Topic: HWs and Airgapped PCs: I'm under doubts. What should I do? - page 2. (Read 424 times)

I would not use disposable CDs for storing anything really.
They are very unreliable any data stored on them can easily be gone in few years even without moving or playing CDs.
I had bad experience several times with backup on CDs that was not being able to load, so I would suggest you use USB or SD card if you want to store it in digital format.
Usual CD storage life is two to five years, and USB is over 10 years.

Oh I will, no doubt. Thanks for the recommendations of encryption software.

Got it. I might do updates using disposable CDs to make sure the data is written one-way only then. You are some kind of privacy genie here tbh so I will have the insolence to ask this do you have any other recommendations, or do you think the way I thought organizing my coins sounds fine so far?

---

Also, I have a little doubt that came up in my mind right after reading @Lucius' reply above: is connecting Bitcoin Core with Tor the safest way to broadcast a tx signed from my airgapped PC without revealing my fingerprint?

I would recommend using whole disk encryption on your airgapped computer.

No, provided the seed phrase was created securely and you don't expose the seed phrase or private keys via any other means. The risk of leaking information from a permanently airgapped device is very small, and would likely require that you be a target of a three letter agency somewhere. As long as the airgapped software you are using can still sign transactions created by whatever software you are using for your watch only wallet, then there is no need to ever update it. I probably still would every so often though (by transferring the update on removable media - not by going online!)

Possibly, but if you use whole disk encryption using good open source software (LUKS or VeraCrypt, for example), then you would be largely protected against a physical attack by someone with some sort of backdoor in to the hardware.

I mostly got the mixing, IP masking and coin handling part. There definitely are some flaws I have sometimes missed, but now that I have a RYF-certified PC, I'll be fixing them as well. Tech and cybersecurity is a never-ending education.

My long-term mixed coins will be used P2P only, while my hot wallet will be a little more "vulnerable" privacy-wise. There are some workarounds for name and addresses as well that I've been successfully using for a while now. It feels a bit less secure than handing out your real personal information, but it's worth it in the end.

They're a company and they may have shown mostly good intentions in the first few years, but lately they've turned to the "darker" side in my opinion. As a company, no matter how much it looks like they are well intended, they may be influenced in the end the same way Google and almost all the other corporations of today have been - especially if large money comes into the game. The Secure Element is another thing that makes me question whether backdoors are a thing - hence why I previously searched for a way to use my HW offline.

I wouldn't worry about losing the privkeys/seed as much as I'd worry about the fact it's somewhere stored on my drive. While Ledger has its own security and encryption by default, the other devices I own such as PCs are only as safe as I make them be. And since I'm not a security expert, there may be large flaws I'm missing.

If you want complete privacy you have to start from scratch, which would mean that you will always use a TOR or a trusted VPN, and that all coins will be mixed. So first secure your internet privacy (mask your real IP), then move your coins to another wallet and reset Ledger, create a new seed and never connect to Ledger or any other server with your real IP. Then mix your coins again, and send them to Ledger.

Now the question arises as to how you will use these coins, because if you pay something online with this BTC you will reveal your identity in case you buy an item to be delivered to you - although there is a way not to use your real address. I'm not saying that Ledger has any bad intentions, but they have already shown considerable incompetence, which is just a warning that they should not be completely trusted. IP addresses combined with coin addresses could really be a big security issue, and the question is how Ledger handles them.

If you back up your private keys&seed on a airgapped PCs, then you don't have to worry about it becoming unusable and after a long time, it's something that should always be standardized way for recovery.

So I just got a RYF-certified device on my hands and I'm now thinking about what I should be doing with it.

I love my Ledger. I've been using it for a long time now, but I am constantly thinking about the fact that I sometimes have to access Live to remove/add apps on it, and that is something I definitely don't like from a privacy perspective. I have no programming knowledge to review source codes, and I am highly paranoid that Ledger Live may be collecting information from my HW (I know it does not have an identifiable serial number, but it does have apps and the addresses and these could be linked to my IP) and either store it or even sell it to other interested parties. PC components have backdoors and creepy closed-source stuff in them, so I am constantly wondering why Ledger wouldn't.

In consequence, I'm contemplating about moving my mixed/CoinJoined coins to an airgapped PC that will never go online. I would have used my Ledger in conjunction with an airgapped PC (I'm somehow pretty scared about my private keys and seed living on a hard drive and Ledger makes me feel safer about it), but I know it sounds like a useless idea.

Sometimes I'm wondering if airgapped PCs pose a risk when it comes to outdated wallets. If I airgap a device, I want to keep it forever offline. Will my funds be under risk if I never update my wallet again, as long as the device is never going to connect to the outside world?

The doubts I'm facing are about the way I should store my long-term coins now that I have three different devices: a RYF-certified one, a laptop with all wireless and bluetooth modules removed and HWs. I have been thinking about using my Ledger as a "hot wallet" for non-mixed coins and storing the mixed ones on an airgapped device, but I am not sure whether I should use my RYF-certified device or the kind of device doesn't matter as long as it has no wireless modules to communicate. I want my airgapped PC to be as authority-proof as it can be. Could my non-RYF-certified pose a higher risk of being unlocked by someone who has access to the backdoors installed in it?

In fact, I am not even sure if there is any better alternative, so I thought some members out here could give me a helping hand. I am basically looking for the safest (from a privacy POV) way to sore and use my coins as privately and open-source as possible, or at least for someone who knows what they're talking about to tell me whether my idea is a good one or needs improvement.