Butter that paid with pedo pesos to download CP got arrested thanks to blokechain analysis
So this subreddit is basically a bunch of pedos discussing weather or not they will eventually be caught for using a bullet proof hosting server that got busted and hosted CP, at least one of them got caught (unfortunately got released with no charges so far) https://old.reddit.com/depfile_discussion/comments/g3s77v/my_experience/ One of the most frequent posters and mods in that sub is named u/lolita_lopez2, definitely not a pedo right? Edit: Still reading around through that sub, wow these guys know a lot about CP, given their tone and the lack of any shame or disgust towards pedophiles, I can only conclude that these guys are pedophiles, they aren't just discussing the case because of an interest in cybercrime, they are there to reassure each other that they won't get caught. Since the sub is now set to private, this is what he said.
I only just found this sub. I'm posting info that might be helpful, and I'll try to answer questions if I can. I was arrested in 2018, released under investigation (this means no restrictions on my freedom and movement), and the investigation was closed recently, with all my property returned. I'm not going to give dates. I used the following security measures: encrypted folders with truecrypt, separate devices, vpn, tor, fake cock.li email, throwaway usernames, bitcoin purchased from the street. I was caught when they connected a transaction to another wallet to another wallet to an old exchange account which had been deleted for years (from when I first started using bitcoin, it was a stupid mistake). Unfortunately the exchange account was verified with my name and address. I probably consolidated my coins into a new wallet at some point, which could be connected in some way to another wallet I used. In retrospect, bitcoin transactions are permanent so it doesn't matter how long ago and how many transactions/wallets ago they were, if it looks like a simple transfer from wallet to wallet, they can calculate a likelihood that the wallet owners are the same person. The transaction was from an account which they linked to a couple of downloads of specific files that they had verified was illegal. Note that they only identified a couple of files, I don't know if that's because they had only identified a small number of files in total, or if they stopped there for me because that's all they needed to proceed. The downloads were made at least a year before, probably much more because I had stopped using depfile for a long time already. They had no hard evidence it was me but that connection was all they needed to raid me and confiscate all devices in my home. I spent a day in jail while they searched every corner of my home, then a recorded interview with lawyer present, then they sent me home. I was not under any restrictions, I left the country on holiday several times without issue and if I wanted to, I probably could have disappeared to another country. They did recover some deleted files (my mistake) and asked about it in follow-up interviews. The files were definitely reviewed by a human because they were described in detail. In the end I wasn't charged (not enough evidence or not serious enough to warrant further resources in court) and the investigation was closed. Almost all property was returned. Some devices were destroyed because they contained questionable material or looked like they did at some point in the past. A couple of points to note: The police were very discreet, probably because they didn't have hard evidence and were wary of making a false accusation. After everything, nobody knows about what happened (I live alone). They told neighbors that I was assisting them with a case. Work/colleagues/family/friends are unaware. I did have to lie about why I had no electronic devices left in my home. The search through my home was very thorough, they really went through every bag/containecorner. All the pockets in all my clothes were checked. A whole team of 4 or 5 people spent 12 hours in my home while I spent the day alone in a cell, waiting for a lawyer to arrive. Despite being so thorough, they missed a few devices (which weren't even hidden), and took some non-electronic objects by accident. No cloud accounts were accessed (or I am simply not aware of it). No questions were asked about my encrypted folders. They did demand passwords for all devices/drives (which I am legally required to give). I think if I had used encrypted drives instead of encrypted folders, I would probably be screwed. Some files were definitely reviewed/watched by humans (they were described in follow-up interviews) but for the most part it was probably automated, and just flagged up some of the more suspicious files. This is probably why the encrypted folders were ignored. If a human had looked at my drives, they would have easily noticed a huge chunk of it was inaccessible. After using the phones that were returned, it looks like they they may have gone through it by hand because every app was open, file browser, download history, chrome history tab was open, etc. Or maybe that's just a side effect of whatever tool they use for android phones. I know that they can search hard drives without leaving a trace (by cloning the drive or blocking writes). They fixed my old broken hard drives and phones. If you haven't heard anything by now, you're probably in the clear. (No promises)
Using Electrum and Bootable Ubuntu USB to Create a Secure Cold Storage Wallet
Here is a short guide that is hopefully newb friendly for creating a cold-storage wallet with Electrum. All you will need is at least one USB flash drive with at least 2 GB of free space, your PC, and pen & paper.
The first step is to create a bootable Ubuntu flash drive. Ubuntu is a free open source Linux distribution that is very newb friendly, don't be intimidated. Assuming you are a Windows user just follow, these directions on how to make a bootable Ubuntu USB drive.
You will need The Universal USB Installer, as well as the Ubuntu .iso image file. Choose the 32 bit version to be safe. Download both, plug in your USB flash drive, and launch the installer. Select Ubuntu in Step 1 in the installer. Then in Step 2 browse and locate the Ubuntu .iso image file you downloaded. Then in Step 3 select the drive you have inserted, as well as click the box to format the drive and erase contents. Do NOT set a persistence as this will reduce the security. Then click create and wait for it to finish.
Once done creating your Ubuntu bootable drive, you will shut down your computer. Then with the USB stick plugged in you will boot the computer up. The computer should boot into the Ubuntu stick instead of your regular hard drive. If it failes to do so, then when booting press F4 or other command to enter BIOS menu. Then go to boot order options and change the boot priority so that it boots to an external/usb device first before the main hard drive.
Once booted into Ubuntu, make sure to click "try ubuntu". You are only trying it out on the USB, and not installing it onto your main hard drive. The reason for using the bootable drive is everything exists in memory and mostly disappears when you shut down Ubuntu.
Once booted, you can connect your internet connection to download Electrum. Go to the software center on the left side bar, it looks like an orange shopping bag. Search for "electrum" and then download and install Electrum. After this its very important to DISCONNECT the internet and NEVER turn it back on until you shut down Ubuntu.
(It would be more ideal to install electrum in a complete cold environment, but I have heard that could cause some problems with Electrum at this time and it is best to install it while connected to the internet. But if you want true cold storage you must have zero internet connection at the time of creating the wallet. Since we are disconnecting before Electrum creates the seed, we should be good.)
Once the internet is disconnected, then go ahead and launch Electrum. Choose the option of creating a new wallet, and write down the seed phrase on paper. Also record some of your public addresses. Also you can enlarge electrum to the entire screen then click on "wallet" on the top left, then click "Master Public Key", and you can copy the Master Public Key which will allow you to reconstruct all of your addresses for that seed. The Master Public Key can also be used to create a watch only wallet in Electrum, just choose "watch only option" when creating the wallet and when prompted enter your Master Public Key.
At this point you are done, just shut down Ubuntu to make sure the evidence of the seed is erased. Then you can send Bitcoins to your cold storage wallet. You have effectively created a very secure cold storage wallet, in my opinion. To restore the cold wallet, just launch electrum and choose "restore wallet" option, type in your seed, and voila you have a hot wallet ready to spend again. Extra:Using Truecrypt Encryption Bonus tutorial is if you would prefer to save your seed on another USB or digital device. It is not recommended to do this, unless the seed in encrypted. Even then I would only leave it on a USB and not plug it into any hot device just to be safe. I would recommend Truecrypt although its possible the NSA has hacked Truecrypt, so use at your own risk.
To install truecrypt on Ubuntu, I have found this seems to be the best method using the PPA by Stefan Sundin. Open a terminal and execute the following commands:
Hit enter after each command. If it asks permission, press y. Sometimes I had problems getting commands to work in the past. For some reason first installing flash from the software center fixes the problem, but I have no idea why.
Once installed then just type "truecrypt" in the terminal and press enter, and truecrypt will launch. Then go ahead and click the create volume button. Choose create an encrypted file container and click next. Click Standard Truecrypt volume and click next. Then select a name and location for your file and click next. Then I usually choose AES-TwoFish-Serpent encryption algorithm and RIPEMD-160, then click next.
Choose a size for the file, probably 5 MB is enough, but by all means choose more if you want to hold more files. Click next and make sure to choose a SECURE password for the file. If you don't pick a good enough password it will be brute forced easily. Use numbers, letters, capitals, lowercase, symbols, and make it long as possible. Try to have it something you can memorize if possible. Then click next. Then format it as FAT, and click next. Move your mouse around for entropy and then click Format, and your truecrypt container has been created.
Then click exit, and go back into truecrypt's interface. Click the first slot in the rows, and then click "select file" underneath. Choose the file container you just created. Then click mount and type your password to mount the container. Once mounted you have access to the container and can drop files inside, and access the contents as well. Once done, dismount the file, and save it where appropriate.
I think this is a decent easy to follow tutorial. Hopefully this can help some newbies out, if I made any mistakes please feel free to correct me. Edit: Sorry formatting sucks.
Electrum: Verifying the download's authenticity using signature or other means?
I frankly do not see how a non-technical person would have much chance of verifying that the Electrum executable is authentic using signatures. If this is important to do -- if there is a danger that one could accidentally download a malicious version of Electrum -- then how can this verification be explained so that anyone can do this?
First of all, there's nothing you can do about the vote. Calling your Reps, I mean they don't give a s*t about you. We know that. Don't waste your time. They know our position already. Internet has spoken. We don't like it. We don't want this. They won't listen. Revolving door and lobbying > Internet. But you can do stuff about your privacy even if this passes
No longer recommended as they are universaly useless now. Nearly all VPNs are now being blocked by VPN provider's public IP range by a bunch of collusionary industry a-holes including but not limited to Netflix, Hulu, Amazon, Paypal, all MSM, anyone using top 5 credit card processors and ACH due to Obama era legislation and anti-citizen tomfoolery. Ask yourself: Why would a company that you login to with your credentials care if you use a VPN or not? A: they shouldn't but someone is leaning on them to block your VPN and it's the american intelligence community
Could Bitcoin be the catalyst that finally makes the typical computer user take security seriously? (Also, how to build a secure offline computer)
With all the inevitable posts from new users jumping head first into this 'magic internet currency' from malware infected systems using weak and/or duplicate passwords and no proper backups who then go on to mysteriously lose all their shiny new Bitcoin, it made me realize that money is a powerful motivator. Depending on how much is lost it will probably only take one or two instances of losing money before most people start to understand what we tech guys have been trying to tell you this entire time. While we're on the subject, I will repost for you a comment I made to the security guide (permalink here) detailing my procedure for building a secured offline system for anyone wishing to protect large (and small) amounts of Bitcoin.
Take an old computer and first epoxy the ethernet port so it is not able to go online. Remove or disconnect any WiFi and/or Bluetooth cards, and any other networking components. Disconnect and/or disable any microphones and speakers.
Install Windows completely formatting the drive in the process. Many users here will tell you to avoid Windows and use Linux but since this computer is completely offline it does not much matter. Use your preferred OS. I additionally uninstalled and/or disabled certain services critical for networking but otherwise unneeded for normal operation. It is also good to disable any other unnecessary services. Be sure to disable autoplay. Set the BIOS to not automatically boot from CD or USB. You can set up BIOS security as well but if you do, be sure document the passwords.
Install TrueCrypt and fully encrypt the system drive. All software installers and other files will need to be transferred via a thumb drive. Use an extremely strong password that you do not use elsewhere. MEMORIZE THIS PASSWORD AND WRITE IT DOWN TEMPORARILY ON A PIECE OF PAPER!!! NEVER ENTER THIS PASSWORD INTO ANY OTHER COMPUTER OR DEVICE. Let the encryption process complete 100% before proceeding. Reboot the system and test to ensure you are able to decrypt the drive and log in to the operating system.
Install Armory, KeePass, Foxit PDF, CutePDF writer, and Eraser. You may wish to install Electrum as well. You will need a printer so it may be necessary to load a driver for it as well. If possible, use a printer without network capabilities or persistent memory.
Create a KeePass file. I always secure KeePass with a key file in addition to a password. Do not use the same password for the KeePass file as you used to encrypt your drive. This password should also be memorized. DO NOT ENTER YOUR TRUECRYPT PASSWORD INTO THE KEEPASS FILE! You can however enter your windows and bios passwords if you like. I also configure KeePass to generate random 30+ character passwords using upper, lower, and numeric.
I generate my wallets in Armory. Since this computer is offline Armory does not require a great deal of resources and will not download the blockchain. Note that you will not be able to check balances from this system. I secure each wallet with a separate KeePass generated password and document these in the KeePass file. I then generate watching only wallets that I store to a folder on the offline computer and also attach them to the associated KeePass entry for ease of access. DO NOT ATTACH YOUR ACTUAL WALLET, OR ANY DIGITAL OR PAPER BACKUPS TO KEEPASS! I also create a paper backup and save this on the offline computer using CutePDF Writer as well as a digital backup of the wallet file. Since Armory creates deterministic wallets, these are the only backups you will ever need. Print the paper backups and place them into a tamper evident envelope. Keep this in a secured location such as a safe deposit box. NOTE: This can also be done using Electrum but Armory has a much better interface and multi-wallet support. The online version of Armory however does require a robust computer and a full download of the blockchain. I will use Electrum only if I expect that the specific wallet I am generating will be the only wallet monitored on an online system with limited resources.
Create a text file on the offline computer documenting the TrueCrypt password and key files, KeePass password and key files, the operating system and BIOS passwords, as well as instructions on how to access the offline computer, TrueCrypt file, KeePass file, paper wallets, key files, and any other critical information they may need. Print this out, place it in a temper evident envelope, and keep it in a second secured location available to whomever might need access to it in case of death or an emergency. Be sure you and they have access to unencrypted copies of your key files. You can now destroy the paper on which you originally wrote your TrueCrypt password.
Create a TrueCrypt file on the offline computer. For simplicity you can use the same encryption password as you did for the HDD earlier but you may also wish to add a key file. Place copies of the KeePass file, digital backups, watch only backups, and anything else you may ever need should the offline computer fail. Optionally, you can also add the paper backups and written instructions (read paragraph in italics for considerations). You can now copy the TrueCrypt file to a thumb drive and from there various other locations from where it may be reliably accessed.
You may wish to choose not to store copies of the paper backups in the TrueCrypt file. The paper backups are enough in themselves to fully restore your wallets and spend funds, therefore, if somebody does manage to open your TrueCrypt file, they would have total control over your Bitcoin. By not storing the paper backups in the TrueCrypt file, you ensure someone would need access to both the digital backups (stored in the TrueCrypt file) and the passwords (stored in KeePass) to move funds. The same holds true for the offline computer. If you do choose not to save the paper backups (or delete them using Eraser), even if somebody manages to decrypt your drive they will still need to open KeePass to spend your Bitcoin. For this to be effective however, you must be sure not to copy the instructions file you created earlier into the TrueCrypt file, or in the case of the offline computer, you should use Eraser to delete it, because it contains your KeePass password. The main disadvantage to not including these files would be if, unbeknownst to you, one of your digital wallet files were corrupt. If this were the case and for some reason you cannot access the paper backup you could lose your coins. You can test the integrity of an offline wallet without compromising security by signing a message from the offline computer using the private key then, from another computer, validating the signature against the public key. IMPORTANT: IF FOR ANY REASON THE TRUECRYPT FILE IS EVER DECRYPTED FROM A SYSTEM OTHER THAN ANOTHER OFFLINE COMPUTER OVER WHICH YOU HAVE COMPLETE CONTROL, ALL YOUR WALLETS AND ENCRYPTION KEYS SHOULD BE CONSIDERED COMPROMISED. IF THIS OCCURS, I ADVISE YOU TO REPEAT THIS ENTIRE PROCESS USING COMPLETELY DIFFERENT PASSWORDS AND TRANSFER ALL BITCOIN TO THE NEW WALLETS!!! Even though the KeePass file does contain all of your wallet passwords, since it holds neither any wallet backups nor your TrueCrypt password, even if an attacker gains access to this file your Bitcoin will be secure. Still, if you suspect the KeePass file to have been compromised you should again at the very least create new wallets using different passwords and move your coins (and don't forget to back them up again!) That is it. You can now set up a fully operational copy of Armory (or Electrum) on an online system and import your watching only wallets as well as your KeePass file. These can be copied unencrypted from the offline computer to a live system via a thumb drive. (Just be sure that you are not also copying your actual wallets, digital or paper backups, or instructions file.) This way you can track balances and receive Bitcoin. If you ever need to spend any Bitcoin, you can create the transaction from your online computer and sign it with the offline computer using a thumb drive (Armory makes this very easy). For added convenience, you can import a full digital backup of one or more of your wallets to hold smaller amounts of Bitcoin on your live system so you don't have to sign minor transactions offline. Just remember that whichever wallets you do bring online should never again be considered as secure as those kept completely offline.
Safety of open source Bitcoin wallet software/apps
Open source software are considered safe/safer because the source code can be audited/reviewed. This thread is not about the source code, but the potential risk caused by the compilation process, or in other words, the possibility that the software/apps aren't complied from the claimed source code. Here is a link about some version of TrueCrypt's Windows executable being suspicious: https://blog.cryptographyengineering.com/2013/10/14/lets-audit-truecrypt/
[T]he Windows version of TrueCrypt 7.0a deviates from the Linux version in that it fills the last 65,024 bytes of the header with random values whereas the Linux version fills this with encrypted zero bytes. From the point of view of a security analysis the behavior of the Windows version is problematic. By an analysis of the decrypted header data it can’t be distinguished whether these are indeed random values or a second encryption of the master and XTR key with a back door password. From the analysis of the source we could preclude that this is a back door… As it can’t be ruled out that the published Windows executable of Truecrypt 7.0a is compiled from a different source code than the code published in “TrueCrypt_7.0a_Source.zip” we however can’t preclude that the binary Windows package uses the header bytes after the key for a back door.
So my bitcoin is pretty secure right now (TrueCrypt containers in [mostly] offline computer), but it's been a couple of years so I think it's time I upgraded to fully offline. I plan to: - Install a fresh copy of Windows onto a spare SSD by USB booting my laptop. - Download and install Electrum, write down the 12 seed words on paper and put it in my safe. - Transfer my bitcoin to the address in the Electrum client. I might encrypt the whole OS with TrueCrypt, but physical security is not really an issue for me. My main concern is that I've picked up something on my current host, so will need to virus + spybot + adaware + malwarebytes that computer before I decrypt the container and send the bitcoin across. I'll also need to destroy the several backups I have spread across multiple hard drives...I know they will be empty but it's confusing to have so many TrueCrypt containers. Anyone have extra suggestions or tips? PS. I'm pretty set on moving to Electrum because of the seed/recovery feature and ease of use. I'm not a fan of pure paper wallets because change addresses etc. get annoying.
A n00b vents: barrier to entry of bitcoin, the implications for general uptake, and the future
Being mindful of the general truism whereby you forget how hard something was to begin with once you get setup into the pattern of efficient minimal usage, it felt like a good time to vent, slash get the opinions of the community. The problem: once someone has been titillated enough by the prospects of bitcoin, they'll then try to get into it. How many will fail? Let's be honest, on a quite-nerdy website, we're probably relatively a lot nerdier, so should arguably be finding these things very easy if we hope that the general populace will be adopting, no? My experiences:
Downloaded a popular bitcoin wallet for linux. Unexpectedly had to run my machine for a week to download the blockchain. Huge papercut.
Strongly recommended to fully encrypt machine & adopt vastly improved security policies (tor, truecrypt, etc), in line with post-snowden recommendations (i.e. not bitcoin specific, per se). There's a shit-ton to read (papercut), and loads to do for this (papercut), taking hours of boring time in my spare time (papercut) and requiring many changed practices (papercut).
I did some free bitcoin taps then gave up. No idea where that account is now (papercut) & don't know if it can be accessed without doing the whole downloaded wallet again (papercut). Lost bitcoins probably worth about 10c, I guess. Technically now everyone's richer. You're welcome.
Trying again, months later. Decided to use BIPS as an eWallet needs less total encryption security AND they also do wire transfer with BIC & IBAN. Downloaded & ran Tor again. Spent 2 hours going through the account setup process (papercuts abound): they don't tell people what's required beforehand so you're constantly booted out while looking for bank details, utility bills & government photo ID documents in digital format, printing verification keys and downloading google authentications apps. Again, as per my first point, you only do this once... but how many people will hit a few of these frustrating hurdles and just say "fuck this, i'm out"? They also have a problem on their page whereby you can't select the currency you want to convert to bitcoin from - not bitcoin community's fault & I emailed BIPS about it, but another papercut.
MY OVERALL POINT There's loads of evangelism going on in bitcoin, which is great (not sarcasm), but I wonder to what extent part A (getting people interested) is being undermined by part B (people being able to get onboard)? Is there a step by step guide, or flow diagram, for how people should get onboard once they've decided they want to? This and this is good, but maybe should be expanded to include the security one should have and a stepwise guide to get there, plus what to expect/prepare when signing up to the wallet sites? TLDR: technical papercuts barrier uptake to bitcoin, thus working against the promotional work of the community. How can these be reduced? Have they been improving with time?
Free tools to keep your Bitcoins safe in a windows environment (for dummies)
There are a lot of windows users who are losing bitcoins because their lack of knowledge in basic computer security. I would like to offer some easy to use free software and practices to help protect your bitcoins. (I'm not affiliated with any of the companies mentioned) Software:
Hey! I just bought some bitcoin on an exchange website. As I plan to keep them for a while (5 years maybe, something like that), I'd like to know what the best way of keeping my Bitcoins secure. I read lots of tutorials but there are so many methods... Here is what I thought to do, could you give me a feedback please? 1) Download a Ubuntu Live CD and put it on a USB stick 2) Start my everyday notebook with the USB stick, launching Ubuntu 3) Create an offline wallet using either bitadress, Armory or something else. Which one is the safest you think? 4) Encrypt the wallet using TrueCrypt 5) Burn it on a disc or putting it on multiple USB stick 6) Check the balance with blockexplorer And if I want to recover the money, I launch Ubuntu Live CD, this time connected to the internet, decrypt the wallet, import it via Armory then transfer the Bitcoins to some exchange website. Does that sound right? Is it better to look for paper wallet? Thanks!
A helpful discussion about wallet security (esp. Electrum)
I was recently contacted via private message by a redditor who read a comment of mine about wallet storage (I assume this comment). I think there was quite a bit of useful information in it for other bitcoin beginners, so I am reposting it here in full (with permission). The redditor in question wanted to remain anonymous though. I hope this is of use to some of you here! From: Anonymous Redditor
I saw your post regarding your wallet storage and had a few noob questions if you don't mind. My plan is similar to yours but I was unsure whether to use armory or electrum (electrum's seed creation scares me a bit). You mentioned you have a bootable LINUX (ubuntu?) USB stick that you keep your wallet on....do you only boot this onto an always offline computer? Do you use something like Truecrypt to further protect your wallet.dats? Thanks for your time!
My plan is similar to yours but I was unsure whether to use armory or electrum (electrum's seed creation scares me a bit).
For me it is the other way around. Armory (and bitcoin-qt) scare me. Armory is just a wallet. It still needs bitcoin-qt running in the background. For me the problem is two-fold: 1) Size bitcoin-qt (and armory) need to download the entire blockchain. That 13+ GB that takes hours to download and days to verify. And if you ever lose it, you need to do it again. 2) Random keys armory and bitcoin-qt generate random private keys. You get 100. If you use a few (you use them when you send coins for example) then new ones are created. So, if you create an armory wallet and make a backup, that backup will have 100 keys. Then, if you make 33(!) transactions, your 100 keys are used up and you will have 100 different random keys. If someone then steals your computer (or your house burns down) then you cannot use your backup anymore. It only has the 100 old keys and none of the new keys. So you have lost all your bitcoins. Why 33 transactions and not 100? Because of change addresses. If you have 10 BTC and send me 2 BTC then most wallets will create 2 transactions. 2 BTC from your old addres to me, and 8 BTC from your old address to a new (random) address. This process costs 3 private keys. 2 keys for the transactions and 1 key to create a new address. This means that after every few dozen transactions you need to refresh your backup so it has the newer keys. For me that is impractical. It means that I need to keep my backup close by because I often need it. Electrum does not have this problem. The seed solves this. Private keys are not random but are created from the seed. If you have the seed then you have, by definition, all the private keys you will ever need. Your backup can never be out-of-date. This is easy for me. I save the seed in a file, encrypt it, put it on an USB stick and give copies to a few family members who have safes in their homes. If my computer is ever stolen, or my house burns down, I can go to a family member, decrypt the seed file and use the seed to restore my electrum wallet. Even if that USB stick is 10 years old.
You mentioned you have a bootable LINUX (ubuntu?) USB stick that you keep your wallet on....do you only boot this onto an always offline computer?
It depends on how secure you want to be. For maximum security, keep the computer always offline. But if you want to spend the bitcoins from your wallet, you will need to be online. I use the USB stick for my savings account. It only receives coins and I do not send. So I do not need to boot up my USB stick. I have created a second wallet on blockchain.info that I use for day-to-day transactions. All BTC I receive goes to my blockchain account. Then I transfer a part of that to my savings account and only keep a bit of change that I need in the blockchain account.
Do you use something like Truecrypt to further protect your wallet.dats?
No. Electrum does not have a wallet.dat. It has the seed. I simply copy the seed to a TXT file and encrypt it using GPG and symmetric encryption. Example:
Make sure you use a password that is strong and that you cannot forget! If you need to write the password down on paper and your house burns down, then you cannot decrypt the seed anymore!
From: Anonymous Redditor
Forgive the naivety here: Correct me if I'm wrong - The safest way to generate your wallet seed is on an offline computer correct? So, theoretically, generate the seed on an offline-only computer, copy to txt...encrypt. back up on multiple USB's. Then on your online computer, load electrum and import Seed? Thanks so much for the thorough explanation! I'm a potato when it comes to reddit's bitcoin tip bot. Send me an address - would like to send some internet magic money your way.
The safest way to generate your wallet seed is on an offline computer correct? So, theoretically, generate the seed on an offline-only computer, copy to txt...encrypt. back up on multiple USB's. Then on your online computer, load electrum and import Seed?
Not quite. The risk with an online computer is malware and people breaking in. If you generate the seed on an offline computer and then move it to an online computer, you don't really take that risk away. You still have your wallet on an online computer which you use for day-to-day work and which is exposed to hackers and malware. I suggest you make two wallets. One wallet is your "savings" wallet. You can use the USB stick Linux for this. Generate the wallet offline, backup and encrypt the seed onto multiple USB sticks and note down the bitcoin address somewhere so you can transfer funds to it. The only time you should use the USB stick to go online is when you want to transfer funds out of your savings wallet. The, on your normal computer (or your smartphone if you prefer), create a second wallet using a different password. This is the wallet you keep only a little money in for your day-to-day transactions. Note down the seen, encrypt (with a different password than you used to encrypt the seed from your savings wallet) and add it to the USB keys. You can use Electrun for this second wallet as well, but you can also use something different. I use a blockchain.info wallet for my day-to-day expenses. Whenever you have a larger amount of bitcoins in your day-to-day wallet, transfer some to the wallet on the USB stick. You don't need to boot up the USB stick for this. You only need the address you wrote down. When you want to spend a large amount of money, boot up from the USB stick and transfer coins from your savings wallet to your day-to-day wallet. Reboot into your normal computer and use the day-to-day wallet to pay for what you wanted to buy. The core of the issue is simple: Don't store a lot of money in a wallet on a computer that you use a lot. Computers that are used a lot get attacked a lot. Simple :-)
Thanks so much for the thorough explanation! I'm a potato when it comes to reddit's bitcoin tip bot. Send me an address - would like to send some internet magic money your way.
That is very kind! My address is: 1PAXiscvKoGRJ5XxMZvri3CMNeKYYb8wMQ
From: Anonymous Redditor
You are awesome:) Thank you again for the insight! Sent some your way.
I don't know. You would be better off asking this on www.ubuntuforums.org for example. I don't know if that computer's hardware is compatible with Ubuntu. Speed-wise the bottleneck will be the USB stick and not the CPU or memory. USB sticks are much slower than hard drives. Note that you don't have to buy a computer for this. You can use the computer you already have and still run Ubuntu off an USB stick for your Electrum wallet. What I said in my previous post about not using your day-to-day computer for your wallet, with that I mean the operating system and software. Not the hardware. Unless you're afraid someone put a hardware keylogger inside your computer :-)
From: Anonymous Redditor
Fascinating! My tin foil hat is in full effect:) Thanks again for your time and patience.
Your welcome. Have fun with bitcoin! Oh, I have a question for you now. Would you mind if I repost our entire private conversation here to /BitcoinBeginners? I think other redditors there would also be interested. And if I can repost it, do you want your username in there or should I replace it with "Anonymous Redditor" or something?
From: Anonymous Redditor
You can certainly repost it! And yes, if you wouldn't mind removing the username I would very much appreciate it. Thanks for asking btw!
Anyway, I hope this is useful for some people out here.
NoooooooooooO!!!!oO!!!O!!!!O!!!!!!!! (don't research security while drunk...)
I got a phone call from my bank yesterday saying they were concerned about some suspicious transactions on my account during the day, including £1.36 from a supermarket in the Chicago, and £1.15 at a petrol station in Los Angeles. Now, as I live in Scotland, those were clearly fraudulent. So, they cancelled my card, as they should. Now, this got me thinking about security. Despite being fairly tech- and net- savvy, I have to admit that pretty much ALL my passwords, for all the sites I use (including my bitcoin wallet), were the same, or very, very similar. And they were all very short. Like hunter2 quality security. I know, I know, that's bad, bad behaviour. So, after getting home from the pub (and having consumed a great quantity of Laphroaig Quarter Cask... Yummmm!), I downloaded Keepass, and started changing passwords. I also put my dogecoin wallet.dat file in a Truecrypt drive. I used the Keepass password generator for all these, making a 12 digit alphanumeric random password for each of them. My Keypass password was a simple phrase. Something memorable, but long enough and containing a couple punctuation marks. Something very, very secure. Unfortunately, and I'm sure some of you could see this coming..., I have no idea, not the foggiest, not even any idea where to START remembering what it was. Nothing. Maybe it's the lyrics to a song. Maybe it's a joke. I don't have a clue. I've been trying to remember it all day, but to be honest I don't even remember leaving the pub. So yeah. Fuck. I had about 22 000 coins in there. I mean, it's not the END of the world, I will just have to sign up for another couple free Azure trials, and wait a couple weeks to re-mine it all. But fuck, 22k, I was really surprisingly proud of that! So, in conclusion, kids, don't research security when you are drunk. Or, if you do, for fuck's sake write down the password somewhere! I also can no longer access any of the other forums I was a member of. Luckily I didn't change my email password (yet!) so I could re-set my Facebook and Reddit passwords.. I would have been fucked if I had locked that one too! Still, the whisky was lovely. I will buy myself a bottle as soon as I've mined enough to pay for it. :)
This is my work-flow for cold storage and BTC management. Any gaping holes?
Preparing my cold-storage wallet: 1. Using my Windows laptop, go to Bitaddress.org and save the web page on a USB stick 2. Download Ubuntu and burn the ISO onto a DVD 3. Boot my Windows laptop into Ubuntu. Make sure I am off-line. 4. Insert the USB stick and open the Bitaddress.org file. Go to the Bulk Wallet tab and create 10 public/private keys 5. Copy the public/private keys into Notepad and save it on my USB stick. Remove it from my laptop. 6. Plug the USB stick into a desktop PC that is directly connected to my printer and is off-line. Print two copies of the 10 pubic/private keys 7. Keep one copy in a locked fireproof box hidden in my home and one copy in a bank safe box 8. Option: Also scan or photograph a copy and keep it in my TrueCrypt vault on my PC. 9. Erase the notepad file on my USB stick. Buying and storing my BTC: 1. Purchase BTC via Coinbase using my everyday Windows laptop - but using 2FA 2. Only keep a small amount of BTC in my Coinbase account for spending. 3. Send the rest (in increments of 0.5 BTC) to the various addresses that I have listed on my hard-copy print out. 4. For reference, keep a spread-sheet in TrueCrypt of just the Public addresses and amount I have deposited. Spending, Selling and/or refilling my on-line Coinbase wallet: 1. Import the complete contents (0.5 BTC) of a cold-storage wallet into Coinbase using the online import wallet function. 2. Since I have now risked exposure of the private key for this address, I will never use it again. 3. Spend or sell BTC as needed 4. If I don't need the entire 0.5 BTC that I have transferred into Coinbase, I will send the change back to the next open address in my bulk wallet. To me this seems like a simple and safe method to save and manage my Bitcoins. Is there very much risk here?
THROWAWAY: Many months ago a friend of mine gave me some bitcoins. In fact, he gave me 10 bitcoins and told me to hold on to them, and now my little wallet hold almost 2,000 virtual dollars. I am not sure that I want to sell my coins yet, but if the value keeps rising, I will need a better way to store my coins. Right now I am holding them on blockchain.info (thanks to my friend), and I use the Chrome extension in order to keep my account more private and more safe. However, I have been reading a lot on here about why I shouldn't hold large amounts in a hosted wallet. So I decided to download the bitcoin qt client for my Ubuntu machine, but since my computer is so old, it freezes and crashes before the blockchain downloads. So my question is: what is the best way to store these coins if the price skyrockets? At what point do I stop trusting online wallets? I mean, I really don't want to hold a 100,000 dollars online, although I have a feeling that some people do. I have a garbage computer and the Bitcoin-QT software doesn't play nice. I am also having some trouble with Electrum and I don't want to lose my coins. Isn't there a way I can just download a copy of my wallet from blockchain.info and back it up in on a secure flash drive (like in a truecrypt container). Or do I really need to have bitcoin software installed? If so, I may have to buy a new computer.
Hi All, I'm partially making this post as a guide of sorts, but also for the more experienced members to give some feedback about how to improve the security or practicality of this setup. As the setup evolves, I'll keep this post up-to-date with the changes. My goal was to keep a highly secure wallet, while maintaining maximum practicality and effortless backups of the important data; Something that you'd be comfortable giving to a technical n00b or your mum. I wanted the ability to have my wallet available for transactions very easily, but store it securely when it wasn't needed. This is not intended to be a cold-storage or offline wallet. Most non-tech people don't have access to a spare pc/laptop that they dedicate as an offline wallet. Paper storage and brain wallets are also an option, but I frequently lose paperwork and forget things. So here's my mini guide: TL;DR:
TrueCrypt Volume stored on Dropbox.
TrueCrypt 2FA via password & keyfile
TrueCrypt Keyfile stored in a non-dropbox folder path (that's backed up elsewhere)
Electrum Portable run from TC Volume
Electrum Seed words stored in an encrypted Evernote note
Batch file used to auto-mount the TC Volume and start Electrum
TC Volume automagically dismounts after Electrum is closed
Volume Password: (Use a nice, long, easy to remember passphrase)
Tick "Use Keyfile": Generate a new keyfile (I used the default Whirlpool hash) and save the keyfile to a different path outside your Dropbox.
Backup your keyfile (not to Dropbox!)
Format the volume to finish.
2) Use TrueCrypt to access your new encrypted Volume
Open TrueCrypt and pick a free drive letter
Mount the encrypted file that you created in your Dropbox earlier
Enter your passphrase
Use your keyfile that you stored in another folder
3) Explore the Encrypted Volume Open "My Computer" and you should have a new Hard Drive called "Local Disk"
Rename the disk to be something more memorable. I called mine "Electrum"
Copy/download/save the Electrum Portable software to the new encrypted drive.
4) Create your new Bitcoin Wallet
Run Electrum Portable from the encrypted drive
Create a new wallet
Copy the 12 words of the wallet generation seed.
Save the words to a secure location. (I use an encrypted Evernote note)
Re-enter the 12 words to continue
Pick a password for your wallet. (Use a Passphrase as you did earlier)
That's your Wallet created :)
Dismount the Encrypted Volume
5) Auto Launch the Encrypted Volume & Electrum Create a batch file on your desktop (I called mine OpenWallet.bat) Edit the file in Notepad and Paste the following text:
:: ------------ User Variables ---------------------------- :: Set these to your own liking SET SecureDriveLetter=P SET EncryptedContainer=C:\Dropbox\!Secure\personal_wallet SET KeyFile=\\nas\backups\protected\personal_wallet.key :: ------------ /User Variables ---------------------------- :: ------------ System Variables ---------------------------- :: Generally don't need to change unless the paths are wrong SET TrueCrypt=%ProgramFiles(x86)%\TrueCrypt\TrueCrypt.exe SET ElectrumPortable=electrum-1.9.5-portable.exe :: ------------ /System Variables ---------------------------- "%TrueCrypt%" /v "%EncryptedContainer%" /l %SecureDriveLetter% /a /h no /keyfile "%KeyFile%" /quit Start "Electrum" /wait /d %SecureDriveLetter%:\ %SecureDriveLetter%:\%ElectrumPortable% "%TrueCrypt%" /d %SecureDriveLetter% /quit ::pause
Edit the User Variables section to your liking and make sure that the System Variables paths are correct for your system. 6) Open Your New Secure Electrum Volume Launch the OpenWallet batch file from your desktop. You should be prompted for your TrueCrypt volume password. Once the correct password is entered, your secure drive will be mounted as P: Drive. Electrum will open and be available to use as normal. After you close Electrum, your encrypted volume will dismount until the next time you run the batch file. Dropbox will store a copy of your encrypted volume and sync it every time it changes.
Some questions about the blockchain, wallet.dat, and Truecrypt on Windows
1) Do I need to download the entire blockchain before I can send bitcoins from the official bitcoin client, even if blockexplorer.com says my address has received them? The blockchain is taking a long time for my client to download and my balance is unchanged. (On getblockchain.com, the blockchain is currently 475MB compressed and 1.42GiB uncompressed, although the site is more targeted to linux users.) 2) After following the Bitcoin wiki regarding Truecrypt, if I launch bitcoin.exe with the -datadir option pointing to a Truecrypt container file that contains wallet.dat, does the ever-growing blockchain also have to be in that container file? Can I point the client to one location for the blockchain and another location for the wallet file? 3) Can I leave the blockchain in its normal directory and do I just need to copy wallet.dat out of the Truecrypt container file when I need it? (Or decompress it with 7-zip or decrypt it with GPG4win?) Wouldn't it then be vulnerable to trojans like Infostealer.Coinbit or the metasploit module bitcoin_jacker.rb? 4) Will the plaintext wallet issue be obsolete by version 0.4.0.0 of the official client? And will a headers-only client make it so every user doesn't have to download a neverending blockchain?
Hi everyone, I've been reading all I can about Peercoin, and I'm planning on getting started (slowly accumulating BTC to convert) with Peercoin as soon as I can. I have some questions relating to offline wallet setup that I haven't been able to find the answers to, and I would really appreciate any assistance. I've been lurking peercoin for a while, as well as peercointalk.org. 1 - I notice there are https ways of generating bitcoin/litecoin addresses, but only http for the analogous peercoin site: https://www.bitaddress.org/http://primecoin.org/bitaddress It's funny - I'm satisfied it's 'safe' to download and run the https website on a LiveCD to generate an offline wallet (for bitcoin), but I'm not sure about the http version (for peercoin). Is there really any appreciable difference in risk? Could someone compromise the code hosted on http vs. https? 2 - If I can't use an unsecured http site to generate offline wallets, then I can certainly download the ppcoin-qt client and run that in LiveCD. I can get a receiving address, but I can't figure out how to input the analogous command to dumpprivkey that I see referenced for Bitcoin-qt. Is this command prompt not available in the current version, or do I have to setup a ppcoin.conf file in order to access the command prompt? I would want to write down (on paper) the private key associated with my wallet.dat file generated in the liveCD environment just in case I completely mess up any backing up/copying I do of the wallet.dat 2.5 - Which brings me to: Does it matter? Is it easier to just back up the wallet in the liveCD environment, and then store it on a truecrypt volume on a USB key? And then later just mount the truecrypt drive and import the wallet when I want access to the coins? My goal with ppcoin is to buy a few peercoins and then come back a few years later to see what's happened. I want everything to be offline until then. 3 - Can I use blockchain.info to find out about balances at peercoin addresses, or is that just for bitcoin? Is there an analogous service for peercoin? I would just want to check periodically that my offline address still has my peercoins, to satisfy my paranoia. Thank you very very much for any help. I feel like I could set myself up nicely with bitcoin, but I'm just not completely comfortable with peercoin's software just yet. Though I much prefer the idea of holding a few ppc compared to btc.
Hi reddit. First of all, a disclaimer: I'm probably about to come across as very silly. For the record I am very silly. Here's my problem - about a year ago I wanted to get on the bitcoin bandwagon. I suspect like most other people who use the internet, I don't have a very good understanding of how it works and am extra ignorant of how to keep things secure properly. So, I followed some kind of guide I found somewhere on reddit detailing how I could create a wallet and keep it secure using truecrypt. It all seemed to work fine and I bought some bitcoins, put them in a blockchain.info wallet, backed it up on dropbox and promptly forgot about it. Now a year later those bitcoins are worth a hundred times what I paid for them and I'd quite like to get at them. I have a piece of paper with two very long strings of symbols written down, the first featuring punctuation, the second alphanumeric. In my downloads folder I have a file with the filetype 'File' which I dimly remember creating on truecrypt. It is 512000kb large. I opened the truecrypt client and attempted to 'mount' it (whatever that means) and entered the first of these strings. It seemed to work in that it appeared as an 'E drive' and told me what encryption type I'd used, however as far as I can see it doesn't actually contain any files. I then turned my attention to the dropbox backup I made of the wallet upon creating it. My attempts to mount it have met with 'error: incorrect voume size' regardless of the password I've used or which or truecrypt's drives I've tried to mount it on. Attempts to simply import it directly into blockchain.info have met with 'error decrypting wallet: please check your password is correct' using either of the passwords I have written down or any others I use regularly. It seems obvious to me I've done something in truecrypt to the wallet back up or else what is the second password for? However, I don't understand how it works well enough to figure out what I did or how to get back into the wallet so I turn to you, reddit, in the hope that someone who knows about these these things might be able to help me out. Thanks!
So with everything going on (mt gox and others), I'm thinking of doing a cold storage of all my coins. Here is what I was thinking.. First get a copy of Knoppix or a linux distro and make a live CD. Run it on my laptop. Download and install all the QT wallets (bitcoin, litecoin and dogecoin). Let them sync up. I have a address. I will make a transfer to it and test to make sure it goes thru. When it does, I will make a large transfer from my other wallets into it and create my "piggy bank". I will then make a truecrypt drive and place the wallet.dat into it (by the file ->backup wallet setting). Then I will copy this onto a USB drive. I will also keep a copy on dropbox. Since it's encrypted there's n access to the wallet.dat Next, I will do a dumpprivkey for each of the public keys to get the private keys. with that, I will make a QR Code and paste it on a piece of paper with the Public key. Then I got a physical paper in addition to the usb drive which I can keep locked away. Hopefully since I backed up using the qt wallets, I shouldn't have any transaction limits. Thoughts? I've been reading a bit about the transaction limits. Do those apply only when I was to send the coins out? Is there a limit on receiving? For instance, could I say weekly send money to the "piggy bank"? What exactly is the key pool? I'm seeing notes that it is per transaction. Others are per wallet.
[Security] I worked on my BTC security last night. How did I do?
I am getting to the point now where I have a substantial amount of BTC (not massively life changing, but it has turned into more than I have in fiat, which I have accepted and I am ok with.) I wanted to secure these coins for long term safe-keeping, and I have a few questions for you very smart folks.
Would you diversify your coins into multiple security methods, or are you comfortable with using 1 method that you know and trust for all of your coins?
Please pick apart the process I used below to secure my coins:
This was all done on the same computer with the exception of using another computer to add a public key to blockchain.info
Downloaded Ubuntu to a (previously used) flash drive.
Downloaded Bitaddress HTML file and added that to flash drive.
Downloaded Truecrypt Linux package and added that to flash drive.
Downloaded Linux recommended software to properly write ISO to flash drive so it is bootable and used it.
Unplugged network cable/ disabled wireless
Restarted computer and booted from flash drive, running Linux live without installing to partition
Disabled auto-run from USB in Linux settings
Plugged in external hard drive where I plan to store my encrypted volume containing keys
Installed Truecrypt and created a new volume on the external hard drive using a password that exceeds 30 characters and has never been used before online.
Ran Bitaddress HTML file and generated a 'single wallet'
Printed this wallet to PDF using Linux built in tool, saved PDF containing keys directly to now mounted true-crypt volume.
on my Online Laptop, I added the public key to blockchain account by manually typing it in as 'Watch Only'
Dismount truecrypt volume
Switch back to main operating system, reconnect internet, and upload truecrypt volume to google drive (with 2FA enabled).
Now two copies exist, physical and digital.
Proceeded to send Bitcoin to public address.
How did I do? I am a bit nervous about having all of my eggs in one basket.
So I'm gearing up to buy my first digital currencies, and just want to make sure, that I don't screw anything up, and that I have my ducks in a row Here is an outline regarding the steps to take ( based on what I've read/heard ) .......... Do you have to download each Individual coins wallet in order to " Store " them or can I just go to Coinbase , buy some Bitcoins and then go to say Cryptsy , trade my Bitcoins for various Alt coins and then store them on either 1. a Paper wallet OR 2. store them on a Flash Drive and encrypt it using TrueCrypt ? Thanks much everyone, can't thank everyone enough for their help and insight
What is a Bitcoin, how do they maintain their value, how can you obtain them and where can you use them? The answers to these questions and many more can be found in this book. The author takes the user step by step through how to: • Set up an online wallet and secure it • How to get mobile wallets After reading a taste of what BCs were I download the client (developer side) and fired it up (OSX). I was met with a string of characters not too frightening for a developer and especially not when expecting crazy encryption fun times to be going on. However, I didn't quite know what I was looking at or what it meant to me. I stumbled onto Bit Faucet and it introduced the notion that these ... Should I keep the wallet unmounted and mount it only when I need to use for max security? jump to content. my subreddits. edit subscriptions. popular-all-random-users AskReddit-news-funny -pics-gaming-worldnews-aww-mildlyinteresting-todayilearned-videos-gifs-Showerthoughts-movies-science-personalfinance-tifu-Jokes-gadgets-TwoXChromosomes-explainlikeimfive-UpliftingNews-OldSchoolCool ... The blockchain is taking a long time for my client to download and my balance is unchanged. (On getblockchain.com, the blockchain is currently 475MB compressed and 1.42GiB uncompressed, although the site is more targeted to linux users.) After following the Bitcoin wiki regarding Truecrypt, if I launch bitcoin.exe with the -datadir option pointing to a Truecrypt container file that contains ... Keyloggers and malware PDF Security TrueCrypt Security Choosing passwords Choosing security questions Securing your public addresses Checksums Final word of caution. CONTACT . Contact us Donations. DOWNLOAD; Mobirise "Trust no one but yourself with bitcoin security" "Bitgoldwallet.com : your essential guide to bitcoin wallet storage" HOME. Bitcoin is the first truly worldwide digital currency ...
Tutorial and guide on how to secure your wallet, using TrueCrypt, including creating and mounting a secure TrueCrypt volume. Playlist: http://www.youtube.com... This is a step by step guide to using the Bitcoin wallet client. How to download it. How to Encrypt is and protect your Bitcoin. How to back up your wallet a... Run truecrypt and create an encryption container for your wallet. Be sure to use a strong password and by all means make sure you remember it! Mount tc container (It just mounts as a new drive ... The Bitcoin OX Wallet supports Bitcoin (BTC),... Skip navigation Sign in. Search. Loading... Close. This video is unavailable. ... TrueCrypt - Full access to xpub, xpriv, seed , addresses - Only ... Exodus wallet is an extremely secure way to store your bitcoin offline on your PC or MAC. Secure free download from official site http://exodus.io Want to GR...