Author Topic: I want to buy more BTS but .....Fear of being hacked  (Read 3075 times)

0 Members and 1 Guest are viewing this topic.

Offline bitmarley

  • Full Member
  • ***
  • Posts: 135
    • View Profile
https://github.com/BitShares/bitshares/milestones

Looks like you only have to wait till the 21st for better cold storage support.

 8) Yaahmaan! Thanks for the link. Doubled my BTS holdings cause of your post. Will double again after Jan 21 if cold wallet features are comprehensive.

deprdoo

  • Guest
https://github.com/BitShares/bitshares/milestones

Looks like you only have to wait till the 21st for better cold storage support.

Offline bitmarley

  • Full Member
  • ***
  • Posts: 135
    • View Profile

Yes, they will need your password and a copy of your wallet.

If you change your password at some point, your old backups are not affected by this change and will continue to use the old password.

Exactly. So a bitshares wallet is vulnerable since you can only run a hot wallet. It's no good for bitshares if we are trying to stand out as a decentralized market which is safe from the hacking that happens to centralized exchanges.  If we want Bitstamp, Kraken etc to accept BTS and bitUSD and act as gateway exchanges then with the existing client those companies are going to have no user friendly cold wallet features. Right now their bitshares balances would be over-exposed versus bitcoin balances which can be managed via cold wallet features.

chryspano

  • Guest
is it highly possible for your wallet to get hacked?

if you have your wallet in your "everyday use pc" then you are asking for trouble or if you have installed in your pc every altcoin you heard about then you are also asking for trouble.

The only way someone could get into your BTS wallet is if they have a keylogger & catch you plugging in your password? Presuming it's a decent password & they can't brute force it.

Yes, they will need your password and a copy of your wallet.

If you change your password at some point, your old backups are not affected by this change and will continue to use the old password.

Offline bitAndy

  • Full Member
  • ***
  • Posts: 68
    • View Profile
is it highly possible for your wallet to get hacked?

if you have your wallet in your "everyday use pc" then you are asking for trouble or if you have installed in your pc every altcoin you heard about then you are also asking for trouble.

The only way someone could get into your BTS wallet is if they have a keylogger & catch you plugging in your password? Presuming it's a decent password & they can't brute force it.

chryspano

  • Guest
is it highly possible for your wallet to get hacked?

if you have your wallet in your "everyday use pc" then you are asking for trouble or if you have installed in your pc every altcoin you heard about then you are also asking for trouble.

Offline cryptkeeper

  • Full Member
  • ***
  • Posts: 103
    • View Profile
is it highly possible for your wallet to get hacked?

Offline islandking

  • Sr. Member
  • ****
  • Posts: 378
  • The king of the island
    • View Profile
The problem with Speedy's solution is that the wallet only remains cold until one need's to make a transfer. The only way to transfer is to make the cold wallet hot thereby breaking security. There needs to be cold/hot wallet splitting and offline signing features.

Maybe you could split your BTS over 10 or 20 accounts/addresses. That way when you do pull out the BTS from cold storage it is a smaller amount that you can spend, while the other 19 accounts are still in cold storage.
I've been working on a new electronic cash system that's fully peer-to-peer, with no trusted third party. - Satoshi

Offline bitmarley

  • Full Member
  • ***
  • Posts: 135
    • View Profile
The problem with Speedy's solution is that the wallet only remains cold until one need's to make a transfer. The only way to transfer is to make the cold wallet hot thereby breaking security. There needs to be cold/hot wallet splitting and offline signing features.

Offline bitmarley

  • Full Member
  • ***
  • Posts: 135
    • View Profile
Thanks for your replies. Yes what I meant by that sentence was a cold wallet that supports offline signing and then manual loading into a hot wallet for transfer. The existing cold storage solution doesn't have a method to do that as far as I understand. Speedy's solution is good enough security though not too easy for the newbies that we hope will be rushing into bitshares soon. I understand 2 factor OTP authentication is a simple and strong option. I'm sure the devs are working on these features as we speak but until then the bts in-flows will be restricted. After all a secure setup is the first hurdle an investor needs to clear.



Offline arhag

  • Hero Member
  • *****
  • Posts: 1214
    • View Profile
    • My posts on Steem
  • BitShares: arhag
  • GitHub: arhag
Is there easy cold wallet setup that you can spend from via hot wallet?

That doesn't really make sense. If you can spend the funds in the cold wallet from a hot wallet, then it isn't really cold, is it?

I think what you want is multisig, offline transaction signing, and also being able to change the votes of your cold storage funds via hot wallet but not be able to spend the money using only the hot client. All of those are in the pipeline, but who knows when it will actually be released and ready to use in the client.

Until then, you have two options. If you want to actively use your BTS (vote, trade in the market), speedy's solution is the best you can do at the moment. If all you want to do is buy BTS and hodl, then there is a cold storage solution currently if you are comfortable using the command line interface: http://wiki.bitshares.org/index.php/Best_Practices/Cold_Storage.

Offline bitAndy

  • Full Member
  • ***
  • Posts: 68
    • View Profile
I'm also worried about my wallet's safety on windows. I've got a decent antivirus, malwarebytes & spyshelter for keyloggers on a desktop that isn't used too much. I'm not sure if this is good enough security or if I should try learning about Linux?

Offline speedy

  • Hero Member
  • *****
  • Posts: 1160
    • View Profile
  • BitShares: speedy
My procedure:
-Have a machine that you only use for 1 thing - crypto.
-Install Linux on it
-Compile the BTS wallet yourself from source. Happy to help if you have any problems with that.
-BACKUP on usb drives.

I dont think we have cold storage yet. But Im not too worried about being hacked with those steps. Hope Im not tempting fate.
« Last Edit: January 08, 2015, 12:07:16 am by speedy »

Offline bitmarley

  • Full Member
  • ***
  • Posts: 135
    • View Profile
Its hard to buy more BTS cause I am scared of being hacked.  ???

Is there OTP authentication support?
Is there easy cold wallet setup that you can spend from via hot wallet?