Is old 3.5 floppy safer than USB drive for cold storage? - page 2.

Eisenhower34

legendary

Activity: 906

Merit: 1002

Quote from: Newar on October 10, 2014, 05:24:22 AM

Quote from: BIGbangTheory on October 09, 2014, 09:02:51 PM

Many computers with built in webcam have built in wifi so if the OP is trying to avoid using USB period then he would probably not to be dealing with a computer that could have it's wifi antenna enabled (although this is serious tinfoil hat status).

Disable it in the BIOS? Or in the OS on first run? Some come with hardware switches that you can super-glue in the off position? Not really a problem.

If it is in there, in theory it can be used. Some people want to use thicker "tinfoil hats" then others. I personally don't think it is necessary to go to these extremes (or to the extremes that CIYAM went to above) as I believe the incremental amount of security is low

pumawolf

sr. member

Activity: 968

Merit: 250

i dont trust usb drives. i have a magnetic field machine i use in my room time to time. i have my flash drives in my closet. my flash drives dont work anymore, lucky i pull my coins out way before it happen. im very paranoid about my coins now, i dont fuk around no more,i hand write my private keys, twice.

BTCfan668

member

Activity: 88

Merit: 10

Quote from: Newar on October 10, 2014, 05:33:32 AM

Quote from: CIYAM on October 09, 2014, 08:34:51 PM

Quote from: Newar on October 09, 2014, 03:04:05 PM

It's not a single key cold storage.

Not sure what you mean by this - but just to be clear you can have as many "keys" as you like using CIYAM Safe.

I understand that. I think the approach is different.

If I understand correctly, CIYAM Safe is meant to put coins in a cold storage as you would with a paper wallet. Put one bitcoin in address A and one in address B. Now, to spend 1.5 BTC for example in single transaction from CIYAM Safe I imagine is a bit tricky?

Whereas with Armory it will create a single transaction 2 BTC -> 1.5 BTC and 0.5 BTC change (to a new adddress) for you. It will also try and select the optimal inputs for a transaction.

I think they are just different solutions to different use cases.

Most people do not send bitcoin directly from their cold storage to the address(es) they are sending to. In my experience most businesses will have a "hot wallet" that will contain a "target" amount of bitcoin. If the hot wallet gets too low then bitcoin will be transferred from their cold storage into their hot wallet. If the hot wallet starts to get too much bitcoin then the company will transfer some of the bitcoin to their cold storage

evok3d

sr. member

Activity: 534

Merit: 250

The Protocol for the Audience Economy

Quote from: Newar on October 06, 2014, 01:26:42 PM

I ended up using audio using minimodem. This [1] is in the Armory section and for Linux, but it might give you some ideas (you can transmit any kind of data). Cheap investment too for a 3.5mm jack-jack cable.

[1] https://bitcointalksearch.org/topic/tx-signing-via-minimodem-735111

This is a pretty pro way of doing this, though i would not really bother unless you have a large amount of bitcoins Cheesy

evok3d

sr. member

Activity: 534

Merit: 250

The Protocol for the Audience Economy

I would probably keep a copy on as many mediums and platforms as you can think being safe, such as :

- Print it out
- Encrypted backups on different mediums
- Put it in a vault if you have to

I would not say one single method is safe enough. You dont know what is going to happen long term.

CIYAM

legendary

Activity: 1890

Merit: 1086

Ian Knowles - CIYAM Lead Developer

Quote from: Newar on October 10, 2014, 05:33:32 AM

I think they are just different solutions to different use cases.

Indeed - I don't deal with "cold storage" like *normal transactions* (and I seriously doubt that anyone else does either).

The basic idea is that you have X "cold storage addresses" and then you "move funds to a hot wallet" from one at a time.

Newar

legendary

Activity: 1358

Merit: 1001

https://gliph.me/hUF

Quote from: CIYAM on October 09, 2014, 08:34:51 PM

Quote from: Newar on October 09, 2014, 03:04:05 PM

It's not a single key cold storage.

Not sure what you mean by this - but just to be clear you can have as many "keys" as you like using CIYAM Safe.

I understand that. I think the approach is different.

If I understand correctly, CIYAM Safe is meant to put coins in a cold storage as you would with a paper wallet. Put one bitcoin in address A and one in address B. Now, to spend 1.5 BTC for example in single transaction from CIYAM Safe I imagine is a bit tricky?

Whereas with Armory it will create a single transaction 2 BTC -> 1.5 BTC and 0.5 BTC change (to a new adddress) for you. It will also try and select the optimal inputs for a transaction.

I think they are just different solutions to different use cases.

Newar

legendary

Activity: 1358

Merit: 1001

https://gliph.me/hUF

Quote from: BIGbangTheory on October 09, 2014, 09:02:51 PM

Many computers with built in webcam have built in wifi so if the OP is trying to avoid using USB period then he would probably not to be dealing with a computer that could have it's wifi antenna enabled (although this is serious tinfoil hat status).

Disable it in the BIOS? Or in the OS on first run? Some come with hardware switches that you can super-glue in the off position? Not really a problem.

CIYAM

legendary

Activity: 1890

Merit: 1086

Ian Knowles - CIYAM Lead Developer

Quote from: BIGbangTheory on October 09, 2014, 09:02:51 PM

Many computers with built in webcam have built in wifi so if the OP is trying to avoid using USB period then he would probably not to be dealing with a computer that could have it's wifi antenna enabled (although this is serious tinfoil hat status).

Funnily enough when I bought the old laptop that I use for my "offline system" here in China I got my wife to ask them to remove the WiFi card which surprised the store owner a lot (prompting him to ask why). She looked at him blankly for a few seconds and then explained that the problem is that when she gets online she always ends up in fights with people on the internet so her husband doesn't want her to be able to get online.

BIGbangTheory

member

Activity: 83

Merit: 10

Quote from: Newar on October 09, 2014, 03:08:28 PM

Quote from: Moria843 on October 09, 2014, 01:47:59 PM

Sounds good, but how would I get the QR codes off of the offline computer and onto the online computer. I can generate them on the offline computer and scan them into my phone, but how do I get them to the online computer without using a wand or some other USB interface I'm trying to avoid?

Built-in webcam on the online PC? Reads the QR code from the offline PC and you always can double check and compare the output the software provides (QtQR for Linux, for example). But depending on tx size you'll end up scanning several QR codes. (etotheipi's post)

Many computers with built in webcam have built in wifi so if the OP is trying to avoid using USB period then he would probably not to be dealing with a computer that could have it's wifi antenna enabled (although this is serious tinfoil hat status).

@moria I believe the risk of using a USB drive is very low. You can further minimize this risk by utilizing good physical security to both your USB drive and your computer that holds the private keys.

CIYAM

legendary

Activity: 1890

Merit: 1086

Ian Knowles - CIYAM Lead Developer

Quote from: Newar on October 09, 2014, 03:04:05 PM

It's not a single key cold storage.

Not sure what you mean by this - but just to be clear you can have as many "keys" as you like using CIYAM Safe.

blastmaster

newbie

Activity: 11

Merit: 0

In addition to the 5.25 inch floppy of course, I just use 2 USB drives and a CD all kept in different places. Done.

Newar

legendary

Activity: 1358

Merit: 1001

https://gliph.me/hUF

Quote from: Moria843 on October 09, 2014, 01:47:59 PM

Sounds good, but how would I get the QR codes off of the offline computer and onto the online computer. I can generate them on the offline computer and scan them into my phone, but how do I get them to the online computer without using a wand or some other USB interface I'm trying to avoid?

Built-in webcam on the online PC? Reads the QR code from the offline PC and you always can double check and compare the output the software provides (QtQR for Linux, for example). But depending on tx size you'll end up scanning several QR codes. (etotheipi's post)

Newar

legendary

Activity: 1358

Merit: 1001

https://gliph.me/hUF

Quote from: CIYAM on October 09, 2014, 04:58:53 AM

This is what I really don't *get* when Armory (in particular) talk about offline signing for "cold storage" - it always seems as though they are trying to solve problems for "idiots" (but they seem to forget that "idiots and ingenious" and are going to lose their BTC no matter which software they use - and yes I don't recommend CIYAM Safe for "idiots").

Why on earth would I have "40 donations" to a "cold storage address" that should never have never published. Huh

CIYAM Safe works perfectly on the assumption that you "know what you are doing" and you don't go "publishing your cold storage addresses publicly" (so there should only be 1 UTXO to deal with every time which works perfectly with just QR codes - one to receive the unsigned raw tx and one to send the signed raw tx).

Because like you said the other day, Armory is a wallet, that offers the possibility to keep the private keys cold. It's not a single key cold storage. Doesn't matter if it's 40 tx to one address or 40 different addresses. Say you have armoryd (watch-only) giving out addresses to customers. Later you want to spend from those, via the offline computer. There's the problem there.

bornil267645

sr. member

Activity: 406

Merit: 250

AltoCenter.com

I don't think there's any significant difference between the floppy and USB. They both have same kind of storage or at least I have used both of them.

Moria843

sr. member

Activity: 442

Merit: 250

Found Lost beach - quiet now

Quote from: Connor936 on October 08, 2014, 09:26:22 PM

Quote from: Moria843 on October 07, 2014, 01:24:41 PM

I guess most people are missing the main question. I already have paper backups in a safety deposit box. The only thing I'm temporarily storing are files created on my cold storage (offline computer), or the only computer that contains the private keys. These "signature files" are stored to the floppy, then my online computer will read them from the floppy and broadcast the transaction. I can do this with a USB drive also but because of the BadUSB hack I was wondering if the old technology would be safer - I know the USD hack won't work on an FDD controller.

I think a better solution would be to use QR codes to transmit the unsigned/signed TXs between computers (I think this was suggested once or twice above). This would prevent any physical attack to your offline computer and would ensure that nothing that has touched your online computer will ever touch your offline computer

Sounds good, but how would I get the QR codes off of the offline computer and onto the online computer. I can generate them on the offline computer and scan them into my phone, but how do I get them to the online computer without using a wand or some other USB interface I'm trying to avoid?

CIYAM

legendary

Activity: 1890

Merit: 1086

Ian Knowles - CIYAM Lead Developer

This is what I really don't *get* when Armory (in particular) talk about offline signing for "cold storage" - it always seems as though they are trying to solve problems for "idiots" (but they seem to forget that "idiots and ingenious" and are going to lose their BTC no matter which software they use - and yes I don't recommend CIYAM Safe for "idiots").

Why on earth would I have "40 donations" to a "cold storage address" that should never have never published. Huh

CIYAM Safe works perfectly on the assumption that you "know what you are doing" and you don't go "publishing your cold storage addresses publicly" (so there should only be 1 UTXO to deal with every time which works perfectly with just QR codes - one to receive the unsigned raw tx and one to send the signed raw tx).

Newar

legendary

Activity: 1358

Merit: 1001

https://gliph.me/hUF

Connor936

member

Activity: 109

Merit: 10

Quote from: Moria843 on October 07, 2014, 01:24:41 PM

I guess most people are missing the main question. I already have paper backups in a safety deposit box. The only thing I'm temporarily storing are files created on my cold storage (offline computer), or the only computer that contains the private keys. These "signature files" are stored to the floppy, then my online computer will read them from the floppy and broadcast the transaction. I can do this with a USB drive also but because of the BadUSB hack I was wondering if the old technology would be safer - I know the USD hack won't work on an FDD controller.

I think a better solution would be to use QR codes to transmit the unsigned/signed TXs between computers (I think this was suggested once or twice above). This would prevent any physical attack to your offline computer and would ensure that nothing that has touched your online computer will ever touch your offline computer

rodgerdoger

newbie

Activity: 4

Merit: 0

Honnestly I think paper with redundancy is the best, but the exploit is difficult to execute and will not really be a big deal.

Topic: Is old 3.5 floppy safer than USB drive for cold storage? - page 2. (Read 5727 times)