Possible hardware backdoors - page 2.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18748

Quote from: BlackHatCoiner on July 13, 2023, 11:12:55 AM

What's after that, really? Backdoor for altering the k value in Bitcoin transactions?

It is endless. So you generate your seed phrase using coin flips. Do you manually verify your seed phrase generates the master private key your wallet returns? Do you manually verify every individual private key? Do you manually verify each k value is generated using RFC 6979?

Quote from: Flexystar on July 13, 2023, 11:04:42 PM

-snip-

It's fairly well known that such companies are constantly spying on you. Google have already been sued for gathering location data from people who had turned off location sharing. All Alexa type devices record everything that is said in their vicinity and transfer it to central servers for analysis and storage. Google, Amazon, Meta, Microsoft, Apple, they are all doing the same stuff. If you are serious about privacy, then you need to avoid them all.

jtx71

jr. member

Activity: 43

Merit: 5

Quote from: NotFuzzyWarm on July 13, 2023, 11:51:45 PM

You really wan to go down this rabbit hole, checkout just what Intel's Management Engine (ME) and AMD's version of it do https://en.wikipedia.org/wiki/Intel_Management_Engine
It's access to system functions is so pervasive that the NSA required an 'off switch' to disable most of its functions for secure hardware... https://web.archive.org/web/20201201175708/http://blog.ptsecurity.com/2017/08/disabling-intel-me.html?m=1

That's what I was referring to. If that exists (and it seems so), no matter the knowledge you have, or the OS or the encryption you use. They can know what you're doing.

Right now there are devices specifically made for Linux users, focused on privacy. They can be a good option as long as they don't use hardware made by big corporations to make their machines. It would be nice if someone can say that these devices are made using not only free open source software, but open source hardware.

NotFuzzyWarm

legendary

Activity: 3822

Merit: 2703

Evil beware: We have waffles!

You really wan to go down this rabbit hole, checkout just what Intel's Management Engine (ME) and AMD's version of it do https://en.wikipedia.org/wiki/Intel_Management_Engine
It's access to system functions is so pervasive that the NSA required an 'off switch' to disable most of its functions so they can make secure hardware based on non-custom CPU's... https://web.archive.org/web/20201201175708/http://blog.ptsecurity.com/2017/08/disabling-intel-me.html?m=1

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: Flexystar on July 13, 2023, 11:04:42 PM

I could be really off the main topic but does it mean everything Google or Apple like companies do is associated with such type of backdoors? I saw a court filing where CEO of Google was being questioned about the privacy of users. Though I convinced myself that Google is truthful with their users since they ask for the "Consents"from the user and then go for the tracking location, fetching the data, uploading photos and files etc etc. Now recently I have read that Alex from the Amazon is able to make purchases for you from the voice commands. You can ask it to add the items from amazont o your cart and also make the checkout with predefined payment system or balances on the wallet.

It has been studied that all type of devices including our phone, alexa like devices are able to activate the mics now and then to hear what we are saying and tailor the advertisements that way.

Isn't this is already a back door access to the hardware and to our privacy? If we consider this then whatever is being mentioned in the OP can easily happen?

I am just trying to correlate things here.

They aren't backdoor in the sense that they've always existed and the capabilities are always there. It's just a matter of if they want to, they can. The backdoor that we're referring to would be more of the covert ones that are inserted by the manufacturer to compromise the security/privacy which exists more on the hardware rather than the software level.

And yes, to answer your question, it isn't that difficult nor rare.

Flexystar

full member

Activity: 1092

Merit: 227

Quote from: ranochigo on July 11, 2023, 10:35:24 PM

Totally possible. In fact, NSA has routinely inserted backdoors into computers and various devices to conduct mass surveillance. As such, it would be very much possible that there is some form of backdoor in devices that you interact with on a daily basis. I think the crux of the issue is whether your Bitcoins would be stolen or your privacy would be compromised in this case.
[...]

I could be really off the main topic but does it mean everything Google or Apple like companies do is associated with such type of backdoors? I saw a court filing where CEO of Google was being questioned about the privacy of users. Though I convinced myself that Google is truthful with their users since they ask for the "Consents"from the user and then go for the tracking location, fetching the data, uploading photos and files etc etc. Now recently I have read that Alex from the Amazon is able to make purchases for you from the voice commands. You can ask it to add the items from amazont o your cart and also make the checkout with predefined payment system or balances on the wallet.

It has been studied that all type of devices including our phone, alexa like devices are able to activate the mics now and then to hear what we are saying and tailor the advertisements that way.

Isn't this is already a back door access to the hardware and to our privacy? If we consider this then whatever is being mentioned in the OP can easily happen?

I am just trying to correlate things here.

m2017

legendary

Activity: 1792

Merit: 1296

Crypto Casino and Sportsbook

Quote from: jtx71 on July 11, 2023, 02:25:54 PM

Hi all!

I've recently seen a video where a hacker holds a conversation about possible hardware backdoors in some pcs and other devices, mainly in the processor but also in more parts. Those backdoors would come with an OS preinstalled that could spy you.

If you are afraid of this, then how about taking your / friend / relative's old PC / laptop to generate a wallet and then use it? It is unlikely that hardware backdoors will be possible on older devices. The problem with the pre-installed OS on these devices is solved simply by reinstalling on a Linux distribution of your choice (You voice Tails OS).

That is, this way you will surely be safe by not buying new devices, in which backdoors can be pre-installed by manufacturers in the OS and hardware parts, such as the processor. Also, save on expensive purchases.

Quote from: jtx71 on July 11, 2023, 02:25:54 PM

My question is: if that is the case, how secure would be a wallet that you generate in those devices?

For sure it will not be safe to create a wallet on a device with backdoors.

Quote from: jtx71 on July 11, 2023, 02:25:54 PM

Would an electrum wallet that you generate with Tails OS and completely offline be safe?

thx!

Perhaps yes, but with a preliminary verification of the Tails OS signature:

https://tails.boum.org/install/linux/index.ru.html#verify

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

If you don't feel confident with using a specific hardware device, consider setting up a multi-sig wallet, as that would mitigate the risk.

Quote from: o_e_l_e_o on July 12, 2023, 04:18:39 AM

If you don't trust the entropy being generated, then use a combination of von Neumann's coin flips, the SHA256 function on Tails, and the BIP39 word list to generate your own entropy and seed phrase manually.

What's after that, really? Backdoor for altering the k value in Bitcoin transactions? It's trivial to verify that the entropy from coin flips creates a certain seed phrase, but it's really hard to do that for every single transaction made by the specific wallet. (Just because there is no standard application for that matter, so you'll have to do it manually, which is difficult)

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: digaran on July 12, 2023, 05:35:22 AM

Such backdoors exist in firmware, not necessarily in hardware, though there is only rumors, that's because these backdoors are being used for big targets like using them to spy on nations military bases, and sensitive locations where secrets exist, they would never use it on populations at random.

Hardware is in fact a big target for backdoors because a vulnerability in hardware cannot be patched without manufacturing a new version. That's how Meltdown (and to some extent Spectre) proliferated. It's just that hardware is a lot harder to bug if you're a bad actor in the supply chain, than firmware, which is pretty hard to notice unless signed firmware images are utilized.

satscraper

hero member

Activity: 714

Merit: 1298

Quote from: o_e_l_e_o on July 12, 2023, 08:52:15 AM

Quote from: satscraper on July 12, 2023, 07:12:57 AM

Nevertheless, in my interaction with Bitcoin I rely on Passport 2, so, hardware backdoor is not realistic attack vector against me.

How could you tell if there was indeed some backdoor on the hardware in your device?

Noway.

BTW, I have raised the similar concern in one of my topics.

As to Passport 2 . I rely on its openness regarding both hardware (that assembled from components available virtually at every corner ) and software. Nevertheless, I have asked them to share "the p-values (relevant to Passport's TRNG) for each test from NIST suite" to evaluate the degree of randomness produced by their device.

Cricktor

hero member

Activity: 714

Merit: 1010

Crypto Swap Exchange

Quote from: Charles-Tim on July 12, 2023, 02:13:52 AM

It would be safe if it remains airgapped. I do not know if it would be completely safe if you are using USB stick to transfer signed transactions, but It is safe if you are using QR code for that. No information leaves the airgapped device than the signed transaction. Airgapped device means that no internet connection and no other means of interaction that can make the spyware to work out. There has been no wallet that is safer like airgapped devices.

Airgapped and sole communications via QR codes doesn't prevent possibility of leaking of information as has been discussed in this thread: Hardware wallets can steal your seed!

Not everybody buys this attack vector, but to me it is a valid and possible attack vector nonetheless. It is particularly interesting because it would work even airgapped!

The Nonce Covert Channel Attack isn't too exotic and surely a problem with software and hardware wallets that are opaque blackbox closed-source pieces of crap. This attack would make it possible to slowly leak pieces of your seed and bury them in signatures in transactions recorded in the blockchain from such a malicious wallet and you wouldn't even notice it until it is too late. The signing cold wallet could perfectly be offline and airgapped, it would still be able to leak all necesarry data within a certain number of transactions. It might take a while but the attacker has time and can wait. He can put some recognition pattern in the nonce to find his "rigged" transactions. If you're covert enough, likely no one would notice or have you ever checked the randomness of nonces for signatures?

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: Charles-Tim on July 12, 2023, 02:13:52 AM

Airgapped device means that no internet connection and no other means of interaction that can make the spyware to work out. There has been no wallet that is safer like airgapped devices.

The airgapped device may be safe, but how about the wallet you are using to make transactions. You will need a watch-only wallet for broadcasting any transaction signed on on the airgapped device. If the device that you have the airgapped device is having the spyware, that still only means that you will be affected. The airgapped device is not affect, but the watch-only wallet is affected.

That is why it is good to use open source operating system like Linux.

Not necessarily. Most of the airgapped devices are not sufficiently hardened against sidechannel attack vectors, so in technically, they are definitely not the safest form of cold storage. ColdCard, which I have been using now can offer both and generally hardware wallets are sufficiently safe and fool-proof.

Any software/hardware can suffer from having insufficient entropy and thus there are more steps and precautions (validations, sanitization, etc) to take than to just run your wallet on an airgapped device.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18748

Quote from: satscraper on July 12, 2023, 07:12:57 AM

Nevertheless, in my interaction with Bitcoin I rely on Passport 2, so, hardware backdoor is not realistic attack vector against me.

Why not? How could you tell if there was indeed some backdoor on the hardware in your device?

Don't get me wrong - as I said above, I think such attacks are incredibly unlikely and even someone as paranoid as me does not flip coins for every new seed phrase (although I do have some manually generated seed phrases). But if we are talking about hardware backdoors then influencing your entropy is a better backdoor than stealing your private keys or changing your clipboard. It is significantly harder to detect and works regardless of whether the device is airgapped or not.

satscraper

hero member

Activity: 714

Merit: 1298

Quote from: o_e_l_e_o on July 12, 2023, 06:18:55 AM

Quote from: satscraper on July 12, 2023, 05:14:05 AM

Yeah, it would be safe being installed on airgapped machine.

If you are think that hardware backdoors are a realistic attack vector against you, then airgapping is not enough as you also need to be concerned about the malicious hardware returning compromised random numbers or entropy and therefore generating weak seed phrases and private keys. It's incredibly unlikely, yes, but if this is in your threat model then you will need to generate your entropy and seed phrase using another method, which is why I mentioned coin flips above.

Agreed, but it would be highly specific backdoor focused on narrow community for which a true randomness really matters. I think, it is highly unlikely to found such backdoor in computer components from global manufactures oriented on mass production.

Nevertheless, in my interaction with Bitcoin I rely on Passport 2, so, hardware backdoor is not realistic attack vector against me.

Cricktor

hero member

Activity: 714

Merit: 1010

Crypto Swap Exchange

Quote from: digaran on July 12, 2023, 05:35:22 AM

Windows xp is one of the safest operating systems to use in order to avoid getting backdoored!

I hope for your mind's sanity that this is only a joke and frankly it isn't even a good one. Just don't use an OS that was widely used in terms of user percentage AND doesn't receive any fixes anymore, where EOL applies. You can use it offline of course but why would you bother to use M$ Windows crap for that. (Not interested in OS flame wars...)

For crypto I recommend a Linux base as there's less malware attraction to those, compared to M$ Windows. If you like golden caves you can "punish" yourself and your fiat wallet with Apple's ecosystem. Just my opinion, don't take it too seriously, I'm just no Apple fanboy. If you like it, that's your decission, I'm not here to judge.

Quote from: DaveF on July 12, 2023, 04:48:53 AM

...

Well said, I'm with you. No need to fuel paranoia. Problem is only that IT noobs have no clue. For them it's better there's no wireless card in their device that could accidently be turned on.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18748

Quote from: satscraper on July 12, 2023, 05:14:05 AM

Yeah, it would be safe being installed on airgapped machine.

If you are think that hardware backdoors are a realistic attack vector against you, then airgapping is not enough as you also need to be concerned about the malicious hardware returning compromised random numbers or entropy and therefore generating weak seed phrases and private keys. It's incredibly unlikely, yes, but if this is in your threat model then you will need to generate your entropy and seed phrase using another method, which is why I mentioned coin flips above.

digaran

copper member

Activity: 1330

Merit: 899

🖤😏

Such backdoors exist in firmware, not necessarily in hardware, though there is only rumors, that's because these backdoors are being used for big targets like using them to spy on nations military bases, and sensitive locations where secrets exist, they would never use it on populations at random.

Windows xp is one of the safest operating systems to use in order to avoid getting backdoored!😅

satscraper

hero member

Activity: 714

Merit: 1298

Quote from: jtx71 on July 11, 2023, 02:25:54 PM

I've recently seen a video where a hacker holds a conversation about possible hardware backdoors in some pcs and other devices, mainly in the processor but also in more parts. Those backdoors would come with an OS preinstalled that could spy you.

Yeah, and the irony of the situation is that one can get such hardware backdoors right off the shelf. One of the latest case is the sell of millions of GigaByte products with backdoor in firmware.

Quote from: jtx71 on July 11, 2023, 02:25:54 PM

My question is: if that is the case, how secure would be a wallet that you generate in those devices?

Not secure at all. Potential treats of such backdoor: hijacking of clipboard content, keystrokes catching by keyloggers installed against your will, theft of wallet file, to name only a few.

Quote from: jtx71 on July 11, 2023, 02:25:54 PM

Would an electrum wallet that you generate with Tails OS and completely offline be safe?

Yeah, it would be safe being installed on airgapped machine.

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

Not something worth worrying about. If your machine is disconnected from the Internet, that's all you need to know. Network cable unplugged and Wi-Fi password not entered.

That's all you really have to worry about. Yes, in theory it could do something that would have a way to store an old Wi-Fi password that you entered into something else so this mystery device could then connect to the Internet and do something. The odds of that really happening on your average home desktop computer or somewhere between slim and none.

Nobody wants to admit it, but I keep telling people the same thing, I could hand you a totally compromised virus infected PC. And I could hand you a totally clean secure PC. The biggest vulnerability on both of them it's still you. Not all the vulnerabilities on the infected machine.

-Dave

o_e_l_e_o

legendary

Activity: 2268

Merit: 18748

Quote from: jtx71 on July 11, 2023, 02:25:54 PM

Would an electrum wallet that you generate with Tails OS and completely offline be safe?

No wallet or security set up in the world is 100% immune to attacks, but this is about the safest as you can get. You need to ensure that "completely offline" means a dedicated and permanently airgapped device. It should be airgapped at that hardware level, with cards/modules for WiFi, Bluetooth, etc., physically removed from the device. Also make sure you verify Tails before you use it. You can also pull the hard drive entirely and just run from a live CD or USB.

If you don't trust the entropy being generated, then use a combination of von Neumann's coin flips, the SHA256 function on Tails, and the BIP39 word list to generate your own entropy and seed phrase manually.

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Leading Crypto Sports Betting & Casino Platform

Quote from: jtx71 on July 11, 2023, 02:25:54 PM

Would an electrum wallet that you generate with Tails OS and completely offline be safe?

It would be safe if it remains airgapped. I do not know if it would be completely safe if you are using USB stick to transfer signed transactions, but It is safe if you are using QR code for that. No information leaves the airgapped device than the signed transaction. Airgapped device means that no internet connection and no other means of interaction that can make the spyware to work out. There has been no wallet that is safer like airgapped devices.

The airgapped device may be safe, but how about the wallet you are using to make transactions. You will need a watch-only wallet for broadcasting any transaction signed on on the airgapped device. If the device that you have the airgapped device is having the spyware, that still only means that you will be affected. The airgapped device is not affect, but the watch-only wallet is affected.

That is why it is good to use open source operating system like Linux.

Topic: Possible hardware backdoors - page 2. (Read 626 times)