Author

Topic: Introduce EROAS Electrum wallet running from USB drive securely and conveniently (Read 219 times)

newbie
Activity: 8
Merit: 1
The thing is, an evil maid wouldn't even need these things to compromise your wallet setup.
It would be enough to have hardware access to your computer used. That's more than enough to compromise your wallet and to exfiltrate the secret data even without network access.

That is fascinating.  How can an affected host (presumably a persistent attack) get USB live OS sessions exposed? Can you elaborate more or paste some pointers?
 
While a hardware wallet also doesn't provide perfect security against evil maid scenarios (at least one concrete scenario to steal the coins is possible with hardware access to the hardware wallet and the computer), it provides more security.

I looked into HW wallet before I rolled my sleeves on EROAS.  There were a couple of things that stopped me from going down that path:

  • Most of them use PC to upgraded the wallet firmware.  That is my biggest concern.  If you leave a door, hacker can and will get in.  And the wallet software is squarely targeted.
  • A lot of them (majority?) don't open source the software and hardware, which makes biz sense but makes me nervous
  • Just wanted some fun in hacking  Grin

BTW, thanks for pointing out the typos.  Really appreciate it.
legendary
Activity: 1624
Merit: 2481
Let us see - an evil maid would have all 4 things together to steal my money
  • Have my usb drive (easy)
  • Fake my fingerprint to unlock USB (doable with strong will)
  • Know the password of cryptomount partition (hmm, probably get me drunk?)
  • Know the password to my wallets (same as above)

Not sure how hardware wallet would fair better here?

The thing is, an evil maid wouldn't even need these things to compromise your wallet setup.
It would be enough to have hardware access to your computer used. That's more than enough to compromise your wallet and to exfiltrate the secret data even without network access.

While a hardware wallet also doesn't provide perfect security against evil maid scenarios (at least one concrete scenario to steal the coins is possible with hardware access to the hardware wallet and the computer), it provides more security.



BTW, what is the typo in my README?  Would really appreciate your pointing it out.

Here:

Networking modes:

EROAS supports 4 networking modes:

    Connect to Electrum open network directly (default)
    Use Tor to connect to Electrum open netowrk for privacy

And further, i wouldn't call it "warm wallet". The term you are looking for is hot wallet:

EROAS stands for "Electrum Running On A Stick". It runs Electrum wallet, the best open source bitcoin wallet, on cheap USB drives, with cold-wallet level security and warm-wallet like convenience.
newbie
Activity: 8
Merit: 1
I wouldn't trust any project from someone who has typos in the readme file.

The idea itself definitely is better than a regular software wallet on an online pc, but it lacks protection in an evil maid scenario compared to a hardware wallet.
It's a nice idea, but i doubt anyone will check the code to actually use it. The advantages are too small compared to a self-made bootable USB.

Let us see - an evil maid would have all 4 things together to steal my money
  • Have my usb drive (easy)
  • Fake my fingerprint to unlock USB (doable with strong will)
  • Know the password of cryptomount partition (hmm, probably get me drunk?)
  • Know the password to my wallets (same as above)

Not sure how hardware wallet would fair better here?

BTW, what is the typo in my README?  Would really appreciate your pointing it out.
newbie
Activity: 8
Merit: 1
Any reason you chose to use Ubuntu 20.04 as "base" OS rather than other linux distro aimed for security/privacy such Tails?

Well, the main reason is that I found an excellent document on how to make bootable USB, and it uses Ubuntu. Smiley  The project is at https://github.com/mvallim/live-custom-ubuntu-from-scratch.  I ended up contributing back my script to that project as well.

Given the end state where EROAS does not have / level persistency, no root user, etc, I personally feel secure enough to store my own money there.  But I will probably take another look of Tails later. 

Is there a good link on make bootable USB with Tails?
newbie
Activity: 8
Merit: 1
I would prefer Tails.

Exactly. What makes this EROAS better than the already established Tails OS that already has Electrum on it (or you can install yours) and has passed the test of time?
From what I've seen until now EROAS would run on smaller stick than Tails. On the other hand Tails has more apps pre-installed (which may or may not be useful). Anything else?

I don't mean to "attack" this project. I would indeed like to see a proper comparison between the two. It could actually help this project (else it would be a shame for the time invested in it)

For some reason I never received notifications for the follow-up responses.  Sorry for the late responses here.

Here is a quick recap of EROAS vs TailOS+Electrum on USB: (disclaimer: I have not used TailOS.  But I read about it and extrapolated certain points from there)

  • EROAS only allows /home directory persistency, while I believe TailOS allows / level persistent changes.
  • EROAS does not have root user or any sudoer.  So unless there is a bug in system software, there is no way to modify system settings (including firewalls)
  • EROAS stores electrum data file in cryptomount encrypted partitions, offering an additional of security (e.g. in the case when someone obtained your USB drive)
  • Strict firewalling.  Only outgoing DNS port is open, plus a couple of more depending on the networking mode you choose.  For example, in Tor mode, port 9001 is also open.  And that is it.

For a competent hacker, one can set up all above with TailOS and exercise caution during normal usage.  EROAS basically reduces the OS to a bare minimum running only Electrum, and also makes it impossible to alternate or deviate from that.

I was able to manually do all above by myself.  However, my friends cannot easily do that.  Also, I don't trust myself doing the right thing all the time and trust my system is immune from any attacks.  Make root partition non-modifiable persistently gives me a lot of comfort.  Same goes with cryptomount partition and fingerprint protected USB drive.  They are additional layers of security.  That was my motivation to actually clean the code up and share with others.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
I would prefer Tails.

Exactly. What makes this EROAS better than the already established Tails OS that already has Electrum on it (or you can install yours) and has passed the test of time?
From what I've seen until now EROAS would run on smaller stick than Tails. On the other hand Tails has more apps pre-installed (which may or may not be useful). Anything else?

I don't mean to "attack" this project. I would indeed like to see a proper comparison between the two. It could actually help this project (else it would be a shame for the time invested in it)
legendary
Activity: 1848
Merit: 2033
Crypto Swap Exchange
legendary
Activity: 1624
Merit: 2481
I wouldn't trust any project from someone who has typos in the readme file.

The idea itself definitely is better than a regular software wallet on an online pc, but it lacks protection in an evil maid scenario compared to a hardware wallet.
It's a nice idea, but i doubt anyone will check the code to actually use it. The advantages are too small compared to a self-made bootable USB.
legendary
Activity: 2212
Merit: 7064
Whats the difference if I just use regular Electrum wallet installed on my own USB linux OS?


I personally also use fingerprint-protected USB drive for additional protection.

I would never use this.
Just imagine how many things you touch with your fingers every day.
Fingerprint is something anyone can duplicate very easy, and I don't consider this to be better security.
newbie
Activity: 8
Merit: 1
I bought some bitcoins and quickly realized the responsibility of being own banker.  I found existing solutions are either complex, costly or need to trust someone else.  So I rolled my sleeves and come up with EROAS, Electrum running on a stick (USB) ( https://github.com/monkey-jsun/eroas)

The system is secure
  • Immutable ISO system image with no root user or sudoer
  • Firewall is configured to allow only minimum outgoing ports/IPs
  • Multi-layer encryption (encrypted file system and wallet file)
I personally also use fingerprint-protected USB drive for additional protection.

It is simple to use.
  • It does depend on interfere with your normal PC. Everything, including OS, apps and data, are self-contained from USB drive.
  • It runs Electrum directly online for transactions.  No split transaction type hassles.

Check it out!
Jump to: