bitcoin safe usage v02

Version 0.2 (July 2011) by Michael_S (forum.bitcoin.org) OpenPGP KeyID=0xCC7E7C99

A Practical (and Paranoid) Guide:

Setting up a Secure System for the Bitcoin Client- keep your private keys (wallet.dat) secure – and do not loose them -

Keeping them “secure” means:

(1) Secure against theft (by Trojans, key loggers, or physical theft)

(2) Secure against loss (by loss of the “wallet.dat” or by forgetting the password protecting it)

Concerning (1):

� After the download of the Bitcoin client software binary file from “http://bitcoin.org/” or“http://sourceforge.net/projects/bitcoin/files/Bitcoin/”, check the integrity of the file by theSHA1 checksum. Note that on the Bitcoin download site, SHA1 checksums are not provided forBitcoin versions before 0.3.23. Therefore Annex 2 has a list of checksums for older versions.

� When using your Bitcoin Client or when opening an encrypted container file containing yourprivate keys (wallet.dat), only do so in an environment of 100% trusted open source software.

� Good Examples:

� A 100% GNU Linux trusted distribution, e.g.

� GNU Linux Ubuntu

� GNU Linux Knoppix

� GNU Linux Slax

� Bad Examples:

� Microsoft Windows

� Apple MacOS

� Linux with one of the following software installed:

� Adobe Flash plugins

� Web brower with Java Script (and using the Web browser)

� Skype

� Opera Browser

� VMware Virtual Machine/VMware Player

� ...or any other proprietary or non-trusted piece of software

� When typing the password for opening an encrypted container file that contains your privatekeys (wallet.dat):

� Never do this from within another operating system (OS) than the 100% trusted onementioned above.

� After closing your Bitcoin Client session:

� Make sure your private keys (wallet.dat) will be saved only in encrypted form.

� Make sure your 100% open source trusted Operating System cannot be corrupted:

� Do NOT install your 100% trusted GNU Linux OS on an unencrypted hard drive partitionthat could be accessed (and possibly corrupted) when you boot your PC with a less trustedoperating system!

� DO use a bootable Live CD/DVD for your 100% trusted GNU Linux System, if possible (usinga Non-Re-Writable CD/DVD disc). Otherwise:

Bitcoin donations welcome: 14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR [1 of 23]


� DO use a bootable USB stick or flash memory card that is not used for any other purpose.

� Preferably encrypt this USB stick completely (at least the persistent data part for youruser settings and installed programs, but if possible also the system section)

� Despite encryption, make sure nobody else can have physical access to this bootableflash memory and modify it (note that at least the boot section can never be protected byencryption and therefore is never 100% secure against modification, in contrast to a LiveCD/DVD).

� Do not use your “Bitcoin-Operating-System” for any other purposes than simply running theBitcoin client. Because other applications might containing errors that make them vulnerablee.g. to buffer overflows, that might corrupt your system. Examples:

� Do NOT surf the internet with any web browser (some web pages may contain maliciouscode that could affect your system even without Java/JavaScript or Flash. For example,certain malicious *.jpg files can cause buffer overflows and thereby attack your system.

� Do not use an email client (same reason – malicious emails could provoke bufferoverflows)

� Do not run your “100% secure GNU Linux System” inside a Virtual Machine using VMware.Since VMware itself is proprietary closed source software, it may contain backdoors andcould possibly access any data inside your guest system!

� Finally, for all kinds of encryptions (container files, system partitions, etc.):

� Use SAFE passwords respecting the “Password Guidelines” that can be found at the end ofthis document in the chapter “Summary and Recommendations”.

� This is particularly important for the encrypted private keys (wallet.dat) that you aregoing to upload to external internet servers (“to the cloud”) to protect yourself againstloss of these keys in case of hardware failures or physical theft or damage.

� Use only 100% open source software, no proprietary software. This is also true for theencryption software itself!

� Use encryption software that employs keys with no less than 256 bits, which is today's stateof the art (e.g. 256 bit AES).

Concerning (2):

� Make multiple copies of your private keys (wallet.dat) after(!) you have encrypted them(!), andupload them to various external internet servers (“the cloud”). Do this after every session withthe Bitcoin client when you do any outgoing payments, because this may cause the Bitcoin clientto generate new private keys that are not yet part of your last backup of the “wallet.dat”.

� And again: Make sure you do not forget the password(s)!

The following pages give three “best practice” examples on how to setupsuch a secure system (certain basic experience with Linux is recommended, but deep expert

knowledge is not required):

� Example 1: Knoppix 5.3.1/5.1.1 with Live DVD/Live CD and Truecrypt:

� Most secure solution, but Bitcoin clients 0.3.22 and 0.3.23 do not run (0.3.21 does run).

� Example 2: Ubuntu 10.04.2 with bootable USB stick and Truecrypt:

� Full Bitcoin client compatibility and nicest user interface. However, all Linux system data [but not Bitcoin data] is saved to the USB stick in unencrypted form.

� Example 3: Knoppic 6.4.4 with bootable USB stick and Truecrypt:

� Full Bitcoin client compatibility and good user interface. Moreover, persistent user data is stored to the USB stick with 256 bit AES encryption. However, the Linux system data itself (=original files from the CD) is saved to the USB stick in unencrypted form.



Best Practice Example 1:

Linux Knoppix 5.3.1 Live DVD (or Knoppix 5.1.1 Live CD)

[Download: http://www.kernel.org/pub/dist/knoppix]

[Restrictions: Bitcoin version 0.3.21 for Linux works, but versions 0.3.22 and 0.3.23 do not workon Knoppix 5.3.1][Note: I checked all this with Knoppix 5.3.1 DVD – but should be the same with Knoppix 5.1.1 CD]

Note ahead: Unfortunately, the solution of this “Example 1” (i.e. using a Live DVD/CD incombination with an encrypted image file that saves persistently all user data and systemmodifications) does not work with the latest Knoppix releases 6.x (up to 6.4.4). Therefore,this “Example 1” is explained for the older Knoppix release 5.3.1/5.1.1.

Your secure system will consist of:

� Knoppix Live DVD (or Live CD) - burn the downloaded ISO image to DVD/CD (but do not use aRe-Writable medium!)

� Truecrypt software (version 7.0a) will be installed on top of Knoppix (the Truecrypt softwareLicense is similar to the GNU license and also 100% open source)

� Ca. 4 GByte of memory space on a hard disk OR external flash memory medium (e.g. USBstick). This memory will later contain:

� The file “knoppix.img” of 200 MB): It contains all the persistent user settings and systemmodifications (e.g. installed software) done on top of the Knoppix Live DVD/Live CD.

� A Truecrypt container file of ca. 4 GB (this size includes some margin, currently only ca.600 MB are needed to save the Bitcoin block chain for one's own wallet). This container willinclude the Bitcoin executable file “bitcoin” as well as the Bitcoin client's data directorywhich contains the “wallet.dat” and the blockchain.

� A Truecrypt container file of 1 MB. It simply contains a copy of the file “wallet.dat” whichincludes all your private keys. Copies of this very strongly encrypted container file should beuploaded to “the internet cloud” (i.e. to various internet servers like web spaces, dropbox,internet email inboxes, etc.)

� For your convenience: An UNencrypted plain text file “myBitcoinAddresses.txt” whereyou copy your own Bitcoin addresses (looking like the one in the footnote of this paper). Youcan later access this text file from your “normal daily-use operating system” where youmight run a second, less secured, instance of the Bicoin client (with a different wallet.dat ofcourse!). This second client shall contain only a relatively small amount of Bitcoins (BTCs).If the BTCs on this account grow too big, you can simply transfer some BTCs to your “safe”address by using one of the addresses in “myBitcoinAddresses.txt”!

System Setup:

Setup is quite straight forward.

� After having burned the downloaded *.iso image to DVD/CD (for security reasons, do NOT usea re-writable medium) and having booted from Knoppix Live DVD/CD the first time, you willcreate a so-called “persistent image file” (knoppix.img) [the word “image” has nothing to dohere with “picture”!] that will contain all your user settings. In that way you will have the“feeling” of a normal system, even when using a Live DVD/CD. The screenshot below showshow to create such a permanent KNOPPIX-image file via the “Knoppix penguin menu”.



The rest of the procedure is interactive, just select the desired hard drive and choose to create anencrypted image file when you are asked about this (encryption method will be the very secure 256bit AES). Concerning the size of this image file, the minimum of 200 MB should be sufficient (noteyou shall not do anything with this system other than using the Bitcoin client, so no big memoryspace for user settings and new software is required!). Use a SAFE password, of course, even thoughthis will later just protect your personal settings and Linux system modifications, not directly yourBitcoin keys.

� Next time you boot from the Live DVD/CD, you may want to enter the “cheatcode” “knoppixhome=scan” a the boot prompt to have Knoppix use the image file. If you don't do this,Knoppix will still search for “knoppix.img” and then ask you whether to use it. However, ifyou do not react to this query within 20 seconds, it will start without using it, and youwould have to re-boot again for another try.

The following steps are the same for Examples 1, 2 and 3 in this guide :

� Next you download the “truecrypt-7.0a-setup-x86.tar.gz” file (in case of 32 bit Linux), from here“http://www.truecrypt.org/downloads”, unpack it and start the executable. This will installTruecrypt on your system. Afterwards, perhaps you want to customize your Linux desktop bycreating an appropriate icon that links to “/usr/bin/truecrypt” etc.

� Now you can start creating the appropriate container files with Truecrypt: One 4 GB file (e.g.“myBitcoinOperationalSpace.tc”) and one 1 MB file (e.g. “myBitcoinWalletSafeStorage.tc”).For Example 1 (Knoppix 5.3.1/5.1.1) the proposal is to locate these files at the same point as“knoppix.img”. Use a VERY safe password (i.e. passphrase) here, but be sure not to forget it!!!

� Now you mount the large (4 GB) container file in the Truecrypt GUI window, the proposal is tomount it always in Truecrypt's 1st slot, so the mounting point will be “/media/truecrypt1/”.

� Of course you also have to get the Bitcoin client itself from“http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.21/bitcoin-0.3.21-linux.tar.gz/download”. From this file “Bitcoin-0.3.21-linux.tar.gz” you need to extract only the executablefile “bitcoin”, nothing else (either the “bin/32/” or “/bin/64/” variant depending on yoursystem). [Note that the newer Bitcoin versions 0.3.22 or 0.3.23 do NOT work on Knoppix5.3.1/5.1.1]

� Next you put the following two files to these locations and create a directory as follows:/media/truecrypt1/bitcoin � The Bitcoin client executable file./media/truecrypt1/btc_start � Create this file as explained below./media/truecrypt1/myDataDir/ � Create this new directory, using exactly this name “myDataDir”.

� Make sure that both “bitcoin” and “btc_start” have the executable flag set in the Linux filesystem. The shell command would be “chmod a+x b*” to make all files in the current

directory executable whose filenames start with “b”. Or you can set the executable flag in thefile manager �via right-click on the file “Properties” ...)

� Finally you can double-click “btc_start” (or make a link at the desktop to it and double-click thatdesktop icon) to start the Bitcoin client.



NOTE: The file “btc_start” is a very simple Linux shell script that starts the Bitcoin client with anappropriate command line parameter, such that it will use the data directory “myDataDir” inside thelocation of your Truecrypt container, and not the default location “~/.bitcoin”. This is essential,because it makes sure that at now point in time your privat keys (wallet.dat) will ever be written toany unencrypted storage space of your system. You can create the file “btc_start” with a simple texteditor, just copy-paste the following text exactly like this:

#!/bin/bash

# Get the absolute path of THIS script file:

ThisPathAbs="$(dirname "$(readlink -f ${BASH_SOURCE[0]})")"

# Get the relative path of THIS script file:

ThisPathRel=`dirname $0`

# Call the Bitcoin client and put the data in the subdirectory "myDataDir":

`$ThisPathRel/Bitcoin -datadir="$ThisPathAbs/myDataDir"` &

� Once you have started the Bitcoin client, it will immediately create various files in the directory“/media/truecrypt1/myDataDir/”. One of these files is “wallet.dat”.

� Now you should manually create addresses in the Bitcoin client - I propose about 10 addressesor so for now. Then you may want to copy-paste them to a new text file (e.g.“myBitcoinAddresses.txt”) that I propose to locate at the same location where the two

*.tc Truecrypt container files and the “knoppix.img” file are located.

� At some point in time you close the Bitcoin client.

� Then you mount the other, smaller 1 MB Truecrypt container file to slot 2, such that you get adirectory “/media/truecrypt2/”. You copy the file “wallet.dat” from

“/media/truecrypt1/myDataDir/wallet.dat” to

“/media/truecrypt2/wallet.dat”.

� Now you can dismount both container files in the Truecrypt GUI window, and you can (andshould) make multiple copies of your 1 MB container file“myBitcoinWalletSafeStorage.tc” and upload it to many different locations in the

internet cloud.

The following illustration summarizes the final system setup with Knoppix 5.3.1/5.1.1 at a glance:



Final System Setup: Knoppix 5.3.1/5.1.1 with Live DVD/CD:


PC with Knoppix 5.3.1 Live DVD (or 5.1.1 Live CD)

(using a "Write-Once" DVD/CD, but NOT a Re-Writable DVD/CD)

Insecure Operating System – e.g. Microsoft Windows

Hard Drive or USB Stick or other NON-Encrypted Storage Medium

has access to

* knoppix.img [200 MB] (256 bit AES encrypted by Knoppix)

/media/truecrypt1/....../bitcoin (ver. 0.3.22 & 23 do NOT work)

.../btc_start

.../myDataDir/wallet.dat

.../myDataDir/<other files>

copy manually

/media/truecrypt2/wallet.dat

* myBitcoinOperationalSpace.tc [4 GB] (strongly encrypted by Truecrypt)

* myBitcoinWalletSafeStorage.tc [1 MB] (strongly encrypted by Truecrypt)

* myBitcoinAddresses.txt (UNencrypted, intentionally)

Contains all "persistent" user settings/modifications of the Knoppix 5.3.1/5.1.1 Live system

...14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR...etc.

Read access(for sending BTCs to these addresses)

* Virus X – ad libitum

* Trojan Y – ad libitum

* Malware Z – ad libitum

Read access(for making backups of container file)



Ubuntu 10.04.2 LTS Bootable USB Stick(1 GB possible, 4 GB recommended)

[Download: http://releases.ubuntu.com/lucid/ubuntu-10.04.2-desktop-i386.iso, or more generallyhttp://releases.ubuntu.com/lucid/]

[Restrictions: None. Both Bitcoin versions 0.3.21 and 0.3.23 for Linux have been verified to work.

The system setup is similar to Example 1:


� Bootable USB stick containing the Ubuntu 10.04 LTS system

� Software Truecrypt 7.0a (like in Example 1) is installed on top (also on this USB stick)

� Additionally ca. 3 to 4 GB of hard disk/flash memory space, or some extra space on the sameUSB stick, for a Truecrypt container file of ca. 3-4 GB size.

� Some small (ca. 1 MB) hard disk or flash memory space outside this USB stick, to store another1 MB Truecrypt container file and an UNencrypted plain text file “myBitcoinAddresses.txt”.

PROs and CONs relative to Example 1:

PROs:

� Compatible with both older and newer versions of the Linux Bitcoin client.

� Also works on systems without CD/DVD drive, e.g. netbooks.

CONs:

� Contents of the USB stick are not encrypted, including...

� ...system files (boot section, kernel, all original DVD/CD files)

� ...persistent user data (e.g. installed software like Truecrypt)

This means that theoretically somebody (or another infected system) having access to the USBstick could compromise its contents, e.g. by installing a Trojan by modifying some files withoutyour knowledge. Then, next time you boot from the USB stick and open a Truecrypt containerfile, your private keys (wallet.dat) can be read by this Trojan.

Note that in Example 1 this cannot happen, because the contents of the Live DVD/CD cannot bemodified physically (unless the optical disc is re-writable), and also the “knoppix.img” image

file is strongly encrypted and therefore cannot be changed without the owner noticing this (thatimage file would not function any more if it was manipulated).

System Setup:


� Download ISO image suitable to your computer hardware (e.g. see link above).

� Burn ISO image to a CD

� Boot from this CD

� Create a bootable USB stick with the USB-creator tool that comes along with the Ubuntu Live� �CD (in the menu select System Administration Startup Disk Creator).



� Inside this USB creator tool, first delete the complete USB stick, to have a “clean basis”.

� For the amount of persistent space to allocate, select 200 MB, this should be enough, for thesame reason as for Knoppix 5.3.1 in Example 1: Only few changes are supposed to be doneon this system, because it shall only be used for running the Bitcoin client.

� Shut down PC, remove CD, boot from USB stick (make sure that booting from USB is activatedin the BIOS of your computer).

� The rest of the system setup is the same as what is described for Example 1, i.e. installingTruecrypt, creating the two *.tc container files and populating them with the appropriate fileslike bitcoin executable, btc_start shell script and myDataDir subdirectory.

Note: The USB stick is now formated in FAT32 and it contains one partition only. There are variousfiles and directories on the stick, amongst others a ca. 200 MB file called “casper-rw” which

serves the same purpose as “knoppix.img” in Example 1, namely to store persistently all user

settings and system modifications relative to the original Live CD. Note however that this file is notencrypted.

All these files take up ca. 900 MB of space on the USB stick. The rest is still free and couldoptionally be used to store these files, that in Example 1 have been stored to an extra medium:

� �myBitcoinOperationalSpace.tc ca. 3-4 GB Truecrypt container file

� �myBitcoinWalletSafeStorage.tc 1 MB Truecrypt container file

� �myBitcoinAddresses.txt UNencrypted plain text file

Of course, if this is only a 2 GB (or 1 GB) USB stick, you may prefer to (or you have to) store thesedata to an external place (like hard disk or another flash medium), just like in Example 1.

� In any case, you should also save a version of “myBitcoinAddresses.txt” to another place

outside this USB stick, i.e. to some other hard disk or flash memory space.

� The reason is that you may later want to access this file from an insecure system (like “yourdaily working PC”), and you should not expose your unencrypted USB stick's system andpersistent user data files to that insecure system to avoid any potential corruption.

The following illustration summarizes the final system setup with Ubuntu 10.04.2 LTS at a glance:



Final System Setup: Ubuntu 10.04.2 LTS on USB Stick:


Other Non-Encrypted Storage Medium (Hard Disk or Flash Medium)

Same USB Stick [or below's other Non-Encrypted Storage Medium]


PC with bootable USB Stick with Ubuntu 10.04.2 LTS

has access to

* casper-rw [200 MB] (not encrypted, unfortunately)


/media/truecrypt1/....../bitcoin.../btc_start.../myDataDir/wallet.dat.../myDataDir/<other files>

* myBitcoinOperationalSpace.tc [3-4 GB] (strongly encrypted by Truecrypt)


* System Files from CD [700 MB] (not encrypted, unfortunately)

Contains all "persistent" user settings/modifications of the Ubuntu 10.04.2 LTS Live system








copy manually



Knoppix 6.4.4 Bootable USB Stick(1 GB possible, 4 GB recommended)

[Download: http://www.kernel.org/pub/dist/knoppix]

[Restrictions: None. Both Bitcoin versions 0.3.21 and 0.3.23 for Linux have been verified to work.

Note ahead: A further improvement that renders this system almost as secure as Example 1 (i.e.secure against manipulation of the USB stick's system files from somebody who has physicalaccess to the stick) is given in Annex 3 as “Example 3+”.

The system setup is similar to Example 1, the system architecture is the same as in Example 2:


� Bootable USB stick containing the Knoppix 6.4.4 system

� Software Truecrypt 7.0a (like in Example 1 or 2) is installed on top (also on this USB stick)

� Additionally ca. 3 to 4 GB of hard disk/flash memory space, or some extra space on the sameUSB stick, for a Truecrypt container file of ca. 3-4 GB size.

� Some small (ca. 1 MB) hard disk or flash memory space outside this USB stick, to store another1 MB Truecrypt container file and an UNencrypted plain text file “myBitcoinAddresses.txt”.

PROs and CONs relative to Examples 1 or 2:

PROs:

� Compatible with both older and newer versions of the Linux Bitcoin client (like Example 2).

� Also works on systems without CD/DVD drive, e.g. netbooks (like Example 2).

� The persistent image file is encrypted like in Example 1, and not unencrypted like in Example 2.

CONs:

� System files (boot section, kernel, all original DVD/CD files) are unencrypted, like in Example 2,whereas they are safe against manipulation in Example 1, because physically burned on a DVD/CD.

System Setup:


� Download ISO image suitable to your computer hardware (e.g. see link above) and languagepreference (German or English).

� Burn ISO image to a CD

� Boot from this CD

� Execute the program “flash-knoppix” either from the console or by starting it via the menu:�Settings KNOPPIX install to Flash Disk (see screenshot). This will create a bootable USB stick.



� A short interactive dialog will pop up. At one point it offers the choice between eithercompletely deleting the whole USB stick (=”yes”), or just copying the Knoppix Live CD filesto your USB stick (=”no”). Select “yes”.

� Shut down PC, remove CD and boot from USB stick (make sure that booting from USB isactivated in the BIOS of your computer).

� If booting fails: See �Annex 1 for failure handling/workaround to fix this. Then go on:

� During this first boot process from USB stick you will be asked about the amount of persistentspace to allocate on the USB stick. The minimum of 200 MB shall be enough, for the samereason as in Examples 1 and 2: Only few changes are supposed to be done on this system,because it shall only be used for running the Bitcoin client.

� Afterwards you will be asked if you want to encrypt this file that contains the persistent settings.Select “yes” for encryption and choose a safe password. A strong 256 bit AES key will be usedfor encryption.

� The rest of the system setup is the same as what is described for Example 1, i.e. installingTruecrypt, creating the two *.tc container files and populating them with the appropriate fileslike bitcoin executable, btc_start shell script and myDataDir subdirectory.

Note: The USB stick is now formated in FAT32 and it contains one partition only (like in Example2). There is one file “./ldlinux.sys” and two directories (“./boot/” and “./KNOPPIX/”)

containing various further files, amongst others the 200 MB strongly encrypted file“./KNOPPIX/knoppix-data.aes” which serves the same purpose as “casper-rw” or

“knoppix.img” in Examples 1 and 2 respectively, namely to store persistently all user settings and

system modifications relative to the original Live CD.

All these files take up ca. 900 MB of space on the USB stick. The rest is still free and couldoptionally be used to store these files, that in Example 1 have been stored to an extra medium:

� �myBitcoinOperationalSpace.tc ca. 3-4 GB Truecrypt container file

� �myBitcoinWalletSafeStorage.tc 1 MB Truecrypt container file

� �myBitcoinAddresses.txt UNencrypted plain text file

Of course, if this is only a 2 GB (or 1 GB) USB stick, you may prefer to (or you have to) store thesedata to an external place (like hard disk or another flash medium), just like in Example 1.

� In any case, you should also save a version of “myBitcoinAddresses.txt” to another place

outside this USB stick, i.e. to some other hard disk or flash memory space.

� The reason is that you may later want to access this file from an insecure system (like “yourdaily working PC”), and you should not expose your unencrypted USB stick's system files tothat insecure system to avoid any potential corruption.

The following illustration summarizes the final system setup with Knoppix 6.4.4 at a glance:



Final System Setup: Knoppix 6.4.4 on USB Stick:





PC with bootable USB Stick with Knoppix 6.4.4

has access to

* ./KNOPPIX/knoppix-data.aes [200 MB] (256 bit AES encrypted by Knoppix)






Contains all "persistent" user settings/modifications of the Knoppix 6.4.4 Live system








copy manually


Summary and Recommendations

Some best practice examples have been given. Now the question is:

“Which is the best way to go in my case?”

The answer:

� If you want ultimate security such that you are safe even if another person has physical access toyour system medium (Live DVD/CD or bootable USB stick), go after Example 1 (Knoppix5.3.1/5.1.1 Live DVD/CD).

� Disadvantage: The most recent Bitcoin client version (0.3.22 and 0.3.23) will not work, but you should also be able to work with Bitcoin client version 0.3.21 for all future, because the Bitcoin protcol can never change by design.

� If you are really sure that your system medium (bootable USB stick) is safe against physicalaccess by another skilled person, you can go for a bootable USB stick according to Example 2(Ubuntu 10.04.2 LTS) or Example 3 (Knoppix 6.4.4).

� Advantages: Compatibility, Versatility, Comfort:

� All currently known Bitcoin client versions up to 0.3.23 work well (for future Bitcoinversions' compatibility Knoppix 6.4.4 might be of advantage over Ubuntu 10.04.2 LTSas being the later release with the newer kernel – 2.6.36 as opposed to 2.6.32).

� It also works for computers without DVD/CD drive, e.g. netbooks.

� The boot process is faster than with a Live DVD/CD(but even with Example 1's Live DVD the boot and system speed is well acceptable).

� Disadvantages: Security:

� Both Ubuntu 10.04.2 LTS and Knoppix 6.4.4 solutions have the system data (i.e. theoriginal data from the Live CD) stored on the USB stick in UNencrypted form. Thismeans that, theoretically, somebody who has physical access to this USB stick couldmodify this system data by implanting a Trojan without your knowledge and put theUSB stick back to where it was. Then next time you take this stick, boot from it and startyour Bitcoin client session, the Trojan could read your private keys (wallet.dat) and sendthem to the attacker without you realizing this.

In this respect, Knoppix 6.4.4 is slightly more secure than Ubuntu 10.04.2, becauseKnoppix stores at least the persistent user data in encrypted form, such that this partcannot be altered systematically without knowledge of the password. In contrast,Ubuntu also stores the persistent user data in UNencrypted form on the stick, such thatthe attacker could also modify this data for implanting a Trojan (e.g. by modifying the“truecrypt” binary file). So at least the chances that somebody with physical access to thebootable USB stick implants a Trojan into the system behind your back are a bit lowerwith the Knoppix 6.4.4 system than with the Ubuntu 10.04.2 LTS system.And: The Knoppix 6.4.4 USB system can be made even more secure, to meet almostthe security level of the Live DVD/CD solution (Example 1), by employing theenhancements of Annex 3, where a solution referred to as “Example 3+” is proposed!

Finally remember once again the PASSWORD GUIDELINES:

All the above is in vain if you do not use secure and safe passwords!!!This means, the password (actually a better name is “passphrase”) should be...

� Not Crackable, i.e. sufficiently long and complex (including special characters andnumbers), minimum 25 characters recommended, but also safe against dictionary attacks(for example “Antidisestablishmentarian123” or “Disestablishment_Orthographically” areweak passwords despite their length)

� Not Guessable by any other person who knows you well. A bad example is this passwordcontaining commonly known private data: “Maximilian 3.11.2006 Laura 5.7.2009”.

� Not FORGETTABLE by yourself – this is at least equally important!



Annex 1: Workaround if Knoppix 6.4.4 USB Stick does not boot

In my case, the PC did not boot from the USB stick after I had created the (allegedly) bootable USBstick with “flash-knoppix” from Knoppix 6.4.4 as described in Example 3. Apparently, the masterboot record (MBR) was written to the USB stick by “flash-knoppix” in a way unsuitable for my PC.However, all the Knoppix files (“./ldlinux.sys”, “./KNOPPIX/<various_files>” and“./boot/<various_files>”) have been copied to the USB stick correctly.

Moreover, the corresponding procedure with Ubuntu 10.04.2 LTS (acc. to Example 2) wassuccessful and the same USB stick became bootable, which proves that in general my system (PCand USB stick hardware) was able to boot from an USB stick.

If this combination also applies to you, you will probably succeed in creating a bootable Knoppix6.4.4 USB stick by following the steps below.

I found out that the following workaround yields a Knoppix 6.4.4 bootable USB stick, after havingtried unsuccessfully to create a bootable Knoppix 6.4.4 USB stick acc. Example 3:

� Boot the PC with the Ubuntu 10.04.2 LTS Live CD from Example 2.

� Plug in the USB stick.

� Save all Knoppix 6.4.4 files from the USB stick (i.e. (“./ldlinux.sys”,“./KNOPPIX/<various_files>” and “./boot/<various_files>”) to “another place”, e.g. to thehard disk, while keeping the directory structure intact. Most easily, you may want to use thenautilus file manger for this.

� Create a Ubuntu bootable USB stick in the way as described in Example 2, but do not createpersistent user memory this time (can be deselected by a radio button at the bottom of the GUIwindow).

� Shut down the PC.

� Unplug the USB stick.

� Now boot the PC from the Knoppix 6.4.4 Live CD. This is important! This step appears overlycomplicated, but the following copy-operation did not yield the desired result [=bootableKnoppix USB stick] when doing it within the Ubuntu 10.04.2 LTS system!

� Plug in the USB stick.

� Open a window of Knoppix' default file manger (pcmanfm) and locate the USB stick.

� � �Delete all data from the USB stick via the file manager. Also select “Menu View Show hiddenfiles” and delete also the hidden files on the USB stick. (Note: Of course the MBR that has beenwritten by Ubuntu just before cannot be deleted by this operation, and this is exactly what wewant, to have a really bootable USB stick at the end.)

� Open a second window of the file manger and find the location where you had copied all theKnoppix data in bullet #3 above.

� Copy all this content from this directory back to the USB stick by drag&drop or by copy&paste.Do this in the following order:

� First the file “ldlinux.sys”,

� Second the directory “boot/” with all its contents,

� Third the directory “KNOPPIX/” with all its contents

(the third step may take a few minutes to complete).

� Close all file manager windows.

� Unmount the USB stick (e.g. via right-click context menu of the USB stick's desktop icon).

� Shut down the PC.

Done. Now it should be possible to boot Knoppix 6.4.4 with this USB stick, and you can continuewith the rest of the descriptions of Example 3.



Annex 2: SHA1 Checksums for Linux Bitcoin Client Files

Originally downloaded files:

6b3e3edb3cc0a167166ace9f18e20f191415d560 *bitcoin-0.3.19-linux.tar.gz

5c73031ee872884e741a3cd77d50732b7168f127 *bitcoin-0.3.20.2-linux.tar.gz

54254cba039b02a2f49fdc98b8fe820d0fd4e410 *bitcoin-0.3.21-linux.tar.gz

19a53c245f2a96de4f12264b8c2980adf85a814e *bitcoin-0.3.22-linux.tar.gz

d7a34e1151dedfba5af1bf7496ed041f5b4955e5 *bitcoin-0.3.23-linux.tar.gz

Binary executable files “bitcoin” (here manually renamed to include version number and targethardware):

c408a6fd08acde909c762bf63ac50f07bbd79a99 *bitcoin_0-3-19_32bit

1692bc6ac635ad4a27e690ee5d9320b9273e9ceb *bitcoin_0-3-19_64bit

314456baba43ca0ab5aee1e5131d9087378650c3 *bitcoin_0-3-20-2_32bit

9eb4834cbc12072c565e6b9a125321607b1141e9 *bitcoin_0-3-20-2_64bit

6bfc4fedd369df2b6185c7e35a5ba24cff98c234 *bitcoin_0-3-21_32bit

6d91de0410f1c6574db6f0e404e6effa62201874 *bitcoin_0-3-21_64bit

7ffc121f4a190ee34676e30562bdd9224e6d5306 *bitcoin_0-3-22_32bit

f30e6dd8771effef27355e2588dcfbce5d03cdd0 *bitcoin_0-3-22_64bit

0a33f90785f6d7b1aaf79bee82fb321adbec5c31 *bitcoin_0-3-23_32bit

9cae07b9e2117ec18c82f4bef14d7e0356301701 *bitcoin_0-3-23_64bit

Binary executable files “bitcoind”:

(-- not provided here due to lack of time --)



Annex 3: Enhanced Best Practice Example “3+”:

Knoppix 6.4.4 Bootable USB Stick� almost as secure as with a Live DVD/CD

The improvement to the solution of “Example 3” consist of the following enhancement:

You create another small 500 kB Truecrypt container file on the same storage medium as the file“myBitcoinOperationalSpace.tc”, and you name it “ChecksumVerification.tc”.

After mounting this container to “/media/truecrypt3/”, it gets populated with the following files:

/media/truecrypt3/sha1sum_owncopy

/media/truecrypt3/sha1sums_knoppix644usb_critical.txt

/media/truecrypt3/sha1sums_knoppix644usb_uncritical.txt

/media/truecrypt3/sha1sums_dummy.txt

/media/truecrypt3/sha1sum_check_knoppix644usb.sh

/media/truecrypt3/file_existence_check.sh

These files are characterized as follows:

� “sha1sum_owncopy”: This is a copy of the file “/usr/bin/sha1sum” on your system. So you

just copy it to the indicated location inside the Truecrypt container and rename it.

� “sha1sums_knoppix644usb_critical.txt”: This ASCII file contains a list of SHA1

checksums for all “critical” Knoppix 6.4.4 system files that reside on the USB stick. These arefiles that have been copied from the Knoppix Live CD when the USB stick was created and arecrucial for the functioning of the operating system (or the boot process).

� “sha1sums_knoppix644usb_uncritical.txt”: Similarly, this list corresponds to files that

have also been copied from the Live CD, but these are not critical in the sense that modificationof these files could not implant a Trojan that reads your Bitcoin private keys.

� “sha1sums_dummy”: This file is also detailed below.

� “sha1sum_check_knoppix644usb.sh”: This is an executable shell script file also to be

created with a text editor. Its contents are given below. Make sure it has the executable flag set�in the Linux file system (e.g. with the file manager via right-click on the file “Properties” ...).

� “file_existence_check.sh”: Another shell script specified below.

Moreover, you create a Desktop icon by creating the ASCII file “start_sha1_check.desktop”

(with contents as specified below) like this:

� �In the File Manager On the left window side select “Desktop” On the right window side right-� �click the empty space New Blank File ...

/home/knoppix/Desktop/knoppix_sha1_check.desktop

After having created all these files, a simple double click on the Desktop icon reading “KnoppixSHA1 Check” will open a terminal window and inform if the system is corrupted or OK.

This check should always be performed directly after booting, before one of the Bitcoin-relatedTruecrypt container files is opened. Remember to always mount “ChecksumVerification.tc”

on truecrypt slot #3. Concerning the password for “ChecksumVerification.tc”, it should be

different from the passwords of the Bitcoin related Truecrypt containers!

In this way, any corruption of system data would now become visible by the SHA1 checksums, suchthat you can (and should) decide not to open your Bitcoin related Truecrypt container files in anunsecure environment.



Annex 3.1: Desktop Files

File://home/knoppix/Desktop/ knoppix_sha1_check.desktop

[Desktop Entry]

Name=Knoppix SHA1 Check

Exec=/media/truecrypt3/sha1sum_check_knoppix644usb.sh

Icon=lxterminal

Type=Application

Annex 3.2: Lists of SHA1 Checksums

File://media/truecrypt3/ sha1sums_dummy.txt

1234567890abcdef1234567890abcdef12345678 *file_existence_check.sh

File://media/truecrypt3/ sha1sums_knoppix644usb_critical.txt

08a66971bc07d94083d4adef6f2bb5ad486a8625 */mnt-system/ldlinux.sys

a27858f5178462afd11d5c8ae9bff1106658d07c */mnt-system/boot/syslinux/balder.img

b21c7034c3e80dbecd14bf210fe0af872a547138 */mnt-system/boot/syslinux/linux

b5ff7af6b4bc9104c349acf99940a0353c4b94c4 */mnt-system/boot/syslinux/linux64

8090e0e2ca937d062782bdce1234c6ecbf862979 */mnt-system/boot/syslinux/logo.16

f08e1a0b0f907cb2556e4391f64ba6dca9f6250b */mnt-system/boot/syslinux/memdisk

6782abfa3ecf899028bd01e14e53f0760a08d40b */mnt-system/boot/syslinux/memtest

53017a3189cd6fd566eee1e78612a64ec6c6b85b */mnt-system/boot/syslinux/minirt.gz

b3235556ffe7da2735e4c6a1e0245557925d2f09 */mnt-system/KNOPPIX/KNOPPIX

File://media/truecrypt3/ sha1sums_knoppix644usb_uncritical.txt

(German version of the Knoppix 6.4.4 CD)

59b6526a7b1fd5d2e8fb4a047dd5ad3785f1b58d */mnt-system/boot/syslinux/boot.msg

16c983dd8ff10a57c4cd734eabeb073f702ed7d5 */mnt-system/boot/syslinux/f2

f188a356f1f242dc1ecfa2478145499c22f7aa07 */mnt-system/boot/syslinux/f3

3a6979d9af4ea8c21af2e406baad7854b316b5df */mnt-system/boot/syslinux/german.kbd

3d4c255518be7d6ddc5bb340b41c1eed5b5ab071 */mnt-system/boot/syslinux/syslinux.cfg

6b5960039d0407a3b3c77fddc2efc85c31befb52 */mnt-system/KNOPPIX/background.png

1dd5c3ea70a32db0a3593a9ce05a23a81c441864 */mnt-system/KNOPPIX/background.README.txt

0794431f9dbfb5908ebb39ffab9fc6c64db167ec */mnt-system/KNOPPIX/index_de.html

1277b725e0ebca59af4f2a1532fdff18850b90d9 */mnt-system/KNOPPIX/index_en.html

8ef8c849eca5a570395b0dc587a94d998acf1125 */mnt-system/KNOPPIX/index_es.html

031b7bb6488bf86123a0ace8dd37ab7c9249317d */mnt-system/KNOPPIX/index_fr.html

952916a373c399d16b9f536f6e8c7a067aeba917 */mnt-system/KNOPPIX/index_it.html

45a173f224be7fad9afd213c0143c032bcea274f */mnt-system/KNOPPIX/knoppix-cheatcodes.txt

e79418fa56c0199da83db4b5b902323b6d40d9c1 */mnt-system/KNOPPIX/knoppix-logo-medium.png

9f8659b5321990f9f592754156e13bfdeb16ed50 */mnt-system/KNOPPIX/knoppix-logo-small.png

4917ef8981a9062f1a64d81bf2f29aad6c0a6804 */mnt-system/KNOPPIX/LICENSE.txt

7edea2650a3dc9b8218107cf4c55dcd74b76e15a */mnt-system/KNOPPIX/README_Security.txt

466a91c5fd5d345bb19d1c9419d9bd0734583151 */mnt-system/KNOPPIX/SOURCES.txt



File://media/truecrypt3/ sha1sums_knoppix644usb_uncritical.txt

(English version of the Knoppix 6.4.4 CD)

59b6526a7b1fd5d2e8fb4a047dd5ad3785f1b58d */mnt-system/boot/syslinux/boot.msg

eff1e6009cde3cdc445b25cc0b69e8c3f249a8cd */mnt-system/boot/syslinux/f2

4c07e66ed05fbb4011a76a2ef0ca7c50eb8c1f3f */mnt-system/boot/syslinux/f3

3a6979d9af4ea8c21af2e406baad7854b316b5df */mnt-system/boot/syslinux/german.kbd

573431af090e175231509b80bb4953a49a5a8d24 */mnt-system/boot/syslinux/syslinux.cfg

6b5960039d0407a3b3c77fddc2efc85c31befb52 */mnt-system/KNOPPIX/background.png

1dd5c3ea70a32db0a3593a9ce05a23a81c441864 */mnt-system/KNOPPIX/background.README.txt

0794431f9dbfb5908ebb39ffab9fc6c64db167ec */mnt-system/KNOPPIX/index_de.html

1277b725e0ebca59af4f2a1532fdff18850b90d9 */mnt-system/KNOPPIX/index_en.html

8ef8c849eca5a570395b0dc587a94d998acf1125 */mnt-system/KNOPPIX/index_es.html

031b7bb6488bf86123a0ace8dd37ab7c9249317d */mnt-system/KNOPPIX/index_fr.html

952916a373c399d16b9f536f6e8c7a067aeba917 */mnt-system/KNOPPIX/index_it.html

45a173f224be7fad9afd213c0143c032bcea274f */mnt-system/KNOPPIX/knoppix-cheatcodes.txt

e79418fa56c0199da83db4b5b902323b6d40d9c1 */mnt-system/KNOPPIX/knoppix-logo-medium.png

9f8659b5321990f9f592754156e13bfdeb16ed50 */mnt-system/KNOPPIX/knoppix-logo-small.png

4917ef8981a9062f1a64d81bf2f29aad6c0a6804 */mnt-system/KNOPPIX/LICENSE.txt

7edea2650a3dc9b8218107cf4c55dcd74b76e15a */mnt-system/KNOPPIX/README_Security.txt

466a91c5fd5d345bb19d1c9419d9bd0734583151 */mnt-system/KNOPPIX/SOURCES.txt

Annex 3.3: Shell Scripts

File://media/truecrypt3/ file_existence_check.sh

#!/bin/bash

if ! [ -f $1 ]; then

echo "--> ERROR: File \"$1\" does NOT exists!"

exit 1

fi

exit 0



File://media/truecrypt3/ sha1sum_check_knoppix644usb.sh

#!/bin/bash

tty -s

if (($? != 0)); then

# Default size of the terminal window:

#lxterminal -e "$0"

# larger terminal window - recommended:

lxterminal --geometry=80x35 -e "$0"

# Even larger terminal window:

#lxterminal --geometry=120x49 -e "$0"

exit

fi

# The code above checks if the script is already running in a terminal window.

# If not, it opens a terminal window and executes the script there.

cd /media/truecrypt3

# -------------------------------------------------------------------------

# First of all, we make some file existence checks.

# If the files do not exist, an sha1sum check is not possible anyway.

echo "Part 1: Checking existence of important files"

echo "---------------------------------------------"

root_path_of_usb_stick=/mnt-system

cnt=0

./file_existence_check.sh $root_path_of_usb_stick/ldlinux.sys

a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ]

./file_existence_check.sh $root_path_of_usb_stick/boot/syslinux/balder.img

a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ]

./file_existence_check.sh $root_path_of_usb_stick/boot/syslinux/linux

a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ]

./file_existence_check.sh $root_path_of_usb_stick/boot/syslinux/linux64

a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ]

./file_existence_check.sh $root_path_of_usb_stick/boot/syslinux/logo.16

a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ]

./file_existence_check.sh $root_path_of_usb_stick/boot/syslinux/memdisk

a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ]

./file_existence_check.sh $root_path_of_usb_stick/boot/syslinux/memtest

a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ]

./file_existence_check.sh $root_path_of_usb_stick/boot/syslinux/minirt.gz

a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ]

./file_existence_check.sh $root_path_of_usb_stick/KNOPPIX/KNOPPIX

a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ]

if (( $cnt > 0 )); then

echo "*****************************************************************"

echo "ERROR: $cnt essential file(s) could not be found."

echo . . . .Therefore, the SHA1 checksum test is not possible.

echo . . . .The script is aborted at this point.

echo

echo . . . .Consider modifying the variable \"root_path_of_usb_stick\"



echo . . . .inside the file \"sha1sum_check_knoppix644usb.sh\".

echo

echo . . . .Then also adapt the paths correspondingly in the files

echo . . . .\"sha1sums_knoppix644usb_critical.txt\" and

echo . . . .\"sha1sums_knoppix644usb_uncritical.txt\".

echo "*****************************************************************"

echo ' _____ _ _ '

echo ' | ___|_ _(_) |_ _ _ __ ___ '

echo ' | |_ / _` | | | | | |' "'"'__/ _ \ '

echo ' | _| (_| | | | |_| | | | __/ '

echo ' |_| \__,_|_|_|\__,_|_| \___| '

echo

echo "------- Press <ENTER> key to quit -------"

read

exit $cnt

fi

# -------------------------------------------------------------------------

echo Done.

echo

# Specify the ASCII files containing the lists of SHA1 checksums:

#sha1sum_List_all=`sha1sums_knoppix644usb_all.txt`

sha1sum_List_uncritical=sha1sums_knoppix644usb_uncritical.txt

sha1sum_List_critical=sha1sums_knoppix644usb_critical.txt

# Check system files on the USB stick for integrity

# (those files created at creation of the bootable USB stick):

# Checking all files:

#`./sha1sum_owncopy -c --status $sha1sum_List_all`

#ErrorCode_0=$?

# Checking the non-critical files:

echo "Part 2: Checking the uncritical KNOPPIX system files..."

echo "-------------------------------------------------------"

`./sha1sum_owncopy -c --status $sha1sum_List_uncritical`

ErrorCode_1=$?

echo Done.

echo

# Checking the critical files:

echo "Part 3: Checking the critical KNOPPIX system files (takes a bit longer...)"

echo "--------------------------------------------------------------------------"

`./sha1sum_owncopy -c --status $sha1sum_List_critical`

ErrorCode_2=$?

echo Done.

echo

if (($ErrorCode_2 == 0)); then

# No critical errors:

if(($ErrorCode_1 == 0)); then

echo "-------------------------------------------------------------"

echo "Check passed! All system files are the original system files."



echo "Everything is OK."

echo "-------------------------------------------------------------"

else

echo "++++++++++++++++++++++++++++++++++++++++++"

echo Warning: Some files have been changed, but

echo . . . . .these are uncritical files.

echo . . . . .No serious reason to worry about.

echo "++++++++++++++++++++++++++++++++++++++++++"

echo Here are the details:

./sha1sum_owncopy -w -c $sha1sum_List_uncritical

echo "++++++++++++++++++++++++++++++++++++++++++"

echo ' __ __ _ '

echo ' / / /\ \ \__ _ _ __ _ __ (_)_ __ __ _ '

echo ' \ \/ \/ / _` | '"'"'__| '"'"'_ \| | '"'"'_ \ / _` | '

echo ' \ /\ / (_| | | | | | | | | | | (_| | '

echo ' \/ \/ \__,_|_| |_| |_|_|_| |_|\__, | '

echo ' |___/ '

fi

else

# Critical errors have occurred:

echo "******************************************"

echo "***** ALERT! VERY SERIOUS WARNING!!! *****"

echo "******************************************"

echo Important system files have been modified!

echo Your system might be corrupted!

echo Use it at your own risk!

echo "******************************************"


./sha1sum_owncopy -w -c $sha1sum_List_critical

echo "******************************************"

echo ' _____ _ _ '

echo ' | ___|_ _(_) |_ _ _ __ ___ '

echo ' | |_ / _` | | | | | |' "'"'__/ _ \ '

echo ' | _| (_| | | | |_| | | | __/ '

echo ' |_| \__,_|_|_|\__,_|_| \___| '

if(($ErrorCode_1 != 0)); then

echo "++++++++++++++++++++++++++++++++++++++++++"

echo Moreover, also some of the

echo \"uncritical files\" differ from their

echo original versions.

echo "++++++++++++++++++++++++++++++++++++++++++"


echo "++++++++++++++++++++++++++++++++++++++++++"

./sha1sum_owncopy -w -c $sha1sum_List_uncritical

echo "++++++++++++++++++++++++++++++++++++++++++"

fi

fi



# Check if the file is able to generate bad checksums in the first place:

`./sha1sum_owncopy -w -c --status sha1sums_dummy.txt`

ErrorCode_Dummy=$?



if (($ErrorCode_Dummy == 0)); then

echo

echo "*************************************************"

echo "***** ALERT! SHA1 Checksum Malfunctioning! ******"

echo "*************************************************"

echo The checksum function produces good results

echo even when the checksum is actually bad.

echo This might mean that the system is corrupted!

echo Use it at your own risk!

echo "*************************************************"

echo Here are the details

echo "(the following SHOULD give a BAD checksum):"

./sha1sum_owncopy -w -c sha1sums_dummy.txt

echo "*************************************************"

echo ' _____ _ _ '

echo ' | ___|_ _(_) |_ _ _ __ ___ '

echo ' | |_ / _` | | | | | |' "'"'__/ _ \ '

echo ' | _| (_| | | | |_| | | | __/ '

echo ' |_| \__,_|_|_|\__,_|_| \___| '

else

echo ' ____ '

echo ' / ___| _ _ ___ ___ ___ ___ ___ '

echo ' \___ \| | | |/ __/ __/ _ \/ __/ __|'

echo ' ___) | |_| | (_| (_| __/\__ \__ \'

echo ' |____/ \__,_|\___\___\___||___/___/'

fi

fi

fi

echo

echo "------- Press <ENTER> key to quit -------"

read

The following illustration summarizes the final system setup with Knoppix 6.4.4 on a bootable USBstick, when including those mechanisms that allow to discover a corruption of the USB stick:







PC with bootable USB Stick with Knoppix 6.4.4

has access to

* ./KNOPPIX/knoppix-data.aes [200 MB] (256 bit AES encrypted by Knoppix)






Contains all "persistent" user settings/modifications of the Knoppix 6.4.4 Live system








copy manually

* ChecksumVerification.tc [500 kB] (strongly encrypted by Truecrypt)

password = same as for knoppix-data.aes, but different from the 1MB and 4GB file

/media/truecrypt3/....../sha1sum_owncopy.../file_existence_check.sh.../sha1sum_check_knoppix644usb.sh.../sha1sums_dummy.txt.../sha1sums_knoppix644usb_critical.txt.../sha1sums_knoppix644usb_uncritical.txt

verify integrity by SHA1 checksums

All these

files could

actually be

loacated

on the USB

stick in this

variant.

Because, if

the

insecure

Operating

System

(bottom of

figure)

corrupted

the system

files, this

would be

discovered

before it

can do any

harm to

your

Bitcoin

private

keys.

bitcoin safe usage v02

Documents