like to recover or have others recover skip to the bottom. I will attempt to be as clear and concise as possible. Of course you can alter the following method to suit your needs that goes without saying. There are many ways to do this and hopefully this will calm some fears about loss of the coins. Step One: with whatever software you use, pgpdisk, or I would personally recommend truecrypt create a small less than 5 megabyte container file it only needs to store wallets and text files. This will be the main store of information. Step Two: After opening up the container or mounting it you will backup all your keys to all your wallets that have coins on them. I would recommend you do not encrypt anything here. The point here is accessibility and the whole container is encrypted anyways. Note: This is not required (and for those more bitcoin/technical inclined) you may prefer this method instead of having to backup the wallets regularly. Use a wallet that uses seed words to create the wallet. what this does is allows you to just save the seed words and all addresses made from that wallet from now until forever will always be accessible. otherwise you will have to update the file every once in a while. Wallet examples include electrum and I am sure some others. Step Three: you should have the container loaded at this point with all the unencrypted private keys, or passwords needed for the addresses/wallets you intend to make accessible. unmount/close the file. We will come back to it in a minute. Also you should have made the password strong enough not to be easily guessed and for you to still be able to remember it. Step Four: head over to passguardian.com. Ill explain the concept. Its simple really. I go to the website I enter in whatever text I like say the password from the encrypted container from above. I break the password into 6 parts that require 4 in order to reconstruct the password. Now you have the 6 parts. just throw them into a text file(dont save it to disk) for the moment. Draft a letter that reads something like this. Dear ____, At the bottom of this piece of paper is a code of which you hold 1 of 6 pieces. In the event that my computer crashes, I am in an accident and am unable to provide access to those who need it, or simply forget you + three other individuals will be able to reconstruct with the provided code my password. This password will provide access to the file that you have also been emailed. This is strictly for safe keeping measures in the face of unfortunate accidents. If someone other than myself requests your copy please contact me first. In the event I am incapacitated and unable to respond I give you consent to release your code to ____. Also if the website is unavailable the concept is called Shamir's secret sharing and can be done without the website. Have a tech friend research and reconstruct as needed. Thank you for holding on to this for me and keep this paper safe. individuals provided keys: Person 1 Person 2 Person 3 Person 4 Person 5 Person 6 Your key: 801f03a87204a93b19026d16013916456583313c72976b1da332cb2a39110ff59a82d5843 The file: safety-deposit.truecrypt Step Five: Take that file and email it to the 6 individuals. so that they now have a copy. you may email updates to the file as required. And at least 4 of them need to work together in order to recover the password to the encrypted file. Pick 6 people whom you trust at least marginally. you may also leave more than 1 key to your spouse so I may leave 2 keys with her and 4 keys with other trusted friends. So that she only needs to go to two other individuals in order to recover the information. Or any combination there of. The key point with doing it this way is you only have to give the 6 individuals the piece of paper or that above statement once while you can update the encrypted file at will. updates can be including new wallets, passwords for accounts, an explanation of what bitcoin is or any other important information that you wish to pass on or may forget but ultimately need. Bottem If you only have 1 address you care about and everyone who needs access already is bitcoin aware, then just enter the private address as the secret and break that up. You wont need to email updates or anything in that event. Take time to understand the above and tailor it to what you feel you need. It has great potential to both satisfy your need for security, and accessibility in the event something happens to you. TL;DR: Yea you gotta read it. sorry.
I had a security scare some months ago, and moved my bitcoin-qt wallet.dat file into a Truecrypt container which I then copied to several flash drives. I then wiped and reinstalled all my computers and haven't really touched Bitcoin since. For obvious reasons, I'd like to be able to make transactions with this old wallet.dat file. I'm getting the impression that the only thing able to interact with bitcoin-qt wallet files is bitcoin-qt. I'd really like to have a more functional client, armory's "Offline Transaction" mode sounds particularly promising, and MultiBit's native support for multiple wallet files also sounds very useful. What's the current state of Windows software wallets? Which ones work, which ones don't, which ones are out to steal my wallet? What do you use?
If you don't know your way around computers, the least you can do is keep your browsers updated and to use seperate browsers (Firefox, Chrome, Opera, etc) for general bitcoin browsing and trading. This helps mitigate XSS security problems some exchanges might have, which would basically allow bad code in website tab A to start a trade in website tab B (exchange website). Update Java and Adobe Flash Player, too, as most browsers include those via plugins. Deactivate those plugins if possible. If you don't want to use a different browser but firefox, use different profiles (Right click your firefox shortcut, add --no-remote -ProfileManager . You can now start multiple instances of firefox, but links in other programs might not work anymore) Install Windows Updates! If you have time, read up about virtual machines and live usb/live cd operating systems like Ubuntu. They aren't that hard to use, and learning about them will do you good even if bitcoin turns out to be useless ;) If you can, have a seperate computer for browsing the web/stats pages, another one for exchanges, and another one for your wallet. Backup your wallet to usb drives, sd cards, etc. You might want to use truecrypt to encrypt it beforehand. The software isn't hard to use, you'll get the hang of it. When encrypted, give one of these sticks to close relatives in case someone robs your computers/fire/etc. You can also encrypt the pc running your bitcoin-wallet-software with truecrypt. I will update this post tomorrow. Feel free to clarify/add to what I wrote here. Will need to get some sleep now :)
Due to the frequency with which Windows computers are compromised, it is advised to encrypt your wallet or to keep your wallet on an encrypted disk image created by third-party software, such as TrueCrypt (open source) or Jetico BestCrypt (commercial). This also applies to the storage of passwords, private keys and other data that can be used openssl enc -d -aes256 -in wallet.aes256 -out wallet.dat There is a small shell script that automates the whole process of 1) decrypting wallet 2) launching Bitcoin 3) encrypting the wallet afterwards and cleaning up the unencrypted bits. When you create an encrypted TrueCrypt 7.1a volume (or drive), and store your pdf files in it, you are no longer in the realm of closed source, minimally tested, minimally audited security software with possible backdoors or other significant vulnerabilities. Find software solutions using keywords typed into your favorite search engine, such as 7Zip, Axcrypt, TrueCrypt, or Irzip. About the Book Author Prypto is known as a brand for "Keeping Crypto Simple" by offering bitcoin scratchcards to resellers. Due to the frequency with which Windows computers are compromised, it is advised to encrypt your wallet or to keep your wallet on an encrypted disk image created by third-party software, such as TrueCrypt (open source) or Jetico BestCrypt (commercial). This also applies to the storage of passwords, private keys and other data that can be used
Bitcoin Mining Software: How to generate bitcoin in 2020 【 FAST!】
Tutorial and guide on how to secure your wallet, using TrueCrypt, including creating and mounting a secure TrueCrypt volume. ... IT & Software 288,366 views. ... 13:53. How Bitcoin Works Under the ... Send fake bitcoin transaction to friends and family. Prank Your Friends Send them bitcoin into their wallets that will never get a confirmation and will disappear after some time. Are you looking ... free bitcoin, bitcoin, bitcoin mining, btc generator download, free eth adder, soft to get crypto, free btc, ethereum high, bitcoin generator, free bitcoin generator, free bitcoin mining, earn ... Btc genrator official software working 2020 in Blockchain hack June 20 2020 - Duration: ... hacking bitcoin wallet (Hack Binance wallet) bitcoin generator July 07 2020 - Duration: 1:40. Next up, our platform is worldwide, you can use any bitcoin wallet to receive your profits, it has never been so easy to mine Bitcoin, you do not need to invest in large and expensive hardwares ...