Author

Topic: New clean client/wallet in a VM (Read 699 times)

member
Activity: 105
Merit: 10
April 01, 2013, 07:59:37 AM
#5
Hello all,

I'll be resurrecting this site soon, but right now I have this to offer:
http://web.archive.org/web/20120211095520/http://bitcoinvm.bitcoincommons.org/?q=node/3

you'll find instructions for setting up an encrypted file system.  Keep in mind that all of that was written before encrypted wallets.

A virtual machine mainly provides "security through obscurity" (http://en.wikipedia.org/wiki/Security_through_obscurity)

I can tell you that one of the frustrating things about maintaining a VM like this is the amount of disk space required if you're going to use Bitcoin-QT.  At this point there are other clients to choose from that I believe would consume fewer resources.

Speaking of Bitcoin-QT, I don't know that library dependencies it has vs the old 3.x bitcoin client, so additional tinycore libs may need to be added.
full member
Activity: 164
Merit: 100
April 01, 2013, 04:59:46 AM
#4
I suspect there won't be any password involved,  but I guess screen capture is a risk.  As for hardware loggers, I  believe I'm safe firm that.  No way to sandbox the vm?
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
March 31, 2013, 10:30:17 PM
#3
It will work, but as RandomQ said, key logger is going to take all keyboard input. Other malware will take mouse clicks and screen captures. You can take measures to detect and remove software key loggers, but there is nothing you can do about hardware key loggers except to physically inspect your keyboard or open up your computer (if a laptop) or check your keyboard connection for a wedge.
hero member
Activity: 826
Merit: 500
March 31, 2013, 01:18:13 PM
#2
I think the fatal flaw with this idea is keylogger on host system getting all the VM passwords
full member
Activity: 164
Merit: 100
March 31, 2013, 01:00:05 PM
#1
Hello,

People recommend having a live CD in which to install and run a client in order to make sure it's clean. Would the same work with a virtual machine, like VMplayer, running the same linux distribution? how should one go about ensuring proper sandboxing in this case?

Thanks
Jump to: