AirGapped Hardware Wallets - page 2.

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Quote from: satscraper on September 23, 2023, 05:37:31 AM

Yeah, QR-code-based-communication is more secure, bu t it is also vulnerable and may result in the loss of fund in the case when relevant HW is paired with wallet on compromised computer that holds the malware code capable to change the receiving address in transaction that is granted for signing via jeopardized QR code .

One should always check what he is signing even with air-gapped wallet paired exclusively via QR over optical channel.

You mean that the Qr code can be compromised by clipboard malware? Clipboard malware works in a way that you will copy a bitcoin address, the address would be replaced by a hackers address on the clipboard, so that the hacker's address will be the one that will be pasted. If you make use of QR code, you do not copy anything to clipboard at all and no address will be replaced by the clipboard malware. Although, it is good to check and recheck what you paste, even from QR code.

lyw123

jr. member

Activity: 57

Merit: 4

[/quote]

Yeah, QR-code-based-communication is more secure, bu t it is also vulnerable and may result in the loss of fund in the case when relevant HW is paired with wallet on compromised computer that holds the malware code capable to change the receiving address in transaction that is granted for signing via jeopardized QR code .

One should always check what he is signing even with air-gapped wallet paired exclusively via QR over optical channel.
[/quote]

I have 2 safepal s1. After read a post by dkbit98, I do not dare to use them, again. Safepal is closed source, and others are open source, like keystone. However their sales are very low. I am concerned about the lack of supervision.

satscraper

hero member

Activity: 714

Merit: 1298

Cashback 15%

Quote from: lyw123 on September 23, 2023, 04:19:57 AM

Airgapped wallets that rely solely on QR code communication appear to be very secure. .

Yeah, QR-code-based-communication is more secure, bu t it is also vulnerable and may result in the loss of fund in the case when relevant HW is paired with wallet on compromised computer that holds the malware code capable to change the receiving address in transaction that is granted for signing via jeopardized QR code .

One should always check what he is signing even with air-gapped wallet paired exclusively via QR over optical channel.

lyw123

jr. member

Activity: 57

Merit: 4

Quote

AirGapped devices by definition are never directly connected to internet or to any other devices that are connected to the internet.
However, most devices including computers and hardware wallets still have USB connections and that is the easiest way to breach airgapped machine, but not the only one.
Airgap malware exist today that are using acoustic or other type of signaling like light, magnetic, thermal or radio frequency, so we know that AirGapped devices are not providing perfect protection.

Dear Sir, I have a few questions. (1) Airgapped wallets that rely solely on QR code communication appear to be very secure. However, related hardware wallets, such as Keystone, have low sales. Why? (2) The risk associated with airgapped wallets seems to be primarily supply chain attacks. When newbies receive a new airgapped wallet, they may not even think about immediately updating the firmware. If anti-tampering measures are compromised and the supply chain is attacked, that can be dangerous. Especially considering the small sales volume of current airgapped wallets, the risk is likely significant.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18509

Quote from: Charles-Tim on October 24, 2022, 05:39:00 AM

If using QR code, it is airgapped, but if using USB connection, it should not be regarded as airgapped is what o_e_l_e_o is referring to, I think.

Not exactly. It seems that to set up Jade you must connect it via USB to your computer. Since the vast majority of people who do this will connect it to a regular computer with an internet connection, then that is no longer air-gapped. It doesn't matter if you then go on to only use QR codes in the future, as an airgap should be either permanent or not at all.

Note that I'm not saying that it isn't secure, just that it isn't airgapped. Ledger and Trezor devices aren't airgapped either, although it is possible to use them in an airgapped manner if you only connect them to an airgapped computer. But if you connect your hardware wallet to a computer with an internet connection at any point, then it ceases to be an airgapped wallet.

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Quote from: n0nce on October 24, 2022, 05:07:36 AM

While I do love QR codes not only for security / air-gap, but also for their convenience (work cross-platform, no need to carry a cable); just adding QR code communication indeed doesn't make a wallet airgapped, in my opinion. Still nice to have, but not air-gapped.
So, I agree with o_e_l_e_o here.

If using QR code, it is airgapped, but if using USB connection, it should not be regarded as airgapped is what o_e_l_e_o is referring to, I think. Is Jade having a means to use QR code? Is there other means in a way there is no way you will not have to plugging the USB stick for the continuing usage of the Jade hardware wallet with Blockstream Green? If the hardware wallet is USB stick dependent at some point, that means it is not an airgapped hardware wallet.

n0nce

hero member

Activity: 882

Merit: 5818

not your keys, not your coins!

While I do love QR codes not only for security / air-gap, but also for their convenience (work cross-platform, no need to carry a cable); just adding QR code communication indeed doesn't make a wallet airgapped, in my opinion. Still nice to have, but not air-gapped.
So, I agree with o_e_l_e_o here.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18509

Please correct me if I'm wrong, but looking at the setup guide for Jade, it must be connected to your computer via a USB cable to set it up via Blockstream Green. As far as I am concerned, this immediately makes it non-airgapped, in exactly the same way Ledger or Trezor are non-airgapped. Perhaps it would be possible to use it in an air-gapped manner if you only connected it to an airgapped computer running an entirely offline version of Blockstream Green (although having never used this wallet I don't know if that is possible), but Jade itself is not an airgapped wallet.

witcher_sense

legendary

Activity: 2310

Merit: 4313

🔐BitcoinMessage.Tools🔑

Quote from: dkbit98 on October 22, 2022, 04:40:50 PM

Some argue that Jade is not really airgapped because of connection with Blockstream server, but that is debatable.

I have mixed feelings about the Jade hardware wallet, I haven't been following its development closely, but it is for sure the first time I hear that someone call it an "air-gapped" wallet. As far as I know, in order to get access to the signing functionality of this wallet, you first need to unblock it by entering a PIN code. This PIN-code protection is server-enforced, which means you have to be physically connected to a remote server via the Internet to get your PIN working. This requirement of having to be connected to the network slightly contradicts the concept of air-gapped wallets. However, there are ways to make this wallet more "air-gapped" and less reliant on third-party servers: namely by spinning up your own server on your own isolated local network and using a hardware wallet only in your house. But I think if your personal network is not correctly configured, it remains vulnerable to external attacks. Moreover, you will still need the Internet to broadcast a transaction, which means there should be a separate network that talks to the outside world. Isn't it easier to just use some other wallet that doesn't need any servers to be unlocked?

PrimeNumber7

copper member

Activity: 1610

Merit: 1899

Amazon Prime Member #7

Quote from: dkbit98 on October 22, 2022, 04:40:50 PM

Some argue that Jade is not really airgapped because of connection with Blockstream server, but that is debatable.

Data from the internet must interact with the Jade device. I have previously argued that some HW wallets are superior in security compared to "traditional" 'air gapped' setups.

Every security measure uses various tradeoffs. The Jade, for example, reduces the risk of loss (via theft) if someone gains physical access to the device, in exchange for incremental additional vulnerability via having to connect (via an app) to the internet. Realistically, I think the risk of having a HW device stolen is greater than someone being able to inject malware into it, so it is probably a good tradeoff. However, I don't see how one could argue that Jade is in fact "air-gapped"

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%

It's finally time to add one more airgapped hardware wallet in this topic, and that is Jade wallet after upcoming firmware update.
Jade always had camera in their EPS32 device and they just waited for software update to add support for QR codes and camera compatibility.
Someone on Twitter posted this VIDEO how this would work with Jade device.
Some argue that Jade is not really airgapped because of connection with Blockstream server, but that is debatable.

Image source taken from twitter account @bitcoin__help

n0nce

hero member

Activity: 882

Merit: 5818

not your keys, not your coins!

Quote from: dkbit98 on November 13, 2021, 10:07:06 AM

Quote from: n0nce on November 12, 2021, 10:33:52 AM

My point is the interface; it can interface with phones through the camera, laptops through camera or SD and finally even desktops without webcam through the SD card. This is highly versatile. And password entry is much faster through the keypad than through the BitBox touch menu.

There is a saying that everyone praises his own horse, and I think that is the case here with Bakkum indirectly praising his own wallet.

Of course that's what he's doing, but he's not honest about it. Of course you can advertise your own product, but strawmanning the competition is not elegant.

Quote from: dkbit98 on November 13, 2021, 10:07:06 AM

I think that Bitbox02 is very good open source device, but it's far from perfect and I personally don't like direct USB connection without cable
because I can't use it properly on my desktop computer and I need cable extension, or to use it on my laptop.
If I had to choose wallet with USB connection or airgap, I would use airgap option in 99%

Well, it comes with an extension cable, so it's no difference if it has a male or female USB port on it, except that with their design you don't need the cable when using a laptop, whereas you do always need one if you opt for a female plug on the hardware wallet. But I agree that QR codes are more comfortable, also because they work with any device that has a camera and you never need a cable.

Quote from: dkbit98 on November 13, 2021, 10:07:06 AM

Quote from: n0nce on November 12, 2021, 10:33:52 AM

I will write reviews about both and both are great products in my opinion, but Bakkum's article is disingenuous.

I don't know if you ever used Coldcard hardware wallet but I would be interested to hear some comparison Passport vs Coldcard vs other wallets.
Thanks.

Unfortunately, I have not tried that one yet. However, it should be fairly similar to Passport when used with SD card (which I'll try), when it comes to the user experience.

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%

Quote from: n0nce on November 12, 2021, 10:33:52 AM

My point is the interface; it can interface with phones through the camera, laptops through camera or SD and finally even desktops without webcam through the SD card. This is highly versatile. And password entry is much faster through the keypad than through the BitBox touch menu.

There is a saying that everyone praises his own horse, and I think that is the case here with Bakkum indirectly praising his own wallet.
I think that Bitbox02 is very good open source device, but it's far from perfect and I personally don't like direct USB connection without cable
because I can't use it properly on my desktop computer and I need cable extension, or to use it on my laptop.
If I had to choose wallet with USB connection or airgap, I would use airgap option in 99%

Quote from: n0nce on November 12, 2021, 10:33:52 AM

I will write reviews about both and both are great products in my opinion, but Bakkum's article is disingenuous.

I don't know if you ever used Coldcard hardware wallet but I would be interested to hear some comparison Passport vs Coldcard vs other wallets.
Thanks.

n0nce

hero member

Activity: 882

Merit: 5818

not your keys, not your coins!

Quote from: dkbit98 on November 11, 2021, 11:55:25 AM

~

Read both a few days as well; interesting takes, but for me personally, the airgapped Passport is easier and quicker to use than the BitBox, not only though it is airgapped, but partly also because.
My point is the interface; it can interface with phones through the camera, laptops through camera or SD and finally even desktops without webcam through the SD card. This is highly versatile. And password entry is much faster through the keypad than through the BitBox touch menu.

I will write reviews about both and both are great products in my opinion, but Bakkum's article is disingenuous.

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%

Douglas Bakkum recently wrote an article for BitBox blog claiming that airgap is not really making hardware wallets more secure and it's only complicating them.
It's not surprising to hear this from inventor of BitBox wallet if we know that device is not airgapped, but it's interesting to read his opinion and conclusion.
He first started with myth of unbeatable airgap security, but wait a minute, nobody said that airgap is perfect and unbeatable.
Then he said that Micro-SD cards are mini computers with firmware that can be hacked, something I never heard happening but I guess it's possible in theory, however not all h-wallets are using SD cards, there is also QR codes.

Quote

Our conclusion is that air-gapped communication offers little-to-no added hardware wallet security while degrading the user experience.

Source articel: https://shiftcrypto.ch/blog/does-airgap-make-bitcoin-hardware-wallets-more-secure/

I personally won't agree with Douglas opinion, removing USB connection means less attack surface,
and in reply to BitBox blog with claims and conclusion we have interesting David Bakin blog, that explains it much better than me:
https://bakins-bits.dev/dev/2021/11/airgapped-hardware-wallets-and-fud-1/

n0nce

hero member

Activity: 882

Merit: 5818

not your keys, not your coins!

Quote from: dkbit98 on October 08, 2021, 06:54:29 AM

Quote from: o_e_l_e_o on October 07, 2021, 03:06:09 PM

I could never fall victim to this attack because not only does my airgapped device not have any ethernet cables attached to it, but it does not even have an ethernet port in which to connect an ethernet cable.

I don't know what kind of magical computer you are using but 99% of computers today have ethernet ports and you don't need to connect internet cable to be affected by this attack.

Depending on which locations (this includes some IT security conferences) you like to visit, it may be a wise choice to bring a device without connectivity of any kind Grin

I've seen people put hot glue into their ports and also people simply desoldering ports from the motherboard.
If the machine is sitting in a physically secured location though, you should be good with leaving the ports on ^^

Quote from: o_e_l_e_o on October 08, 2021, 09:35:37 AM

I have a variety of new and old laptops, none of which have ethernet ports. There are a number of Raspberry Pi boards without ethernet ports.

Old laptops - I get it. I have one that needs a PCMCIA card with an adapter to have ethernet. But modern? You mean those ultrabooks with just a bunch of USB-C ports? Cause that's not much better either; you can just plug in an adapter in that case.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18509

Quote from: witcher_sense on October 08, 2021, 02:16:11 AM

The question is why a crypto user would want isolated local networks to deal with cryptocurrency stuff?

Yeah, that's my point. If you have some kind of LAN or other local network set up with multiple computers and devices, then that's a poor choice for storing airgapped wallets. Whatever device you are using for your airgapped wallet should have the minimum amount of hardware required to run, and be connected to the minimum number of peripheral devices. If not building it yourself, then open it up and remove things like the WiFi card.

Quote from: dkbit98 on October 08, 2021, 06:54:29 AM

I don't know what kind of magical computer you are using but 99% of computers today have ethernet ports and you don't need to connect internet cable to be affected by this attack.

I have a variety of new and old laptops, none of which have ethernet ports. There are a number of Raspberry Pi boards without ethernet ports.

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%

Quote from: o_e_l_e_o on October 07, 2021, 03:06:09 PM

I could never fall victim to this attack because not only does my airgapped device not have any ethernet cables attached to it, but it does not even have an ethernet port in which to connect an ethernet cable.

I don't know what kind of magical computer you are using but 99% of computers today have ethernet ports and you don't need to connect internet cable to be affected by this attack.

witcher_sense

legendary

Activity: 2310

Merit: 4313

🔐BitcoinMessage.Tools🔑

Quote from: o_e_l_e_o on October 07, 2021, 03:06:09 PM

Who actually has an ethernet cable attached to their airgapped device though? The device you are using to store airgapped wallets should obviously not be connected to a WiFi router or similar, and it should also not be part of a LAN or similar.

If a device (in this case, an air-gapped computer with wallets installed) is a part of an air-gapped network, it needs to be somehow physically connected to other air-gapped computers. The question is why a crypto user would want isolated local networks to deal with cryptocurrency stuff? I think you are right in the sense that after such a vulnerability has been discovered and revealed, no computer that is part of isolated LAN can further be considered truly air-gapped. Cryptocurrency users, who want to maintain a decent level of security and preserve privacy, definitely should not have their (single) offline computer connected to the outside world: neither through physical means such as Ethernet cables, nor virtual ones such as WiFi, Bluetooth, etc.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18509

Quote from: dkbit98 on October 06, 2021, 03:32:52 PM

Newly discovered LANtenna Attack for airgapped devices was found recently, creating wireless signals with ethernet cable to steal data secrets from airgapped systems.

This is why I am a proponent of physically removing any connectivity hardware (or indeed, any superfluous hardware) from your airgapped device rather than just disabling it. I could never fall victim to this attack because not only does my airgapped device not have any ethernet cables attached to it, but it does not even have an ethernet port in which to connect an ethernet cable.

Who actually has an ethernet cable attached to their airgapped device though? The device you are using to store airgapped wallets should obviously not be connected to a WiFi router or similar, and it should also not be part of a LAN or similar.

Quote from: SFR10 on October 07, 2021, 12:20:46 PM

the odds of such attacks happening are quite low ^[CMIW]

Correct. As with most attacks which leak data from airgapped computers, the attacker must first gain access to your airgapped computer to install malware on it, and then hide some sort of receiving device within fairly close proximity to your airgapped computer. If your computer never leaves your house, then this is essentially impossible without obvious signs of forced entry.

Topic: AirGapped Hardware Wallets - page 2. (Read 1119 times)