Encrypt wallet · Issue #3 · bitcoin/bitcoin · GitHub

Butter that paid with pedo pesos to download CP got arrested thanks to blokechain analysis

So this subreddit is basically a bunch of pedos discussing weather or not they will eventually be caught for using a bullet proof hosting server that got busted and hosted CP, at least one of them got caught (unfortunately got released with no charges so far)
https://old.reddit.com/depfile_discussion/comments/g3s77v/my_experience/
One of the most frequent posters and mods in that sub is named u/lolita_lopez2, definitely not a pedo right?
Edit: Still reading around through that sub, wow these guys know a lot about CP, given their tone and the lack of any shame or disgust towards pedophiles, I can only conclude that these guys are pedophiles, they aren't just discussing the case because of an interest in cybercrime, they are there to reassure each other that they won't get caught.
Since the sub is now set to private, this is what he said.
I only just found this sub. I'm posting info that might be helpful, and I'll try to answer questions if I can.
I was arrested in 2018, released under investigation (this means no restrictions on my freedom and movement), and the investigation was closed recently, with all my property returned. I'm not going to give dates.
I used the following security measures: encrypted folders with truecrypt, separate devices, vpn, tor, fake cock.li email, throwaway usernames, bitcoin purchased from the street.
I was caught when they connected a transaction to another wallet to another wallet to an old exchange account which had been deleted for years (from when I first started using bitcoin, it was a stupid mistake). Unfortunately the exchange account was verified with my name and address. I probably consolidated my coins into a new wallet at some point, which could be connected in some way to another wallet I used. In retrospect, bitcoin transactions are permanent so it doesn't matter how long ago and how many transactions/wallets ago they were, if it looks like a simple transfer from wallet to wallet, they can calculate a likelihood that the wallet owners are the same person.
The transaction was from an account which they linked to a couple of downloads of specific files that they had verified was illegal. Note that they only identified a couple of files, I don't know if that's because they had only identified a small number of files in total, or if they stopped there for me because that's all they needed to proceed.
The downloads were made at least a year before, probably much more because I had stopped using depfile for a long time already. They had no hard evidence it was me but that connection was all they needed to raid me and confiscate all devices in my home. I spent a day in jail while they searched every corner of my home, then a recorded interview with lawyer present, then they sent me home. I was not under any restrictions, I left the country on holiday several times without issue and if I wanted to, I probably could have disappeared to another country.
They did recover some deleted files (my mistake) and asked about it in follow-up interviews. The files were definitely reviewed by a human because they were described in detail. In the end I wasn't charged (not enough evidence or not serious enough to warrant further resources in court) and the investigation was closed. Almost all property was returned. Some devices were destroyed because they contained questionable material or looked like they did at some point in the past.
A couple of points to note:
The police were very discreet, probably because they didn't have hard evidence and were wary of making a false accusation. After everything, nobody knows about what happened (I live alone). They told neighbors that I was assisting them with a case. Work/colleagues/family/friends are unaware. I did have to lie about why I had no electronic devices left in my home.
The search through my home was very thorough, they really went through every bag/containecorner. All the pockets in all my clothes were checked. A whole team of 4 or 5 people spent 12 hours in my home while I spent the day alone in a cell, waiting for a lawyer to arrive.
Despite being so thorough, they missed a few devices (which weren't even hidden), and took some non-electronic objects by accident.
No cloud accounts were accessed (or I am simply not aware of it).
No questions were asked about my encrypted folders.
They did demand passwords for all devices/drives (which I am legally required to give). I think if I had used encrypted drives instead of encrypted folders, I would probably be screwed.
Some files were definitely reviewed/watched by humans (they were described in follow-up interviews) but for the most part it was probably automated, and just flagged up some of the more suspicious files. This is probably why the encrypted folders were ignored. If a human had looked at my drives, they would have easily noticed a huge chunk of it was inaccessible.
After using the phones that were returned, it looks like they they may have gone through it by hand because every app was open, file browser, download history, chrome history tab was open, etc. Or maybe that's just a side effect of whatever tool they use for android phones. I know that they can search hard drives without leaving a trace (by cloning the drive or blocking writes).
They fixed my old broken hard drives and phones.
If you haven't heard anything by now, you're probably in the clear. (No promises)
submitted by Alpra_Cream to Buttcoin [link] [comments]

One-year update; Truecrypt asks users to consider a donation, but only if paypal or credit card are used.

One-year update; Truecrypt asks users to consider a donation, but only if paypal or credit card are used. submitted by embretr to Bitcoin [link] [comments]

~10 BTC lost from unencrypted Mycelium, and I don't know how (I have a theory thought)

I'm an idiot and had unencrypted mycelium wallet on my phone. Then my bitcoins disappeared to unknown address. I have no idea how I was compromised, but I have some theories.
The phone couldn't be fully compromised, because I also had other unencrypted bitcoin wallet (2x idiot), and the btc weren't stolen from there. I still have the other wallet there and the coins still haven't moved.
I stored the backup phrase on truecrypt partition on a linux server. In theory, the backup phrase could have been compromised, but I doubt it.
1st theory: sometime ago I installed popcorn time android app. I guess it is possible for other android apps to read the mycelium keys, if they aren't encrypted. Not sure though.
Other theory: targeted, physical attack. Someone technically could have snatched the phone while I left it at table at bar or something. However I usually take quite a good care of my phone.
Paranoidity level: high. Supidity level: ultra high. Any other theories?
submitted by throwaway-bitcoiner to Bitcoin [link] [comments]

What features would you want in a BlockChain.info wallet competitor?

I've been using the blockchain.info wallet for quite some time, and I'm pretty happy with it, but I feel like there are some features missing and the android app leaves much to be desired.
Would people be interested in either a new blockchain.info android app (I think this is possible with their api), a blockchain.info wallet competitor, or some combination of the two? What features would you want?
Just some general ideas I had thought of:
I really love bitcoin and I have the motivation, but I thought I'd ask you guys so I could create something widely used and enjoyed.
submitted by are595 to Bitcoin [link] [comments]

Ideas for really safe Cold Storage

The Three Legged Stool of safe storage. I've given a lot of thought about how I can safely store my Bitcoins. I want to share my method in the hope others may find this helpful and any discussion could also help me. I'm not intending this as a beginners guide to cold storage, plenty already exist. But people, both new and familiar with cold storage, can benefit from the applications and ideas I'm suggesting here.
The Three Legged Stool, what's this about? There are just three ways to unintentionally lose your coins: Leg 1, They can be stolen Leg 2, They can be physically lost Leg 3, You can forget how to access them
The snag is that anything done to improve security to one Leg tends to increase the risk of loss caused by being out of balance with the other two Legs. For example, to protect your coins against Leg 1 (being stolen) you may hide the coins private key in a password protected container somewhere in your house. My point is that you have reduced the risk of Leg 1 (getting them stolen) but at the same time increased the risk of Leg 2 (physically lost) and Leg 3 (forget the password). This is especially true with long term storage. Equally, not using a password protects against Leg 3 but increases the risks from Leg 1 and is of no help against Leg 2. The objective is a balanced stool, keeping your coins safe and also always available for spending.
How it can be done: My preferred method is using Paper Wallets with BIP38 encryption. With secure passwords, these are so safe you can keep multiple copies of the same wallet all over the place. Keep copies at work, at home, at your parents house and even carry the private key QR code with your phone in case you want to spend a chunk of Bitcoins unexpectedly. Brute force attacks on BIP38 wallets are so slow, I can't think it's possible to crack a strong password of let's say 10 random letters, numbers and symbols. So this is total protection against Leg 1 and Leg 2 but forget that password Leg 3.... and your coins are gone forever!
Here's the clever bit. So how can you guarantee never to forget that complex wallet password? Yes! There's an App for that, "Infinite Password Generator" (IPG) is truly brilliant. https://play.google.com/store/apps/details?id=yuku.infinitepassgen.app
The only permission this App has is to access Google Play payment services so I don't think it can give any secrets back to the developer. Install this app and make backups of the APK, save backups on several devices in case it's ever removed from Google Play. If you change your phone you will want to be able to install IPG from your APK backups and it's best not to update this App. If you do update it then always check it is generating the same passwords using the procedure explained below.
IPG generates complex passwords by combining your own "Master Password" with a Keyword. As an example, your Master Password must be something you can NEVER forget like the house number and road name you lived in as a child. The Keyword is a unique identifier for this Paper Wallet, maybe a name and incrementing sequence number like wallet3. IPG combines these two fields to generate a secure repeatable password you can use as the input to the BIP38 encryption.
IPG let's you save its configuration settings and you need to do this: Fill in the Master Password, put your name in the Keyword field, press Show and select the type and length of BIP38 password you want then press Copy (to the clipboard). Now, paste the generated password over the Personal notes (optional) field. Next, delete the Master Password field and Save, then exit IPG.
Open IPG and Load your saved file, fill in Master Password then Copy/paste the generated password under the original copy of the password and if you did this all correctly you will have generated exactly the same password, confirming you put in the Master Password correctly. Now change the Keyword field to your chosen Wallet Identifier, let's use my example above wallet3 and this will generate the required unique password for that BIP38 Paper Wallet you're about to make. I would write 3 as a hint on all copies of this Paper Wallet to make sure I don't forget the full Keyword. The next Paper Wallet I generate being wallet4, marked 4. Also I paste a copy of the IPG generated password into a Truecrypt encrypted container as a last chance disaster recovery.
Final steps to use IPG safely. You must close this App correctly otherwise it stays a while in memory containing all your secret information. Then you need to clear the clipboard of the wallet password and I've been using an App called Clipboard Autoclear+ to do this. https://play.google.com/store/apps/details?id=de.tactilesoftworks.clipboardsentinel
I've used two Paper Wallet generators, my favorite is https://www.bitaddress.org but it's a bit cumbersome to produce multiple copies of the same wallet. I also like https://bitcoinpaperwallet.com because they can produce Testnet Wallets which is a coin identical to Bitcoin but uses valueless coins purely to be for testing purposes. Google Testnet Wallets for more info.
Spending from your Paper Wallet is easier to do than explain and I started by using the Blockchain.info Android App. But this has let me down with an error message "insufficient funds" and I see many complaints about this problem. I wrote to Blockchain.info about it but got no reply. Since then I moved to Mycelium Wallet https://play.google.com/store/apps/details?id=com.mycelium.wallet and have had no problems with this. Also they do a Testnet version of Mycelium which is incredibly useful.
In Mycelium you just scan your Paper Wallets public address to watch how many Bitcoins there are in them. When you want to spend from the Paper Wallet, first run IPG, load the file and fill in the passwords then copy the Paper Wallet password to the clipboard. During the Send transaction Mycelium will ask to scan the wallet Private Key, it then asks for the BIP38 password which you can paste in from IPG and the amount of Bitcoin to send and off it goes.
A couple of important points to consider if you're not spending the full amount from the Paper Wallet. Once your private key has been used like this you really should send the remaining Bitcoins the next Paper Wallet in the sequence called, using my example, wallet4. That's because once a private key has been used or exposed to an online device, it's no longer safe to consider it as cold storage. If you don't spend all the coins on your Paper Wallet it's likely you will get back change and you must be sure the Wallet App you're using supports this or your change will disappear as a donation to the mining community. Mycelium and Blockchain.info Wallets automatically look after sending your change back to the Paper Wallet's corresponding public address. OTHER APPS MIGHT NOT DO THIS SO BE CAREFUL.
Generating Paper Wallets should be done on an offline device such as an old Android phone factory reset and only used for this purpose or a bootable Linux USB.
In conclusion this approach overcomes my doubts about my ability to remember long term secure passwords, possibly years after I made them up, because I shouldn't forget the Master Password as it's something so personal to me and the Keyword is almost attached to the Paper Wallet. Leg 3 is dealt with and Legs 2 and 3 now take care of themselves.
I do hope some of you find these ideas helpful. The developer of IPG Yukuku does not make any provision for donations and I would happily make a donation for this excellent App that is also available for Windows.
Disclaimer, these ideas are for your consideration and debate only. I take no responsibility whatsoever for any losses that may arise however they are incurred. I have absolutely no connection or financial interest in any of the applications I have referred to here.
submitted by LeScarecrow to Bitcoin [link] [comments]

A few doubts regarding bitcoins.

I've been trying to understand how bitcoin works and I think I've got most of it, yet I have some doubts I couldn't solve in any other way.
1) I'm using an android wallet. I've gotten a private key that (as far as I understand) should be my address. My question is: by knowing my privkey, could anyone else access my bitcoins and steal them? If yes, how do I prevent it? If not, then how can export my key to another device?
2) I've seen the network analyzer part of the client, it shows some data I'm not sure I understand. Peers are other users on the network, bitcoin translations or what?
3) Free bitcoins. I keep seeing website that offer bitcoins for nothing or for ads/survey. Are they legit or a scam? If they're legit, what are the best ones I can use for some free bitcoin fractions? Apart from mining and buying, how can I obtain bitcoin in a safe way?
4) Security. It's supposed to be a legal and safe currency. Yet how can I protect my wallet? Can I encrypt a backup with truecrypt and then get it out and use it on another device?
Thanks to whoever will shed some light on my doubts. Sorry if asking questions is not allowed.
submitted by teamfoilhat to Bitcoin [link] [comments]

Bitcoin OX Wallet Recovery From Seed (Mnemonic) Bitcoin Wallet Setup - How to install on Android. How to buy bitcoin on CEX.IO and send to external wallet ... How to Restore Mycelium Android Bitcoin Wallet Using ... HOW TO ENCRYPT AND DECRYPT WALLET

Android ist dafür viel zu unsicher. bei Apple sind alle Wallet-Apps eh gesperrt. Bevor mir hier jetzt jemand einen Android-Flamewar auslöst: Ich hab meine Bitcoin Wallet auf dem Mac in einer ... Your wallet.dat file is not encrypted by the Bitcoin program by default but the most current release of the Bitcoin client provides a method to encrypt with a passphrase the private keys stored in the wallet. Anyone who can access an unencrypted wallet can easily steal all of your coins. Use one of these encryption programs if there is any chance someone might gain access to your wallet. To access your best Bitcoin wallet Android, as well as to receive and send Bitcoin, you need to enter a private key. I suppose there is no need to explain that when losing the key or when it ends up in someone else’s hands, you may lose all the money. That is why it’s so important to store this key in a safe place that no one else has access to. Some best Bitcoin wallets store keys offline ... Copy the wallet-compromised.dat file back to wallet.dat, start the Bitcoin program and transfer your balance to the new address(es) you put in your text editor. Once the balance is back to 0 for your compromised wallet, you may want to wait a couple minutes or for a confirmation or check block explorer to be sure the transactions have been broadcasted. Then you may shut down the Bitcoin program. Bitcoin Core developers enabled a feature inside the bitcoin client that lets you “encrypt” your wallet by protecting it with a passphrase. By using a passphrase, you “lock” your coins from being spent. Even if an attacker were to gain access to the device on which your bitcoin wallet is running, they would not be able to do anything with the funds unless they also had your passphrase.

[index] [51152] [29389] [46556] [48071] [48918] [25623] [51315] [29892] [49200] [16525]

Bitcoin OX Wallet Recovery From Seed (Mnemonic)

Hello everyone, today I present to you the application that will allow you to fill your bitcoin wallet by watching videos! Link of CryptoTree on google play ... This video explains how you can buy Bitcoin via credit card and send the Bitcoin directly to your favorite wallet. I used Binance BTC wallet as an example. O... How To Get A Bitcoin Wallet: Blue Wallet for iPhone and Android BTC Sessions. Loading... Unsubscribe from BTC Sessions? ... How To Connect Bitcoin Wallets to Your Node: Wasabi, Electrum, Green and ... Published on May 1, 2017 This is a video tutorial on how to encrypt & decrypt your PIVX Wallet. By encrypting your wallet, it will provide a layer of protection and safety; we would recommend you ... The Bitcoin OX Wallet supports Bitcoin (BTC),... Skip navigation Sign in. Search. Loading... Close. This video is unavailable. ... TrueCrypt - Full access to xpub, xpriv, seed , addresses - Only ...

#