[[ch07_security]]
== Bitcoin Security

This chapter looks at the fundamental issue of bitcoin security, from a technology and process perspective. Users of bitcoin will learn about the main risks surrounding a crypto-currency, from the theoretical (but often unlikely), to the practical and commonly used scams, tricks and hacks. Bitcoin is, after all, digital money which enables frictionless, instant, 
irreversible and pseudonymous transactions. Why would a thief be interested in bitcoin? Because that's where the money is. Bitcoin theft encompasses in a single transaction the theft (compromise), the fencing (monetization), the money laundering (obfuscation) and the payout (distribution).  All of the advantages of crypto-currencies (frictionless, irreversible etc) 
turn into advantages for thieves once compromised. Most importantly, this chapter offers practical, effective and robust security solutions and best practices to defend against the most common threats. 


=== Risks and non-risks 
==== Cracking the bitcoin protocol or encryption (debunk)
==== Password loss, brute force, dictionary attacks
==== Keyloggers
==== Hosted wallet compromise

=== Two-Factor Authentication
==== OTP, Software token
==== Hardware Token
==== Challenge-Response (SMS, email)
==== Secondary key
==== On-screen keyboard
=== Secure Storage
==== Backup and recovery
==== Cold storage
==== Offline transaction signing