3. I have a rule in my IT life: never overwrite anything. This can be so simple as:
Code:
#! /bin/sh
BKPTIME=`date +%m:%M:%S-%d-%h-%y`
tar czf ~/wallet-$BKPTIME.tar ~/.bitcoin/wallet.dat
cp ~/wallet-$BKPTIME.tar ~/Dropbox/
BKPTIME=`date +%m:%M:%S-%d-%h-%y`
tar czf ~/wallet-$BKPTIME.tar ~/.bitcoin/wallet.dat
cp ~/wallet-$BKPTIME.tar ~/Dropbox/
You see, one of the consistent problem with the tech-heads in bitcoin is this: You assume every user is going to be a techie or can be expected to learn to do things The Right Way. Fortunately for me, real life has beaten that assumption out of me and paranoia has always proven to be invaluable when things go fubar.
We both know how to write a bash script and can recognize the common flags for numerous commands to know when somebody's trying to pull a fast one on us. Not the average bitcoin user we want to reach with a "user-friendly" front end.
The average joe will almost inevitably save the same file to the same location. For many of them, be it on Windows or a Mac, it's going to be the default desktop/Documents folder or equivalent.
You can be almost 100% sure they are going to over-write the same file.
Quote
6. Right and wrong at same time... All passwords are encrypted and saved into /etc/shadow only (or even a LDAP backend), so, how long will take to decrypt a strong password?! +100 years?!
6.1. Don't you trust in your system, when you type your password to login into a SSH session?! This can have the same level of security than SSH has.
6.1. Don't you trust in your system, when you type your password to login into a SSH session?! This can have the same level of security than SSH has.
Only if it's my server I'm SSHing into
Otherwise, I'm going to assume the other admin has a modified sshd and some logging service that records every single command I send in.
Quote
Also, it is perfectly possible to encrypt your Dropbox/GmailFS/Ubuntu One/Whater cloud folder too...
What do you think Xephan?!
What do you think Xephan?!
Sorry but I don't trust any "cloud" folder. Especially not when their TOS specifically disavow any responsibility if things got lost/deleted.
Quote
I know that deep inside, trust between two parts must exist but, the provider can have a high level of security and strong backup procedures that a single user never dream about. So, where you prefer to host your wallet.dat?! Within a strong cloud that you can trust for sure or within your freak Windows?!
Sorry, I don't know if you are using Windows...
Sorry, I don't know if you are using Windows...
I like Linux, I've been testing out and trying out Linux since Slackware and dial up days. Know what turns off the average user? It's when somebody does the I-use-Linux-so-I-am-more-elite-than-you-fools thing on them and go on a rant about their OS. Sad to say, I used to do that too.
But the average person doesn't care about your OS religion. They want a tool that does what they expect and just works. If there is a problem, the first thing they are going to blame is your program, not the OS, not themselves.
For the record, I use a mix of Windows, Linux (including Android) and even Apple computers/devices. Whatever works best for the purpose and situation.
Quote
I can garantee that a system created by me, using well know open source tools and pretty well documented, is far, far away more secure than any Windows out there.
BTW, there is no secure Windows. So, every single person wich hosts their Bitcoins in Windows, have the same level, or worst, of security than MyBitcoin... Windows is a joke... Like the todays online wallet providers.
BTW, there is no secure Windows. So, every single person wich hosts their Bitcoins in Windows, have the same level, or worst, of security than MyBitcoin... Windows is a joke... Like the todays online wallet providers.
So you claim, but where's the proof that YOUR system is more secure than any Windows?
The weakest link in any system is always the user and in some cases, an over-cocky dev