The official BitcoinPaperWallet.com thread -- updates and news. - page 10.

yellowcoin

newbie

Activity: 43

Merit: 0

Been lurking around and found this post. It's a good idea but there is 2 big issues.

1) What is preventing me from taking a stripe of paper with some expose tape in the end, slip it in the flap and pulling out the folded part? The security tape can be finger held down by the opening to prevent it from tearing. I just tried it on a test paper and it worked as the whole flap came out.

You can solve this by getting something like double sided security tape for the 2nd fold but then it'll add to the cost.

2) The worse enemy of all stickers ... good old heat gun / blow dryer

The adhesive will just peel off if you work at it long enough. Unless there is some heat sensitive ones I am not aware of. Even so that will add to the cost.

Low tech solution to a high tech problem Grin

Donate too if you feel this feedback is worth it:
15kFAbgWsSM28N7x5ZbWAehABkGnp9dPPT

StarfishPrime

sr. member

Activity: 358

Merit: 250

Quote from: canton on April 17, 2013, 12:12:17 AM

Quote from: niko on April 16, 2013, 10:15:40 PM

Not that it matters, but it seems that bounty has been claimed three days after wallet was mailed out, and five days before it arrived into my mailbox... Huh

OI! Matters quite a bit. I'm trying to figure out WTF might have happened. I messaged you privately with details. As for the bounty even though it's no longer on the wallet I'd still pay up of course.

Good luck!

When you do find out how the keys were compromised please let us know so similar risks can be avoided.

canton

sr. member

Activity: 261

Merit: 285

Quote from: jubalix on April 17, 2013, 12:19:58 AM

bright light and good software = I can get all your numbers, they just shine on through

Exactly what niko suspected. If you poke through this thread you'll see that he and I have a friendly wager to see if the wallet can be "candled" without tampering with the tape. I hope he finds some weaknesses I can improve on! (I'm confident that there's *some* way to make a secure folding wallet, even if I didn't get it right this time.)

aantonop

full member

Activity: 196

Merit: 116

Entrepreneur, coder, hacker, pundit, humanist.

Quote from: WiW on April 07, 2013, 04:12:36 PM

I've also made some nifty paper wallets (though not as well designed as yours), but here's my problem with making well designed paper wallets:
If you're making it for yourself, what do you care about design/tamper-proof/etc?
If you're making it for others, why would they trust you that you didn't print another copy of the private key at home?

This is exactly the problem we are solving over at Open Paper Wallet.

We've designed wallets that follow a standard template, with lots of different designs. The graphics are pre-printed on high quality paper and shipped with security features.

However, the keys are self-printed at home

That way you get the best of both.

We're a couple of weeks from the first 5000 sheet production print run. See the project here:

https://bitcointalk.org/index.php?topic=155847.0;all

jubalix

legendary

Activity: 2632

Merit: 1023

bright light and good software = I can get all your numbers, they just shine on through

Quote from: canton on April 07, 2013, 03:41:13 PM

I had lots of fun this weekend working on my own design for a two-sided tri-fold tamper-resistant paper Bitcoin wallet. Thanks for any and ALL criticism / comments -- whether it's about the look & feel, functionality, security features, etc. See:

http://youtu.be/V4H1VE3EAtI

This video is also a treasure hunt in which I happily invite you to “steal” 0.1 BTC . Finders keepers, so race on!

Design features:

Private key is hidden behind folds, so your wallet content is still safe if left out in the open or photographed.
Tamper-proof tape indicates when you (or someone else!) has revealed the private key.
Folding design obfuscates private keys so they’re hidden even when holding wallet up to a bright light.
Reverse side has basic wallet operation instructions and a register for writing down deposits / balance.
Private and public keys are replicated (and rotated) in triplicate to maximize chances of recovering keys if paper is damaged / crumpled.

When I’ve got enough feedback and a final design, I’ll publish a web page that will generate these wallets with just a couple of clicks. (No photoshop required, as the foundation will be based on the excellent wallet generator at bitaddress.org which as you probably already know uses a secure javascript page you can run even while offline.)

If you'd like to print out a sample for yourself, see PDF links here: http://cantonbecker.com/projects/2013/bitcoin-paper-wallet-design-video/.

canton

sr. member

Activity: 261

Merit: 285

Quote from: niko on April 16, 2013, 10:15:40 PM

Not that it matters, but it seems that bounty has been claimed three days after wallet was mailed out, and five days before it arrived into my mailbox... Huh

OI! Matters quite a bit. I'm trying to figure out WTF might have happened. I messaged you privately with details. As for the bounty even though it's no longer on the wallet I'd still pay up of course.

Good luck!

Malawi

full member

Activity: 224

Merit: 100

One bitcoin to rule them all!

Very nice project. It will be interesting to hear about the outcome.

BTW: One thing to try is a halogen worklight.

niko

hero member

Activity: 756

Merit: 501

There is more to Bitcoin than bitcoins.

It's in my hands! First attempts at non-destructive readout will follow soon, as allowed by my newborn's sleep schedule...

Not that it matters, but it seems that bounty has been claimed three days after wallet was mailed out, and five days before it arrived into my mailbox... Huh

https://blockchain.info/address/1LMKzdqhQ4LhHy5GGhT8BcG3HHpBTqAqbt

StarfishPrime

sr. member

Activity: 358

Merit: 250

Quote from: canton on April 09, 2013, 10:59:28 AM

Quote from: StarfishPrime on April 09, 2013, 09:48:59 AM

One comment about printing: It is very easy to imagine trojan/spyware that would 'listen' for specific types of printing (i.e. from certain apps/scripts) and capture/send the output somewhere.

...
Insanely paranoid: Don't use a printer. Use a photo-sensitive ink and expose it by pressing it against your screen to burn in the QR code that's been generated by your totally offline javascript.

Here's some waterproof/tearproof mil-spec laser-printable material:

http://rippedsheets.com/laser/reemay.html#100721-1

Outrageously Insanely paranoid: Also available in Olive Drab / Desert Sand colors in case you find yourself running through a Red-Dawn style post-apocalyptic landscape clutching your paper wallet. Be sure to print in both colors, as a precaution Grin

StarfishPrime

sr. member

Activity: 358

Merit: 250

Quote from: canton on April 09, 2013, 10:59:28 AM

Quote from: StarfishPrime on April 09, 2013, 09:48:59 AM

One comment about printing: It is very easy to imagine trojan/spyware that would 'listen' for specific types of printing (i.e. from certain apps/scripts) and capture/send the output somewhere.

A few people have brought this up, and I don't think it's a tinfoil hat issue. Stuxnet spread far and wide to infiltrate the control software for fairly dumb uranium enrichment equipment behind Iran's military firewalls, so it's conceivably easier to write a virus that reprograms printers so that they transmit any printed QR codes to the mothership.

My intent with this wallet printing service is to give users clear tutorials on what steps to take depending on their level of paranoia (or based on the value of the wallets they intend to produce.) So what are some reasonable steps a fairly paranoid user should take when printing? For example:

Less paranoid: Connect directly via USB, turn off your internet connection when printing wallets, and cycle power on printer before going back online.

Most paranoid: Dedicate a printer to printing wallets exclusively, never let it go online, connect it directly via USB to your computer, factory-reset your printer from time to time.

Insanely paranoid: Don't use a printer. Use a photo-sensitive ink and expose it by pressing it against your screen to burn in the QR code that's been generated by your totally offline javascript.

Yeah, I don't imagine that those are real threats at this time (at least not yet) but anyone with a security background will appreciate we should all be aware of potential vulnerabilites.

One printing idea for durability is to use laser-printable waterproof, white polyester sheets. Not sure where they can be purchased now but have used them for other projects. Pretty much tear-proof with a paper-like feel and color laser-printable.

Thanks for your work on this project - it will be very useful for many.

sebastian

full member

Activity: 129

Merit: 119

Another security idea is to use a printer which support on-site Printing, eg you put a Picture or PDF on a USB or SD card, and then you print with the printer "stand alone".

Many printers today have the capatibility to print files from a USB or SD card.

Since the computer cannot know which off-line stand-alone printer you use, the risk of getting a "fake firmware update" is negligible. Many printers also have a sequence that needs to be triggered Before it will accept a firmware upload via USB/SD, so its completely secure. For example Power on the printer with the firmware update USB/SD inserted. So never turn on the printer with a SD or USB inserted to be on the safe side.

For a leak to sucessfully travel from your printer to internet, the printer would have to "infect" the usb with a autorun software containing the private key AND a "payload" that transmits the private key home. And for such infection to exist in the printer, it would have to travel from computer to printer via USB/SD, and for that to happen, the printer must be able to receive software updates arbitary via USB and the computer needs to know the exact model of your printer.

TiagoTiago

hero member

Activity: 616

Merit: 500

Firstbits.com/1fg4i :)

And depending on the model of printer used, i guess it might be possible to perform a sort of audio variation of TEMPEST style attacks... ¬.¬

canton

sr. member

Activity: 261

Merit: 285

Quote from: StarfishPrime on April 09, 2013, 09:48:59 AM

One comment about printing: It is very easy to imagine trojan/spyware that would 'listen' for specific types of printing (i.e. from certain apps/scripts) and capture/send the output somewhere.

A few people have brought this up, and I don't think it's a tinfoil hat issue. Stuxnet spread far and wide to infiltrate the control software for fairly dumb uranium enrichment equipment behind Iran's military firewalls, so it's conceivably easier to write a virus that reprograms printers so that they transmit any printed QR codes to the mothership.

My intent with this wallet printing service is to give users clear tutorials on what steps to take depending on their level of paranoia (or based on the value of the wallets they intend to produce.) So what are some reasonable steps a fairly paranoid user should take when printing? For example:

Less paranoid: Connect directly via USB, turn off your internet connection when printing wallets, and cycle power on printer before going back online.

Most paranoid: Dedicate a printer to printing wallets exclusively, never let it go online, connect it directly via USB to your computer, factory-reset your printer from time to time.

Insanely paranoid: Don't use a printer. Use a photo-sensitive ink and expose it by pressing it against your screen to burn in the QR code that's been generated by your totally offline javascript.

canton

sr. member

Activity: 261

Merit: 285

Quote from: niko on April 08, 2013, 11:32:53 PM

On the related (wording) note - the exposed qr code is the public address, not public key. To avoid confusion down the line, it is wise to be strict about this distinction.

Oops! Thanks. How's this for edits on the front & back?

canton

sr. member

Activity: 261

Merit: 285

Quote from: Rodyland on April 08, 2013, 04:06:39 PM

The instructions on the back talk about sending part of the balance. Doing this presents a very real chance of losing coins. The user must explicitly send the tx change back to the note's address (theone on the front) . Otherwise the change is lost to an unknown public key.

Good point. Is this an improvement?

Ultimately, I'm thinking that the wallet printing page might have some options for what appears on the back, e.g.
Language: [select language]

Style:
[]blank
[]simple deposit register
[]deposit register plus instructions my grandma can understand
[]happy birthday

franky1

legendary

Activity: 4410

Merit: 4766

Quote from: StarfishPrime on April 09, 2013, 09:48:59 AM

Great project.

One comment about printing: It is very easy to imagine trojan/spyware that would 'listen' for specific types of printing (i.e. from certain apps/scripts) and capture/send the output somewhere. Probably not easy to detect if disguised as a printer driver library for example. Also, many newer printers are wi-fi connected and a printer-resident trojan is not an impossibility either, although it's unclear if this has been exploited (yet).

Just a thought.

to feed your paranoia.
QR codes are not made by someone with a pen doing dot to dot. in 99% of cases people use googles QR code generator or blockchain.info, or an app designed by a third party to grab the QR Code image to then print out. whats stopping those third parties from keeping logs of every string of code it receives to convert into a QR Code image.....

StarfishPrime

sr. member

Activity: 358

Merit: 250

Great project.

One comment about printing: It is very easy to imagine trojan/spyware that would 'listen' for specific types of printing (i.e. from certain apps/scripts) and capture/send the output somewhere. Probably not easy to detect if disguised as a printer driver library for example. Also, many newer printers are wi-fi connected and a printer-resident trojan is not an impossibility either, although it's unclear if this has been exploited (yet).

Just a thought.

Luckybit

hero member

Activity: 714

Merit: 510

Quote from: niko on April 09, 2013, 02:18:02 AM

Quote from: Luckybit on April 08, 2013, 11:43:22 PM

Okay here is a flaw in your design. You trust your printer to print your keys and not report back to mallory.

Can you point to any documented examples of similar exploits? I am thinking about home inkjet or laser printers, not the enterprise copier/printer/fax/scanner networked machines.

Speaking of home printing, everyone should know that many home printers include steganographic serial number in the printout, but that is irrelevant for the tamper-proofness of he design.

Do I win a prize in BTC if I can? I know plenty of not so well known exploits and not just with printers.

niko

hero member

Activity: 756

Merit: 501

There is more to Bitcoin than bitcoins.

Quote from: Luckybit on April 08, 2013, 11:43:22 PM

Okay here is a flaw in your design. You trust your printer to print your keys and not report back to mallory.

Can you point to any documented examples of similar exploits? I am thinking about home inkjet or laser printers, not the enterprise copier/printer/fax/scanner networked machines.

Speaking of home printing, everyone should know that many home printers include steganographic serial number in the printout, but that is irrelevant for the tamper-proofness of he design.

Luckybit

hero member

Activity: 714

Merit: 510

Quote from: canton on April 07, 2013, 03:41:13 PM

I had lots of fun this weekend working on my own design for a two-sided tri-fold tamper-resistant paper Bitcoin wallet. Thanks for any and ALL criticism / comments -- whether it's about the look & feel, functionality, security features, etc. See:

http://youtu.be/V4H1VE3EAtI

This video is also a treasure hunt in which I happily invite you to “steal” 0.1 BTC . Finders keepers, so race on!

Design features:

Private key is hidden behind folds, so your wallet content is still safe if left out in the open or photographed.
Tamper-proof tape indicates when you (or someone else!) has revealed the private key.
Folding design obfuscates private keys so they’re hidden even when holding wallet up to a bright light.
Reverse side has basic wallet operation instructions and a register for writing down deposits / balance.
Private and public keys are replicated (and rotated) in triplicate to maximize chances of recovering keys if paper is damaged / crumpled.

When I’ve got enough feedback and a final design, I’ll publish a web page that will generate these wallets with just a couple of clicks. (No photoshop required, as the foundation will be based on the excellent wallet generator at bitaddress.org which as you probably already know uses a secure javascript page you can run even while offline.)

If you'd like to print out a sample for yourself, see PDF links here: http://cantonbecker.com/projects/2013/bitcoin-paper-wallet-design-video/.

Okay here is a flaw in your design. You trust your printer to print your keys and not report back to mallory.

Topic: The official BitcoinPaperWallet.com thread -- updates and news. - page 10. (Read 55957 times)