Pages:
Author

Topic: Airgapped device for Electrum installation (Read 292 times)

legendary
Activity: 1512
Merit: 7340
Farewell, Leo
April 19, 2024, 10:56:06 AM
#24
If you have a malware that works offline and randomly deletes your files, then you need to get rid of it.
And, believe me. A malware that does only that is one of the good malwares!  Cheesy

By the way, if you are afraid that your storage (HDD or SSD) is not secure, just buy a new one.
Storage isn't evil. It's the software that accesses your storage. If they're evil, a brand new hard drive isn't going to save you.

You don't need tails because tails is a live OS and every information gets erased.
You can use persistent storage to save important files, such as wallets. This means that the files are written in the USB drive, but encrypted using a very long password by default, like a seed phrase.
hero member
Activity: 882
Merit: 792
Watch Bitcoin Documentary - https://t.ly/v0Nim
One of the safest wallet are wallets on airgapped devices. But what some people do worry about is that they should format the device that they want to use for it and reinstall the operating system.

Assuming you did not format the device but make it airgapped. Can malware still be able to affect the device? The reason I said this is not because I will not format the device but because I read that not all malware can be completely removed from the device after formatting and OS reinstallation.

Some people also said Windows and macOS are not good for privacy. But is it necessary to also use Linux or Tails for airgapped device? I think no matter the OS that you use, as long as it is not an online wallet, Windows and Appple can not know what you are doing.
If you have a malware that works offline and randomly deletes your files, then you need to get rid of it. Otherwise, if malware only works when connected to the internet, so while it's offline, who cares? By the way, if you are afraid that your storage (HDD or SSD) is not secure, just buy a new one. If you want it only for wallets, just buy a cheap but new Samsung SSD. Or if you are extremely paranoid, buy a brand new computer (buy new parts and make the one yourself).
You don't need tails because tails is a live OS and every information gets erased. If you just want to create a new paper wallet on airgapped computer, then sure, use Tails. I would use Linux instead of Windows because it uses less resources and its popularity and open-soureness makes it an attractive choice for me.

The problem with using closed source OS is the fact that you actually can't tell exactly what's going on at the back end.
And if you are not a software developer and an IT guy, then you don't know what's exactly going on and you have to trust others.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
About the RJ45 port, I will prefer to disable it in the BIOS along with USB ports
I wouldn't trust a software solution. Physically unplugging the cable is the minimum.

Quote
I can enable and disable the USB port anytime that I want
Disabling USB means you have to use the camera or keyboard for transfering unsigned transactions.

Quote
I like the laptops that are small but a little expensive that come with UEFI (BIOS) that do not come with RJ45 port unlike the big laptops that has it.
I'm not a fan of the current UEFI BIOS. It seems designed for Windows with "secure boot", and it always takes some fiddling to get Linux booting.
I am a big fan of having a "spare laptop", and I'm still thinking of buying a few more. Second hand they're dirt cheap (and only getting cheaper), and even if I use them only a few times, it's so convenient not having to deal with VMs.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
--snip--
However, one thing I don't like at Windows (which I also use too much) is the default auto-run at inserting USB stick, which can cause you surprises (eg install malware) when you are transferring tx to the airgapped wallet for signing. Plus, you know, most viruses and malware are Windows specific.
So... I still recommend to give a good thought before choosing.

It's no longer true though. Autorun (running arbitrary application) no longer work and only Autoplay (opening multimedia file) remain exist on Windows OS. While there's possibility malware hidden on the multimedia file and executed by the multimedia application, overall risk is lower.
legendary
Activity: 1064
Merit: 1298
Lightning network is good with small amount of BTC
Remove the Wifi card, put chewing gum in the RJ45 port, remove or encrypt the SSD, glue the RAM against liquid nitrogen swap attacks, close the curtains, build a faraday cage, train your cat to be an assassin, drop your laptop in acid when your alarm is triggered, ...., you can go as far as you want Cheesy
That is true. About the RJ45 port, I will prefer to disable it in the BIOS along with USB ports after I finish installing the wallet that I want to use on other airgapped device. I can enable and disable the USB port anytime that I want like during necessary update which is not common, but leave the RJ45 port completely disabled. I like the laptops that are small but a little expensive that come with UEFI (BIOS) that do not come with RJ45 port unlike the big laptops that has it.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Assuming you did not format the device but make it airgapped. Can malware still be able to affect the device?
Maybe. Maybe not. In any case, that means you have to assume it can still create problems. So wipe it.

Take note that if you have set up an airgapped wallet, you do not need to connect it to the internet to make tx's, it should never be connected to the internet.
Remove the Wifi card, put chewing gum in the RJ45 port, remove or encrypt the SSD, glue the RAM against liquid nitrogen swap attacks, close the curtains, build a faraday cage, train your cat to be an assassin, drop your laptop in acid when your alarm is triggered, ...., you can go as far as you want Cheesy
sr. member
Activity: 602
Merit: 387
Rollbit is for you. Take $RLB token!
One of the safest wallet are wallets on airgapped devices. But what some people do worry about is that they should format the device that they want to use for it and reinstall the operating system.
You want to make an airgapped wallet to avoid risk from hacks so a very first step to do in security is that device must be clean, not infected.

Quote
Some people also said Windows and macOS are not good for privacy. But is it necessary to also use Linux or Tails for airgapped device?
Bitcoin gives you your own bank, if you use a non custodial wallet. You can use it privately with Tor connection and you don't need to register anything with Windows, Linux to broadcast your Bitcoin transactions. You don't need to log in your email or exchange account on a device you use to broadcast your Bitcoin transaction.

You are just worrying too much but if you keep your device actually airgapped, your privacy will not be affected.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Some people also said Windows and macOS are not good for privacy. But is it necessary to also use Linux or Tails for airgapped device?
Being open-source and amnestic are the primary reasons you should use Tails for the OS of your airgapped computer. Privacy is a byproduct of these.

I will add that Tails can be started with in-built feature of "no internet".
And I will add that it's something I like because you actually don't even need a separate computer as airgapped device, you can just boot the same one from Tails. Of course, having one extra is more convenient.

I think no matter the OS that you use, as long as it is not an online wallet, Windows and Appple can not know what you are doing.

I have seen many advises to use the OS you are used with, since the chance is smaller to make mistakes.
However, one thing I don't like at Windows (which I also use too much) is the default auto-run at inserting USB stick, which can cause you surprises (eg install malware) when you are transferring tx to the airgapped wallet for signing. Plus, you know, most viruses and malware are Windows specific.
So... I still recommend to give a good thought before choosing.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
But if you use anyone the two for airgapped wallet and the wallet remain airgapped, you have the privacy that you are talking about.
Well, yeah, but neither of these are amnestic, as in Tails. In case of physically compromising your device, sensitive data could be derived from an attacker.

Can you explaining this better?  I mean you can do the breakdown about how it can be possible.
Sure.

Suppose your device is malware affected, such that when Electrum is requested to be loaded in memory, the malware replaces its binaries with a compromised version of Electrum. In this version, signing transactions does not follow the RFC 6979 standard, but instead, picks a random k value within a small range of numbers that only the attacker knows. Now you can sign transactions, it will feel as everything is okay, but when the transaction is broadcasted, the attacker can work out the private key by continuously brute forcing the k value in that small range, and double-spend the inputs of your unconfirmed transaction. 
legendary
Activity: 1064
Merit: 1298
Lightning network is good with small amount of BTC
Being open-source and amnestic are the primary reasons you should use Tails for the OS of your airgapped computer. Privacy is a byproduct of these.
I am sure of the privacy part. If you use Windows or macOS for online wallet, you will have no privacy. But if you use anyone of the two for airgapped wallet and the wallet remain airgapped, you have the privacy that you are talking about.

In addition to Z-tight's response, the answer to the question "Can my crypto asset get stolen in an airgapped, malware infected device?", is yes. One simple way for a malware to accomplish it, is that when the time comes and you sign a transaction from the airgapped device, without your knowledge, you sign a transaction with broken cryptography which can be claimed by the attacker.
Can you explaining this better?  I mean you can do the breakdown about how it can be possible.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Some people also said Windows and macOS are not good for privacy. But is it necessary to also use Linux or Tails for airgapped device?
Being open-source and amnestic are the primary reasons you should use Tails for the OS of your airgapped computer. Privacy is a byproduct of these.

At first start from the  bootable flash  drive that holds fresh  Tails you can configure this OS to block all network drivers at the boot so that its persistent volume could keep safely your cold Electrum.
If the computer is airgapped, then you should have already taken care of physically removing the components that would allow it to connect to any network.

Note: the device will always remain offline unless when am only sending out my asset.
Take note that if you have set up an airgapped wallet, you do not need to connect it to the internet to make tx's, it should never be connected to the internet. You can simply make tx's on your complementary online watch-only wallet and sign the tx in your airgapped device. If you connect your offline wallet to the internet, even briefly, your funds can be stolen.
In addition to Z-tight's response, the answer to the question "Can my crypto asset get stolen in an airgapped, malware infected device?", is yes. One simple way for a malware to accomplish it, is that when the time comes and you sign a transaction from the airgapped device, without your knowledge, you sign a transaction with broken cryptography which can be claimed by the attacker.
hero member
Activity: 994
Merit: 1089
Note: the device will always remain offline unless when am only sending out my asset.
Take note that if you have set up an airgapped wallet, you do not need to connect it to the internet to make tx's, it should never be connected to the internet. You can simply make tx's on your complementary online watch-only wallet and sign the tx in your airgapped device. If you connect your offline wallet to the internet, even briefly, your funds can be stolen.
legendary
Activity: 1064
Merit: 1298
Lightning network is good with small amount of BTC
They can know what apps you download and use even if it is airgapped
Once I reinstall the OS, and make it airgapped I will not download anything on the wallet again. I will transfer the wallet file for installation through flashdrive if it is not Tails.

Permit me to ask this question, if for example I have an airgapped device that am using to store my Bitcoin and before using the device I did not format it but I have been using it to store my crypto assets for some months while there is a malware in it, but since the device will not be going online unless any time I want to send out my crypto from that device, do I really have to fear that my asset will still be tampered on by the malware? Note: the device will always remain offline unless when am only sending out my asset.
It is like you repeated the question that I asked on this same thread. It is not advisable not to format the device and reinstall the OS. I am just asking about this because I do not know how malware can be used to penetrate this kind of offline device. But just for newbies like you, it will be better to do all that is necessary to remove malware from the device that you want to use. The wallet that I am taking about is airgapped and will never connect to the Internet. I will use watch only wallet to make transactions. According the question that you asked, even if the wallet is not affected, you said you will not connect online unless you want to make transaction, that means if you connect online and the malware is capable of stealing your coins, it will steal it.
hero member
Activity: 2366
Merit: 793
Bitcoin = Financial freedom
If it is airgapped, they can not know anything from the airgapped device.
They can know what apps you download and use even if it is airgapped, but they will not have access to the wallet. They will only be able to piece other information together if you have another device with their OS running.

- Jay -

There is no way to access this information if we are actually talking about air-gapped device unless the attacker has physical access to the air-gapped device and it's safe to assume that even if there are malware present in the Bios it won't do much harm as said above. If the infected device is ever connected to the internet then all the logs will be sent to the attacker but if it once connected to internet it voids the term airgapped.
member
Activity: 392
Merit: 71
Axioma Holding - Axioma Pay Crypto Card

If you didn’t format the device there would still be malware in that device because some malware would have already been in there before you switch to offline mode. The malware which is even common is the clipboard malware which will definitely sit there even after you go offline. You need to completely reformat the drive to delete everything on it and then reinstall a fresh new OS.

Your hard drive only stores what the OS tells it to store, so a proper reformatting is ok to me.

Permit me to ask this question, if for example I have an airgapped device that am using to store my Bitcoin and before using the device I did not format it but I have been using it to store my crypto assets for some months while there is a malware in it, but since the device will not be going online unless any time I want to send out my crypto from that device, do I really have to fear that my asset will still be tampered on by the malware? Note: the device will always remain offline unless when am only sending out my asset.
hero member
Activity: 714
Merit: 1298
One of the safest wallet are wallets on airgapped devices. But what some people do worry about is that they should format the device that they want to use for it and reinstall the operating system.

Assuming you did not format the device but make it airgapped. Can malware still be able to affect the device? The reason I said this is not because I will not format the device but because I read that not all malware can be completely removed from the device after formatting and OS reinstallation.

Some people also said Windows and macOS are not good for privacy. But is it necessary to also use Linux or Tails for airgapped device? I think no matter the OS that you use, as long as it is not an online wallet, Windows and Appple can not know what you are doing.

At first start from the  bootable flash  drive that holds fresh  Tails you can configure this OS to block all network drivers at the boot so that its persistent volume could keep safely your cold Electrum.

Then you can use this flash drive to boot Tails even on online machine not to mention  the airgapped one.

I don't think that there is an malware that could survive in RAM for noticeable period of time after online machine halt.

The potential of infiltration via infected  BIOS remains, though, no matter whether machine is airgapped or not.
hero member
Activity: 644
Merit: 661
- Jay -
If it is airgapped, they can not know anything from the airgapped device.
They can know what apps you download and use even if it is airgapped, but they will not have access to the wallet. They will only be able to piece other information together if you have another device with their OS running.

- Jay -
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
Assuming you did not format the device but make it airgapped. Can malware still be able to affect the device? The reason I said this is not because I will not format the device but because I read that not all malware can be completely removed from the device after formatting and OS reinstallation.

FYI, it's not completely removed since the malware put itself on your BIOS/UEFI firmware. Here's an example, https://www.pcmag.com/news/malware-that-can-survive-os-reinstalls-strikes-again-likely-for-cyberespionage. But there aren't many malware which have such advance capability.

The reason for all this Linux is because it is not prone to viruses or malware than the Windows or MacOS. So probably going offline after reformatting will actually reduces the risk of both OS too to be infected. But the best still remains the Linux.
I do not see a reason to use Linux if the wallet is on an airgapped device. I think all those operating systems are good.

If you need reason, Linux distro is lighter. By lighter, i mean use less storage space, less RAM and less CPU usage. Although i expect it doesn't matter much unless you use old or slow device.
legendary
Activity: 1064
Merit: 1298
Lightning network is good with small amount of BTC
If you didn’t format the device there would still be malware in that device because some malware would have already been in there before you switch to offline mode. The malware which is even common is the clipboard malware which will definitely sit there even after you go offline. You need to completely reformat t
The wallet on airgapped device is only used for signing bitcoin unsigned transaction. If clipboard malware changed the address, it is not from the airgapped device but the watch only wallet that you used for it.

The reason for all this Linux is because it is not prone to viruses or malware than the Windows or MacOS. So probably going offline after reformatting will actually reduces the risk of both OS too to be infected. But the best still remains the Linux.
I do not see a reason to use Linux if the wallet is on an airgapped device. I think all those operating systems are good.

The operating system CAN know what you are doing on their system. This undermines your privacy but not your security.
If it is airgapped, they can not know anything from the airgapped device.
hero member
Activity: 644
Merit: 661
- Jay -
...because I read that not all malware can be completely removed from the device after formatting and OS reinstallation.
95% of the time, formatting and OS re-installation will rid your device from all malwares, if you replace the hard disk it will take it to 99%. The type of malwares that can survive all of these actions are very rare and not used by regular scammers.

Some people also said Windows and macOS are not good for privacy. But is it necessary to also use Linux or Tails for airgapped device? I think no matter the OS that you use, as long as it is not an online wallet, Windows and Appple can not know what you are doing.
The operating system CAN know what you are doing on their system. This undermines your privacy but not your security.

- Jay -
Pages:
Jump to: