Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Beginners & Help
Re: HOWTO: create a 100% secure wallet
by
royalecraig
on 17/06/2011, 15:11:48 UTC
Thanks for a Great Post, it does appear that the 'wallet' and it's security is not straightforward as it might at first appear, it would be wise to assume that anyone who has installed Bitcoin to a PC could theoretically be compromised already, and it seems that if someone took a copy of your unprotected wallet.dat file three weeks ago, they could wait 1yr or two yrs and assume that Bitcoins will be worth more then start using those wallets.
So here is a worse case scenario, that EVERYONE who installed Bitcoin, in an unprotected fashion, which would probably be most people. may have had their wallet 'peeked', you might not have cared then, you might not care now because you only have a few Bitcoins, but theoretically, hackers could have been scouring the net, looking for unprotected wallets and taken copies.
In 5 yrs time, many of these wallets may no longer exist, but a few at least may well have significant amounts of Bitcoins in them, which they wil be able to use because they have your wallet, which is more accurately likened to a Key.
That means anyone who has left themselves vulnerable at sometime in the past, even if they didn't have any Bitcoins, is now at risk because those Old snapshots, taken of your empty wallets can be used to run transactions at sometime in the future, when your Wallet may contain significantly more BTC's.
Does that mean also that anyone mining using the CPU or GPU is inadvertently sending out a signal saying their wallet is 'open', an invitation for hackers to come in and take a copy of your 'wallet' for use at a later date.

Anyone with significant no of BTC's who has ever left their PC in an unprotected mode is right now at risk that someone has taken a copy that
they may well be able to use at some later date.
So the real procedure we need is not how to create a backup wallet but how to get those bitcoins out of that wallet, destroy the client we have downloaded, shred, defrag, wipe the disc and start again with a new download.
My guess is we are all potentially compromised, and if you intend having any significant BTC's in that wallet, you / we should think about
starting again, I mean surely all the bad guys have to do is release a virus that infects harddrives and sits there looking for wallet.dat, sending a copy to BadGuy Central, it could even be of a fresh install, it will not matter if its a copy of a freshly created wallet because at sometime in the future there will be coins in it, which preseumably they can check with Block explorer, aren't we all screwed ?