Pages:
Author

Topic: The safety of using USB sticks to transfer data from an offline machine (Read 1649 times)

hero member
Activity: 900
Merit: 1014
advocate of a cryptographic attack on the globe
In what way does a write-protected USB stick prevent malware from spreading between the online and offline machines?
I was imaging an offline machine with a cold wallet and a client that doesn't need to be online to produce transactions from the cold wallet (not the best way to do it...) but at least if the online machine only has a write-protected USB key inserted (that is assuming it is hardware write protect which it probably can't be) it could reduce the attack surface somewhat.
full member
Activity: 128
Merit: 107
SD cards often have "write protection" clips but they are not really safe: http://superuser.com/questions/354473/is-the-lock-mechanism-on-an-sd-card-hardware-firmware-or-software-driver-os

A computer with a read only cd drive would be great.
edit: Also it should not have wifi integrated.


How about this:
Boot from LiveCD on a computer with hard drive removed
put in usb stick with unsigned tx, copy to ramdisk and remove stick
(remove cd if on a system which can write to disk)
only then enter privkey / seed
create signature
transfer signature by hand / qr code
put together tx and signature on online system and broadcast


If you go through all that you might also consider to store half the key / seed in a bank locker.
legendary
Activity: 1400
Merit: 1013
I am thinking of not putting a filesystem at all on the medium and moving everything with dd, raw blocks in, raw blocks out, then piping all data to sha256sum check first on the online machine(yes there will  probably be buffer overflows), for transaction data, I will be even careful by read and check 64 -128 bytes a time to prevent buffer overflows.
That would probably be fine, as long as your medium isn't a USB drive.

Basically any data transfer medium that has circuitry embedded in it certainly isn't safe. Purely passive mediums like CDRs might be safe.
hero member
Activity: 784
Merit: 1000
And how do you move the Armory installation itself to the offline machine?
Burn it to a CD.

There's probably a lower chance of malicious data on a burned CD having the ability to execute a hardware-level compromise. Probably.

I am thinking of not putting a filesystem at all on the medium and moving everything with dd, raw blocks in, raw blocks out, then piping all data to sha256sum check first on the online machine(yes there will  probably be buffer overflows), for transaction data, I will be even more careful by read and check 64 -128 bytes a time to prevent buffer overflows.
legendary
Activity: 1400
Merit: 1013
And how do you move the Armory installation itself to the offline machine?
Burn it to a CD.

There's probably a lower chance of malicious data on a burned CD having the ability to execute a hardware-level compromise. Probably.
hero member
Activity: 784
Merit: 1000
And how do you move the Armory installation itself to the offline machine? You can do all kinds of hash/signature check offline for sure, but when it's there for you to check the virus should already have settled down.
legendary
Activity: 1400
Merit: 1013
it's a big IF since usb always has firmware.

trezor is a great attempt at minimizing the attack surface by designing duty-built hardware. it's a shame that they chose usb instead of serial, imo.
USB doesn't inherently need firmware, any more than a serial port does.

It's just easier to build programmable devices because you can fix bugs in software instead of hardware. The cost is that a general purpose computer is capable of any computation, and that's a giant attack surface.

I'd feel better about the hardware wallet projects if I saw the teams involved take this issue very seriously and go back to the roots of computing - custom-built electronic circuits that preform exactly one task, not general purpose programmable computers which can be repurposed by an attacker.
full member
Activity: 121
Merit: 103
Anyone know if the upcoming Trezor will fix this problem?
IF there are no hardware vulnerabilities which an attacker can exploit, it will fix the problem.
it's a big IF since usb always has firmware.

trezor is a great attempt at minimizing the attack surface by designing duty-built hardware. it's a shame that they chose usb instead of serial, imo.
full member
Activity: 121
Merit: 103
i know some people who are familiar with firmware and the best idea i've had so far is to use serial ports and then disconnect them when done. serial ports that run up to 115200 baud often have no (afaik) firmware that has an externally accessible attack surface.
Maybe I shouldn't have thrown away all my old motherboards that still had ISA slots so that I could build an offline machine with a non-soft modem.

i am to understand that most modern motherboards and SoCs that have integrated serial ports are 'safe' in that they have no conventional firmware. once you start using pci cards with multiple serial ports, it is not as certain that they do not have firmware.

there are a number of recent boards out there with 2 serial ports that are cheap and run amd64.
legendary
Activity: 1400
Merit: 1013
Anyone know if the upcoming Trezor will fix this problem?
IF there are no hardware vulnerabilities which an attacker can exploit, it will fix the problem.
legendary
Activity: 1400
Merit: 1013
i know some people who are familiar with firmware and the best idea i've had so far is to use serial ports and then disconnect them when done. serial ports that run up to 115200 baud often have no (afaik) firmware that has an externally accessible attack surface.
Maybe I shouldn't have thrown away all my old motherboards that still had ISA slots so that I could build an offline machine with a non-soft modem.
legendary
Activity: 3430
Merit: 3080
Manually typing in the unsigned transaction is probably safe, but is the most tedious thing imaginable.

Which in practice means using a printer on your online machine, and a scanner on your offline machine. And strictly that configuration. Imagine getting home one day to find your housemate/spouse hooking up the scanner to the online machine: "You said don't use the old computer, so I just needed to scan a letter, and..."

Clearly, using a single multi-function scanner/printer to connect to print online and then scan offline is out....
full member
Activity: 121
Merit: 103
The danger is that since nobody in the hardware industry gives a shit about security, it's conceivable for malware on your online machine to infect a USB stick at the firmware level, with malware that infects your offline machine's motherboard (also at the firmware level) as soon as you plug it in. All of this would happen at such a low level that your OS can't do anything about it.

ding ding ding! justus wins the prize.

i know some people who are familiar with firmware and the best idea i've had so far is to use serial ports and then disconnect them when done. serial ports that run up to 115200 baud often have no (afaik) firmware that has an externally accessible attack surface.
hero member
Activity: 616
Merit: 500
Firstbits.com/1fg4i :)
You think a virus would manage to infect a machine thru the microphone without even knowing the brand, much less the model, of the sound card of the target machine?
legendary
Activity: 1400
Merit: 1013
The danger is that since nobody in the hardware industry gives a shit about security, it's conceivable for malware on your online machine to infect a USB stick at the firmware level, with malware that infects your offline machine's motherboard (also at the firmware level) as soon as you plug it in. All of this would happen at such a low level that your OS can't do anything about it.

Manually typing in the unsigned transaction is probably safe, but is the most tedious thing imaginable.

Printing it out and then loading via OCR is probably safe too, as long as the OCR app is thoroughly vetted for bugs and vulnerabilities.

Transferring the data via an audio cable might be ok, but since audio has never been security-sensitive before nobody has spent a lot of time auditing that subsystem for exploitable vulnerabilities so we don't really know how safe it is.

tl;dr: PC security is virtually non-existent right now, and not likely to improve any time soon.
hero member
Activity: 616
Merit: 500
Firstbits.com/1fg4i :)
You could use QR codes and SSTV to transfer the data back and forth thru audio... ¬.¬
legendary
Activity: 1400
Merit: 1013
I'm not an expert, but I'm pretty sure the only time you have to write anything is when the USB is in the offline computer.  I'm talking about using Electrum or Armory offline, I'm not sure about other methods.  You create the transaction offline and write the file it gives you to the USB.  Then turn on write protection and put the USB in the online computer to finish the transaction.  Pretty sure you don't have to write anything to the USB while it's in the online computer.  Correct me if I'm wrong about this.
Nope.

An offline computer by definition does not have access to the blockchain, therefore can not create a transaction.

Transactions need to be constructed online, then moved to the offline computer for signing, then moved back to the online computer for broadcast.
legendary
Activity: 1400
Merit: 1013
In what way does a write-protected USB stick prevent malware from spreading between the online and offline machines?

The way I understand it is that you turn off the write protection when you put the USB in the offline computer (assuming you have an offline computer that has never touched the internet), so you can copy the signed transaction (using offline Electrum or Armory).  Then you turn on the write protection when you put the USB in the online computer to complete the transaction, so no data can be written on the USB drive while it's in the online computer, it can only read data.  This could protect against something malicious being written on your USB stick while it's in the online machine.
And how do you get the unsigned transaction from the online machine to the offline machine in the first place?
newbie
Activity: 44
Merit: 0
In what way does a write-protected USB stick prevent malware from spreading between the online and offline machines?

The way I understand it is that you turn off the write protection when you put the USB in the offline computer (assuming you have an offline computer that has never touched the internet), so you can copy the signed transaction (using offline Electrum or Armory).  Then you turn on the write protection when you put the USB in the online computer to complete the transaction, so no data can be written on the USB drive while it's in the online computer, it can only read data.  This could protect against something malicious being written on your USB stick while it's in the online machine.
kjj
legendary
Activity: 1302
Merit: 1026
Stuxnet used a Windows USB stick 0day to propagate. So it is not unheard of.

Maybe a written CD is easier if it is fully written and has no more space to write? Or a USB stick with a read-only switch?

Write protect switches are advisory.  Many many years ago, some models of enterprise SCSI drives had write jumpers that physically disconnected power to the write/erase head.  Everything else should be taken to mean "please don't write on me".

Much safer is to use something like QR or a barcode, either on paper, or on a screen.  If using QR, care should be taken that you don't ever read them with clever software.  I use a scanner that simulates keystrokes.

What software do you use to produce the QR code and what scanner do you use?

The QRs themselves are made by PHP QR Code.  They are being generated by my offline key generator, a project that hasn't been released yet.

I use a Wasp WDI4500 barcode/QR reader, but I've also tested them with the Android QR app also.  I also put barcodes on the pages, which I test with the wasp, and with a cheapass $10 chinese barcode reader.
Pages:
Jump to: