Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
Protecting your wallet. Put it in a hidden pocket.. (read on)
by
Morthawt
on 13/06/2011, 16:41:43 UTC
If someone wants to steal your wallet they can because everyone's wallet is stored in the same place and has to be accessible to be used by the bitcoin program. So the solution is to either restrict access to the wallet or move the wallet.

To restrict the wallet run your bitcoin from a different useraccount in windows and make the folder where the wallet resides only accessible to THAT user the program is running on and its ownership reflects the same. This means file permissions and ownership changes.. Then go into your "Local Security Policy" in windows and set it so that only that username where your bitcoin runs from has access to take ownership over files. Then also in local security policy, you need to set it so that UAC requires authentication, this means not just a "press yes if you want to do this" this means "type your password to continue". Once you have done this malware cannot just change things on your system to easily access the wallet.


Another method is to move the wallet. You can use a program called Cameyo to make a portable version of bitcoin and then the wallet can be isolated in its own folder because the changes to the system it makes are "sandboxed" meaning they do not actually go into the system but rather in a dedicated folder that emulates the file system to the program, so the program (bitcoin) thinks its wallet is in the normal place but really that is cameyo telling bitcoin "Hey, this folder is your appdata" and then it just works. The only way a malware/hacker could steal your wallet with this method is to scan the entire system looking for wallet.dat which is possible.. but more work.

Another method is to run a virtual machine in your computer via VMWare, Virtual PC, Parallels, Virtualbox etc. This would completely isolate your bitcoin from your physical system by keeping ALL files hidden inside a virtual computer. Your wallet could only be stolen if the hacker gets access to your pc either physically or remotely and manually uses your computer mouse and keyboard to go into that virtual environment and copy to flash drive or upload to email your wallet from inside that environment.

Just a thought.