3. I have a rule in my IT life: never overwrite anything. This can be so simple as:
#!bin/sh
BKPTIME=`date +%m:%M:%S-%d-%h-%y`
tar czf ~/wallet-$BKPTIME.tar ~/.bitcoin/wallet.dat
cp ~/wallet-$BKPTIME.tar ~/Dropbox/
You see, one of the consistent problem with the tech-heads in bitcoin is this: You assume every user is going to be a techie or can be expected to learn to do things The Right Way. Fortunately for me, real life has beaten that assumption out of me and paranoia has always proven to be invaluable when things go fubar.
We both know how to write a bash script and can recognize the common flags for numerous commands to know when somebody's trying to pull a fast one on us. Not the average bitcoin user we want to reach with a "user-friendly" front end.
The average joe will almost inevitably save the same file to the same location. For many of them, be it on Windows or a Mac, it's going to be the default desktop/Documents folder or equivalent.
You can be almost 100% sure they are going to over-write the same file.
Mmmm... I not express myself in the right way... English isn´t my native language... sorry... \o/
This kind of scripting is just an example... I´ll never tell to a user of an Ajax Web Interface to do that... This will be done automatically...
6. Right and wrong at same time... All passwords are encrypted and saved intoetc/shadow only (or even a LDAP backend), so, how long will take to decrypt a strong password?! +100 years?!
6.1. Don't you trust in your system, when you type your password to login into a SSH session?! This can have the same level of security than SSH has.
Only if it's my server I'm SSHing into
Otherwise, I'm going to assume the other admin has a modified sshd and some logging service that records every single command I send in.
Agree! But, in my proposal, you will be the owner of your server (virtual in this case), including the Bitcoin binary and wallet.
What I can do is just provide a pre-configured version for regular people, but you can upload your entire Linux image to that cloud, including the Bitcoin binary...
I see people saying that a Bitcoin/wallet within a Virtual Machine is not safe but, that is true for crap systems like vmware esx or virtualbox, etc...
But that is not true for Xen.
Xen can provide a "security through isolation", so, I, the owner of the phisical server, am unable to access your portion of RAM memory.
BTW, everybody can check the binaries of a system provided by me, to see if it is original or cracked.
So, I'll never going to provide a cracked binary (or compiled from a patched source) because my name is what is at stake. And my name, my reputation, is one of the most important things in my life...
Also, it is perfectly possible to encrypt your Dropbox/GmailFS/Ubuntu One/Whater cloud folder too...
What do you think Xephan?!
Sorry but I don't trust any "cloud" folder. Especially not when their TOS specifically disavow any responsibility if things got lost/deleted.
I already think on this, first, the cloud folder will host a encrypted wallet, second, the backup will be sent to multiple clouds at the same time, so, you think that your file will be lost/deleted from Dropbox, GmailFS, Ubuntu One and from your PC at the same time?!?!
Oh! BTW, in my proposal, you will be able to access your wallet.dat through SSHFS!!!
I know that deep inside, trust between two parts must exist but, the provider can have a high level of security and strong backup procedures that a single user never dream about. So, where you prefer to host your wallet.dat?! Within a strong cloud that you can trust for sure or within your freak Windows?!
Sorry, I don't know if you are using Windows...
I like Linux, I've been testing out and trying out Linux since Slackware and dial up days. Know what turns off the average user? It's when somebody does the I-use-Linux-so-I-am-more-elite-than-you-fools thing on them and go on a rant about their OS. Sad to say, I used to do that too.
But the average person doesn't care about your OS religion. They want a tool that does what they expect and just works. If there is a problem, the first thing they are going to blame is your program, not the OS, not themselves.
For the record, I use a mix of Windows, Linux (including Android) and even Apple computers/devices. Whatever works best for the purpose and situation.
I can garantee that a system created by me, using well know open source tools and pretty well documented, is far, far away more secure than any Windows out there.
BTW, there is no secure Windows. So, every single person wich hosts their Bitcoins in Windows, have the same level, or worst, of security than MyBitcoin... Windows is a joke... Like the todays online wallet providers.
So you claim, but where's the proof that YOUR system is more secure than any Windows?
The weakest link in any system is always the user and in some cases, an over-cocky dev
You´re right... The non-technical user is the most weakest part of any IT solution, that´s why I propose a solution like this... A solid backend environment, powered by Xen, Linux and Eucalyptus (that is a huge part of the proof), with a easy to use Ajax Web Interface for "normal" people, with automatic backups, etc... People will just need to "link" their google account with the Web Application to start the backup procedures automatically, for example...
My point is: It is perfectly possible to provide a trusted, secure and easy to use Bitcoin online wallet. Within the law!I am the kind of people that trust in everybody for the first time, until somebody proves the contrary.
I feel that the feeling of trusting in people are going to hell... But this is not the kind of society I want to live. In fact, I think most people are trustable in first place, not the inverse.
I know that there is many, many thiefs in this world but, I am not one of them. I am one of this people that can be used to make this world, a better place, starting building a safe place for people´s Bitcoins. Because our money, is sacred and sweaty.
If I gonna build this service, it will be entirely open source, so, you will be able to read my documentation and build one identically with your own computers.
Nice talk!
Regards,
Thiago
