/biz/ - Business & Finance

Get a leather burning pen, and burn your 12 word phrase into the inside of your belt, then cross borders with your magic internet money.

>>58290275
Ledger actually has this service know, but you have to pay monthly. Why don‘t you just use a cold wallet?

>>58290815
i have a cold wallet. read the OP again. putin could potentially nuke my cold wallet.

> ledger
I'm not that pleb. i don't wand vendor lock in

>>58290275
BCASH BCASH BCASH BCASH

>>58290275
1. Use hardware wallets. I recommend Ledger for its tamper-resistant design, even if Ledger Live is a joke and their cloud backup feature was incredibly poorly marketed.
2. Use two hardware wallets, exact same config on both.
3. Have a password (/25th word) on top of your basic 24 words.
4. Put a small balance on the wallet defined by the 24 words only. This is your canari wallet. If the coins in that wallet ever move, your basic 24 words have been compromised. If you are coerced into unlocking your wallet, this is the one you'll show.
5. Put your real assets on the wallet defined by the 24+1 words.
6. Create a TrueCrypt/VeraCrypt volume, with a hidden volume. Pick strong security settings.
7. Store gross, but not illegal porn in the default TrueCrypt volume. If you are coerced into revealing the password to your volume, use the default password, and blush convincingly as the bullies laugh at your shameful porn fetishes.
8. Store your 25th word in the hidden volume.
9. Store TrueCrypt volume in your favorite cloud provider(s). Do NOT use cloud providers' glowing "encrypted" solution, they can be accessed through subpoenas/warrants.
10. You have a decision to make with your 24 words. Proper OpSec dictates that they remain 100% offline. That means they'll either melt in the nuclear fire that destroys your nation, or you're exfiltrating them in an imaging-neutral leather pouch gently inserted up your ass.
11. If you decide to go digital rather than anal, then you'll need a 100% clean offline computer (boot a clean linux distro from USB stick, verify distro hashes, don't setup networking), create another TrueCrypt volume, with hidden volume. Store 24 words in hidden volume. Store fake 24 words in default volume. Copy TrueCrypt volume to USB key. Place volume within outer TrueCrypt container's hidden volume. Do NOT EVER open that inner TrueCrypt volume, except from a 100% clean offline computer.

>>58291214
Don't bother with 2FA, it's something 3rd party uses to verify who you are, it doesn't add any security to your own data. Focus on using completely unguessable and non-brute-forceable passphrases for your encrypted volumes that you are confident you will always remember easily.
This is heavily reliant on TrueCrypt itself not being compromised. If this assumption proves faulty, all bets are off.

>>58291227
> Don't bother with 2FA
That.. came out wrong. I meant
> Don't assume using 2FA will meaningfully improve the security of your coins. You can use 2FA to login with your cloud provider(s), it's fine. It's just fine.

>>58291214
>Use hardware wallets
no, i wont. but there was atleast some useable thigns in your information so thanks.

>>58290275
as long as it is actually encrypted well and on a secure server you'll be fine.

>>58290275
https://filecoin.io/

unironically

>>58291027

>>58290275
Upload a well secured KeepassX file with the seed somewhere. Remember to move the funds to a different wallet before quantum computers become commonplace.

>>58291966
>> keepassX. no, i prfere not to use any highly specific third party shoftware. just gonna go with gpg

>>58290275
tattoo the seed phrase inside your foreskin.
you DO have a foreskin, dont you, anon?

>>58292057
thats probably backdoored like xz
go with 7zip instead.

>>58292164
7z is probably backdoored too
if you aren't running your own homebrew encryption/compression scheme in 2024 you are ngmi

>>58290275
I do this. Archive is aes-256 CBC or CTR I can’t remember. It’s my “oh shit” backup incase i lose everything else.

Also you might not want to create the archive on a machine that you regularly use and could have some kind of spyware unknowing installed, then it would record your keystrokes and your encryption password is useless. I had an old raspberry pi that I reformatted then used that to create the archive and after uploading it to the cloud I reformatted the raspberry pi again using a disk wipe (not sure this was necessary since it’s using flash and not an hdd).

>>58292175
I know you're joking, but for everyone else, do NOT roll out your own homebrew encryption. You will only Dunning-Kruger yourself into a bad situation.
If you worry that backdoors lurk in your open-source encryption software (closed source encryption doesn't deserve a mention), you can mitigate that by using a Russian doll approach. For example, given 7zip, keepassX and TrueCrypt, create a keepassX DB, put your passwords in there, then place the DB in a TrueCrypt volume, then encrypt the volume with 7zip.
The downside is that with every app, you MUST use a different password, and each password needs to be long enough to be practically uncrackable.
The upside is that unless all of your layers are backdoors by the same underlying entity, your password is perhaps safe.
In particular, this approach provides some resistance to backdoors even if every layer is backdoored as long as the actors behind each backdoor do not cooperate.
However, this whole setup assumes that misfeatures in any of the layers are limited to encryption backdoors specifically. If a layer happens to contain a keylogger for example, you're screwed across all layers.

>>58291795
lmao saved

>>58290275
When you say cloud backup, you mean like retail onedrive or google drive?
Cause that shit will get nukes when dc gets nuked.
If you are being serious, you need to create your own aws storage in multiple regions around the planet to actually have it not get vaporized...