reply on: What if your threat model does include a nation state ? \ stacker news ~tech

0 sats \ 5 replies \ @Reachableceo OP 9 Sep 2023 \ parent \ on: What if your threat model does include a nation state ? tech

I’m guessing most folks record it somewhere on their hard drive ?

For example , the post the other day with a GPG encrypted copy of the pass phrase. They entered the alphanumeric password at some point and had the pass phrase (seed phrase I guess ?) in a plain text file.

What are the best practices these days ? Anyone to follow / read for good security guides (for crypto specifically ).

Mostly this is an academic thought exercise , a “curated gentle troll” meant to get the community thinking and ideating.

As someone who’s taken many security precautions (including an air gapped offline root CA and GPG primary private key , using multiple yubikeys (one for daily use , one for more sensitive things , one for airgap ) , I take security quite seriously.

I’m always interested to discover new resources

0 sats \ 4 replies \ @WeAreAllSatoshi 9 Sep 2023

Quite simply I think keeping the seed offline forever is what people do. Physical backups, seed plates, etc. as soon as you put it on a computer, the attack vector increases exponentially. Other folks can weigh in though, I’m just one person

21 sats \ 3 replies \ @nemo 9 Sep 2023

deleted by author

0 sats \ 2 replies \ @WeAreAllSatoshi 9 Sep 2023

Consider me flattered and honored!

21 sats \ 1 reply \ @nemo 9 Sep 2023

deleted by author

0 sats \ 0 replies \ @WeAreAllSatoshi 9 Sep 2023

🫡