Topic: Is Armory vulnerable to USB-Stick viruses like BadBios? - page 3. (Read 6759 times)

The problem with QR codes is they aren't big enough.  They're big enough for 95% of transactions, but the first time you have to move 1 MB across that channel, you'll be SoL.  And you don't have control over it.  If I know one of the addresses in your offline system, I can send you a couple 100 kB transactions, and effectively DoS your offline solution.

There's a discussion thread about it here:  https://bitcointalksearch.org/topic/improving-offline-wallets-ie-cold-storage-68482
And ironically: https://bitcointalksearch.org/topic/bounty-25-btc-audiomodem-based-communication-library-135423

But none of it is ready yet.  Though goatpig claims to be making progress on the audio solution.

I should clarify though: the article doesn't say that computers will be infected through audio or power-line communication.  But if your offline computer is already infected, it can use those methods to communicate with another infected machine.  It does sound the stuff of science-fiction, and I'm conflicted about whether to believe this is a real threat (since there's conflicting evidence).  But it does give us some hints about ways we can protect ourselves better. 

I would argue that assume-the-offline-system-is-already-compromised-by-the-most-advanced-malware assumption makes security a mostly intractible problem.  There's too many ways for a properly-secured-but-compromised offline system to leak information.  And depending on how good it is, it might only need one transaction to do it.    The best thing we can do is take appropriate precautions to minimize risk of infection, and be able to detect it when we fail.

Now that ATI has some money, we'll be spending some of it to get some real good crypto/security guys to help us shape our best practices to address threats like this, even if this particular one turns out not to exist [yet].

I've done some work for using QR codes to transfer data between computers specifically since I have moved to Armory. It is a Java based application, so it probably won't work well on a RPi with so little RAM. The source is out there on the interwebs, but I haven't fully thought out what license I'd like to use. If there is an increasing interest in it, I'll work through those issues so people can use it/build on top of it.

That said, I'm not convinced a hardened version of it would stand up to a persistent attacker. At the end of the day you're going to end up using a library or re-inventing the wheel and either one will have it's own set of vulnerabilities to side-channel attacks. I believe it to be safer than USB since there is no bootability issues and it is hopefully less likely to "auto-play". It also gives you a lot more control of how much/when data is transmitted or received and you can verify the payload against a third party device if you are paranoid.

I read the article about badbios and would like to present a possible solution to these problems.

To address the speaker/microphone avenue of communication, I recommend the raspberry pi model A. A model A has 256mb of ram, which happens to be the same as the minimum requirements to run armory offline. In addition, since the model A doesn't have wifi or an ethernet port, you won't do are less likely to do anything stupid, like connect it to the internet.

Now that you have a computer that is next to impossible to connect to the internet, you need a way of communicating with the outside world to sign transactions.

I'm not sure if this is possible at the present time, but it seems to me that the best way to do this would be through qr codes of some sort--I'm not smart enough to make this work, so that is a slightly fuzzy part of this suggestion.

If you want to go the uber-paranoid rout, you could use an external battery pack to power the pi, which completely isolates the pi from any possible source of malware.

I think that this system would be as secure as it gets, but if I anything I said is wrong, I'm sure you'll let me know.

That is the least of it. There are a whole range of side channels based on differential power analysis which 99% of all computers are vulnerable to which means the encryption keys to most peoples machines are vulnerable. There are DMA attacks, hardware based trojans, all which most everyone is vulnerable to.

I think badbios just reveals that most people's machines are vulnerable to advanced persistent threats. Have a look at this: http://www.ma.rhul.ac.uk/static/techrep/2011/RHUL-MA-2011-07.pdf

For this reason if a government really wants your keys and they are determined enough to send some agents to target you specifically then its highly likely they will get them. But the point is that it is expensive and they wont do that to just anyone, at least not at this time. I'm not sure there is anything Armory can do about it, it's a hardware problem which can be solved by using hardware which blocks data emanations. I wonder if the new Trezor wallet will be vulnerable to differential power analysis?

 

Hey Alan,

I just read about the "badbios" virus which can supposedly infect offline computers using USB sticks: http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/

Would you mind commenting about whether armory-offline users should be concerned about this virus, or ones like it, and whether we should find a different transport method for offline transaction signing? There has been some concern about this on reddit: http://www.reddit.com/r/Bitcoin/comments/1pmb82/malware_that_infects_at_the_hardware_level_can/

I sent you an email about this too. Thanks!