Quote:
Originally Posted by gehrig
steelhouse,
I feel pretty confident that the only security solution you can trust right now is a personal one.
There's some good guides I can look up if anyone in this thread needs help setting something up. For almost everyone there's almost no value in keeping your coins ultraliquid, so just keep them on an $8 thumb drive.
There's no such thing as keeping them on an $8 thumb drive. You keep them on everyone who has the block chain.
The trouble is you need to keep a private key that is both backed up in several places, and not susceptible to getting taken by unwanted people. Those are two conflicting items.
As far as I know, there is no way to hand generate a private/public key pair. This means you must rely on a machine to do it. The machine must be trusted to not give it away to anyone else. You need to set up a secure machine and make sure all traces of the key are removed before ever connecting this machine to anything. If you have a dedicated machine that is not connected to the internet (and is never connected), you can do this. If you ever connect it, you need to trust that you removed all records of the key and that no malicious software was on the machine when the key was generated.
You can be *more* secure than most people by doing some of the steps above, although you still have some potential vulnerabilities. Add that to needing to having several backup copies of the private key in case one is lost (a $8 thumb drive seems like a terrible place to put all your eggs, although 5 of them might be sufficient).
Security needs to be extra effective since there is no way to identify who is stealing your coins. There is no recourse if you get them stolen. If you lose your key, you are SOL. The average person is not capable or not willing to spend the money (it's simply not worth it). This means you would have to trust others. In a mature market, that may be possible, but right now, it's quite clear how foolish it is to trust others in an anonymous decentralized system.