- Published: Wednesday, 22 January 2014 12:25
- Written by Editor
Bitcoin has the potential to be as liberating for the Human Race as the Internet itself, but as with the early days of the Internet, and indeed still today, security is a major consideration.
While Bitcoin has many huge advantages and benefits over archaic forms of payment involving fiat currencies and the banking system, especially for electronic payments globally, Bitcoin is still in a very raw and early form requiring significant technical experience, particularly in the area of security.
It would be extremely easy for those new to Bitcoin to lose some or all Bitcoins due to theft or accidental deletion due to lack of understanding of the technology and procedures.
Let us look then at these two crucial security aspects of Bitcoin Security.
Bitcoins are stored in an electronic Wallet that can be located either locally on your home computer, or remotely on a web based service.
Web Based Online Bitcoin Wallet
The benefits of a web based service can be very tempting, especially due to the convenience of simply being able to login to a wallet to send and receive Bitcoins especially from a Smart Phone.
The main potential risks arising from making sole use of a web based service are:
1. Your account or indeed the web based service being hacked.
2. Forgetting or losing passwords and/or security keys.
With Billions of Dollars in Bitcoins being stored online there will be countless hackers doing everything they can to hack the website and/or online wallet to steal your Bitcoins - this has happened before and will no doubt happen again. If your Bitcoins are stolen due to hacking of online wallets or websites then your Bitcoins are gone forever along with their value with no accountability.
It is wise therefore to only maintain a minimal amount of Bitcoins within an online web based service for the purposes of mobile Smart Phone based transactions for example, and to keep the vast majority in an offline local software wallet on your computer and transferring them to your web based wallet as required.
As to forgetting or losing passwords and/or security keys, this off course is a matter for you to address as the owner of the Bitcoins. Computer users generally are notoriously lacking in the discipline for backing up and securing valuable data. Whereas in these cases data will be lost, if you are similarly negligent with Bitcoins you will lose your Bitcoins and all the value associated with them.
Warning: All web based wallets and exchanges are vulnerable to DDOS, hacking, external interference et and are unsafe for anything other than small Bitcoin deposits for "working capital". The bulk of your Bitcoin deposits should be kept in cold storage and/or in computer based wallets with at least 2 Factor Authentication or some other external security verification.
Computer Software Bitcoin Wallet
For complete control over every aspect of your Bitcoins a local computer based software wallet is an absolute must. A computer based wallet places you in full control of the security of your Bitcoins, but only if you diligently take all necessary measure to secure your Bitcoins.
Securing your Bitcoins locally includes the same considerations as for a Web based wallet - protecting your wallet from being stolen by hackers, and ensuring the passwords and security keys are kept safe.
There are many ways a hacker can gain access to an online wallet or obtain the passwords and security key. These include direct hacking of your computer, but of very considerable danger is hacking through the use of trojans and other malware. There will no doubt be an upsurge in trojans malware designed specifically to steal Bitcoins from home computers and as "key loggers" to steal passwords etc.
The first step then is a step that should always be taken anyway, but most people overlook, consequently having a computer absolutely loaded with trojans until something goes drastically wrong, such as the computer slowing almost to a stop due to the computer power and Internet bandwidth trojans consume.
The very first step therefore is to remove all trojans and other malware from your computer and then scan often, at least weekly.
For thoroughly removing trojans it is best to run two or three different scanners - we recommend "Malwarebytes" and "SuperAntispyware". For technically advanced people another excellent and powerful scanner is "Combofix".
Another consideration is local access to your computer - who has access and can use it?
Although we implicitly trust family and close friends it makes sense to secure your Bitcoin Wallet when you are not using your computer or away for any length of time. This will also help prevent your Bitcoins being hacked by trojans and other malware, especially those that have "rooted" - gained full access to your computer.
The best way of achieving this is to install your Bitcoin Wallet on an encrypted volume using TruCrypt - which can also be used for storing Wallet Backups in an alternative location such a an external hard disk or USB memory stick. TrueCrypt creates a logical volume on your PC which is heavily encrypted requiring a password to unlock the virtual drive.
So this addresses the preliminary security considerations, next you will need your Bitcoin Wallet.
Install Bitcoin-QT first and then Armory. Note: Armory through Bitcoin-QT downloads the entire Bitcoin Blockchain and then creates its own database before progressing further. This can take many hours so it is preferable to leave it running over night.
Note: The number of computer software trojans and other malware designed to steal Bitcoin are rising dramatically and will continue to do so. Malware scans as described should be carried out frequently, ideally daily, on all Internet connected computers as well as cold storage computers.
Securing Bitcoin Wallet Backups
It Is Absolutely CRUCIAL to make backups of your Bitcoin Wallet otherwise the chances are you will lose your Bitcoins sooner or later and never get them back!
When creating Bitcoin Wallets, be sure to use a strong pass phrase consiciting of numbers, characters and letters and both upper and lower case.
Armory is excellent in providing a range of options for backing up your wallet, these include:
1. Paper backup
2. Unencrypted digital backup
3. Encrypted digital backup.
We highly recommend making paper backups of all wallets and keeping the paper backup containing the security keys in a safe place - or make several backups and keep several copies in safe places. Once you have paper backups of all your wallets your Bitcoins will be safe unless someone gets their hands on your paper backup - so keep them safe! You may wish to make family members aware of the paper backups in case anything happens to you in which case they will be able gain access to the Bitcoins.
You may also wish to make digital backups. There are two options - unencrypted which does not require the pass phrase and encrypted which does require a pass phrase.
It is strongly recommended not to make unencrypted backups because anyone who gets their hands on it can steal your Bitcoins.
An encrypted backup requires the pass phrase to unlock it - so use this option and make sure you remember the pass phrase.
NEVER store digital backups on a computer connected to the Internet - only store digital backups on a separate device such as external hard disk - making sure it is not accessible from the network and therefore Internet, or on a USB memory stick. Never store anything related to your Bitcoin Wallet on Internet Cloud Storage!
For further reading we recommend these sites:
Note: The bulk of Bitcoin deposits should be kept in cold storage, paper wallet etc away from any computer that connects to the Internet. All wallets should be protected with 2 Factor Authentication of other external secondary verification separate to the computer. Perform trojan scans regularly on all Internet connected computers to avoid wallet trojans, key loggers and other malware.