How to build a secure computer for storing digital crypto assets

engineering said:
The notion that any OS can be fully secured by following simple checklists is just wishful thinking.
More...

Perfect is the enemy of good. You alluded to this on a previous post

Listen, this thread is not about protecting you from a state actor threat, nor against a dedicated person or team with enough resources going after you. They will get you, surrender now if you're in trouble with them

Yes, there are offline signing devices (for bitcoin), you can create a transaction on an airgapped device and have one of your bitcoin nodes broadcast the transaction, but this thread is not about that

We are not going for perfect security here, let's not move the goal post to such a level as to need an old CPU pre-TPM

I like how Drawdown kept saying Linux is not enough and points to a better option of going to a Windows under a bank corporate security policies inside an AD environment that would require a whole data center

I'm offering a very low cost alternative which provides "enough" security that I can recommend to confidently store 1 bitcoin or less at today's price of less than $30k/btc

Now, let me get back to the blockchain dot info hack in 2017 and how some of the victims went on r/bitcoin and instead of getting sympathy they got called out for being stupid as to leave much value on a web wallet which they responded as they were worth very little when they stored those bitcoins there, but that was not the end of the discussion

Let's say Johnny had $200 worth of btc and stored it at blockchain dot info, then bitcoin had a bull market and it grew to $2,000, then more rallies came and it grew to $20k, then to $200k, then to $2M, Johnny was not an idiot when it was $200, or $2,000, he became an idiot by leaving it there when it became $20k, then $200k then $2M at any point in time he could have withdrawn the bitcoins to a more secure wallet

Security matches the value of the holdings. If in 15 years 1 bitcoin is worth $10M, the person who followed the thread can hire a professional IT security team to come up and design a more secure solution

--------

And let me clarify something for everyone here... no matter what the media says, there are no boogeyman hackers at ever minute waiting to hack you, and they WILL not hack dedicated secure computer running Linux and VPN running inside your home network

However, I have cleaned over 100 Windows computers of malware, some of which are RAT's and all kinds of small scripts apps calling out to command and control centers in India or North Korea or China, to do an encrypted reverse tunnel connection to your computer bypassing any firewalls, since firewalls are designed for protecting attacks from outside but they allow outgoing connections, your best protection against those are application-leyer firewalls, watching the 7 OSI layers in and out traffic, but those cost major bucks

So to protect against the threats above, DO NOT USE WINDOWS

You would have to maliciously attack yourself to install any of those baddies
 
johnarb said:
Perfect is the enemy of good. You alluded to this on a previous post

Listen, this thread is not about protecting you from a state actor threat, nor against a dedicated person or team with enough resources going after you. They will get you, surrender now if you're in trouble with them

Yes, there are offline signing devices (for bitcoin), you can create a transaction on an airgapped device and have one of your bitcoin nodes broadcast the transaction, but this thread is not about that

We are not going for perfect security here, let's not move the goal post to such a level as to need an old CPU pre-TPM

I like how Drawdown kept saying Linux is not enough and points to a better option of going to a Windows under a bank corporate security policies inside an AD environment that would require a whole data center

I'm offering a very low cost alternative which provides "enough" security that I can recommend to confidently store 1 bitcoin or less at today's price of less than $30k/btc

Now, let me get back to the blockchain dot info hack in 2017 and how some of the victims went on r/bitcoin and instead of getting sympathy they got called out for being stupid as to leave much value on a web wallet which they responded as they were worth very little when they stored those bitcoins there, but that was not the end of the discussion

Let's say Johnny had $200 worth of btc and stored it at blockchain dot info, then bitcoin had a bull market and it grew to $2,000, then more rallies came and it grew to $20k, then to $200k, then to $2M, Johnny was not an idiot when it was $200, or $2,000, he became an idiot by leaving it there when it became $20k, then $200k then $2M at any point in time he could have withdrawn the bitcoins to a more secure wallet

Security matches the value of the holdings. If in 15 years 1 bitcoin is worth $10M, the person who followed the thread can hire a professional IT security team to come up and design a more secure solution

--------

And let me clarify something for everyone here... no matter what the media says, there are no boogeyman hackers at ever minute waiting to hack you, and they WILL not hack dedicated secure computer running Linux and VPN running inside your home network

However, I have cleaned over 100 Windows computers of malware, some of which are RAT's and all kinds of small scripts apps calling out to command and control centers in India or North Korea or China, to do an encrypted reverse tunnel connection to your computer bypassing any firewalls, since firewalls are designed for protecting attacks from outside but they allow outgoing connections, your best protection against those are application-leyer firewalls, watching the 7 OSI layers in and out traffic, but those cost major bucks

So to protect against the threats above, DO NOT USE WINDOWS

You would have to maliciously attack yourself to install any of those baddies
More...

I never said that Linux is not enough, it would be my actual choice to build any environment. What I said is that you have to configure it properly in order to make it secure.

By the way, totally unrelated but a fun fact. David Kleiman was an expert in Windows systems. And he went to create the coin you guys love, check his life on Wikipedia, you will be surprised
 
Drawdown Addict said:
By the way, totally unrelated but a fun fact. David Kleiman was an expert in Windows systems. And he went to create the coin you guys love, check his life on Wikipedia, you will be surprised
More...

No one knows who Satoshi is (was/are/were), but there are better candidates than David Kleiman and Craig Wright is a liar not to be trusted
 
johnarb said:
Perfect is the enemy of good. You alluded to this on a previous post

Listen, this thread is not about protecting you from a state actor threat, nor against a dedicated person or team with enough resources going after you. They will get you, surrender now if you're in trouble with them
More...

The trouble is that Bitcoin requires perfect security due to being instantaneous and irrevocable. It's a shit design.

If you going to keep a significant fraction of you wealth in Bitcoin over a long period of time, your exposure to risk is just too high.

If you get your Facebook page hacked, you don't instantly lose you life savings.

The truth is that most zero day exploits are out there in the wild for a while before use of the exploit is discovered and the a patch is released. You're just gambling if you're using a general purpose computer that you use for routine tasks.
 
engineering said:
The trouble is that Bitcoin requires perfect security due to being instantaneous and irrevocable. It's a shit design.

If you going to keep a significant fraction of you wealth in Bitcoin over a long period of time, your exposure to risk is just too high.

If you get your Facebook page hacked, you don't instantly lose you life savings.

The truth is that most zero day exploits are out there in the wild for a while before use of the exploit is discovered and the a patch is released. You're just gambling if you're using a general purpose computer that you use for routine tasks.
More...

Bitcoin network settled over $14 Trillion of value last year, more than the Visa network

The reason it works is that it is immutable

Decentralized P2P, immutable, trustless, censorship resistant

Here's a thought experiment, imagine you're Michael Saylor and purchased over $4B worth of bitcoins for your company, what kind of assurance do you have if it can be revoked by someone else, i.e. China?

The concept of immutability is protection from centralized governments and corporations and courts who will impose their "morals"

It is one of the most important design features of Bitcoin

As far as security, Bitcoin has been resilient enough to hold vast amounts of wealth by companies and individuals

Yes, we have most of our net worth in bitcoin and it's worked out very well

PS: I do not use Windows ever for Bitcoin and crypto assets operations
 
johnarb said:
Words and courts do not mean much on the Bitcoin p2p decentralized, immutable, censorship resistant network

It is very easy to determine or prove who Satoshi is simply by moving the ~1M bitcoins to an exchange or other wallet addresses
More...

Was. No one is moving those coins because Kleiman is not around anymore. Craig tried to get the keys from his family, hence the trial case.
 
You must log in or register to reply here.
Back
Top