Topic: USB Selfbooting Solid State Wallets - Secure - Manufacturer Needed! (Read 2498 times)

now i'm having trouble booting to TC from USB despite checking boot loading order in bios.  have you ever seen this inconsistency?  this has been reported before.

which installer did you use?  CorePlus, unetbootin?  they recommend CorePlus but now my usb refuses to boot.  funny b/c the one time i got it to boot to TC was after i used unetbootin to install.  now that even won't work.

A similar alternative to this is to install an OS on a USB drive as a virtual machine, the disadvantage is any PC you connect it to has to have a the virtual machine software on it also.

I can't wait to see an open source hardware wallet based on the Arduino. 

The official bitcoin-0.8.0-linux.tar.gz has a directory structure to the archive. From the directory where you extracted it, you can run Bitcoin by typing ./bitcoin-0.8.0-linux/bin/32/bitcoin-qt & in a terminal.

You can also move the above bitcoin-qt file to another directory by itself, no other files from the archive are needed to run Bitcoin. You can be really fancy and add an icon for it.

Make sure that you successfully created a persistent directory for your data, that you can shut down and reboot and your Bitcoin wallet addresses and the current block count are still there (just booting the live cd will always forget anything you downloaded as it only uses a RAM disk.) Also use UUID, so that partitions will always be found even if you use different USB ports or a different computer:

http://wiki.tinycorelinux.net/wiki:persistent_home

Newer machines may use UEFI boot instead of BIOS, this requires a 64 bit distro and UEFI bootloader (Ubuntu 12.10 64 bit is one distro that is ready, tinycore liveCD is not). This is not "Microsoft preventing booting", it is pretty standard for it to be enabled on new PCs now that Win8 supports it; old BIOS doesn't support hard drives larger than 2 TB. Macs also use EFI. Only incompetent hardware manufacturers have a problem.

If "trusted boot" is enabled, a computer will only boot signed code. This is being worked on by kernel devs, but it requires kernel code signed by Microsoft. This is more of a grab by Microsoft that no user wants, under the guise of more security.

Both of these "features" can generally be disabled in BIOS. Windows 8 certified systems are required to permit the user to disable Secure Boot.

ok, got everything installed just like you've described. 

but how do i run Bitcoin-qt?

this is the concept of offline wallets you speak of.  no need to ever connect your private keys to the internet.

Technically speaking there is absolutely no difference in the security of either a virtual or a LiveCD OS - its all about convenience.

However, having thought about the problem again, do we actually need a physical wallet at all?

You have a cloud folder somewhere where your BTC files are stored.  You just need access to it occasionally to see how much the total is.   You don't need access to add to it, and you don't need more than the address to take from it.


If you could find out what the total was without entering the wallet, you would never need to go near your wallet.

Is my understanding of BTC wallets true?


Because on that basis, its going to be far, far safer to leave the data in the capable hands of a data centre, with no access to your private keys!

Tell me more!

now that MSFT appears to be preventing booting from USB sticks in Windows 8, will your TinyCore USB system still work on those machines?

Generate some entropy by throwing darts, then calculate the private and public keys with paper and pencil.

That is a good point...  (conspiracy back door key... lol)  Makes you wonder...

So... Then how do you (the bitcointalk users) tell people with almost zero tech skills how to make a high security wallet? As they all probably own a Windoze machine anyways.  Also, it has to be easy to use... Haha, think of all those CEO's, CFO, etc. out there... JK 

If you want to look for manufacturers, look on alibaba.com

It is kind of like a craigslist for outsourcing.

Because we assume that you use your normal computer for doing things like clicking links like these (any of which could infect your computer with no input from you). Any virtual machine or encrypted sub-system that you run on your system is just as vulnerable since the remote attacker will have the same privileges as you on the main OS.

A USB boot drive is a more secure environment, especially one that comes with no web browser. You install it clean off a LiveCD as I describe above, so it is never potentially tainted. You only type it's password directly into the USB boot OS. The data can be made unreadable by anything other than the boot code on the USB. It's kernel can be firewalled to only accept incoming Bitcoin connections and nothing else.


Assuming that a manufacturer made purpose-built Bitcoin device is automatically better is wrong. I wouldn't trust anything with software loaded up in a Chinese factory with my money, especially a device they know will contain my money.

I would rather use a lite client like Electrum, personally.  Then the stick is just a segregated place to keep your private keys and a know-clean OS.  Good enough for me.

That product does look great though.

Yes, but it's not exactly what I was suggesting.  Much cheaper solution <$60USD  (a permanent safe so to speak for the big load - I wouldn't want to carry it around with 100+BTC off my key-chain! )


My only thinking is that the custom built USB-key wallet is something my GF, mother, dad, grandma, everyone one of my friends it seems and other non techy could use.  I have used tiny, puppy, ubuntu to a custom boot USB key my self.  But a simple to use finger print scanner on usb with rom based os (so they cant screw it up lol) and 64Gig+ portion to the .dat files.  

Its gotta be foolproof and very simple to use.  Security is paramount.

With one of the larger manufacturers making it (Sandisk, etc) people would trust it.  


TC

But isn't that a risk with any computer?  Why would this be a bigger risk?

If someone PwnD your computer, they also can have control and access to anything on it and anything you type.

If you placed your virtualised tiny linux wallet in a trucrypt hidden volume, it doesn't need to go on any fancy usb stick - as long as its big enough for the blockchain?

http://www.truecrypt.org/hiddenvolume

its going to take longer to write a decent pass phrase than the time needed to set this up

Maybe I should write a tutorial?

Mining != anything in this thread. There is BAMT for that.

I called it.   Well, not quite, but it can't be far off once the ASICs are delivered.

https://bitcointalksearch.org/topic/m.201278

This can be done now, you can boot off tinycore linux liveCD (12MB). For v0.8.0, install qt-4.x-base through "apps", wget http://iweb.dl.sourceforge.net/project/bitcoin/Bitcoin/bitcoin-0.8.0/bitcoin-0.8.0-linux.tar.gz, and tar xvf bitcoin-0.8.0-linux.tar.gz.



It will explode after you use up it's 1GB RAMdisk downloading blockchain though, so you install it to a 32GB flash drive, and you can now boot a full OS with full GUI Bitcoin off removable disk. You can encrypt the home directory so Bitcoin data is unreadable without booting and entering a password.

I could easily make such a thing preloaded with blockchain for sale, the trick would be convincing others it is trustable and that future ones I sell would remain trustable.