Topic: Bad news for BTC-devs!? (Read 1328 times)
Printout and then OCR scan to cross airgap?
The guy in this article describes an alien computer virus. Cyberpunk x-files.
Actually describes a virus that managed to do a lot more than what mit scientists are struggling with in research.
Seriously?
Actually describes a virus that managed to do a lot more than what mit scientists are struggling with in research.
Seriously?
Quick Response code. The data you transmit is encoded in a picture.
If that argument is allowed, then why should it not be possible through the camera. An adversary generates a "magic" QR code (same as the magic audio or USB hijack), which causes the camera to create some sort of malicious code that causes the offline computer to be infected.
All of them are a far stretch, which is the point I was trying to make.
All of them are a far stretch, which is the point I was trying to make.
There is no "code" transmitted via QR - just an unsigned raw tx (which you can check before signing).
So it is not a question of malicious code - there is *no code* at all.
Well, the argument is that somehow the USB or sound card can be manipulated for code injection.
If that argument is allowed, then why should it not be possible through the camera. An adversary generates a "magic" QR code (same as the magic audio or USB hijack), which causes the camera to create some sort of malicious code that causes the offline computer to be infected.
All of them are a far stretch, which is the point I was trying to make.
If that argument is allowed, then why should it not be possible through the camera. An adversary generates a "magic" QR code (same as the magic audio or USB hijack), which causes the camera to create some sort of malicious code that causes the offline computer to be infected.
All of them are a far stretch, which is the point I was trying to make.
QR codes have a pretty limited capacity but I have been experimenting with animated QR codes (like a flipbook of codes) for passing larger amounts of data.
I use an old e-book that has a built in "slideshow" function for all the photos in a directory - currently am only using it with my offline computer (to move new addresses to the online computer) but am thinking of buying another one for the online computer (as they are dirt cheap devices).
USBs carrying viruses has been known.
Burn CDs from offline wallets to move private keys for spending.
Burn CDs from offline wallets to move private keys for spending.
The offline computer wouldn't trust the online computer. The online computer is simply used for blockchain data and to broadcast the offline signed transaction.
Exactly - I use QR codes for the CIYAM Safe and it does feel a lot safer to be completely "air-gapped".
I have always thought using webcam and qr codes an ultra-paranoid way of airgapping.
QR codes have a pretty limited capacity but I have been experimenting with animated QR codes (like a flipbook of codes) for passing larger amounts of data.
QR codes have a pretty limited capacity but I have been experimenting with animated QR codes (like a flipbook of codes) for passing larger amounts of data.
You mean for offline transactions (e.g. Armory)? While it would be a nice feature, it feels more like security by obscurity. Nothing prevents an adversary to manipulate the sent QR codes, if the online computer is compromised.
The offline computer wouldn't trust the online computer. The online computer is simply used for blockchain data and to broadcast the offline signed transaction.
Wow BIOS
NO ONE Edit
Brilliant
But seems almost April fools like on Halloween XD
Then again if it is real this is interesting no known defense but computer silence
NO ONE Edit
Brilliant
But seems almost April fools like on Halloween XD
Then again if it is real this is interesting no known defense but computer silence
I have always thought using webcam and qr codes an ultra-paranoid way of airgapping.
QR codes have a pretty limited capacity but I have been experimenting with animated QR codes (like a flipbook of codes) for passing larger amounts of data.
QR codes have a pretty limited capacity but I have been experimenting with animated QR codes (like a flipbook of codes) for passing larger amounts of data.
You mean for offline transactions (e.g. Armory)? While it would be a nice feature, it feels more like security by obscurity. Nothing prevents an adversary to manipulate the sent QR codes, if the online computer is compromised.
I have always thought using webcam and qr codes an ultra-paranoid way of airgapping.
QR codes have a pretty limited capacity but I have been experimenting with animated QR codes (like a flipbook of codes) for passing larger amounts of data.
QR codes have a pretty limited capacity but I have been experimenting with animated QR codes (like a flipbook of codes) for passing larger amounts of data.
Rumor has it properly disinfecting the usb port helps prevent spread!
Jokes aside, there is a difference to what is theoretically could be possible, and what really is.
Jokes aside, there is a difference to what is theoretically could be possible, and what really is.
Jump to: