If you missed Phase 0 of this guide, start there first. Ok, so now you have a new identity to use online to sign up for free accounts, online trials, and even to shop with.
Phase 1: Building Your Fortress
If your identity is ever exposed in a hack like the Ledger data breach you have nothing to worry about. If you feel like it’s necessary you can even “burn” it by cancelling all the associated accounts and starting over. Nothing linked to your real name or home address. Nice, right?
1.0: You Need A Hardware Wallet Homie
Alright, so you want to crypto online but you’re worried about malware snagging your crypto keys, key loggers and all the other dastardly stuff out there on the web3. Well no worries, we’re going to do our best to keep your safe out there by creating a safe environment from which to crypto. Now the first step in any crypto arsenal is a Hardware Wallet.
A hardware wallet generates and securely stores your private keys offline and allows you to use that wallet without ever exposing your private key, or seed phrase. Cool! Now there are several of these on the market but the only two I can recommend right now are the Ledger and the Trezor. They’ve both been around a long time and have a good track record. The Grid+ Lattice looks interesting but again, it’s new and it’s sold out as of this writing.
1.1: You Need A Secure Environment Homie
Ok, so now you’ve got your hardware wallet in hand … just connect it up to your PC and go right? Hold yer horses pertner! This next section is optional but highly recommended for numerous reasons I won’t go into here, but lets just say I highly, highly recommend it. I and you have to assume your home network, all the computers, tablets, phones, printers, Alexa and Siri are all conspiring to steal your crypto. Also, it is relatively inexpensive for the additional layer of security it provides IMO.
1.11: Secure Hardware
Remember your MVNO burner phone? Well we kinda want the same thing for a PC too. This will be a laptop/tablet of your choosing that NEVER gets connected to your home Wifi. Remember how I said your burner phone needs to be a hotspot too? Exactly, that’s how you get Internet on your BurnTop. So there are numerous choices out there, maybe you even have an old laptop you can use. It doesn’t have to be fast or fancy.
A chromebook would work, but ugghh… Google. So I would recommend a budget Intel based laptop. A cheap Celeron model is around $200 new from Dell with 4GB RAM and a 15” display. If your eyes are still good and you can use an 11.6” screen I would recommend the ASUS BR1100 series. They come in convertible tablet and laptop form factors. They’re made as educational models so they’re rugged, cheap and easy to repair and come with a ton of ports. Right now they’re about $100 brand new, and you can always connect it to a larger monitor.
1.12: Secure Operating Environment
Alright, your laptop probably has Windows on it, no worries. We’re going to create a live, portable, encrypted USB drive running Linux that stores all your crypto activities. That way everything you do in the crypto world is stored on an external drive, separate from your home network. You can really create any Linux distribution for this but I recommend Kali Linux. Why Kali? Kali is a security focused Linux distribution with a focus on penetration testing, exploitation and network security. Now, you probably won’t need any of those tools, but since Kali is security focused it’s also a pretty secure desktop environment too.
You could use a standard USB thumb drive but since you’ll be reading and writing to it like a hard disk I recommend getting a USB SSD drive. You can get a small one, like 64-128GB. You could probably even get a nice pre-owned mSATA SSD and external enclosure on eBay for $25 or so. Follow the instructions on the Kali website for creating a fully encrypted Kali USB drive. You can choose any Desktop Environment Kali offers but I would choose the default XFCE desktop if you are on lower powered hardware or have less than 8GB RAM.
Alright, now you can boot into your crypto environment by plugging in that hard drive and booting from it. If your laptop gets stolen, just plug that drive into another laptop and you’re back in business. It can even be a different brand of laptop! Kali will detect the new hardware and pick up where you left off! You can visit social media sites, torrent sites, and click the links in the chain emails your mom sends on your desktops and mobile devices on your home wifi with no worries! The place you do all your crypto from is on a totally different network thanks to your hotspot and secure Kali environment!
Cool Idea: With more than one USB SSD you could create another secure environment just to do your online banking so it’s also never exposed to your shady ass home wifi.
1.2: You Need Secure Seed Storage Homie
By this point you’ve probably got some seed words or 24 word mnemonic’s written down on pieces of paper or stored in text files on your desktop. I mean … don’t tell me you took a photo of it and stored it on an old cloud storage account? Nahh… at any rate you need to store these things safely, securely and hopefully keep them from getting lost or destroyed. I can’t speak to you losing things, but I can help you keep these safe and secure.
A lot of people online will tell you to write them down on a piece of paper and put them in a safe deposit box, or use some expensive puzzle looking thing made out of steel to record them in case of fire. People steal and steel doesn’t float, so lets hope its not a flood that carries your seed words off into the great blue oceans. For this next part I’m going to take you back to a time, a time before flash drives, a time when external hard drives were the size of a Macbook Pro and if it had a shoulder strap you could legally sell it as “portable” despite weighing so much it caused long term debilitating spinal injuries.
We put data … you know … files and pics and music and stuff on these things called CD’s and then later … DVDs. CDs (Compact Discs) were flat, round, silvery looking things with a hole in the middle like an everything bagel. You could fit up to 744MB of data on one. You used a special disc drive and special software and physically burned the data on to the surface of the media with a goddamn laser beam! Cool huh!? Later, DVD (Digital Video Discs) allowed us to store 4.7GB, then up to 7.2GB on dual layer media. All on a disc the size of a McDonald’s hamburger!
What’s cool about these discs is, you can buy them in “Archival Grade” which means they’re made of Gold and rated for 25-100 years! Archival grade CD’s are hard to find but DVD’s are available for purchase online. Some are better than others but even the cheapest archival grade discs are usually rated for a 25 year life span. Also, they float.
Sweet! That means we need an external DVD burner too. Again, if you don’t have this, they’re pretty cheap. You can buy one on eBay or Amazon for around $10-20. You don’t need anything fancy but it does need to be able to burn DVD’s.
Using our secure Kali Linux environment we’re going to download VeraCrypt and install it. If you’re not going through all the trouble for a separate crypto environment you can download it from their website for any operating system. Using Veracrypt you’re going to create a secure, encrypted volume(container) where you will store your seed words/mnemonics. What file format you choose to store your mnemonics in is your choice. I would suggest a simple text file since it can be opened by just about any device in the event of an emergency. You don’t want to have to go looking for that Excel license if your house burned down with all your hardware in it.
So with your BurnTop offline, you’re going to manually type all your mnemonics in a text file saved inside your VeraCrypt container. You will want to choose a password for your container that you will remember! If you do not have the password, the contents of the container are irrecoverable! Gone! Forever! Understand? Choosing a good, easy to remember password isn’t that difficult. Everyone assumes you should have something like
Which is basically impossible to remember. Good passwords are only about one thing…entropy. What’s entropy? Uhm … simply put it’s the “unpredictability” of your password. So, while the above password is a good example of a secure password, it’s so unpredictable you can’t remember it. So how do we fix that? Lets make it rememberable for you, but unpredictable for a computer. So maybe lets use a password like
If you notice the hash marks or percents to separate the words? That adds unpredictability for a computer, as do the numbers, punctuation, upper and lowercase letters… and look … it’s longer too. Better entropy, and it’s easier for a person to remember too. You could even get really creative and do something like “Live-love-eat-getfat-pray.” and then make a cute little sign to hang on your wall with the same saying “Live. Love. Eat. Get Fat. Pray!” and no one would be the wiser. Then all you have to remember is the symbols and punctuation. Hidden in plain sight! Sneaky eh? There are a million opportunities to hide your passphrase in plain sight. Of course, if you have a good memory you can always keep it in your head.
1.3: Burn Baby Burn!
Ok, you’ve got your container with your seed words, and some archival grade DVDs. You’re ready to put that veracrypt container onto your Digital Video Disc for long term storage. Kali Linux comes with an app called Brasero which can burn CDs or DVDs. So plug your external USB DVD drive into your Kali Linux secure environment and fire up Brasero. From the Brasero menu select “Data Project” and then drag your VeraCrypt container into the window and hit the Burn button! If given the choice for speed, select the SLOWEST speed. Either 2X or 4X. After the burn is finalized, in Brasero, click “Tools” on the menubar, then “Check Integrity.”
Now we’re going to test it. So take your USB DVD drive and newly burned DVD over to another PC and plug it in. Open the DVD, can you see the Veracrypt container there? Yes? Go ahead and download Veracrypt on this other PC and see if you can open the container from the disc. Don’t type in your password obviously, just see if it will load the container and ask for the password. Did it work? Woohoo! If you want to, you can plug your DVD burner back into your Kali Linux environment, insert another blank DVD and burn a second copy for backup.
1.4: But What If It Does Burn?
Ahhh … right. You’ve got this golden plastic disc. What happens if your house burns down or something? So you have a few options, the obvious one being to rent a bank security box. I would recommend that only as a backup as banks do often lose or destroy the contents of safety deposit boxes. If you’re planning to keep it at your home or another physical location you control, I recommend purchasing a fire proof document bag.
There are a ton of these on the market but I personally like and trust the Alorva brand. They’re owned and operated by firefighters and they actually test their products to their advertised heat rating. Put your disc in a paper sleeve in one of their fireproof/waterproof document bags. While you’re at it throw in a few of your passports, IDs, a few bundles of cash in different currencies and your trusty Walther PPK sidearm…. Double Oh Seven! 👊🏻 You can also toss your Kali Linux hard drive, BurnTop and Burner phone in there too if you want.
You can put this bag in the top of the closet behind all your wife’s shoe boxes, in the attic, the basement, the tool shed, just about anywhere. Archival Grade Discs are rated to be stored in humid, damp environments up to 195°F (90°C). They’re even rated for UV resistance in case you leave it in the sun. I wouldn’t go testing the limits of these things, but as you can see they’re built tough so you can put backups just about anywhere. Maybe even inside an underground container in your yard somewhere? I heard from a friend that ammunition “dry boxes” or gun burial tubes work really well for that sort of thing … if one were so inclined.
1.5: What About Natural Disasters?
Look, nothing is going to protect you from really bad stuff. Like … if your house is wiped off the face of the earth by a big hurricane, or you left the burnproof bag in the closet while fleeing 10,000 degree state wide forest fires, or if the dead rise to eat the living. So, you need to keep a backup of this disc, or at least the VeraCrypt container in another location… far from you. Maybe a safety deposit box, but if that storm wipes out your whole city, then what? 👀