Hi,
I am not sure whether this the right place for this. Etotheipi, if you prefer I ask this in a separate thread just say so and I'll move it.
What I am asking? I am looking to improve my security and so want to start using Armory in the online<-->Offline wallet configuration. However I do not have a suitable system for being an offline system and honestly, this is not the configuration I would choose. Having a system dedicated only to my wallet that is only ever booted up for getting coins from my cold wallet seem awfully wasteful and there is a risk the system doesn't even boot when I finally have to use it. if that happens of course I can recover the wallet and recover on a new system but this only proves that a dedicated offline wallet is unnecessary. It is only necessary for the private keys (aka the cold wallet) to never reside on a computer that is at that time connected to the internet.
So what I am proposing is the following configuration. I only have 1 pc with an internet connection and two installations of Armory.
1) An "offline" Armory that only gets started by me when I have physically disconnected the pc from the internet (As required remove any Ethernet cable, any wireless network card and any wireless dongle, even disale Bluetooth if this is present). Furthermore the wallet file resides on removable medium (most likely flash drive) which is only ever plugged in when the pc is disconnected from the internet.
2) A normal online wallet with a watch-only version of the wallet in cold storage and hot-wallets as required.
Questions I have:
1) Do you agree this configuration is equally secure as a configuration in which a dedicated offline system?
2) The biggest risk here (but also in the proposed configuration with the dedicated offline system) is keeping the offline wallet files physically secure. Especially as you will want to keep backups (flash storage is frail). Do you agree?
3) Why do you recommend making a paper backup? Personally I really do not trust paper (it decays even faster than any other sort of media). I would like to hear your thoughts because you have obviously put more thought into this than I.
4) Finally, atm I already use Armory (although not yet for the majority of my funds) in a configuration with 1 (hot) wallet on a system connected to the internet. I have encrypted the wallet with a very long pass-phrase (>50 characters to give an indication). Will using a offline configuration with a real and watch only wallet really improve my security? What exact use cases do I protect myself against?
Thank you
I am not sure whether this the right place for this. Etotheipi, if you prefer I ask this in a separate thread just say so and I'll move it.
What I am asking? I am looking to improve my security and so want to start using Armory in the online<-->Offline wallet configuration. However I do not have a suitable system for being an offline system and honestly, this is not the configuration I would choose. Having a system dedicated only to my wallet that is only ever booted up for getting coins from my cold wallet seem awfully wasteful and there is a risk the system doesn't even boot when I finally have to use it. if that happens of course I can recover the wallet and recover on a new system but this only proves that a dedicated offline wallet is unnecessary. It is only necessary for the private keys (aka the cold wallet) to never reside on a computer that is at that time connected to the internet.
So what I am proposing is the following configuration. I only have 1 pc with an internet connection and two installations of Armory.
1) An "offline" Armory that only gets started by me when I have physically disconnected the pc from the internet (As required remove any Ethernet cable, any wireless network card and any wireless dongle, even disale Bluetooth if this is present). Furthermore the wallet file resides on removable medium (most likely flash drive) which is only ever plugged in when the pc is disconnected from the internet.
2) A normal online wallet with a watch-only version of the wallet in cold storage and hot-wallets as required.
Questions I have:
1) Do you agree this configuration is equally secure as a configuration in which a dedicated offline system?
2) The biggest risk here (but also in the proposed configuration with the dedicated offline system) is keeping the offline wallet files physically secure. Especially as you will want to keep backups (flash storage is frail). Do you agree?
3) Why do you recommend making a paper backup? Personally I really do not trust paper (it decays even faster than any other sort of media). I would like to hear your thoughts because you have obviously put more thought into this than I.
4) Finally, atm I already use Armory (although not yet for the majority of my funds) in a configuration with 1 (hot) wallet on a system connected to the internet. I have encrypted the wallet with a very long pass-phrase (>50 characters to give an indication). Will using a offline configuration with a real and watch only wallet really improve my security? What exact use cases do I protect myself against?
Thank you