Category Archives: Security

Cryptocoin Mining on Mac OS X – Wallet Backups

If you’ve taken cryptocoin mining beyond the hobby stages, you probably have at least one digital wallet on your system – possibly several. What happens if your OS were to crash? If you were to reinstall? Where would your accumulated cryptocurrency be?


It is very important that you backup the private keys that secure your digital wallet so that you can restore them at a later time. Otherwise the keys required to claim ownership of your coins will be gone forever. It is also important that you backup your wallets regularly. It is not enough to backup your keys just once. See this entry on securing the bitcoind wallet for more details.

So what steps can you take on Mac OS X to keep your wallets backed up? Luckily OS X comes with several tools that help along the way. Additionally, the Unix foundation of OS X allows us to fall back on some time-tested solutions for this project.

Step One – Create an Encrypted Disk Image

Step one will be to create an encrypted disk image used to store the wallet.dat backups. This is what Steve Gibson refers to as “Pre-Internet Encryption” – encrypting important data before backing it up to the Web.

  1. Launch Disk Utility from the Applications folder
  2. Click New Image
  3. Save the image somewhere that is itself backed up (e.g. Dropbox or Wuala)
  4. For the name, specify Wallet Backups (so that the below scripts match)
  5. For Encryption, select either 128 or 256 (256 is more secure and should be plenty fast for this)
  6. Click Create

New Disk Image

Step Two – Create a Backup Script

Now that we have a secure place to store wallet backups, the next step is to create a script that will do the grunt-work. Namely it should mount the encrypted disk image, backup any wallet.dat files (we could have Bitcoin, Litecoin, and who knows what other digital wallets – get them all), and then unmount the encrypted image.

We can do all of this with Automator and a couple of shell scripts.

  1. Launch Automator from the Applications folder
  2. Select Application and click Choose
  3. Add a Get Specified Finder Items action
  4. Select the DMG file created in Step One
  5. Add a Mount Disk Image action
  6. Add a Run Shell Script action and enter:
    cd ~/Library/Application Support && rsync -R ./*/wallet.dat /Volumes/Wallet Backups/
  7. Add another Run Shell Script action and enter:
    diskutil unmount /Volumes/Wallet Backups/
  8. Click File, Save
  9. Save as in Applications

Complete Automator Application

Step Three – Schedule the Backup

Armed with encrypted storage and a backup script, the only thing left is to schedule the backup. The Unix foundation of OS X means we can do this by editing the system crontab, a configuration file that specifies the commands to run for cron, the Unix job scheduler.

  1. Launch Terminal from the Applications folder
  2. Enter the following and press Return:
    export EDITOR=nano && crontab -e
  3. Enter the following into the nano editor:
    # backup wallets at midnight every Sunday
    0 0 * * 0 open /Applications/
  4. Type Ctrl+X, Y, Return



And we’re done. You can check your disk image each Sunday after midnight to ensure that your wallets have been backed up. You can also run the application to backup your wallets on-demand.

Password Tote for iOS 1.1 Available

Version 1.1 of Password Tote for iOS is now available on the App Store.

The update has some nice new features, such as the ability to add and edit security questions and general password notes. This version also makes the usage of a PIN for unlocking optional, and does a better job of explaining the importance of remembering your master username and password, as well as explaining that the PIN is solely for unlocking the application on the device – not for logging into the service. Version 1.1 also includes a handful of bug fixes and minor changes.

The Password Tote website and service are completely free, and access from native applications for Windows, OS X, Android, and iOS is free for 60 days. You can find the iOS and OS X versions on their respective App Stores, the Android version is available on the Android Market, and the Windows version is available here.

Password Tote on the Mac App Store

Password Tote is now available on the Mac App Store. This has provided a great influx of users which is very exciting! We had a few hiccups initially due to some private API usage, but that’s all sorted out now with both 32-bit and 64-bit versions now available.

There are some nice changes in the works for the iOS Password Tote app including the ability to manage security questions and notes, as well as making PIN usage to unlock the app optional.

There are also excellent versions available for Windows and Android, as well as a Firefox plugin on the way.

Password Tote for Mac OS X Updated

Password Tote for Mac OS X 1.0.3 is now available for download. This update includes:

  • Importing from LastPass
  • Growl integration with notifications when the user should backup and when an account will expire
  • User interface enhancements, including a new icon
  • A new PKG installer

The Password Tote website is free and allows you to manage your passwords securely from any location. The desktop and mobile applications require a $2.99/mo subscription. Start your free two month trial here.

The iOS and Mac OS X versions of Password Tote use the outstanding communication libraries from RemObjects, and the Windows version’s slick visual styling comes from DevExpress’s WinForms controls.

An Update on Password Tote

Password Tote for iOS version 1.0.2 is now available for download on the Apple App Store. This update introduces backing up to Dropbox, offline access to passwords, color-coded passwords, password generation, and also fixes a couple of issues.

Version 1.0.3 for iOS is already under way. Planned features include importing from popular password systems and restoring backups, both via Dropbox.

Version 1.0.3 of the Mac OS X client is also already in the works. Changes include user interface improvements, Growl notifications, and importing from LastPass.

Finally I wanted to thank Jim and Marc at RemObjects for working with me on a nice case study and for having me on their podcast. Their support really has made focusing on the features (instead of the communication) for these Password Tote clients possible.

New Version of Password Tote for Mac OS X Available

Version 1.0.1. of Password Tote for Mac OS X (powered by RemObjects SDK for Xcode) is now available for download. This version brings a few new features and fixes, most notably:

  • The ability to import passwords from 1Password and KeePass
  • The ability to check for new updates from within the program
  • More consistent password generation
  • Minor bug fixes

As previously stated, there’s also an update for the iOS app in the works as well. Version 1.0.1 for iOS is just going through some final testing before submitting the update to Apple for approval.

What’s In Store for Password Tote for iOS

After some minor surgery and a bit of time off, I’m back to work, and back to working on Password Tote. We’ve been gathering feedback from users since launching Password Tote for iOS a couple of weeks ago. Below are some items in store for the next update:

  • Ability to backup passwords to Dropbox
  • Ability to run in offline mode for slow/no network access
  • Ability to generate passwords of varying strength
  • Expose more password details, eg. expiration date
  • Fix a crash when memory is low
  • Fix an issue flagging passwords as favorites on the iPad

Web access to Password Tote is free for life. Access from desktop and mobile clients is completely free for two months (and only $3/mo afterwards). If you want to give feedback, you can apply to the open betas at Beta Circle where you can file suggestions and issues and monitor their progress.

Protecting Your Passwords

How do you protect your passwords? How many passwords do you have? Do you share the same password between two or more securables?

I used to be so proud of my passwords. Between twelve and sixteen characters – no words contained. That’s right. With numbers and characters. And symbols! People who saw me type in a password laughed and knew I was a geek.

Then I had an account of mine hacked. And the fact that I shared that 14 character alpha-numeric password with other securables suddenly took on a whole new meaning.

It was at this point that I decided to start using software to manage my passwords. I had passwords, application keys, and the likes stored all over in various formats. Then there were those passwords that I was always having to retrieve through some mechanism that usually involved waiting for some email and taking further steps.

Password Tote has taken care of these things for me. Granted, I’m biased – the software is written by a co-worker and friend of mine. He’d asked me for years to use the program – but, as I stated, I had always been confident in my passwords.

I started using Password Tote a couple of years ago and have never looked back. It allows me to generate passwords, visually judge their strengths, set expirations on passwords (with desktop notifications), keep track of associated email addresses and secret questions, and all of those things that you would come to expect from password security software.

But it also looks great. It has lots of nice themes, plus advanced support for both Windows Vista and Windows 7, including Aero glass support, task dialogs, and jump list support. And it has new “cloud” support, allowing you to save your passwords to, and restore them from, the “cloud” (securely of course).

I’ve been told (repeatedly, as I’m pretty persistent) that there will be an online version as well as some sort of iPhone and/or OS X support in the future (I may be helping with the development, in fact).

All said, I couldn’t recommend the software more. And, if you think your passwords are “good enough”, but aren’t using software to keep them strong, random, and secure, you are just biding your time!