Aha that's not a hacker, called a thief
Topic: hackers can steal data wirelessly from pcs that arent even online - page 2. (Read 3840 times)
November 20, 2014, 11:37:35 PM
Together with the entire computer were stolen?
Aha that's not a hacker, called a thief
Aha that's not a hacker, called a thief
November 20, 2014, 09:01:43 PM
but are there other ways to also disable graphics card to prevent the attack described here?
The article didn't say what kind of graphics card and cable would be most susceptible to being used as an FM transmitter to leak the data - VGA, DVI, HDMI, RGB? I am willing to bet that it only works reasonably well on one of these types of cables, and not so well on the others. So find out which one and use that cable. It would also be reasonable to assume that using a laptop computer or some other type of computing device that does not have a long video cable would greatly mitigate this kind of attack.
November 20, 2014, 08:47:11 PM
Anyone here want to buy a tin-foil hat? Made to measure. I accept bit-coin.
November 20, 2014, 08:40:32 PM
You realize that only works if someone has PHYSICAL access to the device with the cold storage? With physical access, it's easier for a thief to steal the wallet file, regardless if it had internet or not.
Cracking the password to the wallet is another story.
Right. If a hacker had physical access then they might as well make a copy of the hard drive and/or outright steal your computer in an attempt to steal your wallet files. This would make more sense then going through the hassle of taking data wirelessly as I would imagine that many people would tend to have somewhat easy to crack passwords on computers that hold cold storage wallets Cracking the password to the wallet is another story.
November 20, 2014, 07:04:25 PM
This hack needs a virus, a receiver/transmitter near the video cable and a phone to download. If a hacker has so much access to the target machine, it is easier for him to actually steal the data when he plugs the usb drive in the computer.
I was expecting something like the "wirelessly steal data device" from Prison Break season 4
I was expecting something like the "wirelessly steal data device" from Prison Break season 4
November 20, 2014, 02:02:05 PM
Does this include the following?
- Reading some words/digits in the online computer.
- Walking to the airgapped one.
- Manually typing the memorized words/digits on the keyboard.
It's effectively a data transfer but the bad guys would have a really hard time trying to compromise the airgap through it. Of course it's inconvenient as hell but we all know that's the price you pay for security
.
I guess you might get away with that... - Reading some words/digits in the online computer.
- Walking to the airgapped one.
- Manually typing the memorized words/digits on the keyboard.
It's effectively a data transfer but the bad guys would have a really hard time trying to compromise the airgap through it. Of course it's inconvenient as hell but we all know that's the price you pay for security
.
But I don't think the risk is quite zero. Probably minuscule enough though.
November 20, 2014, 09:19:06 AM
November 20, 2014, 09:13:21 AM
brain scans can infer thoughts from nerve activity required to talk.
Ouch. Could you give some reference to this?
November 20, 2014, 09:02:54 AM
And practise thinking in an unspoken language, now that brain scans can infer thoughts from nerve activity required to talk.
November 20, 2014, 08:59:28 AM
The only safe machine for cold storage is an Altair
That and your brain. A key to an address is just information after all. November 20, 2014, 08:44:05 AM
The only safe machine for cold storage is an Altair, where you hand toggle the wallet program and keys in on the front panel. 
And never use a VDU with it, makes it harder to Van Eck.
And always do 3 pulses with a flashgun into each eye before you leave the secure area, just in case retina forensics can recover recently seen things.
And never use a VDU with it, makes it harder to Van Eck.
And always do 3 pulses with a flashgun into each eye before you leave the secure area, just in case retina forensics can recover recently seen things.
November 20, 2014, 08:26:12 AM
It's why using a USB stick to ferry data/transactions between your hot and cold machines is really a breach of the air-gap.
Agreed, but:
Any transfer of data is.
Does this include the following?
- Reading some words/digits in the online computer.
- Walking to the airgapped one.
- Manually typing the memorized words/digits on the keyboard.
It's effectively a data transfer but the bad guys would have a really hard time trying to compromise the airgap through it. Of course it's inconvenient as hell but we all know that's the price you pay for security
. November 20, 2014, 07:43:20 AM
It's why using a USB stick to ferry data/transactions between your hot and cold machines is really a breach of the air-gap. Any transfer of data is. (And presumably if your hot machine is infected, any virus can just pass data back via the USB stick, it doesn't need any fancy radio transmissions.)
All input/output needs to be considered a potential conduit for viruses...
The ideal cold wallet wouldn't rely on any data from the outside world. I'm not sure that's possible though. Maybe by splitting the balance into many small amounts on separate private keys and just removing a single private key for a small amount at a time. So the data transfer is only ever *from* the cold machine to the hot machine, via paper wallet or photographing a QR code or something.
All input/output needs to be considered a potential conduit for viruses...
The ideal cold wallet wouldn't rely on any data from the outside world. I'm not sure that's possible though. Maybe by splitting the balance into many small amounts on separate private keys and just removing a single private key for a small amount at a time. So the data transfer is only ever *from* the cold machine to the hot machine, via paper wallet or photographing a QR code or something.
November 20, 2014, 03:43:38 AM
You realize that only works if someone has PHYSICAL access to the device with the cold storage? With physical access, it's easier for a thief to steal the wallet file, regardless if it had internet or not.
Cracking the password to the wallet is another story.
Cracking the password to the wallet is another story.
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
November 20, 2014, 02:31:22 AM
http://www.bloomberg.com/news/2014-11-19/hackers-can-steal-data-wirelessly-from-pcs-that-aren-t-even-online.html
This is something to be aware of when doing cold storage.
The gold standard of "use a machine that has never been connected to the internet and never will be"
will protect against this unless someone has physical access to the computer...
but are there other ways to also disable graphics card to prevent the attack described here?
This is something to be aware of when doing cold storage.
The gold standard of "use a machine that has never been connected to the internet and never will be"
will protect against this unless someone has physical access to the computer...
but are there other ways to also disable graphics card to prevent the attack described here?
Jump to: