Pages:
Author

Topic: airgap wallet not totally safe? (Read 3874 times)

copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
January 03, 2015, 12:05:25 PM
#36
To the completeness: https://en.wikipedia.org/wiki/BadBIOS

Quote
BadBIOS is an alleged computer virus reported by network security researcher Dragos Ruiu in October 2013[1] with the power to be transmitted from one device to other across air gaps using ultrasonic communication between a computer's speakers and microphone

No Mic, no problem.
sr. member
Activity: 1120
Merit: 263
Sovryn - 300-500% APY on USDT Deposit
January 03, 2015, 11:20:43 AM
#35
To the completeness: https://en.wikipedia.org/wiki/BadBIOS

Quote
BadBIOS is an alleged computer virus reported by network security researcher Dragos Ruiu in October 2013[1] with the power to be transmitted from one device to other across air gaps using ultrasonic communication between a computer's speakers and microphone
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
December 31, 2014, 10:29:18 AM
#34
A QR code just contains *data* (no program) so it is very different to a USB device (that can contain things like autorun programs).

*EDIT* the use of QR codes is "dumb comms" vs. USB which is "smart comms" - when it comes to best security practices the "dumber" the better (audio cables are another approach that has been worked on).

Note that narrowing the comms down to "one channel" (i.e. just cams) is much better than having to deal with multiple potential comms channels.
sr. member
Activity: 366
Merit: 250
December 31, 2014, 10:26:55 AM
#33
Anything you move over to the airgap computer should be through usb stick and then the usb stick essentially smelted.

It would be safer to use QR codes rather than USB devices (due to potential attack vectors) but if you are going to use USB there is no reason to "destroy" the device (the point is to simply not re-use it).


I guess I like to say destroy because then I cant use it on network (or someone else) ever again on purpose or by mistake compromising my whole network. Even if I marked the devices in red it could still happen if a family member, TSA, boogyman etc gets there hands on it and says "what's this" and plugs it into a computer (which 2014 will be 99% likely on network) now your whole op is compromised because of someone intentional or otherwise.

Additionally I am not quite sure I understand how QR codes keep you safe from malware. Please correct me if I am wrong but computers communicate using the most basic of 1's and 0's. In theory if the QR code program on each end was malware. It could simply decode the QR data and format it to do whatever corrupt bidding you could fit on a QR code (no idea). I do know that when I was a kid I programmed a basic hard drive delete program. It was so small if I had to guess I could get it into QR format somehow.... could be way off base tho but makes sense in my head at least.

**edit** I guess you're saying that because my airgap computer is snapping photos of the QR codes and the airgap comp never touches the network that there is no way for the airgap comp to transmit back data w/o it generating its own QR code. wireless signal, Lan, IR, etc etc. If that makes sense. Even if they were to encode my private keys into a QR code it could never make it back to the network because the airgap computer physically has no way of talking.
sr. member
Activity: 1120
Merit: 263
Sovryn - 300-500% APY on USDT Deposit
December 30, 2014, 10:48:45 PM
#32
Dear, this beastie shall looks like Stuxnet, it must know that you are air-gapped. It is like attack against nuclear power station. Chance to be infected by such worm while first and last boot of air-gap station is 0.00000000 ... 000001 %

Easiest ways to protect your self against such worms, DON'T USE microsoft SOFTWARE. Better to take one of the Linux's LiveCD

Additionally, any device or media connected once to the Air-Gapped Station shall not be used ever. For example, you bring data on DVD 4.0 Gb of blockchain or anything else, this media shall be destroyed, burned, annihilated. In - yes, out - no.

You're missing my point.

The risk of being infected by malware without ever connecting to the Internet = x
The risk of being infected by malware by connecting to the Internet once = x +1


Most malware is not known and Linux is by no means immune. (But I agree, it's a better alternative than Windows)


If "out = no", how will you spend your bitcoins?


I'm talking about media, such as DVD / CD / or usb-device.

You could print your priv_key of cold wallet on the paper with printer.
Further, import it on the connected to the network computer side.
Thereafter, spend your Bitcoins as much faster as it possible!!!!! (((;


This is what called Air-Gap and what called Sneakernet.

See also: Bell–LaPadula model   - Up - yes, Down - no.

In such way, your Air Gapped Station simply can't leak any data to the network.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
December 30, 2014, 10:36:34 PM
#31
Anything you move over to the airgap computer should be through usb stick and then the usb stick essentially smelted.

It would be safer to use QR codes rather than USB devices (due to potential attack vectors) but if you are going to use USB there is no reason to "destroy" the device (the point is to simply not re-use it).
sr. member
Activity: 366
Merit: 250
December 30, 2014, 09:05:20 PM
#30
I believe the problem is not malware infecting your computer through the the power cable, but existing malware leaking information through the power cable.

This could be avoided if running the computer off batteries, which are only charged from main when they are disconnected from the computer.

so this is 100% true? Can anyone else verify this?

Also you can never let a airgap computer touch the network. I have no idea why that article says connect to the network as little as possible? You're supposed to never connect. Anything you move over to the airgap computer should be through usb stick and then the usb stick essentially smelted.
legendary
Activity: 1358
Merit: 1001
https://gliph.me/hUF
December 25, 2014, 03:36:39 AM
#29
Dear, this beastie shall looks like Stuxnet, it must know that you are air-gapped. It is like attack against nuclear power station. Chance to be infected by such worm while first and last boot of air-gap station is 0.00000000 ... 000001 %

Easiest ways to protect your self against such worms, DON'T USE microsoft SOFTWARE. Better to take one of the Linux's LiveCD

Additionally, any device or media connected once to the Air-Gapped Station shall not be used ever. For example, you bring data on DVD 4.0 Gb of blockchain or anything else, this media shall be destroyed, burned, annihilated. In - yes, out - no.

You're missing my point.

The risk of being infected by malware without ever connecting to the Internet = x
The risk of being infected by malware by connecting to the Internet once = x +1


Most malware is not known and Linux is by no means immune. (But I agree, it's a better alternative than Windows)


If "out = no", how will you spend your bitcoins?
sr. member
Activity: 1120
Merit: 263
Sovryn - 300-500% APY on USDT Deposit
December 25, 2014, 03:14:17 AM
#28
...
His step 1:
Quote
1. When you set up your computer, connect it to the Internet as little as possible.


For bitcoin air-gapping that is already not acceptable. You just don't connect it to the Internet.

He talking about "set up".

He means, that at the first boot something anyway shall be downloaded from the network.

Which would suck if you picked up a beastie during that process, wouldn't it?

Dear, this beastie shall looks like Stuxnet, it must know that you are air-gapped. It is like attack against nuclear power station. Chance to be infected by such worm while first and last boot of air-gap station is 0.00000000 ... 000001 %

Easiest ways to protect your self against such worms, DON'T USE microsoft SOFTWARE. Better to take one of the Linux's LiveCD


Additionally, any device or media connected once to the Air-Gapped Station shall not be used ever. For example, you bring data on DVD 4.0 Gb of blockchain or anything else, this media shall be destroyed, burned, annihilated. In - yes, out - no.
legendary
Activity: 1358
Merit: 1001
https://gliph.me/hUF
December 25, 2014, 02:28:46 AM
#27
...
His step 1:
Quote
1. When you set up your computer, connect it to the Internet as little as possible.


For bitcoin air-gapping that is already not acceptable. You just don't connect it to the Internet.

He talking about "set up".

He means, that at the first boot something anyway shall be downloaded from the network.

Which would suck if you picked up a beastie during that process, wouldn't it?
sr. member
Activity: 1120
Merit: 263
Sovryn - 300-500% APY on USDT Deposit
December 24, 2014, 07:55:13 PM
#26
...

His step 1:
Quote
1. When you set up your computer, connect it to the Internet as little as possible.


For bitcoin air-gapping that is already not acceptable. You just don't connect it to the Internet.

He talking about "set up".

He means, that at the first boot something anyway shall be downloaded from the network.
legendary
Activity: 1358
Merit: 1001
https://gliph.me/hUF
December 24, 2014, 10:48:57 AM
#25
There is good post "Schneier on Security" from 2013 year about Air Gaps:

https://www.schneier.com/blog/archives/2013/10/air_gaps.html

Looks like it is still actual. Most of Bitcoin's users could just follow him with their 10 - 20 BTC in cold wallets.

Holder with 1mil$ in BTC probably would like to hardening this way little bit more.

His step 1:
Quote
1. When you set up your computer, connect it to the Internet as little as possible.


For bitcoin air-gapping that is already not acceptable. You just don't connect it to the Internet.
sr. member
Activity: 1120
Merit: 263
Sovryn - 300-500% APY on USDT Deposit
December 24, 2014, 10:11:30 AM
#24
There is good post "Schneier on Security" from 2013 year about Air Gaps:

https://www.schneier.com/blog/archives/2013/10/air_gaps.html

Looks like it is still actual. Most of Bitcoin's users could just follow him with their 10 - 20 BTC in cold wallets.

Holder with 1mil$ in BTC probably would like to hardening this way little bit more.
legendary
Activity: 1358
Merit: 1001
https://gliph.me/hUF
December 24, 2014, 10:09:13 AM
#23
I believe the problem is not malware infecting your computer through the the power cable, but existing malware leaking information through the power cable.

This could be avoided if running the computer off batteries, which are only charged from main when they are disconnected from the computer.
hero member
Activity: 533
Merit: 500
^Bitcoin Library of Congress.
December 24, 2014, 10:04:39 AM
#22
I believe the problem is not malware infecting your computer through the the power cable, but existing malware leaking information through the power cable.
legendary
Activity: 1358
Merit: 1001
https://gliph.me/hUF
December 24, 2014, 06:55:12 AM
#21

Just because I like it so much I'll leave this here:

Tx signing via minimodem
https://bitcointalksearch.org/topic/tx-signing-via-minimodem-735111

Smiley
sr. member
Activity: 366
Merit: 250
December 24, 2014, 02:44:22 AM
#20
so will we all be using that special box thingy in the future? lolzzzz(true the plug itself is a sec breach)

anyway whats the deal with security breach through existing wiring? If you charge a battery first and then charge the computer is it still possible for a virus/malware to be in the battery or is that a gap too. thank
hero member
Activity: 900
Merit: 1014
advocate of a cryptographic attack on the globe
December 21, 2014, 04:17:10 PM
#19
The ground pins in that pic will leak data to the local grid.
donator
Activity: 1736
Merit: 1014
Let's talk governance, lipstick, and pigs.
December 21, 2014, 03:48:11 AM
#18


Air Gap can be safe 100% with caution of RF Emanation, i'm talking about GSM and WI-FI.

See, TEMPEST Transient Electromagnetic Pulse Emanation Standard
* en.wikipedia.org Tempest_(codename)

Read this article en.wikipedia.org Air gap (networking)



I would think isolated signature systems for multisig and 2fa would be ample security. Polarized lenses and laser scanners with mirrors might be useful for independently confirming signatures. There's lots of cheap real world tech to play with.
sr. member
Activity: 1120
Merit: 263
Sovryn - 300-500% APY on USDT Deposit
December 21, 2014, 03:35:31 AM
#17


Air Gap can be safe 100% with caution of RF Emanation, i'm talking about GSM and WI-FI.

See, TEMPEST Transient Electromagnetic Pulse Emanation Standard
* en.wikipedia.org Tempest_(codename)

Read this article en.wikipedia.org Air gap (networking)


Pages:
Jump to: