Silk Road forums

Discussion => Security => Topic started by: DC on September 12, 2011, 05:10 am

Title: Deleting wallet for security/privacy purposes
Post by: DC on September 12, 2011, 05:10 am
First Post.

I did a search of the forum for "delete wallet" and nothing turned up.

I've been reading about bitcoin and how transactions can be traced from the source all the way to the end via block analysis. I know that I've been careful, not posting my addresses around, and creating new ones for new transactions. However, I still have personal details that can identify me with the place that I purchase coins. I know that when I send those coins on to my wallet, that there shouldn't be anything linking that address that I send it to to me personally. But for the sake of discussion, say that my computer were to be compromised somehow, the details in my wallet log a record of all my transactions, again not linking it to any specific contraband, but a record still. What if Silk Road itself were compromised as well - the records could potentially show that I had sent money to Silk Road.

Since I only use bitcoin for SR purchases, and always send all my new coins from my personal wallet directly to my SR wallet, as an additional level of security could I periodically delete my wallet.dat file, or even my .bitcoin (I use Linux) folder permanently, so that when I restart bitcoin, it generates a new file without any transaction record? Or is this completely unnecessary? I just want to cover my bases in the best way possible.

Any feedback on this issue is welcome, even if it's not specific to the question I'm asking. Thanks
Title: Re: Deleting wallet for security/privacy purposes
Post by: DC on September 12, 2011, 05:43 am
Must be a glitch in the search software or something. I typed in "delete wallet" and nothing turned up. Tried again and lots showed up. I guess this thread is now redundant.
Title: Re: Deleting wallet for security/privacy purposes
Post by: LexusMiles on September 12, 2011, 05:49 am
I can't answer your question directly, but I can comment on some general issues raised by the info you provided. To simplyfy, I'll just go with 2 points:

(i) If your OS has encrypted root file system (available as an option when install Ubuntu and Debian), then deleting maybe not really be a necessary step to take. Since the entire OS is in a 'deleted' type of state when the OS is shutdown (encryption key gone from ram).

(ii) If your OS is raw and unencrypted, deleting the wallet.dat, or at least encrypting it will be a necessary step. The problem is though, that your entire disk will be a forensic feast for any passer by that happens to confiscate your hardware. You'll will need to be constantly deleting history and cookies, and using a free-space scrubber to keep the HDD forensically sterile.

If you are becoming security aware enough to consider deleting wallet.dat, it maybe good to go the extra mile and move to encrypted OS (or VM inside encrypted container).
Title: Re: Deleting wallet for security/privacy purposes
Post by: acurlenamu on September 12, 2011, 06:40 am
I like to transfer coins through a few wallets running on virtual machines, and then securely delete the virtual machines when I'm done.  Makes the wallet's history and the fact that I was running it totally unrecoverable.
Title: Re: Deleting wallet for security/privacy purposes
Post by: DC on September 12, 2011, 10:02 am
Lexus, I use Ubuntu, but neither my root or home directories are encrypted. I may do it one day, but it's not practical at this stage. The thing is though, that an encrypted operating system is still something LE would like to get into if they suspected you of something and confiscated your computer, and withholding passwords could be seen as spoliation of evidence. Having a computer that is accessible, but with nothing incriminating on it should be safer/less incriminating.

Maybe the best thing would be to have a complete OS with encryption for an additional layer of security installed on one of those small USB drives that you could either have hidden well, or flush or swallow if the shit hit the fan. I'll have to make sure I clean my hard drive by zeroing it out, and do a complete re-write of all of my data, and leave dodgy activities to the flash drive, remembering not to use the swap partition on the hard drive just in case.

Of course, you have to make sure there is no other contraband in your house as well  ;).

I'm just being a little paranoid, but I want to be able to relax with this whole thing a bit more knowing that I can't reasonably be found guilty of anything, even if my packages were being intercepted.

I like the idea of transferring coins through a few wallets on a VM, but I've read a bit more and it shouldn't be necessary anyway, since SR changes their addresses with every new deposit.

Thanks for the information, you both have been helpful.
Title: Re: Deleting wallet for security/privacy purposes
Post by: Kurt Cobain on September 15, 2011, 07:59 pm
I still don`t understand this one:

I like to transfer coins through a few wallets running on virtual machines, and then securely delete the virtual machines when I'm done.  Makes the wallet's history and the fact that I was running it totally unrecoverable.

What is a virtual machine? I`m using winXP. And still i am wondering about several wallets: do you really install a few btc-clients and load the whole blockchain each time just for one transfer??? isn`t easier to use instawallets?

thx

Title: Re: Deleting wallet for security/privacy purposes
Post by: Gall Anonim on September 16, 2011, 03:56 am
I'm using Ubuntu 10.04 I think, and it has an option of encrypting your home directory. If your box is compromised while locked or powered down you're good to go.

On windows I use TrueCrypt to do whole disk encryption.

yes you can nuke your .bitcoin folder, on windows it's C:\Users\Gall Anonim\AppData\Roaming\Bitcoin