Concerned About Bitcoin Security? Try This...

Authored by Simon Black via SovereignMan.com,

It happened again. Last week, hackers stole 4,700 Bitcoins (over $80 million at today’s price) from mining marketplace NiceHash.

(The company pairs up people with spare computing power with others who are willing to pay to use that capacity to mine Bitcoin– and then announced they would reimburse users who lost money from the hack.)

On top of that, last month hackers stole $31 million of another cryptocurrency called Tether.

But those are only two recent attacks.

Remember Mt. Gox?

The Bitcoin exchange was founded 2010. By 2013, it was handling around 80% of all Bitcoin transactions.

Then the company halted all trading after “technical issues” caused 850,000 Bitcoins to go missing.

Those missing coins are worth over $15 billion at today’s price.

All of the crypto theft making people question the security of Bitcoin and other digital currencies.

But it’s important to remember, in these cases, “Bitcoin” didn’t get hacked… it was the exchanges or marketplaces that got hacked.

This happens almost every day; people unwittingly get their phones and emails hacked and end up losing their cryptocurrency in the process.

It reminds me of the early days of the Internet, back when WiFi was still a new thing and banks were just starting to provide online account access.

Back then, hacks were commonplace. Users didn’t know enough about wireless network security, and banks didn’t have SSL enabled… so hackers could easily ‘sniff’ data packets and steal bank login details.

Fast forward 10-15 years and all of that’s changed.

Most people at this point (hopefully) know how to secure their WiFi networks with WPA2 security or better, and banks employ much better security and encryption standards.

But with cryptocurrencies it’s still very Wild West out there, vastly increasing the chances of hacks, cracks, and theft.

You’d be amazed, for example, how many people use a ridiculously unsecure password like “123456” for a website login that stores their Bitcoin secret key.

And even if hackers don’t steal your crypto, there’s still a chance you’ll lose it.

A friend of mine bought some Bitcoin in 2010 and stored it on a laptop. Then he threw the laptop away… along with all the Bitcoin. And there’s no way to get it back.

Like just about anything, all it takes is a little bit of education to prevent a major disaster from occurring.

One approach I encourage you to learn about for storing crypto is called “cold storage.”

Before I define cold storage, a bit of background if you’re unfamiliar with how the public key/private key system works.

A public key is a code available to anyone who trades cryptocurrency with you. A private key is a secret, alphanumeric number never to share with anyone.

Imagine a cryptocurrency public key is your home address. That address is in just about every public database imaginable, from the county clerk’s property registry to the local phone book.

And if you want someone to send you mail, you give them your address. Easy.

But the simple fact that someone has your home address doesn’t give them access to the inside of your house, and the contents within it.

No, for that, they’ll need your house key. And that’s essentially what your crypto private key is: something that allows only you to access the property.

So: public key = home mailing address, private key = house key.

Clearly it makes sense to safeguard your house key. You wouldn’t make copies and distribute them in public to everyone who walks by.

Similarly it makes sense to safeguard your private key (sometimes called secret key).

When you store your cryptocurrency with an exchange, or even in a web or mobile wallet, it means that some other service or application has control of your private key.

If they get hacked, you’ll lose everything. If they go rogue, you’ll lose everything.

I’m always amazed that so many people store crypto in this way.

Part of the benefit of holding crypto is that you can essentially be your own banker, i.e. there is no middle man between you and your savings.

Bottom line, you don’t need some website storing your key online for you. With a bit of education, it’s possible to create your own wallet and store the private key -offline-.

This is what’s known as cold storage.

Bear in mind that a private key is nothing more than a string of digits, something like

5Kb8kLf9zgWQnogidRq76MzPL6TsZZY36hWXMssSzNydYXYB9KF

If you really wanted you could simply write this down on a piece of paper, or even memorize it if you’re so inclined (though those methods are prone to errors).

But one safer option is to go to a site like bitaddress.org, which is a client-side application to create a public/private key pair.

This is important, because once you load the page you can actually disconnect your computer from the Internet entirely, ensuring that no one is spying or sniffing on your activity.

(There are other steps you can take to be even more secure, like setting up a stand-alone virtual machine solely for creating a wallet– but we’ll save those for another time.)

The page will go through a process to generate a key, and when prompted, you can choose the “paper wallet” option.

At that point you can simply print your paper wallet, put it in your home safe (or wherever you store your other valuables), and never give it to anyone.

Once you’ve secured your paper wallet in your safe, the bulk of your crypto wealth is offline and safe from computer glitches or hacks.

And the next time some poor soul loses his hard drive… or another major Bitcoin exchange gets hacked… you can rest assured that your crypto wealth is safe.

*  *  *

If you are interested in speculating in Cryptocurrencies, I encourage you to download our free Crypto Currency Report - A Different Perspective on Crypto. More and more people want to dive into crypto currencies and everyone’s focus is on Bitcoin’s price. But, the price is not what matters... I see so many people make the same wrong assumptions and mistakes that could be fatal to their capital. That’s why my team and I have written this special report where I share a different perspective on cryptocurrencies .

Comments

Miner Pinto Currency Thu, 12/14/2017 - 20:42 Permalink

You are mistaken about how this works.  Bitcoin transactions use strong cryptography.  You don't have to sniff them off the wire, you can download them all in the blockchain.  The only thing you have to keep safe is your private key.  Everything else you can put on a billboard.Generating an offline wallet on a clean offline pc and printing it to a wired printer blocks all but the most extreme hacking attempts.  To break that you either need to man-in-the-middle replace the digitally signed wallet generation app with one that uses a known seed or have malware that intercepts the job sent to the printer in the spooler service and buffers a copy of it later.  That goes far beyond any of the other malware we've seen in the wild. Paper wallets don't get hacked; they get forgotten, thrown away, stolen, or burned.    

In reply to by Pinto Currency

Son of Captain Nemo auricle Thu, 12/14/2017 - 14:42 Permalink

Or perhaps an "out of band" managed Buttcoin network will be the next of "CEO" Satoshi' (who we still don't know) Nokamuro's winning "band aids"!...

But seriously...

Both your's and PCs comment(s) raise the question(s) with sarcasm that anything of value MOST IMPORTANTLY money has to be regulated by some group that has integrity that is a KNOWN QUANTITY be they a government, "independent governing workgroup"/organization or corporation that is liable when things go wrong with what they are PEDDLING, if it is to pass the smell test of a medium of exchange!...

P.S.

When "Segwit2x" is fully licensed with a warranty agreement in case of breakdown "Buttcoin" will remain "Buttcoin" and twice as smelly!!!

In reply to by auricle

HRClinton chickadee Thu, 12/14/2017 - 18:24 Permalink

Like, I've been saying...BTC = Flight of Fiat Capital        = Money of the Parallel Economy         = Money free of the Debt Plantation Pure CCs + PM + Fuel-backed CCs = Fiat killersThe banksters know this, even if ZH oldbugs don't. Parallel Economy Currency = AU + Barter + Crypto  = Outflow of FRB fiat into decentralized, untracked assets

In reply to by chickadee

giorgioorwell Thu, 12/14/2017 - 14:21 Permalink

The fact that the last step of this article is still to print it out on a piece of paper and store in your home safe, is exactly why cryptocurrencies have a huge security issue if they are trying to act as a currency.

NoDebt giorgioorwell Thu, 12/14/2017 - 14:26 Permalink

It's not really that big a deal.  You have an online "wallet" and an offline "wallet".  You keep what you need to transact your business in your online wallet, the rest stays offline.  Like in real life, you could easily be mugged while out in public and lose the contents of the wallet you keep in your back pocket.  That money is gone.  But you don't carry around every dollar you've ever saved in your back pocket. 

In reply to by giorgioorwell

giorgioorwell NoDebt Thu, 12/14/2017 - 14:43 Permalink

Of course you're not going to walk around with your paper bitcoin key, that's not the point.... This offline wallet it exactly the same as the risk of storing mass amounts of cash in your home, and possibly even riskier unless you are printing on some kind water and fire resistant paper.That is at least a smalll part of why banks exist and are insured because it's incredibly risky to store large amounts of paper cash in your home.  Theft, fire, flooding, and virtually no "home safe" is theft proof.  At least if you are going the gold bug route you can bury it somewhere and it's not burnable, dissolvable.      

In reply to by NoDebt

iconoclast63 giorgioorwell Thu, 12/14/2017 - 14:37 Permalink

It's no different than storing cash at home. Anyone who thinks the bank is the safest place to store your money is not a student of history. Think of those who held more than the insured amounts in the rash of failures after 2008. I know one case in particular where an elderly widow was encouraged to buy a single CD for $600k from IndyMac, only to have the bank fail and be auctioned off to JP Morgan a few weeks later. She took a loss of $500k. The fact is that holding cash in your hand is safer than putting it into a bank or other kind of corporate system. 

In reply to by giorgioorwell

Erek Thu, 12/14/2017 - 14:23 Permalink

Excuse me!"A friend of mine bought some Bitcoin in 2010 and stored it on a laptop. Then he threw the laptop away… along with all the Bitcoin. And there’s no way to get it back."It's hard to believe this story. There's been a couple of these storys floating around now.It's hard to believe, if the story is true, that there was no back-ups made? Who just throws out a computer without first removing programs and important information?I want to know who this guy is. I want to sell him some prime acerage ten miles east of Miami.

adr Erek Thu, 12/14/2017 - 14:48 Permalink

You have to understand that in 2010 Bitcoin was worthless and nobody thought Bitcoin would be worth $1000 each, let alone $15k. It was a trash bit you got for testing the hash power of your computer. It would be like getting a crypto coin for running a speed test for your broadband. What is hysterical is the use case and utility of Bitcoin is actually worse than in 2010 and it shouldn't be worth a penny. Bitcoin is terrible for its intended purpose, yet fantastic for its speculative greater fool chasing value.

In reply to by Erek

Utopia Planitia Erek Thu, 12/14/2017 - 14:46 Permalink

Oh, I can tell you a multitude of stories like that.  Including companies upgrading their employees laptops and making no effort to do backups before the clueless IT guy came by and took the laptop without advance warning, leaving the new replacement.  The startled employee went through Hell trying to track down the purloined laptop but was told THEY were the problem, not the IT procedure.  I happened to be traveling overseas and hence was spared the excitement for myself.  But I did witness it happening to several people in another department when I got back.  Do you think anybody in Mgt or IT listened for one second about what stupidity they were doing?  No. It was all YOUR fault.  This was a LARGE company, and they had NO CORPORATE BACKUP capability at all.  Everything was naked.  Go figure.  (they are still in business but I left because of the ongoing corporate stupidity)  I also know things like this happening to private individuals.  Remember that not everybody is IT aware.  People have this idea that the information is stored someplace and they don't have to worry about it.  It is like magic to them.  You have to be really interested in understanding the technology and take time to educate yourself in how to use it properly to prevent that from happening.  Many are not interested enough to even think about it.

In reply to by Erek

Appreciated Ch… Thu, 12/14/2017 - 14:23 Permalink

That's the scariest part about crypto in my opinion. If you cold store, what if the device/software becomes outdated? Or what if the device goes missing? If you leave it on an exchange, what if it gets hacked? Yet, I am being told to print in on a piece of fiat-like paper......    I have a hard time trusting what the safest mechanism truly is.

Madison's_Ghost Appreciated Ch… Thu, 12/14/2017 - 14:27 Permalink

Not sure why you would let your firmware get out of date, but if you are cold storing on a hardware wallet, it doesnt matter is the wallet gets destroyed or stolen.  You buy a new wallet, activate it using your security key and it pulls you info about what you had in it back off the block-chain.  You coins aren't actually stored on your device, they are written all over the distributed ledge, and can be reconstituted at any time for the person holding the keys.You could also print your keys to a paper-wallet and store them in a safe deposit box.

In reply to by Appreciated Ch…

Madison's_Ghost Thu, 12/14/2017 - 14:23 Permalink

"All of the crypto theft making people question the security of Bitcoin and other digital currencies."You do realize this is like questioning the security of the US Dollar simply because somebody broke into your house and stole some cash, right?