GoFuckYourself.com - Adult Webmaster Forum - View Single Post

rowan · 06-14-2011, 09:17 PM

Yeah, it's made me a little paranoid. It makes it clear that someone doesn't need access (either physical or remote) to your machine in order to steal your BTC, nor do they necessarily need the current wallet file... if you received 100BTC 5 years ago and still have them a copy of the wallet from 5 years ago is sufficient to steal them.

Right now I just run my bitcoin client on my normal windows desktop, with the wallet stored on my NAS. The NAS (and its backups) are encrypted but that won't stop some virus or malware running on the 'doze box from accessing it "in the clear"

It's interesting that the official bitcoin client doesn't offer any attempt at basic security, like encrypting the wallet with a password. This wouldn't get past keyloggers but at least it would provide SOME protection if a copy of your wallet was acquired some other way.

If you're in it for the long run then maybe using multiple savings wallets would be a good idea - you send yourself some bitcoins to a 100% virgin account, then the media the wallet for that account is stored on is physically disconnected and remains that way. For safety it would be stored on at least two different media and stored in two locations.

Maybe also periodically regenerate your wallet by sending all your BTC to a new account?

06-14-2011, 09:17 PM
rowan Too lazy to set a custom title Join Date: Mar 2002 Location: Australia Posts: 17,393	Yeah, it's made me a little paranoid. It makes it clear that someone doesn't need access (either physical or remote) to your machine in order to steal your BTC, nor do they necessarily need the current wallet file... if you received 100BTC 5 years ago and still have them a copy of the wallet from 5 years ago is sufficient to steal them. Right now I just run my bitcoin client on my normal windows desktop, with the wallet stored on my NAS. The NAS (and its backups) are encrypted but that won't stop some virus or malware running on the 'doze box from accessing it "in the clear" It's interesting that the official bitcoin client doesn't offer any attempt at basic security, like encrypting the wallet with a password. This wouldn't get past keyloggers but at least it would provide SOME protection if a copy of your wallet was acquired some other way. If you're in it for the long run then maybe using multiple savings wallets would be a good idea - you send yourself some bitcoins to a 100% virgin account, then the media the wallet for that account is stored on is physically disconnected and remains that way. For safety it would be stored on at least two different media and stored in two locations. Maybe also periodically regenerate your wallet by sending all your BTC to a new account?