Paper Wallet Security for Bitcoin: My best guidance for Nick's question.

Bitaddress
There is nothing wrong with bitaddress.org if you are able to download a clean copy, use it in a secure environment, and ensure random number generation. However, only you can guarantee that your paper wallets are secure by following a strict set of protocols when you make them.

The Security of Crypto Currencies
In my view, the peace of mind knowing that your wealth is mobile and safe is an implied promise of crypto currency if you embrace the responsibility of acquiring the expertise to own, use, and protect it. Afterall, you are the bank and all bankers should develop the independent ability to evaluate whether a wallet is safe or not. If you are uncertain about the security of your paper wallets, develop a best safe practices guidelines based on your understanding of blockchain and create new paper wallets. Here are my thoughts on developing guidelines to use bitaddress.org safely.

Overview of Securing Paper Wallets
The process steps to create a secure paper wallet are presented on You-Tube by a variety of authors. I learned the overall process from Kenn Bosak

, MrJayBusch https://youtu.be/872eSnlKUeg, BTC Sessions https://youtu.be/VTsHeiBhPIM, and Video Mashup https://youtu.be/4TmN4STr_ug. These are friendly relaxed presentations that suit my temperament; however, you may find another style of teaching that suits you better. These videos are a good place to start.

Here is a four area check list for generating secure paper wallets:

(1) Get the Code from Github
Download the program code from Github, like bitaddress.org, from the command line using some version of Linux or Windows. If you are unfamiliar with Github consider viewing these four videos, "Github for noobs 1-4."

.

(2) Verify the Download
Use checksum and signature to verify you have received an authentic clean copy of the software. My favorite video on this topic is Babarehner "Easily verify downloaded file is not corrupted in Windows."

. Or if you work in a Linux or Apple environment you might prefer https://youtu.be/I_76X8Znadc to verify GPG Signatures or "Verify Files Using Checksum" by theNewBoston https://youtu.be/pYNuKXjcriM. No matter your platform, verifying the checksum and signature of your download is a fundamental step of the No-Trust culture of crypto currency.

Once you have verified and unzipped, you should have HTML code that will easily run on the desktop and produce true secure wallets.

(3) Run the Code in a Safe Environment
Generate the paper wallet on an offline computer using Linux that is booted from a USB stick. For this step you will need two USB Flash drives with at least 4GB storage. One to install a bootable Linux operating system and the other for your HTML file to generate your paper wallets. Please see: OSFirsttimer "How to make Linux bootable off a USB stick."

.

(4) Printing Paper Wallets Securely
Print the wallet on a printer that is directly connected to the computer by USB or other physical port. No Wifi. Your secret codes can be lifted from a Wifi enabled printer or retrieved later from printers with buffers. Once you have completed printing you have secured your cold storage paper wallets.

Installing New Printers on Linux
It is my preference to obtain a printer that is listed in the printer driver file of the Linux OS you are using because successfully installing a new print driver to a Live USB can be another level of frustration. Generally, old equipment is better for this challenge because it is safer. Do not download a print driver from the internet unless you want to go through the process of verifying the code of a print driver from a commercial vendor.

To Be Absolutely Sure
If you are uncertain about your technique of installing bug free sofware, never connect the computer to the internet again that generated the wallet or start over with exact protocols.

Live Wallets and Cold Wallets
Your comment about the wallet and "live" suggests confusion about wallets and the blockchain. A paper wallet is by definition cold storage. Once you create a paper wallet it will never be live until you sweep it clean. In my view, you should never reuse it or take money out and leave a balance. You can add many times but you should only subtract once. The reason is this: a spend transaction leaves enough information in the ledger, that given sufficient computing time, the private key could be calculated.

Creating Many Paper Wallets
If you subscribe to the view that a paper wallet should never be used more than once for withdrawals, you must think about creating many paper wallets to store manageable quantities of funds such as denominations 50, 100, 1000 etc. If Bitcoin rises to predicted levels, sweeping $100 dollars worth of bitcoin at today's price into a live wallet in 2020 might mean you are putting very large sums of money into a dynamic situation in the future.

Random Numbers
Additionally, I would recommend you create your own random numbers using casino quality dice to ensure you are getting true encryption. You might find this video helpful:

.

Verifying True Encrypted Key Generation
If you want to verify that bitaddress.org is generating true encrypted keys then use dice to create a base-six 99 digit number and run this string through both bitaddress.org and WalletGenerator.net. The keys generated will match if the software is clean.

BIP 148
Regarding the concern for BIP 148, if you control your keys, as you do with a paper wallet, your funds will be safe and you will be copied into both blockchains according to Arron van Wirdun writing for Bitcoin Magazine, May 31, 2017. https://bitcoinmagazine.com/articles/bitcoin-beginners-guide-surviving-bip-148-uasf/. A problem may arise for those who keep their bitcoins in a live wallet where they do not actually control their private keys.

A Final Thought
The greatest asset of crypto currency is your personal knowledge of the blockchain . A fundamental skill in negotiating this technology is fluency in the Linux operating system. Thinking and speaking in what I like to imagine as the Unix language allows you, with more opportunity as an end user, to interface with the complex mathematics of current and future technologies, such as ledger, without a trusted facilitator. You may want to invest your time in a structured online course because crypto currencies are just the beginning of the innovative change that is coming. There are many educational programs out there and I recommend you consider Jerry Banfield's tutorial offerings

. Jerry is an enthusiastic member of Steemit and he is ready to help everyone. The cost is modest and I believe a true value.

Nick, thank you for your question. It has resonated with me because I recall the uncomfortable uncertainty I felt when I began learning about paper wallets. This is my first effort to offer instruction and I welcome your unvarnished feedback.

I wish you the very best.
Wildgrass