He will always need some Bitcoins to send it away/burn the maidsafecoins.
Absolutely right. I only meant that until he wants to send or burn, he can dream for free.!
I’m waiting for a Coindesk headline like “Resident Wallet Expert Recommends, Unrecomends Online Wallet and Secure Email Providers”…
And your private key is stored in the same PC where you have your address. Marvelous.
If it wasn’t for 2FA that you enabled to let the government know who’s the owner of that wallet (and how they can recover the pass phrase from you should they ever want to do that), you’d be exposed to various risks.
I personally generated my private keys on a bootable usb stick with a fresh Linux Mint install on it, while my HDD’s and internet connection were decoupled. Copied it to three other USB sticks as well, that I spread over three different buildings where I trust they’ll be safe. Of course they are also password protected. The USB sticks will never be plugged into any system until I’m ready to immediately send them to MaidSafe’s burn address to exchange for actual SafeCoin.
You can run any open source wallet on your desktop and it’s not going to be “exposed” to the Internet. Most of them communicate only with Bitcoin Core.
Sounds good. Is that safer than simply remembering one’s 12 word pass phrase?
I NEVER keep a privatekey on a PC… I always save it to a USB 3x or chop up the privkey on 3 different email addresses.
Actually your MaidSafeCoin might be save on blockchain.info because it’s wallet doesn’t show your MaidSafeCoin.
Why not do both? Use my method or something similar and protect the wallet/private key export with a 12 word passphrase?
The idea behind my approach is that even if there was malware on my USB Linux install, the private keys cannot be transmitted to anyone because it’s never connected to the internet, and there’s no intermediary medium (like one of my HDD’s) that the malware could have used as a bridge.
I also turned off my power supply unit after shutting down from linux and drained the capacitors of power by holding my power button pressed for a while, before reconnecting the HDD’s and network cable. That way I’m sure no traces could be left in RAM somehow. Most likely an unreasonable paranoid measure, but at least it can’t hurt.
That’s like security through obscurity, I wouldn’t rely on it.
The more data you have the more difficult it is to keep it safe. The more passwords and pass phrases you have, the more likely it is you’ll forget one of them (and thereby lose access to your funds, assuming you picked a complex password in the first place).
I’m not trashing the approach, those are fine measures of precaution.
I just wondered aloud if that is safer than to remember (or write down) a 12 word wallet pass phrase.
In other words, there’s a choice:
- 3 email providers who hold the chunks of your private key in plain text on their servers + three passwords (I hope it’s not just one!) each of which is probably 12 characters or less
- 12 word pass phrase for a wallet that’s not online (I’m referring to discussion from SafeNet App Funding Through Koinify)
And your conclusion is the first approach is safer. Is that because of 2FA that you have?
That is absolutely hilarious!
Your 12 word wallet pass phrase could be vulnerable to a key logger/rootkit.
I personally don’t put too much trust in anti-malware software, too often incredibly sophisticated viruses are found lately that have often been around for many years without detection. Of course most of those super viruses come from governments that have other goals than looting your wallet, but still. It’s incredibly hard, if not next to impossible, to be 100% sure that your system isn’t compromised in some way.
Therefore, an “air gap” approach is safer in my eyes than super long passwords.
Your USB keys are also protected by a password, but you think your keystrokes won’t be busted, while my entered directly in the browser would.
There are known security flaws of USB devices (on the firmware, not the OS, level), but let’s ignore them for now. My Web wwallet software would run basically the same s/w that your OS runs, so it could be made to run locally from a bootable USB stick with a fresh Linux Mint install.
So basically you’re using them as offline wallet, which is equivalent to me not logging in to my (online) wallet.
That seems about equally, not more, secure.
My USB drive may very well be infected, that’s what the air gap is for. If a malware would have pickup on the private key when it was generated and/or logged the keystrokes when I typed my password, what can it do with it? It can’t transfer it anywhere, there is no network connection. It can’t copy it to another HDD that may be connected to the internet later, since all HDD’s are uncoupled. The RAM will be whiped when the system is turned off. The USB drive itself will only be used when I immediately transfer the MaidSafeCoins myself.
If malware would have been present at the time of generating the key and/or entering the password, and if that same system at any time later would get a connection to the internet, it would’ve had an opportunity to transfer the key/password to it’s owner. I guess that’s the only difference. If that has not happened you and I are equally safe I guess.
Then we’re in agreement!
Note that it’s possible to generate a wallet completely offline (with scripts) without actually accessing a real Web wallet, and also a set of addresses. Then you can have coins sent to those while watching them from any blockchain explorer without ever logging in. But of course that requires a bit of fiddling around, although not too much (it’s not a whole lot more complicated than setting up bootable USBs, IMO).
I recall someone made a wallet generator a bit like a USB drive. Never plugged into a PC, you connect it to a printer and it prints a new cold storage address and private keys, with QR codes.
Yes we have on in the office I Cannot remember the name now, but its a cool wee stand alone printer driven by a rasbery pi. Cost .5 BTC
This one: http://cryptographi.com ?
It’s called Piper but they apparently moved to a new website
That’s the one, I can confirm its pretty good and does what it says.
This is the gadget I was on about:
Mycelium Entropy paper wallet printer.
You plug it into a printer and it generates and prints a graphic file.
Yep, that’s what it is.
In my example there’s no QR code (unless the code is accessed over HTTP(S)): you download Web wallet code, go to the shell, in your wallet’s code find and run the same address-generating script, execute it and get the same output (without QR codes (I don’t believe it can produce QE code in the CLI mode, although anything’s possible)).
I tried getting my coins from block chain to omniwallet but get an error message saying ‘invalid wallet’ when I paste in the private key. Anyone have any idea why this would be? Btw I can see my coins on masterchest.info so know they’re there.
@Luke this just means that you are not typing the private key in correctly. Otherwise, make sure you are using google chrome.