[OPSEC/Computer] Tails 1.3 will ship with the Electrum Bitcoin wallet installed - use it!

https://tails.boum.org/news/test_1.3-rc1/index.en.html

Using a local wallet like Electrum is a much, much better alternative than using 3rd party web wallets like Coinbase, Circle, Blockchain.info, etc. for many reasons. For one thing, you don't have to worry about those services cutting you off for "suspicious" transactions, and using a local wallet potentially makes it easier to tumble your coins less (or not at all). It can also be a boon to privacy and the security of your funds.

However, let it be known that this sword cuts both ways - storing your bitcoin in your own wallet also means that you are responsible for making sure you have your wallet information backed up well and in a secure location. Electrum wallets can be stored and recovered with nothing more than a 12-word "seed," which can be saved as a file (encrypted, I hope) or written down on physical paper. Remember that Tails will not save anything after a shut down unless you save it to an external device (like a USB flash drive) or set up Persistence within Tails!

Another concern is that Electrum is a "slim" wallet, meaning that it doesn't actually download any of the Bitcoin blockchain. This is great for managing your coin simply and quickly, but it also means that the Electrum server you connect to will know which bitcoin addresses you're requesting the balances of, and will know that those addresses are controlled by the same person. This is not as much of a problem as you might think, assuming that you only ever bring that wallet online over Tor (including its creation), but there are potential opsec compromises that could emerge from someone knowing that certain Bitcoin addresses are connected to one another. Note that this information may be available not just to the Electrum server operator, but also to anyone who might gain access to that server including hackers (whether LE or dipshits) or LE who might issue a subpoena or National Security Letter for the server's records.

If you work with multiple wallets (as you should), with one for "clean" coins and one for "dirty," make sure that you don't use both of them at the same time, and ideally, if using them in short succession, that you close Electrum and click the onion icon on the top panel of Tails and select "New Identity" between wallets (if checking both within 15 minutes of one another - after that much time your circuit will have changed anyway). Note that depending on how they've implemented Electrum, it may save a wallet as its default after you import one, so you may actually have to delete the "old" wallet from Electrum before closing it, switching identities and importing the "new" wallet - otherwise Electrum would query the server about the "old" wallet before you then import the "new" one in the same session, which would provide a trail between them.

In later versions of Tails, they will likely be using the upcoming Electrum 2.0, which has native support for multi-signature transactions and lots of other neat features.

As always, stay smart, stay safe, and don't cut corners. This is a big, big feature, and I hope that folks can start to use it like they ought to. Feel free to post any questions you might have.


Comments


[6 Points] None:

[deleted]


[6 Points] tangocharliefriend:

Hah, at last.

Touchpad: enable tap-to-click, 2-fingers scrolling, and disable while typing.


[4 Points] galaxyandspace:

Currently testing the beta for Electrum 2.0. Its looking pretty snazzy, and super easy to use for multisig. Lots of glitches and bugs to report, but the future looks good!


[3 Points] throwaway56135:

and using a local wallet potentially makes it easier to tumble your coins less (or not at all).

Can you expand on this? What would the pathway be for a user who doesn't tumble his coins?

Right now I'm doing cash into localbitcoins -> localbitcoins wallet to tumbler -> tumbler wallet to DNM