Topic: [ESHOP launched] Trezor: Bitcoin hardware wallet - page 262. (Read 966173 times)

How about we reduce the "talking" between the wallet and the computer as much as possible?

The same problem is/was with electronic banking and tan(-passwords). It is now solved via a small device which signs a transaction (via your banking card, which you put in). The bankingsoftware/bankpage produces a challenge. It comes as a "flicker code", which the device reads in directly from the screen. You see the transfer details on the devices' screen to verify. The device then "signs" the "transaction" and shows a generated tan on its screen. You type the tan into your software/page.

The software easily finds out if anything was altered, because then the generated tan doesn't match, and/or the info on your (infected) computer and on the devices' screen don't match.

I love that thing! Quick, easy, and pretty cheap hardware - five photodiodes and some software.

https://upload.wikimedia.org/wikipedia/commons/d/dc/ChipTan_comfort.gif
https://upload.wikimedia.org/wikipedia/commons/f/fa/SmartTAN_optic-Gadget.jpg
https://www.youtube.com/watch?v=U7PnC1S-j4I

Yes, we have a slightly different setup here. Maybe some nifty idea comes out of this?

Ente

Hm, I just checked this and you're correct, Win7 ask for the action. At least we can hope that average user won't run malicious code from the token by accident :-).

Yup
Actually I think even my XP machine does this (although I might have turned autorun off in the registry anyway).

Is autorun still on by default on some machines?

Since upgrading from XP to Win7 I notice that autorun is no longer on by default. Inserting a disk or drive with autorun will bring up the box that asks you what you want to do (browse files, run autorun, etc) but does not launch anything without your command.

Regards to my previous post, users should even refuse offers like "bitcoin token with USB mouse as a free gift" ;-).

It can be turned off, it can be bypassed by the Shift key (afaik), but tell me who is doing this. My mum even don't know there's autorun possibility :-/.

Although we're targeting to common users which are using potentially compromited machines, using hacked token definitely *is* a problem. Distributor can expect that somebody who's buying bitcoin wallet will handle significant bitcoin amounts on that machine. Using trusted distributor is definitely the only way to go.

I'm not a windows user, but can't one just turn this off completely?

Is it still the case that if you hold down the shift key whilst plugging in a USB that no autorun stuff will occur (in Windows)?

I've been thinking about such boxes after I've been hacked on Linode. It may be standard computer with minimal linux distro and custom software with extremely limited interface to the rest of the world and with possibility to define own rulesets will make attacks much harder. At this stage we're working on standard wallet which hopefully fit needs of the most users, but later we can think about other related projects as well...

Yes, this may be possible issue. Malicious distributor can buy few devices, make alternative PCB, use modified firmware and pack it with "official" casings. There's just a small chance that customers will notice the difference. Buying the device from trusted distributor would be better choice than ordering it from random guy on Silk Road.

Technically this is not a big problem as device itself cannot communicate with the world on its own. So as far as user will connect that hacked stick into official release of Bitcoin wallet (Electrum, Multibit), the chance of a theft is minimal (as far as official clients will cross check signed transaction if it has not been modified by the stick itself).

By the way, there has been successful hacks with modified USB mouses (given to company employees as a gift). Mouse acting as mass device with autorun file and 90% of Windows users are screwed. This is a problem of "universal serial bus", unfortunately using USB is the only reasonable choice if we target to common users.

That's also the reason why we're building Raspberry Pi shield for hardcore geeks; it is much easier to recompile everything from sources to be sure there isn't any malicious code.

Great project!
It doesn't matter much if it'll be ellet, bitcoincard or 'popsicle', but we surely can use a tiny, secure, easy [cheap? choose three out of four] Bitcoin wallet for the average user! At least as an alternative to smartphone wallets, which I won't fully trust ever.

I had similar plans, for a Bitcoin "vault". It was more aimed at companies, for automatic tx signing. With focus on hardware security (IDS, heartbeat, key purging etc). Heavy use of PKI. With a custom ruleset for automatic signing, manual approval and selfdestruction.
I didn't work on it lately, the current state is a concept on paper.

Interested in a "corporate version"? I bet a lot of the hardware and software could be used for both!

Ente

How can we be sure that some reseller isn't slipping us a modified version and what could he potentially do with that approach?

I understand that the hardware itself may be very useful for other applications as well. So for now I see this quite possible. However, as you said, the casing should be modified somehow, so it won't look like official product.

I'll buy quite a few if you sell a version in which the reprogramming fuse has not been blown out.  I need a device like this for GPG signing and other non-Bitcoin cryptography.

Feel free to charge more for the reprogrammable version and emblazon it with a "firmware not certified by manufacturer"; I'm sure those of us who want this don't mind.

This is the kind of attitude that really is great to see. 

Would have been nice if you made a post a few weeks ago.

I'm a few weeks away from having an actual PCB!
Do you have anyone working on a PCB?
Might as well group our efforts. Like you, it is meant to be open source.
We are all on the same team.

After reading this, I just thought of the name Popsicle

1) its slush (ice) on a stick
2) its a tiny device that connects to USB sticks
3) you get the cold storage connotation from the name

slush, stick: I think you got it exactly right

haha, well.. if one day bitcoin becomes as widely known as gold, you could certainly expect burglars to attempt to force people to give their bitcoins.
But yeah, there's quite some time until that happens.


Never mind, I hadn't yet read that it will not have a keyboard when I first wrote that.


Definitely. One step at a time.

Actually this solves (at least partially) the problem with wallet distribution. With easy option for reflashing the device, wallet distributor would modify the firmware and make there some backdoor quite easily... ...although the real attack would be still pretty difficult, as user would need to have also compromised machine which will misuse that modified token.


Both digital wallet and paper backup have different purpose. Having paper backup is the easiest way for disaster recovery for *all* people. More skilled people can choose how they store the "paper backup", if they store it just in envelope into their safe or if they underline these words in their favourite book in their home library, put it into encrypted file to Google docs, memorize it or so. Actually forcing people to do electronic backup is the limitation for many people. Having the easy possibility to export seed directly from the device and not over (potentially hacked) computer is bulletproof and far simplest to understand for everybody.


We're targeting to common users, not mafia.


As I said, displaying the seed on the device during the initialization is the most easier and flexible solution. Do whatever you want and whatever fits your needs with it. Actually "paper backup" or "mnemonic seed" is considered as the most safe way of storing bitcoins, so I'm a bit surprised that you're trying to said that it's not safe enough :-).


This is chicken and egg problem. If you already have secure machine, why do you need to export already encrypted backup to it? If this computer is not *so* secured, how you can put passphrase over it?


At this date, there have been many of successful hacker attacks (I personally lost 3100 BTC during that one), but not a single known issue of $5 wreck attack against bitcoin wallet owner. Let's do solve real issues and don't try to solve something what's not the real problem.


You cannot expect that other people are like you. No, young people don't backup more often than old people. I bet the exact oposite, from what I see around me.


This goes completely against the initial idea, to have simple, small and cheap device. And there's no major improvement while having physical keyboard on the device. Use it for encrypting the initial backup won't justify it...