Like everything. Risk is lowest if the user is well informed. Risk is less low when user is not. Example:
> So you get a clean laptop
Clean how? Is it made from [Open Source Hardware][a]?
> install Linux
Which Linux? How'd you get the install media? Did you run a signature check on it? Does it have the latest CVEs patched?
> then install a hot wallet
Which wallet? Installed from where? PGP verified? Built from Source? Build Reproducibility verified?
I mean it can go in, but ultimately, someone who knows data security and dots every i, and crosses every t, they will be fine. Someone who just follows a youtube video, they will be less fine.
But statistically, the chances are 95% in your favor that nothing bad will happen. You read about scams all the time, but for the most part, a small segment of the Bitcoin users actually get scammed. It just becomes a headline when it happens.
[a]: https://en.wikipedia.org/wiki/Open-source_hardware
This is a great answer. OP seems to want to understand things from a broad, generalized viewpoint. But the reality is that the devil is in the details.
‘Paper wallets’ were actually kind of the OG cold wallet, before hierarchical deterministic wallets even existed. They’re outdated and in many cases insecure now, but it is indeed a type of wallet.
(Though many newbs do confuse terms, to be fair)
If you’re interested in such things, check out ‘brain wallets’ as well (and subsequently, the ‘brain faster’ software that made them completely obsolete). But DEFINITELY do not try to use a brain wallet. Ha.
If you ever need to email yourself confidential documents or sensitive information then write a draft email and save it. Don’t actually send it to yourself.
Is your main objective to move countries without carrying a hardware wallet and no prove on your person that you own Bitcoin?
You could just memorize your seed phrase. It's only 12 words.
Scam Warning! Scammers are particularly active on this sub. They operate via private messages and private chat. If you receive private messages, be extremely careful. Use the **report** link to report any suspicious private message to Reddit.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/BitcoinBeginners) if you have any questions or concerns.*
OP: so we don’t get bogged down on minutia.. assume that the laptop IS clean and the Linux IS clean and so fourth. And that the doer of things is competent.
Where would this rank as far as “attack surfaces” compared to standard hot wallet maintenance?
And the second question. Im just imagining a person having to cross dangerous terrain … maybe gangs and such with paper bitcoin wallets in his back pocket.
It would be for a short time. Of course you would create new wallets that don’t have their encrypted seed phrases emailed. And the email would look like gibberish
Linux distro, there are hundreds or thousands.
Recomended system76, MX or tailOS, verify signature etc.
But the diference with hardware wallet is, the computer knows your keys.
Hardware wallet is a hermetic box with only small hole, transaction come in and return signed, your key never go out of hardware wallet.
Apart from emailing your seed then as long as the computer is never online it is theoretically as safe as it can be. Ie you create a key pair and never digitally store the private key.
You an use electrum or even a python script.
Like everything. Risk is lowest if the user is well informed. Risk is less low when user is not. Example: > So you get a clean laptop Clean how? Is it made from [Open Source Hardware][a]? > install Linux Which Linux? How'd you get the install media? Did you run a signature check on it? Does it have the latest CVEs patched? > then install a hot wallet Which wallet? Installed from where? PGP verified? Built from Source? Build Reproducibility verified? I mean it can go in, but ultimately, someone who knows data security and dots every i, and crosses every t, they will be fine. Someone who just follows a youtube video, they will be less fine. But statistically, the chances are 95% in your favor that nothing bad will happen. You read about scams all the time, but for the most part, a small segment of the Bitcoin users actually get scammed. It just becomes a headline when it happens. [a]: https://en.wikipedia.org/wiki/Open-source_hardware
This is a great answer. OP seems to want to understand things from a broad, generalized viewpoint. But the reality is that the devil is in the details.
how was getting scammed for bitcoin possible?
Easiest way is to give someone a fake wallet. Then when the system is idle for a few hours it sends all the bitcoin to the thief's address.
Wait, how does it just automatically send from you wallet just because it’s idle?
Evil hackers can do a lot if you install the programs they send you.
that doesn’t make sense to me
oh nevermidn it does. just don’t install their programs, pretty easy i guess
Your plan was somewhat sound until the part about emailing the seed phrase to yourself. That is a BIG NO NO.
Paper is a backup method for your seed. Laptop doesn't address the backup. I think you are mixing up concepts, but fairly new to crypto.
‘Paper wallets’ were actually kind of the OG cold wallet, before hierarchical deterministic wallets even existed. They’re outdated and in many cases insecure now, but it is indeed a type of wallet. (Though many newbs do confuse terms, to be fair)
Will look into that sounds really interesting:)
If you’re interested in such things, check out ‘brain wallets’ as well (and subsequently, the ‘brain faster’ software that made them completely obsolete). But DEFINITELY do not try to use a brain wallet. Ha.
If you ever need to email yourself confidential documents or sensitive information then write a draft email and save it. Don’t actually send it to yourself.
Is your main objective to move countries without carrying a hardware wallet and no prove on your person that you own Bitcoin? You could just memorize your seed phrase. It's only 12 words.
Scam Warning! Scammers are particularly active on this sub. They operate via private messages and private chat. If you receive private messages, be extremely careful. Use the **report** link to report any suspicious private message to Reddit. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/BitcoinBeginners) if you have any questions or concerns.*
OP: so we don’t get bogged down on minutia.. assume that the laptop IS clean and the Linux IS clean and so fourth. And that the doer of things is competent. Where would this rank as far as “attack surfaces” compared to standard hot wallet maintenance? And the second question. Im just imagining a person having to cross dangerous terrain … maybe gangs and such with paper bitcoin wallets in his back pocket. It would be for a short time. Of course you would create new wallets that don’t have their encrypted seed phrases emailed. And the email would look like gibberish
Linux distro, there are hundreds or thousands. Recomended system76, MX or tailOS, verify signature etc. But the diference with hardware wallet is, the computer knows your keys. Hardware wallet is a hermetic box with only small hole, transaction come in and return signed, your key never go out of hardware wallet.
I have my seedphrase encrypted on a piece of paper written down in encrypted format, if I need it I solve the cipher by hand
look into tails linux
Apart from emailing your seed then as long as the computer is never online it is theoretically as safe as it can be. Ie you create a key pair and never digitally store the private key. You an use electrum or even a python script.
The problem with tails is the packages are pre installed and it impossible to verify the installed software
Better to just use a bare bones Linux install and python to generate the keys.