Airgapped device for Electrum installation

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote from: Synchronice on April 19, 2024, 11:09:47 AM

If you have a malware that works offline and randomly deletes your files, then you need to get rid of it.

And, believe me. A malware that does only that is one of the good malwares! Cheesy

Quote from: Synchronice on April 19, 2024, 11:09:47 AM

By the way, if you are afraid that your storage (HDD or SSD) is not secure, just buy a new one.

Storage isn't evil. It's the software that accesses your storage. If they're evil, a brand new hard drive isn't going to save you.

Quote from: Synchronice on April 19, 2024, 11:09:47 AM

You don't need tails because tails is a live OS and every information gets erased.

You can use persistent storage to save important files, such as wallets. This means that the files are written in the USB drive, but encrypted using a very long password by default, like a seed phrase.

Synchronice

hero member

Activity: 854

Merit: 772

Watch Bitcoin Documentary - https://t.ly/v0Nim

Quote from: _act_ on April 17, 2024, 04:16:49 AM

One of the safest wallet are wallets on airgapped devices. But what some people do worry about is that they should format the device that they want to use for it and reinstall the operating system.

Assuming you did not format the device but make it airgapped. Can malware still be able to affect the device? The reason I said this is not because I will not format the device but because I read that not all malware can be completely removed from the device after formatting and OS reinstallation.

Some people also said Windows and macOS are not good for privacy. But is it necessary to also use Linux or Tails for airgapped device? I think no matter the OS that you use, as long as it is not an online wallet, Windows and Appple can not know what you are doing.

If you have a malware that works offline and randomly deletes your files, then you need to get rid of it. Otherwise, if malware only works when connected to the internet, so while it's offline, who cares? By the way, if you are afraid that your storage (HDD or SSD) is not secure, just buy a new one. If you want it only for wallets, just buy a cheap but new Samsung SSD. Or if you are extremely paranoid, buy a brand new computer (buy new parts and make the one yourself).
You don't need tails because tails is a live OS and every information gets erased. If you just want to create a new paper wallet on airgapped computer, then sure, use Tails. I would use Linux instead of Windows because it uses less resources and its popularity and open-soureness makes it an attractive choice for me.

Quote from: Mia Chloe on April 17, 2024, 04:26:24 AM

The problem with using closed source OS is the fact that you actually can't tell exactly what's going on at the back end.

And if you are not a software developer and an IT guy, then you don't know what's exactly going on and you have to trust others.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: _act_ on April 19, 2024, 05:46:30 AM

About the RJ45 port, I will prefer to disable it in the BIOS along with USB ports

I wouldn't trust a software solution. Physically unplugging the cable is the minimum.

Quote

I can enable and disable the USB port anytime that I want

Disabling USB means you have to use the camera or keyboard for transfering unsigned transactions.

Quote

I like the laptops that are small but a little expensive that come with UEFI (BIOS) that do not come with RJ45 port unlike the big laptops that has it.

I'm not a fan of the current UEFI BIOS. It seems designed for Windows with "secure boot", and it always takes some fiddling to get Linux booting.
I am a big fan of having a "spare laptop", and I'm still thinking of buying a few more. Second hand they're dirt cheap (and only getting cheaper), and even if I use them only a few times, it's so convenient not having to deal with VMs.

ABCbits

legendary

Activity: 2856

Merit: 7410

Crypto Swap Exchange

Quote from: NeuroticFish on April 17, 2024, 03:21:18 PM

--snip--
However, one thing I don't like at Windows (which I also use too much) is the default auto-run at inserting USB stick, which can cause you surprises (eg install malware) when you are transferring tx to the airgapped wallet for signing. Plus, you know, most viruses and malware are Windows specific.
So... I still recommend to give a good thought before choosing.

It's no longer true though. Autorun (running arbitrary application) no longer work and only Autoplay (opening multimedia file) remain exist on Windows OS. While there's possibility malware hidden on the multimedia file and executed by the multimedia application, overall risk is lower.

_act_

hero member

Activity: 868

Merit: 1094

Quote from: LoyceV on April 19, 2024, 05:33:41 AM

Remove the Wifi card, put chewing gum in the RJ45 port, remove or encrypt the SSD, glue the RAM against liquid nitrogen swap attacks, close the curtains, build a faraday cage, train your cat to be an assassin, drop your laptop in acid when your alarm is triggered, ...., you can go as far as you want Cheesy

That is true. About the RJ45 port, I will prefer to disable it in the BIOS along with USB ports after I finish installing the wallet that I want to use on other airgapped device. I can enable and disable the USB port anytime that I want like during necessary update which is not common, but leave the RJ45 port completely disabled. I like the laptops that are small but a little expensive that come with UEFI (BIOS) that do not come with RJ45 port unlike the big laptops that has it.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: _act_ on April 17, 2024, 04:16:49 AM

Assuming you did not format the device but make it airgapped. Can malware still be able to affect the device?

Maybe. Maybe not. In any case, that means you have to assume it can still create problems. So wipe it.

Quote from: Z-tight on April 17, 2024, 11:13:54 AM

Take note that if you have set up an airgapped wallet, you do not need to connect it to the internet to make tx's, it should never be connected to the internet.

Remove the Wifi card, put chewing gum in the RJ45 port, remove or encrypt the SSD, glue the RAM against liquid nitrogen swap attacks, close the curtains, build a faraday cage, train your cat to be an assassin, drop your laptop in acid when your alarm is triggered, ...., you can go as far as you want Cheesy

BlackBoss_

sr. member

Activity: 602

Merit: 387

Rollbit - the casino for you. Take $RLB token!

Quote from: _act_ on April 17, 2024, 04:16:49 AM

One of the safest wallet are wallets on airgapped devices. But what some people do worry about is that they should format the device that they want to use for it and reinstall the operating system.

You want to make an airgapped wallet to avoid risk from hacks so a very first step to do in security is that device must be clean, not infected.

Quote

Some people also said Windows and macOS are not good for privacy. But is it necessary to also use Linux or Tails for airgapped device?

Bitcoin gives you your own bank, if you use a non custodial wallet. You can use it privately with Tor connection and you don't need to register anything with Windows, Linux to broadcast your Bitcoin transactions. You don't need to log in your email or exchange account on a device you use to broadcast your Bitcoin transaction.

You are just worrying too much but if you keep your device actually airgapped, your privacy will not be affected.

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: BlackHatCoiner on April 17, 2024, 12:39:30 PM

Quote from: _act_ on April 17, 2024, 04:16:49 AM

Some people also said Windows and macOS are not good for privacy. But is it necessary to also use Linux or Tails for airgapped device?

Being open-source and amnestic are the primary reasons you should use Tails for the OS of your airgapped computer. Privacy is a byproduct of these.

I will add that Tails can be started with in-built feature of "no internet".
And I will add that it's something I like because you actually don't even need a separate computer as airgapped device, you can just boot the same one from Tails. Of course, having one extra is more convenient.

Quote from: _act_ on April 17, 2024, 04:16:49 AM

I think no matter the OS that you use, as long as it is not an online wallet, Windows and Appple can not know what you are doing.

I have seen many advises to use the OS you are used with, since the chance is smaller to make mistakes.
However, one thing I don't like at Windows (which I also use too much) is the default auto-run at inserting USB stick, which can cause you surprises (eg install malware) when you are transferring tx to the airgapped wallet for signing. Plus, you know, most viruses and malware are Windows specific.
So... I still recommend to give a good thought before choosing.

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote from: ?? on ??

But if you use anyone the two for airgapped wallet and the wallet remain airgapped, you have the privacy that you are talking about.

Well, yeah, but neither of these are amnestic, as in Tails. In case of physically compromising your device, sensitive data could be derived from an attacker.

Quote from: ?? on ??

Can you explaining this better? I mean you can do the breakdown about how it can be possible.

Sure.

Suppose your device is malware affected, such that when Electrum is requested to be loaded in memory, the malware replaces its binaries with a compromised version of Electrum. In this version, signing transactions does not follow the RFC 6979 standard, but instead, picks a random k value within a small range of numbers that only the attacker knows. Now you can sign transactions, it will feel as everything is okay, but when the transaction is broadcasted, the attacker can work out the private key by continuously brute forcing the k value in that small range, and double-spend the inputs of your unconfirmed transaction.

_act_

hero member

Activity: 868

Merit: 1094

Quote from: BlackHatCoiner on April 17, 2024, 12:39:30 PM

Being open-source and amnestic are the primary reasons you should use Tails for the OS of your airgapped computer. Privacy is a byproduct of these.

I am sure of the privacy part. If you use Windows or macOS for online wallet, you will have no privacy. But if you use anyone of the two for airgapped wallet and the wallet remain airgapped, you have the privacy that you are talking about.

Quote from: BlackHatCoiner on April 17, 2024, 12:39:30 PM

In addition to Z-tight's response, the answer to the question "Can my crypto asset get stolen in an airgapped, malware infected device?", is yes. One simple way for a malware to accomplish it, is that when the time comes and you sign a transaction from the airgapped device, without your knowledge, you sign a transaction with broken cryptography which can be claimed by the attacker.

Can you explaining this better? I mean you can do the breakdown about how it can be possible.

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote from: _act_ on April 17, 2024, 04:16:49 AM

Some people also said Windows and macOS are not good for privacy. But is it necessary to also use Linux or Tails for airgapped device?

Being open-source and amnestic are the primary reasons you should use Tails for the OS of your airgapped computer. Privacy is a byproduct of these.

Quote from: satscraper on April 17, 2024, 10:13:23 AM

At first start from the bootable flash drive that holds fresh Tails you can configure this OS to block all network drivers at the boot so that its persistent volume could keep safely your cold Electrum.

If the computer is airgapped, then you should have already taken care of physically removing the components that would allow it to connect to any network.

Quote from: Z-tight on April 17, 2024, 11:13:54 AM

Quote from: Mrbluntzy on April 17, 2024, 10:30:32 AM

Note: the device will always remain offline unless when am only sending out my asset.

Take note that if you have set up an airgapped wallet, you do not need to connect it to the internet to make tx's, it should never be connected to the internet. You can simply make tx's on your complementary online watch-only wallet and sign the tx in your airgapped device. If you connect your offline wallet to the internet, even briefly, your funds can be stolen.

In addition to Z-tight's response, the answer to the question "Can my crypto asset get stolen in an airgapped, malware infected device?", is yes. One simple way for a malware to accomplish it, is that when the time comes and you sign a transaction from the airgapped device, without your knowledge, you sign a transaction with broken cryptography which can be claimed by the attacker.

Z-tight

hero member

Activity: 854

Merit: 1031

Only BTC

Quote from: Mrbluntzy on April 17, 2024, 10:30:32 AM

Note: the device will always remain offline unless when am only sending out my asset.

Take note that if you have set up an airgapped wallet, you do not need to connect it to the internet to make tx's, it should never be connected to the internet. You can simply make tx's on your complementary online watch-only wallet and sign the tx in your airgapped device. If you connect your offline wallet to the internet, even briefly, your funds can be stolen.

_act_

hero member

Activity: 868

Merit: 1094

Quote from: un_rank on April 17, 2024, 08:25:39 AM

They can know what apps you download and use even if it is airgapped

Once I reinstall the OS, and make it airgapped I will not download anything on the wallet again. I will transfer the wallet file for installation through flashdrive if it is not Tails.

Quote from: Mrbluntzy on April 17, 2024, 10:30:32 AM

Permit me to ask this question, if for example I have an airgapped device that am using to store my Bitcoin and before using the device I did not format it but I have been using it to store my crypto assets for some months while there is a malware in it, but since the device will not be going online unless any time I want to send out my crypto from that device, do I really have to fear that my asset will still be tampered on by the malware? Note: the device will always remain offline unless when am only sending out my asset.

It is like you repeated the question that I asked on this same thread. It is not advisable not to format the device and reinstall the OS. I am just asking about this because I do not know how malware can be used to penetrate this kind of offline device. But just for newbies like you, it will be better to do all that is necessary to remove malware from the device that you want to use. The wallet that I am taking about is airgapped and will never connect to the Internet. I will use watch only wallet to make transactions. According the question that you asked, even if the wallet is not affected, you said you will not connect online unless you want to make transaction, that means if you connect online and the malware is capable of stealing your coins, it will steal it.

Findingnemo

hero member

Activity: 2310

Merit: 757

Bitcoin = Financial freedom

Quote from: un_rank on April 17, 2024, 08:25:39 AM

Quote from: _act_ on April 17, 2024, 04:45:06 AM

If it is airgapped, they can not know anything from the airgapped device.

They can know what apps you download and use even if it is airgapped, but they will not have access to the wallet. They will only be able to piece other information together if you have another device with their OS running.

- Jay -

There is no way to access this information if we are actually talking about air-gapped device unless the attacker has physical access to the air-gapped device and it's safe to assume that even if there are malware present in the Bios it won't do much harm as said above. If the infected device is ever connected to the internet then all the logs will be sent to the attacker but if it once connected to internet it voids the term airgapped.

Mrbluntzy

member

Activity: 252

Merit: 32

★Bitvest.io★ Play Plinko or Invest!

Quote from: Zaguru12 on April 17, 2024, 04:38:20 AM

If you didn’t format the device there would still be malware in that device because some malware would have already been in there before you switch to offline mode. The malware which is even common is the clipboard malware which will definitely sit there even after you go offline. You need to completely reformat the drive to delete everything on it and then reinstall a fresh new OS.

Your hard drive only stores what the OS tells it to store, so a proper reformatting is ok to me.

Permit me to ask this question, if for example I have an airgapped device that am using to store my Bitcoin and before using the device I did not format it but I have been using it to store my crypto assets for some months while there is a malware in it, but since the device will not be going online unless any time I want to send out my crypto from that device, do I really have to fear that my asset will still be tampered on by the malware? Note: the device will always remain offline unless when am only sending out my asset.

satscraper

hero member

Activity: 714

Merit: 1298

Cashback 15%

Quote from: _act_ on April 17, 2024, 04:16:49 AM

One of the safest wallet are wallets on airgapped devices. But what some people do worry about is that they should format the device that they want to use for it and reinstall the operating system.

Assuming you did not format the device but make it airgapped. Can malware still be able to affect the device? The reason I said this is not because I will not format the device but because I read that not all malware can be completely removed from the device after formatting and OS reinstallation.

Some people also said Windows and macOS are not good for privacy. But is it necessary to also use Linux or Tails for airgapped device? I think no matter the OS that you use, as long as it is not an online wallet, Windows and Appple can not know what you are doing.

At first start from the bootable flash drive that holds fresh Tails you can configure this OS to block all network drivers at the boot so that its persistent volume could keep safely your cold Electrum.

Then you can use this flash drive to boot Tails even on online machine not to mention the airgapped one.

I don't think that there is an malware that could survive in RAM for noticeable period of time after online machine halt.

The potential of infiltration via infected BIOS remains, though, no matter whether machine is airgapped or not.

un_rank

hero member

Activity: 644

Merit: 661

- Leo -

Quote from: _act_ on April 17, 2024, 04:45:06 AM

If it is airgapped, they can not know anything from the airgapped device.

They can know what apps you download and use even if it is airgapped, but they will not have access to the wallet. They will only be able to piece other information together if you have another device with their OS running.

- Jay -

ABCbits

legendary

Activity: 2856

Merit: 7410

Crypto Swap Exchange

Quote from: _act_ on April 17, 2024, 04:16:49 AM

Assuming you did not format the device but make it airgapped. Can malware still be able to affect the device? The reason I said this is not because I will not format the device but because I read that not all malware can be completely removed from the device after formatting and OS reinstallation.

FYI, it's not completely removed since the malware put itself on your BIOS/UEFI firmware. Here's an example, https://www.pcmag.com/news/malware-that-can-survive-os-reinstalls-strikes-again-likely-for-cyberespionage. But there aren't many malware which have such advance capability.

Quote from: _act_ on April 17, 2024, 04:45:06 AM

Quote from: Zaguru12 on April 17, 2024, 04:38:20 AM

The reason for all this Linux is because it is not prone to viruses or malware than the Windows or MacOS. So probably going offline after reformatting will actually reduces the risk of both OS too to be infected. But the best still remains the Linux.

I do not see a reason to use Linux if the wallet is on an airgapped device. I think all those operating systems are good.

If you need reason, Linux distro is lighter. By lighter, i mean use less storage space, less RAM and less CPU usage. Although i expect it doesn't matter much unless you use old or slow device.

_act_

hero member

Activity: 868

Merit: 1094

Quote from: Zaguru12 on April 17, 2024, 04:38:20 AM

If you didn’t format the device there would still be malware in that device because some malware would have already been in there before you switch to offline mode. The malware which is even common is the clipboard malware which will definitely sit there even after you go offline. You need to completely reformat t

The wallet on airgapped device is only used for signing bitcoin unsigned transaction. If clipboard malware changed the address, it is not from the airgapped device but the watch only wallet that you used for it.

Quote from: Zaguru12 on April 17, 2024, 04:38:20 AM

The reason for all this Linux is because it is not prone to viruses or malware than the Windows or MacOS. So probably going offline after reformatting will actually reduces the risk of both OS too to be infected. But the best still remains the Linux.

I do not see a reason to use Linux if the wallet is on an airgapped device. I think all those operating systems are good.

Quote from: un_rank on April 17, 2024, 04:44:20 AM

The operating system CAN know what you are doing on their system. This undermines your privacy but not your security.

If it is airgapped, they can not know anything from the airgapped device.

un_rank

hero member

Activity: 644

Merit: 661

- Leo -

Quote from: _act_ on April 17, 2024, 04:16:49 AM

...because I read that not all malware can be completely removed from the device after formatting and OS reinstallation.

95% of the time, formatting and OS re-installation will rid your device from all malwares, if you replace the hard disk it will take it to 99%. The type of malwares that can survive all of these actions are very rare and not used by regular scammers.

Quote from: _act_ on April 17, 2024, 04:16:49 AM

Some people also said Windows and macOS are not good for privacy. But is it necessary to also use Linux or Tails for airgapped device? I think no matter the OS that you use, as long as it is not an online wallet, Windows and Appple can not know what you are doing.

The operating system CAN know what you are doing on their system. This undermines your privacy but not your security.

- Jay -

Topic: Airgapped device for Electrum installation (Read 238 times)