Pages:
Author

Topic: It is NOT secure to use hardware wallets (and it never was) - page 6. (Read 2237 times)

hero member
Activity: 854
Merit: 658
rgbkey.github.io/pgp.txt
The important things to note from this entire episode are:

1. The recently exposed vulnerabilities in Ledger and Trezor have been patched - Update your devices!
2. NO wallet can be proven to be 100% secure and NO wallet should be treated as such
3. Despite our best efforts, there will always be a certain level of "trust" involved somewhere in the chain (hardware and/or software level)

As with a lot of things in life, it comes down to risk management and how much risk is "acceptable" in your specific situation - "Minimise the risk"™  Cool

I agree with all of your points, and I personally own a ledger nano device but I also think that the Ledger team understated how vulnerable the device can be, especially once it is in the physical possession of someone else. I will probably continue to use it, as I think it's still got a very good security to usability ratio, but I think that it might have been advertised a bit as something it probably is not.
HCP
legendary
Activity: 2086
Merit: 4363
The important things to note from this entire episode are:

1. The recently exposed vulnerabilities in Ledger and Trezor have been patched - Update your devices!
2. NO wallet can be proven to be 100% secure and NO wallet should be treated as such
3. Despite our best efforts, there will always be a certain level of "trust" involved somewhere in the chain (hardware and/or software level)

As with a lot of things in life, it comes down to risk management and how much risk is "acceptable" in your specific situation - "Minimise the risk"™  Cool
legendary
Activity: 1876
Merit: 3139
I wasn't too comfortable with the hardware being "out of my control" during shipping etc., so I used other hardware wallet solution - simple, cheap/free and extremely safe:

Everyone has old unused laptops laying around. I took two laptops. On both I formatted hard drives and did clean reinstall of the system. 1 of these laptops will never be connected online, network adapters are disabled.

I have also met with an opinion that you should use a computer which has never been connected to the Internet. I have no idea why would it be important beside potential malware being downloaded earlier. Your solution is definitely safe and recommended by many people but still, it isn't really convenient and portable. I guess it's the best choice for people who were thinking of using hardware wallets as their main "purse". I will personally stick to them since I send my coins often in many different places.
newbie
Activity: 1
Merit: 1
I wasn't too comfortable with the hardware being "out of my control" during shipping etc., so I used other hardware wallet solution - simple, cheap/free and extremely safe:

Everyone has old unused laptops laying around. I took two laptops. On both I formatted hard drives and did clean reinstall of the system. 1 of these laptops will never be connected online, network adapters are disabled. On the other laptop, go straight to download section of electrum wallet. Download wallet and verify the authenticity. Take clean USB stick, format it and put downloaded electrum wallet there. Take the usb stick and insert it into the first laptop (the one without internet connection). Create wallet. This laptop will NEVER go online. If you are totally paranoid you can destroy the USB stick Smiley

The laptop with the internet active is used for Electrum - watch only wallet. This type of wallet has no access to your private keys, yet you can see your balances and iniciate transactions (these have to be confirmed via confirm file, created on the laptop with the original wallet).

This process should be reasonably safe.
member
Activity: 207
Merit: 22
And here I am thinking that using a ledger ware is the best safe place to store my bitcoin as sometimes I travel a lot. I have been meaning to buy one since it's easily portable but seeing that article, I am quite confused.
I am always skeptical of storing my bitcoin in my laptops cause most times, I change laptops alot and I fear selling my used laptop to to stranger might leave a trace of my wallet.dat.  So is there any portable means of storing bitcoin that is not paper wallet?
legendary
Activity: 1456
Merit: 1176
Always remember the cause!
I'm not objecting just confused: Is it about firmware, BIOS, fucking NVIDIA device drivers or what? We have Linux and Free BSD, don't we? Is it impossible to have Core's wallet running on top of a clean installed Linux?

I'm seriously interested in your term 'closed source computer', actually it is my main research topic for the last couple of years, I'm just wondering how deep is your interpretation of this concept and whether you have developed any idea as an alternative?
There's more to a computer than just the OS. A lot of firmware such as processor microcode are closed source. So it doesn't matter whether the OS you use is open source; if the firmware for your hardware and the hardware itself is closed source, then you are at risk of that closed source being malicious or containing something that can be exploited. One example of this is the Intel Management Engine which could allow someone to remotely access and control your computer and there's no way to disable it because it is baked into the hardware and firmware, both of which are also closed source.

I know about Intel's ME, but I was just asking OP whether he is mentioning it or what?

As of Intel's ME, there are solutions to  neutralize or disable it people even suggest not to use Intel processors made since 2008 and AMDs since 2013.

But I think it is not just about foolish architectures like this and even a system built around an 'innocent' 80386 cpu is susceptible not because of its bios or any other hardware potential backdoor but for a more inherent characteristic of our contemporary technological paradigm that allows machines to be dominated by attackers without disclosure.

By 'attackers' I don't just refer to crackers or state agents I am mentioning the owners, legitimate owners as well!
Imagine some black hat cracker who goes to the market buys a laptop, installs some evil software on it, plugs it to the internet and participates maliciously in some public protocol, trying to take advantage of its security holes while it is pretending to be a fair player, it is a hijacked laptop in my terminology!

Our current state in computing technology, gives unlimited access to the owner (and the army of crackers, hardware manufacturers, state organisations, ...) to install whatever s/he wants without disclosure.

This way people have access to 'things' that can be 'anything' and pretend to be 'something' else! This is totally a mess which security experts, cryptographers, ... are trying to cover it up, both desperately and inefficiently.

legendary
Activity: 2898
Merit: 1823
legendary
Activity: 1876
Merit: 3139
I never trusted hardware wallets, from my research, airgapped old laptops runnig some linux distro are the best way for cold storage. You must learn how to bring raw transactions from your airgapped computer into an online node, I haven't learned how to do this yet, I will eventually get into it.

Hardware wallets might be not a best choice for cold storage, but they are still a good choice if you want to access your bitcoins on many different computers which might be compromised. I used to encrypt my Electrum seed using VeraCrypt but I was too scared of keyloggers and other malware. Right now I don't have to worry about it since my TREZOR has a touchscreen to input everything on the device. It is still possible that this model might get hacked anytime soon, time will show us.
legendary
Activity: 1372
Merit: 1252
staff
Activity: 3458
Merit: 6793
Just writing some code
I'm not objecting just confused: Is it about firmware, BIOS, fucking NVIDIA device drivers or what? We have Linux and Free BSD, don't we? Is it impossible to have Core's wallet running on top of a clean installed Linux?

I'm seriously interested in your term 'closed source computer', actually it is my main research topic for the last couple of years, I'm just wondering how deep is your interpretation of this concept and whether you have developed any idea as an alternative?
There's more to a computer than just the OS. A lot of firmware such as processor microcode are closed source. So it doesn't matter whether the OS you use is open source; if the firmware for your hardware and the hardware itself is closed source, then you are at risk of that closed source being malicious or containing something that can be exploited. One example of this is the Intel Management Engine which could allow someone to remotely access and control your computer and there's no way to disable it because it is baked into the hardware and firmware, both of which are also closed source.
legendary
Activity: 1456
Merit: 1176
Always remember the cause!
So what ways of keeping bitcoins safe do you recommend then? Many people consider hardware wallets as something that is not possible to breach because they were told so. In both Ledger and TREZOR there were discovered vulnerabilities which allowed potential attacker to extract the seed. I haven't heard of any issues with KeepKey. I was thinking of using an air-gapped computer for storing large amount of BTC and a hardware wallet in case I needed to travel and have some bitcoin with me just in case. Have you ever used any hardware wallet?

Of course, the fact that we have to use closed source computers to run Bitcoin Core, makes it impossible to be 100% safe esp. against state actors.
Huh

I'm not objecting just confused: Is it about firmware, BIOS, fucking NVIDIA device drivers or what? We have Linux and Free BSD, don't we? Is it impossible to have Core's wallet running on top of a clean installed Linux?

I'm seriously interested in your term 'closed source computer', actually it is my main research topic for the last couple of years, I'm just wondering how deep is your interpretation of this concept and whether you have developed any idea as an alternative?

 

newbie
Activity: 37
Merit: 0
Nothing is perfect. With the recent Ledger vulnerability the devs response and transparency was good. The security might not be perfect, but it will improve overtime.

As much as I hate McAfee, you can't argue with what he said: As long as there is technology in our daily lives, there will be hackers there, waiting on the sidelines, to break inside it. [Paraphrase]

As long as companies like Ledger and Trezor work quickly to patch any security vulnerabilities, we should be fine.
legendary
Activity: 2898
Merit: 1823
How about an air-gapped PC?

This.  With the proviso that this means a dedicated machine which is never connected to a network, and has hardware capable of non-contact connections (such as wifi and bluetooth) physically removed.  I state this explicitly, for I’ve observed that many people mistakenly believe that rebooting their network machines with a live CD/USB makes for an “airgap”.

Part of the advantage of an airgap machine is that the hardware can be purchased anonymously.  For ordinary individuals, buying an inexpensive laptop (sufficient for Bitcoin, PGP, etc.) off the shelf for cash is the only practical means I know for precluding any chance of a targeted supply-chain attack.  Wherefore this part of the Ledger vulnerability disclosure blog post caught my attention (boldface is in the original):


That's too extreme. In most cases, use Bitkey https://bitkey.io/.

It would take someone familiar with Linux to use it, but all the information needed on how to make a bootable USB, use, and configure it are available online. There is no excuse for a newbie Bitcoiner not to learn.
sr. member
Activity: 1081
Merit: 309
I love technology.
Nothing is perfect. With the recent Ledger vulnerability the devs response and transparency was good. The security might not be perfect, but it will improve overtime.
sr. member
Activity: 518
Merit: 257
I have been warning people about hardware wallets for years. Bitcoin is the most personal store of value. Don't break it by using untrusted third party soft/hardware:

https://krebsonsecurity.com/wp-content/uploads/2018/03/ledgerattack.pdf

Worth mentioning, that the guy who found this exploit is 15 ys young.

All Digital assets are unsecure in some way or another. Blockchain can't be hacked but cryptocurrency can be stolen from wallets, exchange etc. If you have large asset then don't store all of it in one medium like wallet, exchange etc.
legendary
Activity: 2926
Merit: 1386
....
Ledger’s CTO even goes as far as to tell users that it is completely safe to purchase from eBay (archive.is / archive.org).....

Then he's an innocent babe and wrong, or a liar.

On second thought maybe he's qualified his statements some kind of way, but that's really beside the point.

What happens if you buy "A Ledger" on eBay is that you get something that might look like a Ledger, and it might act like a Ledger, but it might actually be something very different.

There was a con recently on eBay concerning Trezor IIRC which involved "last minute instructions" included with the package shipped to the gullible mark. Several people lost their funds on that.

newbie
Activity: 38
Merit: 0
Pretty impressive for a 15 year old kid to find an exploit like this.
member
Activity: 728
Merit: 10
This kid was briliant  Shocked
legendary
Activity: 1904
Merit: 1074
In the end it comes down to ease of use and convenience and also flexibility. You do not want to install Bitcoin Core on every

computer, wherever you go. It is quite handy to have a secure hardware wallet in your pocket, when you move around a lot.

I can quickly pop in my hardware wallet at a friends house {non-bitcoiner} and have access to my coins to do a transaction

or to show him/her how it works. It is more secure than online wallets and more convenient than paper wallets.  Wink
member
Activity: 336
Merit: 10
I also agree that it is not safe to use hardware wallets. Several methods of protection are needed, combined protection against new threats that hackers from all over the world come up with.
Pages:
Jump to: