Topic: Old phone as cold storage? - page 2. (Read 1007 times)

Unless you're high profile person, very important person or letting people know you're extremely rich, worrying about this kind of vector attack is pointless. Additionally, this kind of attack is also theoretically possible on mobile devices.


This could be partially mitigated by setting password on your device (both smartphone and laptop). And on certain smartphone or OS for laptop, the password could be used to encrypt whole storage.

I keep seeing people telling that phones are hard to airgap and.. sorry, but I'm not convinced.

* one can remove the SIM then mobile internet will no longer be used
* one can turn off NFC (if available); however, not a great attack vector
* one can turn off Bluetooth and go airplane mode; however, not a great attack vector unless 100% targeted
* one can remove/forget all known Wi-Fi SSIDs and set the phone not connect to any other/unprotected SSID

One very good argument is that a burglar will most probably steal that smartphone even if it's older, put a SIM in it and turn everything on, making indeed phones somehow risky for cold storage.
Another very good argument is that somebody in the house would do exactly that too (put a SIM in) because of not knowing it's a "special use" phone.

But all this can easily happen with a laptop too (stealing or plugging in a network cable). And let's not compare online securit between old laptops and old phones because both are bad and also dependent of owner's skills in setting them up.

At the end of the day an air-gap PC is the safest option compared to both phones and hardware wallets because it is physically disconnected from the rest of  the world whereas hardware wallets are not and phones are extremely hard to made truly air-gap.

The attacks you describe on PC are very complicated and more theoretical than practical specially since the attacker needs to be close to the PC and in some of these attacks they need physical access. Meanwhile there are other attack vectors on hardware wallets that are being connected to a system that could be infected. Granted they too are theoretical but there has been real cases in the past and when comparing it with your examples they are more serious.

Well, all DIY-made stuffs have always its cons. But an unused, updated android patch security, stock rom, and using it while in safe mode android phones is a bit good option for a cold storage stuff ^{(or if there's a alternate word/term for it than using cold-storage)} and better than other web/hot wallets out there.

As they said --air-gapped smartphones are much safer than the air-gapped PC which are vulnerable to hacking, did you know that even fully air-gapped PC can exfiltrate information through the output radio signals generated by the computer or call ^{[electromagnetism]}.
Also expert says that through ^{[ultrasonic waves]} a virus can be used to steal the private key out of the computer.
I had always preferred the hardware wallet over the old PC or phone for cold storage, they don't have the security features that hardware wallets have. A hardware wallet has minimal attack surfaces not unless they steal it from you personally.
So no way for the old phone to be a cold storage wallet or worst a PC to be a cold storage wallet, however --I am overthinking for 25% way of a possible scam using an air-gapped wallet.

I don't think a mobile phone will ever be considered good cold storage, ever. The issue is that unlike an old laptop which you can take apart and remove the BlueTooth/Wifi chips, you cannot do this to a mobile phone.

You can open the phone up and remove the antenna, however it can still form a weak connection. You cannot desolder the Baseband chip (for Iphones) to prevent 100% connection loss because the phone won't boot up.

I guess this is much better than a hot wallet but still not as secure as true cold storage such as Electrum on an air-gapped PC.

Basically for convenience.
While you can easily sign with the offline phone just by transferring images between that phone and the laptop, if you use an USB with a live OS and Electrum you'll need to restart the laptop for signing (and also the transfer with yet another USB is considered unsafe).

In addition to your point about thieves and what they'd generally be searching for, I think you've got a valid point here as well.  I don't think using a smartphone as a HW wallet would be a great idea for someone like me, who's too technologically incompetent to wipe a phone free of all the potential spying shit that's preinstalled on it. 

Otherwise, it isn't a horrible idea at all--you can hide a smartphone pretty easily, and other than the times when you want to actually use the device, it's easy to keep it offline.  Then again, why not just use one or more USB drives or even a seed phrase engraved into metal, coupled with Electrum for sending/receiving?  That seems like a much more secure option (though a lot less creative than using a phone).

I think it's a moot a point. An opportunistic thief isn't "looking" for anything specific, as you suggest. They are rummaging in drawers, closets, desks, under beds, etc., looking for anything and everything that is easy to transport and might be worth something. If they find some old phones, they'll take them. If they find some hardware wallets, they'll take them. Even if they don't know what hardware wallet is, they are quite clearly small electronic devices and could be worth something. Maybe they'll think a Trezor is some kind of smart watch. Maybe they'll think a Ledger is some kind of USB power bank. Maybe they'll think an OpenDime is a USB drive, or a ColdCard is some kind of smart device remote. It doesn't matter. They are small, easy to steal, and might be worth something, so they'll get stolen.

And if we are considering a targeted attack rather than an opportunistic one, then as PN7 says above then obviously they will take anything at all which could store a bitcoin wallet.

Not that much. I remember though that I've seen so much junk I was wondering why they bother moving it there/putting it on sale. I don't understand that market so maybe you're right.
Maybe I'll go and try to sell there some stuff, starting with my Nokia 6110


That is indeed a good point I didn't consider. I was considering that he will be too busy/loaded with TV, laptop and such, hence won't bother for an old phone.


Maybe. On the other hand, why get all electronics which is more difficult to hide and sell, than just everything that's related to crypto which may fit easily into one pocket?

---
However, I don't understand thieves and you guys do have good points and I may be very well be wrong.
All in all, I'm happy that I've shared this little experiment. I've got quite a lot of interesting input.

Once a thief finds a phone, it takes 5 seconds to pick it up. An old phone is small enough that a thief would not have to give up taking something else if they take the phone, so there wouldn't be any reason not to take it (other than the obvious part about doing so being illegal).

If a thief targets someone because of their known involvement in bitcoin, they would likely (IMO) be targeting any and all electronic devices that could potentially store private keys.

The reason why the QR codes doesn't work across different wallet is because Electrum encodes the PSBTs in Base34. If you need to sign them, then encode them back into the original format.

I don't really recommend old phones as cold storage because it is quite well known that most wallet developers don't really care about mobile wallets. Some of them are littered with bugs and vulnerabilities. I'd very much rather just get a dedicated device (ie. RPi or an old laptop) if you want an air-gapped non-HW wallet. IIRC, I was able to extract the MPK out of a rooted phone quite sometime ago. Not sure if it has been patched yet.

This is probably true, but some people are probably holding all their valuable treasure including hardware wallets or more important seed words in same place, maybe a safe or security box.
I would NEVER suggest anyone to do this, and it's much better to keep hardware wallet hidden in obvious places, some people even use empty candy boxes, etc.
Same goes for paper or metal seed phrase backup, NEVER keep them in a same place with your paper money, gold or jewerly.
You would be surprised how many people are doing this.

Have you ever been to a flea market in your local area?  
It's sometimes fun to do that and it makes you wonder how they are constantly receiving all kinds of junk including old smartphones, maybe seller makes a shot ''business trip'' trip in other western countries.
Nothing is ignored and for every merchandise you can find a buyer.

1. A thief may very well ignore a 10 years old smartphone.
2. I'd expect to be more likely for a thief to come because one was bragging about bitcoin. And then the thief will be looking for hardware wallets and will know how they look like.


No. It was a test, I've been using testnet coins, no need for more safety measures there.
For the real deal reset to factory may help, although I don't know how much, since it will have no SIM card, no WiFi, no Bluetooth, no NFC started. All the transfer will happen through images.

This might sound stupid, but I just thought I mention it.

Imagine you are a thief and you break into someone's house.... What is the first thing you are looking for.... ?

1. Money
2. Notebooks / Tablets
3. Mobile phones
4. Weapons 

I think you get what I am pointing to.... A thief will more likely take a phone, than target a hardware wallet. So, it would ..in my opinion.. be better to use a hardware wallet, because not a lot of thieves know about hardware wallets.

Did you "Factory default" the Android device, before you used it for Cold storage?

There are certainly some airlines which have allowed phones to be used for several years now. Probably the age of the aircraft is relevant as well. But certainly in the future I'm sure flight mode will become a thing of the past.

I suppose the solution to all of this would be to have a modular phone, in which it is easy to open up the phone and remove the antenna module, the Wi-Fi module, etc. Such phones already exist, although they are not commonplace, but if you don't already own one then buying one specifically for this kind of defeats the purpose, since you could spend less money on a more secure hardware wallet.

All things considered, any device with connectivity hardware, even if turned off, uninstalled, disabled, in flight mode, etc., is not truly airgapped. While this will be safer than a standard hot wallet or mobile wallet, I wouldn't trust flight mode to secure large amounts of coins.

Airplane mode is designed for people who are flying in an airplane (hence the name). There are certain FAA(?) regulations that dictate the types of devices that can be used, and the strength of their signals.

Most (all?) airlines offer very expensive WiFi services for their passengers. Some airlines have also opted to stop installing TVs in the front of each seat and instead offer the same content via their smartphone app that can be accessed via a free version of the WiFi service the airline offers. So you will watch the same movie on your smartphone instead of a TV installed in the headrest of the seat in front of you.

So I am sure that this is not a display issue, and it is the intended behavior. I think "airplane mode" really means that the cellular antenna is turned off.

---

Another issue is that default settings for some phones allow for someone to turn on (or off) cellular, WiFi, and Bluetooth without unlocking the phone. There may be ways to disallow this, but there is always the risk that someone will find a way around any modified settings.

With regards to the iPhone specifically, Apple is very good with the security of their devices, however, security vulnerabilities are occasionally found. When there are security vulnerabilities found in their devices, Apple is able to patch these vulnerabilities. However someone using an old phone as cold storage would never receive any of these updates, so an attack may potentially use a vulnerability that was found (and patched) a long time ago.

Actually from my experience, Airplane mode does disable at least cell and WiFi (I just don't know about the rest). But, with airplane mode on, you can afterwards re-enable at least the WiFi. I don't know if anything else.
And the reason is... explained in suchmoon's post 

There is on-board WiFi on some planes and of course you want the airpods to keep working too.

Airplane mode has very little to do with interference (often cited official reason). It's more about old cell towers getting confused with all those flying phones... not sure if that's even relevant these days but we're still taking shoes off so there's that.

But how is that possible? How is that airplane mode in that case?
If the whole idea behind airplane mode is to ensure that all connections to and from the device are disabled, how can you have WIFI and Bluetooth enabled? Maybe iOS just displays them as being still turned on in the system, but in reality they aren't, and all networks and antennas are disabled.

It would be like saying these pair of shoes are waterproof unless you step in a puddle of water. In that case your feet will get wet.