Author

Topic: cold storage n cross plataform malware (Read 669 times)

legendary
Activity: 1946
Merit: 1137
August 25, 2016, 12:55:59 AM
#17
when you are using a cold storage like installed Electrum on a live linux on your USB disk with persistence , as long as it remains cold (never connect to internet by disabling network connection or disconnecting your network cable) there is no way of contamination of that linux unless you deliberately install an additional program on it and you manually move a malicious software to it.

I think the point of this thread is to debate that.  Your comment is of course 100% accurate Herbert2020 as stated, but the story doesn't end there.  In a sense we are debating whether or not introduction of a "virus/malware" can happen when at some point in the future your COLD wallet is used to sign a transaction for a hot wallet.  When a signature is needed the unsigned transaction is brought from the hot wallet to the cold for authentication. 

you can create the transaction in a textbox and transfer it to another device, it can be your hard drive or another USB or it can be in form of QR code which you scan with your phone without transferring anything physically.

Quote
If a malware is nefarious in RAM (presented by usb stick)

when you start your system up, there is nothing in the RAM, it is fresh and nothing ever remains inside of it.

Quote
or if it makes it to the OS is immaterial to my line of thinking.

the question is if this is even possible and how?

Quote
Your cold wallet computer doesn't need to have an internet connection because the nefarious "cootie" would be on the USB stick coming from the hot wallet, if in fact we have an issue.

then it is up to you to keep the USB safe, and as far as i know if you boot up with the USB on an infected computer as long as you don't go to the directory of the virus and manually run it, it will not run itself so you will not infect your USB.

also as for transfer directly with your USB if you don't want to use QR code,... try this out:
1) boot up in a linux OS using DVD or any other method.
2) format your USB and create two partitions on it one with linux (windows can not detect this) format and one with NTFS/FAT (windows detectable)
3) install linux on the linux partition and use that for installing Electrum and other stuff
4) use the windows partition (NTFS or FAT) to transfer the tx
* your windows which is online is unable to detect the other partition (the partition with Linux OS and Electrum) unless you do some extremely advanced stuff which i am not getting into here
hero member
Activity: 761
Merit: 606
August 22, 2016, 03:15:05 PM
#16
when you are using a cold storage like installed Electrum on a live linux on your USB disk with persistence , as long as it remains cold (never connect to internet by disabling network connection or disconnecting your network cable) there is no way of contamination of that linux unless you deliberately install an additional program on it and you manually move a malicious software to it.

I think the point of this thread is to debate that.  Your comment is of course 100% accurate Herbert2020 as stated, but the story doesn't end there.  In a sense we are debating whether or not introduction of a "virus/malware" can happen when at some point in the future your COLD wallet is used to sign a transaction for a hot wallet.  When a signature is needed the unsigned transaction is brought from the hot wallet to the cold for authentication.  If a malware is nefarious in RAM (presented by usb stick) or if it makes it to the OS is immaterial to my line of thinking.  Your cold wallet computer doesn't need to have an internet connection because the nefarious "cootie" would be on the USB stick coming from the hot wallet, if in fact we have an issue.  I feel pretty safe about a USB, if used with pure linux in both computers, and with auto run OFF.  I still feel just a bit better with a Trezor.  I like the concept of NO computer ever for any reason seeing the private keys to a wallet.  I still continue to read every link I can find as I do a genuine search for a "real world" example of a BTC transaction getting hijacked via USB as addressed in this thread.
legendary
Activity: 1946
Merit: 1137
August 18, 2016, 08:40:31 AM
#15
when you are using a cold storage like installed Electrum on a live linux on your USB disk with persistence , as long as it remains cold (never connect to internet by disabling network connection or disconnecting your network cable) there is no way of contamination of that linux unless you deliberately install an additional program on it and you manually move a malicious software to it.
hero member
Activity: 761
Merit: 606
August 17, 2016, 02:06:23 PM
#14
Do you have a workable setup using linux with QR code? If so, if you can give some directions because lack of info about a working/known solution.

Just use qrencode, simple and effective. Links: 1, 2

I remember reading long and hard about this subject when I was using Electrum on two computers with USB cold storage signatures.  I was mostly reading about Linux 100% on both computers.  Configured without auto-start for USB's a solid Linux setup to my knowledge has never been "tagged" by malware.  Bitcoin use via USB implementation as described in this thread seems pretty safe.  I hope someone will point out a direct link to any article confirming such an attack has taken place in the "wild" with a BTC loser and transaction cited.

I was using a VM on my "hot wallet" debian computer that was only operational during btc activities.  Seemed to make sense to isolate BTC activities from daily workspace, which is where most if any malware jumps on board a computer.  Electrum is a great product and its so simple to use.

There are known exploits that work via USB. However, I can't link any to Bitcoin. I don't take risks with USB's, however...

What do you think use two different kind of linux for cold n watch-only?
Would have any benefit regard malware efficiency cross plataform?
As there is no practical solutions besides using usb sticks would be nice to make it harder for malwares n keep benefiting electrum asy to use cold storage.

doubt there is any difference since all linux distros are based on the same linux kernel. and also as long as you are keeping things in cold storage there shouldn't be any problems.

when you boot from the USB you shouldn't mount anything, shouldn't have network,...

Do you have a workable setup using linux with QR code? If so, if you can give some directions because lack of info about a working/known solution.

read the topic unamis76 posted above: https://bitcointalksearch.org/topic/lets-get-this-usb-stick-malware-risk-straightened-out-once-and-for-all-1166021
there is a solution posted there by CIYAM, although i haven't a single clue how it works but i am looking into it!
you may want to ask the Author himself.

Cannot find anything regard ciyam+electrum........ in electrum github there is open issue regards electrum+zbar



I don't think that the product CIYAM refers to exists/is released.


I couldn't find any USB links specifically to BTC either.  My wallet(s) contain enough coins that 100 bucks for a quality hardware wallet makes sense.  I still research and love to code so I am following Electrum over at GitHub.  Just now I don't worry about my private keys getting snatched.
legendary
Activity: 1512
Merit: 1012
August 17, 2016, 12:57:41 PM
#13
do you face any issues with size limits of qrcodes for transactions or everything goes fine? Thanks Unamis, will dig into it.

Yes, I do. Sometimes my camera doesn't have enough definition to capture a big QR Code and I eventually have to scan 2 or 3.


Fair point, I didn't check. Remembered reading on this quite a long time ago, guess I have to update myself Cheesy
hero member
Activity: 675
Merit: 504
August 17, 2016, 12:57:26 AM
#12
If you're so afraid of malware, you can always use a live distro like tails... It has many checks to guarantee the OS is unmodified, so you're pretty much completely sure the live distro is secure.
You can run electrum from a live tails distro to do your signing on an offline machine.

That being said: as long as you check the signature of electrum before you install it on an offline machine to create a cold wallet, i think you're pretty safe anyways. The only thing that goes to and from the offline pc is a textfile with an unsigned/signed transaction.

An other option might be a good hardware wallet? That way the signing of the transaction happens with a hardware key.
legendary
Activity: 1042
Merit: 2805
Bitcoin and C♯ Enthusiast
August 17, 2016, 12:43:29 AM
#11
##
Cannot find anything regard ciyam+electrum........ in electrum github there is open issue regards electrum+zbar

CIYAM has nothing to do with electrum project, but electrum is an open source thing and anybody can use it to modify and add other functionality.

anyways in your question you asked about linux and using QR code and i told you about that, read that topic for more information and here is the direct link to the opensuse project: https://susestudio.com/a/kp8B3G/ciyam-safe
Do you have a workable setup using linux with QR code? If so, if you can give some directions because lack of info about a working/known solution.


##
I don't think that the product CIYAM refers to exists/is released.
did you even read that topic Huh  Cheesy
https://susestudio.com/a/kp8B3G/ciyam-safe
https://github.com/ciyam/safe
https://bitcointalksearch.org/topic/ann-ciyam-safe-offline-txs-using-qr-codes-for-comms-134833
full member
Activity: 138
Merit: 101
August 16, 2016, 08:14:10 PM
#10
do you face any issues with size limits of qrcodes for transactions or everything goes fine? Thanks Unamis, will dig into it.
legendary
Activity: 1512
Merit: 1012
August 16, 2016, 07:44:27 PM
#9
Do you have a workable setup using linux with QR code? If so, if you can give some directions because lack of info about a working/known solution.

Just use qrencode, simple and effective. Links: 1, 2

I remember reading long and hard about this subject when I was using Electrum on two computers with USB cold storage signatures.  I was mostly reading about Linux 100% on both computers.  Configured without auto-start for USB's a solid Linux setup to my knowledge has never been "tagged" by malware.  Bitcoin use via USB implementation as described in this thread seems pretty safe.  I hope someone will point out a direct link to any article confirming such an attack has taken place in the "wild" with a BTC loser and transaction cited.

I was using a VM on my "hot wallet" debian computer that was only operational during btc activities.  Seemed to make sense to isolate BTC activities from daily workspace, which is where most if any malware jumps on board a computer.  Electrum is a great product and its so simple to use.

There are known exploits that work via USB. However, I can't link any to Bitcoin. I don't take risks with USB's, however...

What do you think use two different kind of linux for cold n watch-only?
Would have any benefit regard malware efficiency cross plataform?
As there is no practical solutions besides using usb sticks would be nice to make it harder for malwares n keep benefiting electrum asy to use cold storage.

doubt there is any difference since all linux distros are based on the same linux kernel. and also as long as you are keeping things in cold storage there shouldn't be any problems.

when you boot from the USB you shouldn't mount anything, shouldn't have network,...

Do you have a workable setup using linux with QR code? If so, if you can give some directions because lack of info about a working/known solution.

read the topic unamis76 posted above: https://bitcointalksearch.org/topic/lets-get-this-usb-stick-malware-risk-straightened-out-once-and-for-all-1166021
there is a solution posted there by CIYAM, although i haven't a single clue how it works but i am looking into it!
you may want to ask the Author himself.

Cannot find anything regard ciyam+electrum........ in electrum github there is open issue regards electrum+zbar



I don't think that the product CIYAM refers to exists/is released.
full member
Activity: 138
Merit: 101
August 16, 2016, 03:42:55 PM
#8
What do you think use two different kind of linux for cold n watch-only?
Would have any benefit regard malware efficiency cross plataform?
As there is no practical solutions besides using usb sticks would be nice to make it harder for malwares n keep benefiting electrum asy to use cold storage.

doubt there is any difference since all linux distros are based on the same linux kernel. and also as long as you are keeping things in cold storage there shouldn't be any problems.

when you boot from the USB you shouldn't mount anything, shouldn't have network,...

Do you have a workable setup using linux with QR code? If so, if you can give some directions because lack of info about a working/known solution.

read the topic unamis76 posted above: https://bitcointalksearch.org/topic/lets-get-this-usb-stick-malware-risk-straightened-out-once-and-for-all-1166021
there is a solution posted there by CIYAM, although i haven't a single clue how it works but i am looking into it!
you may want to ask the Author himself.

Cannot find anything regard ciyam+electrum........ in electrum github there is open issue regards electrum+zbar

hero member
Activity: 761
Merit: 606
August 16, 2016, 02:37:16 PM
#7
I remember reading long and hard about this subject when I was using Electrum on two computers with USB cold storage signatures.  I was mostly reading about Linux 100% on both computers.  Configured without auto-start for USB's a solid Linux setup to my knowledge has never been "tagged" by malware.  Bitcoin use via USB implementation as described in this thread seems pretty safe.  I hope someone will point out a direct link to any article confirming such an attack has taken place in the "wild" with a BTC loser and transaction cited.

I was using a VM on my "hot wallet" debian computer that was only operational during btc activities.  Seemed to make sense to isolate BTC activities from daily workspace, which is where most if any malware jumps on board a computer.  Electrum is a great product and its so simple to use.
legendary
Activity: 1042
Merit: 2805
Bitcoin and C♯ Enthusiast
August 16, 2016, 11:43:36 AM
#6
What do you think use two different kind of linux for cold n watch-only?
Would have any benefit regard malware efficiency cross plataform?
As there is no practical solutions besides using usb sticks would be nice to make it harder for malwares n keep benefiting electrum asy to use cold storage.

doubt there is any difference since all linux distros are based on the same linux kernel. and also as long as you are keeping things in cold storage there shouldn't be any problems.

when you boot from the USB you shouldn't mount anything, shouldn't have network,...

Do you have a workable setup using linux with QR code? If so, if you can give some directions because lack of info about a working/known solution.

read the topic unamis76 posted above: https://bitcointalksearch.org/topic/lets-get-this-usb-stick-malware-risk-straightened-out-once-and-for-all-1166021
there is a solution posted there by CIYAM, although i haven't a single clue how it works but i am looking into it!
you may want to ask the Author himself.
full member
Activity: 138
Merit: 101
August 16, 2016, 12:22:57 AM
#5
Do you have a workable setup using linux with QR code? If so, if you can give some directions because lack of info about a working/known solution.
legendary
Activity: 1512
Merit: 1012
August 15, 2016, 05:15:52 PM
#4
Last time I tried, they didn't work properly on all platforms (I don't recall if I had issues on Windows or Linux...) but I honestly didn't try to make it work as I rely on a separate tool to make the codes.

USB sticks are deemed less safe. There have already been a few discussions about this on the forums, some quick findings: 1, 2, 3, 4
full member
Activity: 138
Merit: 101
August 15, 2016, 04:33:17 PM
#3
QR codes for signing transactions are working for electrum? I took a reading about n I saw issues..... so trying to take the best aproach using usb sticks...
legendary
Activity: 1512
Merit: 1012
August 15, 2016, 04:12:06 PM
#2
I don't think having two different distros will enhance your security.

There are solutions beyond usb sticks. Examples are QR Codes and audio transmissions.
full member
Activity: 138
Merit: 101
August 15, 2016, 04:08:32 PM
#1
Guys,

What do you think use two different kind of linux for cold n watch-only?

Would have any benefit regard malware efficiency cross plataform?

As there is no practical solutions besides using usb sticks would be nice to make it harder for malwares n keep benefiting electrum asy to use cold storage.
Jump to: