How to Secure Your Wallet in a SMART way (good for Ethereum)

in #ethereum8 years ago

There are 2 questions you hear very often at steemit and everywhere: "Will ETH bring me a lambo next month?" and "How can I secure my wallet, I don't want to get H@Ck3d".

I'm a guy that knows nothing about finance and TA, but I know quite a bit about information security. That's why I'm willing to explain how I'm storing my wallets, just to keep you as safe as possible. But also so we can concentrate us on the first question.

TL;DR
I'm storing my cold wallet in an encrypted container that is hidden in an innocent looking video. Since it's encrypted and hidden, I'm storing it in the cloud and on several off-site computers that are not considered malware free.

Things you need
There are a few things that you need. 1. Veracrypt 2. Python 2.x 3. This tcsteg2 python script 4. An innocent looking video 5. Paper wallet, I even used the plain .pdf 6. Some concentration

Alright, let's get started
Get an .mp4 file

If you already have a video file in mp4 format, you can skip this step.

Look on youtube for the video you want to hide your secret stash in. Go to Offliberty and paste the URL of the video. Follow the instrucions of the website to obtain your video file. Store this file in the same folder where you have the python script mentioned above.

Create a hidden VeraCrypt volume

In veracrypt, click 'Create volume' to start making the encrypted container. A prompt will pop-up. Follow these steps:

Click "Create an encrypted file container"

Click "Hidden VeraCrypt volume"

Click "Normal mode"

Click "Select file". Go to the folder that stores both the tcsteg script and your video file. Give the container a stupid name.

Click next. The outer container will be stripped, so you don't have to put up good security here.

Standard encryption options are fine for the outer container.

The size is the only important input for the outer container. Make it big enough to store all your assets, but small enough so that your video file doesn't get HUuuUUuUuge. 0.5 MB is enough to store 1 paper wallet.

Enter a password, is allowed to be weak :)

Click Format, you can swiggle with your mouse if you want to.

Click Next, the message shown isn't fully applicable to us.

We're going to setup the hidden volume right now that holds your wallet. - Click Next

Set AES(Twofish(Serpent)) as the Encryption Algorithm. Leave SHA-512 as the Hash Algorithm

Set the maximum hidden volume size, mentioned by the application.

Keep the message prompted in mind, select Yes.

Set the most secure password you'll ever come up with. Make sure that it is good and long, but easy to remember. Advanced users can setup a keyfile and change the PIM. But we won't go this far.

Swiggle your mouse until the bar below is filled. Click Format.

Accept the prompt.

Click Next

Close the wizard.

The encrypted container is now made. If you want to play with it, you can mount it using veracrypt. Entering the weak password will enter the outer container, your advanced password will open the inner container.

Fill your container

It's time to fill your container with your precious stuff that you do want to lose.

Open veracrypt, select a drive and click 'Select file'. Navigate to your brand new made container and select. Click "Mount" in the lower left corner. Enter your super secure password and click "OK".

Your container is now mounted as a new drive. Copy your paper wallet to it. My container holds the bare PDF paper wallets.

Dismount the drive using VeraCrypt. Click "Dismount All" if you're not sure.

Hide your container

Go to your folder that holds your mp4 video file, tcsteg2.py and your container. Open a command prompt (or shell or whatever) and execute the python script. On windows for example: python.exe tcsteg2.py 'Windows 95 Bugatti - Orig.mp4' encrypted.container

The expected output is:

Parsing video ...

Embedding ... be patient

Fixing up hybrid file ...

Hybrid file 'encrypted.container.mp4' was created successfully.

Everything OK. Try mounting the file in TrueCrypt and playing the video.
And there we have it. Your encrypted container is now a video. It looks like a video and is as funny is a funny video. But it also holds your precious wallet using very strong encryption (Military Grade ++).

When you mount the container with Veracrypt again (use your advanced password, weak one won't be allowed anymore), your wallets are revealed. Since the wallets are now stored heavily encrypted, I store these on USB sticks and several PC's. Just to make sure I don't lose the video. I don't mind that my video file gets discovered or leaked, breaking the encryption is almost impossible if you provide a good password. :)