Security of 1. transactions with exchange and 2. storage

[moogradod]

I am new to everything related to bitcoins and I have two questions:

 

1. Which bitcoin exchange is trustworthy when you want to buy or sell from within Thailand as a German national. The homepages of some of the exchanges I have looked at on the net look like they have been implemented by 10 year olds, conveying little trust in the exchange. One exchange that has at least an acceptable appearance is coinbase.com, but they do not accept transactions from Thailand. Exchanges that prominently display tons of regulations stipulating what they are not responsible for do as well not create much trust.

 

2. One you have bought bitcoins, they must be stored somewhere. As with any electronic storage of important data, redundancy is crucial. I aim at having identical copies of any critical data on AT LEAST 2 different media in one geographic location plus another copy in a different geographic location, all of which I control myself only. But may bitcoin data be copied for redundancy reasons at all ?

[KannikaP]

Coins.co.th seem to be OK, and their site is very clear.

[Heng]

In regards to #2, and feel free to Google this, but many would agree that it's better to not  store your seed (or basically the keys to your wallet) on any kind of digital media at all (no accidental deletions or hacking risk that way).   Write it down and store in more than one place (and not the entire seed in one place).   That's not what I do by the way, my way is way more convoluted and requires the alignment of some planets.  ????

[Barnabe]

Coinbase is a trustable exchange in my opinion, Binance is pretty decent too.

 

If you store your coins in an exchange, you don’t need to worry much, provided you have a good password and 2 factor authentication. If you don’t it’s best to get a hardware wallet to store them

[moogradod]

15 hours ago, Heng said:

...  Write it down and store in more than one place (and not the entire seed in one place).  

So it is obviously a 1) number that is 2) unique and 3) unchanging (?)

Is this number per purchase (you might have many numbers then) or does it represent all the assets (always one number which changes according to what you buy/sell ?

This would mean that the number may be stored encrypted on multiple digital media therefore providing a lot of security. Correct ?

[moogradod]

1 hour ago, Barnabe said:

Coinbase is a trustable exchange in my opinion, Binance is pretty decent too.

Very unfortunately Coinbase may not be used by either my Thai wife nor myself as we are both resident in Thailand. It is OK to trust an exchange if you are just playing with some money, but I would like to have control over serious investments myself.

[Heng]

10 minutes ago, moogradod said:

So it is obviously a 1) number that is 2) unique and 3) unchanging (?)

Is this number per purchase (you might have many numbers then) or does it represent all the assets (always one number which changes according to what you buy/sell ?

This would mean that the number may be stored encrypted on multiple digital media therefore providing a lot of security. Correct ?

 

Opinions will vary, and some people are comfortable with storing their funds on exchanges.  I personally do not and a lot of people feel this way as well.   The saying in the crypto community is "not your keys, not your coins."   In short that just means that on an exchange, technically they 'own' your coins (in the same way a bank 'owns' the funds that they owe you when you hold money with them in a savings account).   If they shut down or decide that you are in violation of their terms of service, they can hold onto your coins at will.   What you want is a *non custodial wallet* (that only you have the keys to) that you would use to send/receive funds on exchanges (the main risk then is just how safe you keep your own passwords/keys/etc.)... just Google that phrase and many will come up.   I won't recommend one in particular as that makes it look like I am just shilling something.   Do some research on other forums as well and you'll likely find consensus.   

[fdsa]

I wonder how you could be new to crypto if you are clearly coming from the IT industry ????

- judging by your second question you are on the 6th sysadmin level now:

 

Quote

1) lamer level: does not make backups
2) pleb level: stores backup in the different directory on the same hard disk
3) Pro pleb level: stores backup on the different hard disk in the same computer
4) hosting.ua level: stores backup on the different server in the same datacenter
5) Pro hosting level: stores backup on the server in the different datacenter
6) true admin level: stores backup on the servers in more than one different datacenters in different jurisdictions
7) paranoid admin level: stores backup on the different server in the same datacenter + server in the different datacenter in the different jurisdiction + local computer / flash drive / external hard disk
8 ) Linus Torvalds level: uploads backup to the public FTP and the whole world copies the data

 

 

Anyway, as far as I know, to buy crypto legally in Thailand you must provide your passport & bank book & proof of address to some third party. Or buy them privately on peer-to-peer exchanges like localbitcoins.com

 

Concerning the second question - the private key of your coins is just a string of 64 letters and digits, you could simply write it on paper and laminate it with the clear duct tape. Or copy it wherever you want, just don't forget to protect that string, e.g. by zipping it into an archive with the long password or placing it inside the Truecrypt/Veracrypt container or encrypting it with your PGP key.

But to get these 64 letters you will have to use a local Bitcoin wallet, not some third-party online website.

Edited January 10, 2021 by fdsa

[moogradod]

4 hours ago, fdsa said:

I wonder how you could be new to crypto if you are clearly coming from the IT industry ????

- judging by your second question you are on the 6th sysadmin level now:

 

 

Anyway, as far as I know, to buy crypto legally in Thailand you must provide your passport & bank book & proof of address to some third party. Or buy them privately on peer-to-peer exchanges like localbitcoins.com

 

Concerning the second question - the private key of your coins is just a string of 64 letters and digits, you could simply write it on paper and laminate it with the clear duct tape. Or copy it wherever you want, just don't forget to protect that string, e.g. by zipping it into an archive with the long password or placing it inside the Truecrypt/Veracrypt container or encrypting it with your PGP key.

But to get these 64 letters you will have to use a local Bitcoin wallet, not some third-party online website.

Thanks. You are correct. I have been working in the IT industry for more than 32 years. Now retired for some years already.

 

However, having some background in IT and operating with cryptocurrency are two completely different things. And I am completely innocent as far as handling bitcoins for myself are concerned. I am actually asking mainly for my wife that she can do that in the future when I left for other realms. I have been lazy to make myself more knowledgeable on the Internet - that is why I did ask for first hand experiences here. And because investing in cryptocurrency has gained some momentum compared to stocks, gold or having money in traditional "accounts". At the moment just out of interest.

[fdsa]

Weren't you reading IT-related news websites, forums and magazines? I learned about Bitcoin in about 2010 (and walked away thinking "meh, some geek bull<deleted>") when ppl were mining them still on CPUs.

Then heard about Bitcoin again when first mining ASICs appeared (Avalon AFAIR) in about 2012 and decided to learn more about the technology and bought a few coins, then after 2013's huge pump&dump bought a few more, as well as Litecoins. And now just chillin' ????

 

About storing the coins - I recommend using Electrum wallet (be wary of fake/malware copies!), it allows to save the wallet as several random words - a "vanity seed". It is simple but not very secure as vanity seeds are prone to be bruteforce-able (BTW this applies to every other wallet application that generates a vanity seed). Also Electrum allows to dump a private key of any address - those abovementioned 64 symbols, which you could save offline on the "hardware" wallet == piece of paper, same as the vanity seed phrase.

But note that this private key was still generated from the vanity seed which is bruteforce-able ????

So the most secure method of creating a wallet - is installing a full Bitcoin node (about 400 GB) and creating an address & private key manually ***

 

 

Also if you want to invest a really large sum and looking for as hard wallet as it could be - look for Casascius or Lealana physical bitcoins. Difficult to find nowadays and theoretically could be faked, but pose a high collectors value.

 

 

*** - sorry, my bad. Actually you could just generate a private key and corresponding address using your favorite programming language - there are Bitcoin (and other cryptos) libraries for almost every language. Here is example in Javascript: https://github.com/cantonbecker/bitcoinpaperwallet/blob/master/generate-wallet.html - could be saved locally and opened with the browser.

 

More info:

https://en.bitcoin.it/wiki/Private_key

https://en.bitcoin.it/wiki/Technical_background_of_Bitcoin_addresses

 

Edited January 10, 2021 by fdsa