Bitcoin Forum>Bitcoin>Bitcoin Discussion
Pages:
Author

Topic: Does this still count? (Read 668 times)

o_e_l_e_o
legendary
Activity: 2268
Merit: 18711
Does this still count?
September 25, 2023, 09:40:45 AM
#56
Quote from: Fivestar4everMVP on September 22, 2023, 04:31:51 AM
I assumed it to be a hardware wallet or a cold bitcoin storage
What you have described is neither a hardware wallet nor cold storage. It is a hot wallet which you turned off for a few months, and is only marginally more secure than a hot wallet which is always on.


In terms of  the discussion about RDRAND and entropy sources, this is relevant:

Quote from: o_e_l_e_o on January 14, 2023, 08:41:25 AM
Most good wallets will be based on entropy directly from the OS and the computer's hardware. Bitcoin Core, as an example, draws entropy from /dev/urandom (which is from the OS, or the equivalent on non-Linux systems), RDSEED/RDRAND (which is from the processor), and a whole host of data from the computer itself, such as current resource usage, timestamps, kernel parameters, network data, version data, etc. All of this is then combined through a variety of techniques such as XORs and hashes, so if one source of entropy is weak or compromised then your final result should still be secure.

You can read more in the code here:
https://github.com/bitcoin/bitcoin/blob/master/src/random.h
https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp

And of course, if you really don't trust any of this and still think your entropy might be compromised, then as BHC says, just flip a coin.
Pmalek
legendary
Activity: 2730
Merit: 7065
Re: Does this still count?
September 23, 2023, 07:57:24 AM
#55
OK, so RDRAND definitely has a hand in the game. It's used to some extent, but because there are many other sources of entropy, even if it has insufficiently secure RNGs, it wouldn't be able to weaken the overall entropy to an alarming level. That's what I get from all this. It might be troublesome on its own, but when combined with better sources of entropy, it evens out. Maybe it's better to say it doesn't get noticed.   

I don't agree with Torvalds estimate in the last quote you posted. A weaker entropy source can't strengthen the overall security of a system despite being pooled together with better sources. 
BlackHatCoiner
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Re: Does this still count?
September 23, 2023, 04:41:35 AM
#54
Quote from: Pmalek on September 23, 2023, 03:38:29 AM
The first link you shared, says that Linux doesn't rely on RDRAND by default when it generates entropy.
According to Linus Torvalds, it doesn't rely entirely on RdRand. But /dev/random does make use of it.
Quote from: Pmalek on September 23, 2023, 03:38:29 AM
I guess it's harder to know its full impact on the close-source Windows.
We don't know with certainty: https://security.stackexchange.com/questions/195515/is-rdrand-used-in-a-safe-way-by-windows-10
Pmalek
legendary
Activity: 2730
Merit: 7065
Re: Does this still count?
September 23, 2023, 03:38:29 AM
#53
Quote from: BlackHatCoiner on September 23, 2023, 02:47:48 AM
The first link you shared, says that Linux doesn't rely on RDRAND by default when it generates entropy. I guess it's harder to know its full impact on the close-source Windows. So, the biggest danger would be waking the computer up from sleep mode/hibernate and then attempting to generate a secure-enough seed. Affected CPUs wouldn't generate enough randomness.
BlackHatCoiner
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Re: Does this still count?
September 23, 2023, 02:47:48 AM
#52
Quote from: Pmalek on September 22, 2023, 01:04:54 PM
I understand what you are saying. But considering how big of a market share AMD and Intel chips have, and if it was a widespread backdooring problem, I think we would have too many complaints not to understand that something is seriously wrong.
There have been bug reports regarding RDRAND, which were noticed in some minority of processors.

- https://www.techpowerup.com/255294/some-amd-processors-have-a-hardware-rng-bug-losing-randomness-after-suspend-resume
- https://arstechnica.com/gadgets/2019/10/how-a-months-old-amd-microcode-bug-destroyed-my-weekend/
- http://web.archive.org/web/20221117235141/https://linuxreviews.org/RDRAND_stops_returning_random_values_on_older_AMD_CPUs_after_suspend

As you can see, there have been instances of faulty behavior, and I'm sure you can find more if you dig up the space. I think it's possible for some hardware to be backdoored. (but not all)
Pmalek
legendary
Activity: 2730
Merit: 7065
Re: Does this still count?
September 23, 2023, 01:24:41 AM
#51
Quote from: Kakmakr on September 22, 2023, 01:11:07 PM
I do not think you have to go that far to protect your tokens, because most people store their coins in hardware wallets and they are Ok. I have some coins in hardware wallets and the long-term coins are stored on Paper Walets.. that I created with a air-gapped computer.
Don't you think it's a bit weird that you are suggesting it isn't necessary to go the extra mile in protecting your keys when you admitted that you used a similar airgapped system when you generated your paper wallets? I hope you did it properly, and that you used a completely airgapped system and not something that is semi-airgapped or a computer with its LAN cable disconnected during seed generation. You wouldn't want the keys for your long-term holding to be less secure than those created by the hardware wallet you are using.
suzanne5223
hero member
Activity: 2660
Merit: 651
Want top-notch marketing for your project, Hire me
Re: Does this still count?
September 22, 2023, 06:38:33 PM
#50
Quote from: Silberman on September 22, 2023, 03:47:25 PM
Quote from: Kakmakr on September 22, 2023, 01:11:07 PM
I do not think you have to go that far to protect your tokens, because most people store their coins in hardware wallets and they are Ok. I have some coins in hardware wallets and the long-term coins are stored on Paper Walets.. that I created with a air-gapped computer.

If you are very paranoid, you can buy a cheap second hand computer and you can create those paper wallets with the computer not connected to the Internet and then you can destroy it. (So if some Malware were storing information and waiting for it to connect, before it send the information.. then you can prevent that)  Wink
While it is true that it may not necessary to go that far to secure our coins, this is also a way to have peace of mind and tranquility, after all we hear stories every day of people losing their coins to hackers and scammers, so if this helps the OP to be more at ease knowing their coins are as secure as they could be then this is something they must do, otherwise they will always be worried about the possibility of losing their coins and that is not really a healthy way of living.
I think there's nothing bad in going extra for the sake of securing our cryptocurrency holding but in the case of the OP, I believe he needs to format the old computer since it's a computer that was once connected to the internet long ago cause when we talk about airgap we're talking about wallet that's not connected to the internet.
@Kakmakr I hope you set up transaction notifications for the paper wallet cause we have a situation where some people think they created their paper wallet on Airgap computer but it's the other way around.
Silberman
legendary
Activity: 2534
Merit: 1338
Re: Does this still count?
September 22, 2023, 03:47:25 PM
#49
Quote from: Kakmakr on September 22, 2023, 01:11:07 PM
I do not think you have to go that far to protect your tokens, because most people store their coins in hardware wallets and they are Ok. I have some coins in hardware wallets and the long-term coins are stored on Paper Walets.. that I created with a air-gapped computer.

If you are very paranoid, you can buy a cheap second hand computer and you can create those paper wallets with the computer not connected to the Internet and then you can destroy it. (So if some Malware were storing information and waiting for it to connect, before it send the information.. then you can prevent that)  Wink
While it is true that it may not necessary to go that far to secure our coins, this is also a way to have peace of mind and tranquility, after all we hear stories every day of people losing their coins to hackers and scammers, so if this helps the OP to be more at ease knowing their coins are as secure as they could be then this is something they must do, otherwise they will always be worried about the possibility of losing their coins and that is not really a healthy way of living.
Kakmakr
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
Re: Does this still count?
September 22, 2023, 01:11:07 PM
#48
I do not think you have to go that far to protect your tokens, because most people store their coins in hardware wallets and they are Ok. I have some coins in hardware wallets and the long-term coins are stored on Paper Walets.. that I created with a air-gapped computer.

If you are very paranoid, you can buy a cheap second hand computer and you can create those paper wallets with the computer not connected to the Internet and then you can destroy it. (So if some Malware were storing information and waiting for it to connect, before it send the information.. then you can prevent that)  Wink
Pmalek
legendary
Activity: 2730
Merit: 7065
Re: Does this still count?
September 22, 2023, 01:04:54 PM
#47
Quote from: BlackHatCoiner on September 22, 2023, 10:48:25 AM
I have never heard of a case where someone lost bitcoin because of backdoored RNG, but just as we can't verify it's generating true randomness, we can't complain they're stealing bitcoin either. I mean, think about it. You wake up the next morning, and your wallet is emptied. What do you do? You tell a journalist that AMD and Intel insert backdoors? With what evidence?
I understand what you are saying. But considering how big of a market share AMD and Intel chips have, and if it was a widespread backdooring problem, I think we would have too many complaints not to understand that something is seriously wrong. Especially if governments have a way to meddle and apply blows to Bitcoin that they hate. It would be a great way for them to attack Bitcoin and then spread FUD how unsafe and a big scam it is. They wouldn't be able to restrain themselves.
BlackHatCoiner
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Re: Does this still count?
September 22, 2023, 10:48:25 AM
#46
Quote from: Fivestar4everMVP on September 22, 2023, 04:31:51 AM
[...]
You shouldn't be using a mobile phone as your main Bitcoin wallet. Here's why: https://bitcointalksearch.org/topic/m.62732682

Quote from: Pmalek on September 22, 2023, 10:30:37 AM
Regarding Intel and AMD chips, their RNGs aren't being used to generate the entropy, right?
They are. When you request from your computer to generate a random number, it utilizes RDRAND, which varies slightly as instruction from Intel to AMD. It's basically the same functionality. From the link, you can read the "Reception" part to confirm that engineers can insert backdoors there.

Quote from: Pmalek on September 22, 2023, 10:30:37 AM
When you say that Intel and AMD's RNGs can't be verified, I doubt it's weak and affects seed generation. Otherwise, almost all wallets generated on such chips wouldn't be secure, and we would have many complaints and reports of mysteriously lost coins.
I have never heard of a case where someone lost bitcoin because of backdoored RNG, but just as we can't verify it's generating true randomness, we can't complain they're stealing bitcoin either. I mean, think about it. You wake up the next morning, and your wallet is emptied. What do you do? You tell a journalist that AMD and Intel insert backdoors? With what evidence?

I neither believe they're doing it as it isn't worth the risk, but why worrying for being one in the million customers who bought the backdoored hardware? Just flip a coin and sleep easy.
Pmalek
legendary
Activity: 2730
Merit: 7065
Re: Does this still count?
September 22, 2023, 10:30:37 AM
#45
Quote from: BlackHatCoiner on September 22, 2023, 03:43:24 AM
If only it was that simple. If you make a quick search, you will notice that even from experts in the field, there's a moment of doubt when it comes to verifying that the RNG is true. Intel and AMD chips come with an RNG that is impossible to verify completely as far as I'm concerned. You cannot distinguish a pseudo-RNG from a true RNG, because you cannot detect if there is a function that deems deterministic the number generation.
Regarding Intel and AMD chips, their RNGs aren't being used to generate the entropy, right? I mean, if I am creating a seed for a software wallet on my computer, I will be using the entropy of my OS, regardless if on Linux or Windows. And if I am working with a hardware wallet, they have their own RNGs inside the device.

When you say that Intel and AMD's RNGs can't be verified, I doubt it's weak and affects seed generation. Otherwise, almost all wallets generated on such chips wouldn't be secure, and we would have many complaints and reports of mysteriously lost coins.
Fivestar4everMVP
legendary
Activity: 2422
Merit: 1083
Leading Crypto Sports Betting & Casino Platform
Re: Does this still count?
September 22, 2023, 04:31:51 AM
#44
Well, I have never done or tried such on a pc though, but I've done something similar on a mobile phone, like' I bought a small android device for this purpose alone, I turned it on, installed a sim and connected to the internet, downloaded mycelium bitcoin wallet, moved most of my bitcoin in there, and after the transaction was confirmed and I was sure of it, I went into my settings, located the network setting and deleted the internet configuration, and immediately, I was disconnected from the internet even with sim card installed and data connection turned on, I then turned the phone off, remove the battery as well as the Sim card, and kept the phone some safe.

I assumed it to be a hardware wallet or a cold bitcoin storage, i left it like that for over eight(Cool months before I decide to turn the phone back on, Installed the Sim and requested a new internet configuration from my service provider which was sent immediately, I install it and was able to connect to the internet again, open mycelium wallet and my bitcoins were sitting right there waiting for me.

ABCbits
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
Re: Does this still count?
September 22, 2023, 04:09:44 AM
#43
Quote from: SamReomo on September 21, 2023, 10:23:38 AM
Quote from: ?? on ??
I get your point, but
1. AFAIK any OS disable bluetooth by default.
That's true most of the Operating System disable default Bluetooth by default but sometimes the users enable it and don't really care much about it because of the short range it has. Some people enable to it connect Bluetooth speakers and headphones and don't really care much about security when it comes to Bluetooth connection and that's can make things easier for hackers.

Quote from: ?? on ??
2. Bluetooth if OP already uninstall all network driver.
The same answer here as well like most people don't really care much about Bluetooth when it comes to security and they may not disable it only to connect some Bluetooth enabled devices.

That doesn't apply for OP though since he has some security awareness and plan to use his PC only to manage his Bitcoin. As for people who don't care about security/bluetooth is likely to be connected to internet all the time anyway.

Quote from: Pmalek on September 21, 2023, 01:17:07 PM
For instance, do we know which hardware and software are always good sources of entropy and which aren't?

It's easy to know bad entropy source, such as current time. But even source of entropy which usually deemed good/secure can't be always good/reliable. For example, /dev/urandom output used to be predictable for about a minute on embedded device[1].

[1] https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final228.pdf
BlackHatCoiner
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Re: Does this still count?
September 22, 2023, 03:43:24 AM
#42
Quote from: Pmalek on September 21, 2023, 01:17:07 PM
I have always wondered what can affect the RNG and generating keys with enough entropy? For instance, do we know which hardware and software are always good sources of entropy and which aren't?
If only it was that simple. If you make a quick search, you will notice that even from experts in the field, there's a moment of doubt when it comes to verifying that the RNG is true. Intel and AMD chips come with an RNG that is impossible to verify completely as far as I'm concerned. You cannot distinguish a pseudo-RNG from a true RNG, because you cannot detect if there is a function that deems deterministic the number generation.

When it comes to software, /dev/urandom and /dev/random are good sources, as for hardware there has been development, but if you merely want to run a Bitcoin wallet in an air-gapped device, then you don't need hardware for that purpose. Just roll a dice or flip a coin. It is trivial and completely verifiable.
satscraper
hero member
Activity: 714
Merit: 1298
Re: Does this still count?
September 22, 2023, 02:54:11 AM
#41
Quote from: Pmalek on September 21, 2023, 01:17:07 PM
Quote from: BlackHatCoiner on September 21, 2023, 11:06:51 AM
Depends on your setup. If you're using an air-gapped device that makes no use of random number generation, then the attacker can't take advantage of it to sign with insecure k-values (as an example). Transactions are signed using the RFC 6979 which doesn't generate random k-values. You would also need to use dice or coin to generate the entropy of your wallet. In that case, and by assuming the OS does not hide any backdoors for the specific type of wallet software you will use, then it's safe to assume you'll be fine.
I have always wondered what can affect the RNG and generating keys with enough entropy? For instance, do we know which hardware and software are always good sources of entropy and which aren't? Is there a list of models and versions that are specially good or bad? Also, can a good source of entropy suddenly go "bad" and generate insufficient entropy due to hardware defects or software misconfiguration?

I never gave it much thought.

These  are  very intriguing questions which appeal to the imagination of many learners  in the field. NIST has developed the software set  that  "provides a standardized means of estimating the quality of a source of entropy." and almost each year organizes numerous workshops on this matter where you can find some answers. I would focused on     Random Bit Generation Workshop series and Entropy Source Validation Workshop, Just go to NIST site and search.

Ale88
legendary
Activity: 2576
Merit: 2880
Catalog Websites
Re: Does this still count?
September 21, 2023, 10:01:41 PM
#40
Quote from: Mia Chloe on September 18, 2023, 05:42:08 AM
And will it be possible for an hacker to install those drivers remotely?
If you connect your computer to the internet everything is possible, if you leave it offline then no, that would be impossible, unless somehow they have physical access to your device, that means entering your house, and unless you own a fortune and someone knows about that, I would say it's an extremely remote possibility.
Pmalek
legendary
Activity: 2730
Merit: 7065
Re: Does this still count?
September 21, 2023, 01:17:07 PM
#39
Quote from: BlackHatCoiner on September 21, 2023, 11:06:51 AM
Depends on your setup. If you're using an air-gapped device that makes no use of random number generation, then the attacker can't take advantage of it to sign with insecure k-values (as an example). Transactions are signed using the RFC 6979 which doesn't generate random k-values. You would also need to use dice or coin to generate the entropy of your wallet. In that case, and by assuming the OS does not hide any backdoors for the specific type of wallet software you will use, then it's safe to assume you'll be fine.
I have always wondered what can affect the RNG and generating keys with enough entropy? For instance, do we know which hardware and software are always good sources of entropy and which aren't? Is there a list of models and versions that are specially good or bad? Also, can a good source of entropy suddenly go "bad" and generate insufficient entropy due to hardware defects or software misconfiguration?

I never gave it much thought.
BlackHatCoiner
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Re: Does this still count?
September 21, 2023, 11:06:51 AM
#38
Quote from: Pmalek on September 21, 2023, 10:56:21 AM
Even if there is a vulnerability, there is no way to steal and send that data to wherever it's supposed to go without networking.
Depends on your setup. If you're using an air-gapped device that makes no use of random number generation, then the attacker can't take advantage of it to sign with insecure k-values (as an example). Transactions are signed using the RFC 6979 which doesn't generate random k-values. You would also need to use dice or coin to generate the entropy of your wallet. In that case, and by assuming the OS does not hide any backdoors for the specific type of wallet software you will use, then it's safe to assume you'll be fine.

Quote from: Pmalek on September 21, 2023, 10:56:21 AM
If you connect USB devices to it to transfer PSBTs, I doubt a malware can be that good to transfer your data to the USB device and then wait for you to connect it to an online machine to transfer the information over the internet.
It sounds pretty difficult to bypass all those linux protection mechanisms, and install a program which will do that, but if you don't do it you will be 100% you cannot fall victim for that either.
KiaKia
sr. member
Activity: 728
Merit: 388
Vave.com - Crypto Casino
Re: Does this still count?
September 21, 2023, 11:01:57 AM
#37
Access and Authorization is what many aren't careful of when running a PC, either old or new you must be careful what you give an access to, there is no way a hacker can hijack your PC without you been the one that authorise that access in the first place, they must have lure you someone, either through Trojans when you are busy downloading torrent files or some kind of malware when you click on a bad link.

It's almost the same with crypto wallet, most simple hacks I've seen happens when the users try to claim what is not theirs, today I already have countless of fake NFT in my wallet, the scammers are hoping I claim the free offer which isn't mine.

Either Bluetooth or other, you are the one that gives access to the hackers to get your files or tale control of your hardware, I would prefer to buy a hardware wallet instead, an open source hardware wallet though, but if you insist on running wallet on PC, find a separate hard disk and run Linux OS on it, keep your wallets on this OS and never ever use this OS to surf the web or do anything else.
Pages:
Bitcoin Forum>Bitcoin>Bitcoin Discussion
Jump to: