Bitcoin Forum

The recent security concerns related to Bitcoin gave me the idea to create a LiveCD where you can do safe transactions without worrying about being infected by the trojan infostealer.Coinbit or being spied by anyone.

Features :
                                              -Use TrueCrypt to access your encrypted Wallet
                                              -If you wish you can surf the web anonymously with JonDoFox
                                              -You can use the client MegaIRC and join your favourite Bitcoin irc channel
                                              -You can also use the calculator to help you in your transactions
                                              -You can connect to the internet with OpenVPN (not yet implemented)
                                              -Block-chain already pre-loaded inside BitVault - you can manually update it
                                              -BitVault Wizard, easy step by step with almost no interaction from the user which install and configure
                                               the bitcoin client for you!




If you wish to know more about BitVault features, method of work and download link, please read this page : http://kittybomber.com/BitVault

I am also seeking volunteer to help me out with this project, read this page for more information : http://kittybomber.com/BitVault_dev


Please give me feedback and if you wish to see something implemented inside this LiveCD let me know!

EDIT:

-Added a new Bitcoin client support from coderrr : http://forum.mtgoxlive.com/showthread.php/11-Patching-The-Bitcoin-Client-To-Make-It-More-Anonymous
 - Please read this page if you wish to use this client http://www.kittybomber.com/config_guide

Feel free to donate : 1D5BjvQi7kGPUBpumWsN7kJ63hixEJcfFW

I strongly recommend you apply Sipa's import/export patch, so that bitcoin addresses with their private keys can be exported and/or re-imported.

Could you please provide me a link? I will look into this.

http://forum.bitcoin.org/?topic=3906.0

Thanks, so it does only support this client version 0.3.20 ?

I subscribing to this thread.  When anyone tries it out, please respond and give feedback.

If you have any questions do not hesitate to ask me.

I saw on your website you may be planning a linux cd. If so I'd consider Tiny Core Linux.
With it, you could have a download of ONLY 30 MB iso! That's with Bitcoin and a GUI. It would be easy to have something where the cd boots and prompts user to insert usb stick. Once usb is recognized Bitcoin is lauched and block chain copied off of usb stick and encrypted wallet copied and prompts for gpg password. Once done it could re-copy blockchain onto usb and update the encrypted wallet. Since there is almost no other software on it it, there would be less exploitable bugs.

Thanks for your reply, when comes the time I will follow your advice it seems like a great idea. If you ever wish to participate in the project let me know.

Check: https://forum.bitcoin.org/index.php?topic=22128.0

yeah I just saw, if you find other people who would be interested to create this LiveCD, I will gladly help in the create and host it on my website. If not I will do it by myself but it might take a little while since I am really busy right now.

If you made one like how I described it would be pretty sweet! I'll be watching!!

I will do my best.

Liking these "Vault Environment" projects ... just watching.

So how sure are you that traces of the decrypted private keys are never left anywhere on the machine when you are all done? RAM, cache, buffers, etc? Isn't that somewhat hardware dependent? Be good if an embedded guy could have a look through it also.

Your TrueCrypt Container will remain on your USB key, you are using an instance of  TrueCrypt loaded inside your RAM to decrypt your container, then the program will mount a virtual drive for you so you can access your wallet, there is no interaction with your HDD. You could even boot up inside this LiveCD without your hard drive.

And is there some code that specifically scrubs the private keys out of RAM (and where-ever else) when you are done? probably just left to chance right?

When you are done with the LiveCD you will reboot inside your OS, your RAM will refresh and load your current OS, your container will be unmounted so there's no way to steal the wallet. If your private key would still be in memory the attacker would have to know first what to do with this "key"

.... well that would be the implicit assumption wouldn't it? Worms looking for bitcoin private keys anywhere they find them is the new background environment.

The current Malware is a Trojan and he's only looking for wallet.dat, I haven't heard of such worm reading your RAM for private key. If you find a link I will gladly read it and apply a proper solution to this problem.

... just looking ahead ... trying to think like a criminal.

Doesn't rebooting flush the RAM? Once power is lost to the RAM it clears if I remember correctly. I remember reading an article on how these hackers wanted to get a key off of RAM but the computer was locked. They knew the KEY was in the RAM so they froze the RAM with liquid nitrogen so they could examine the RAM and find the key. They couldn't lose power to the RAM without freezing it.

Yes, there's no way to flush the RAM without crashing your computer. You have to reboot.

Might want to check out this distro, too. They've modified the kernel to prevent hard disk mounting and disabled network access:

https://www.privacy-cd.org/

They recommend doing a full memory test on reboot to wipe memory. I use this on a $300 netbook which I never connect to the Internet or use for anything else.

Its a cool distro but the goal of this LiveCD is to do transactions so we need a network access. As long as you hide your IP and that you run everything from RAM your chance of being hack by someone are lot less.

I would like some feedback from people who tried it, I know there's some stuff to improve or add so please let me know. I am currently working on sipa's bitcoin client.

-Added a new Bitcoin client support from coderrr : http://forum.mtgoxlive.com/showthread.php/11-Patching-The-Bitcoin-Client-To-Make-It-More-Anonymous
 - Please read this page if you wish to use this client http://www.kittybomber.com/config_guide

Perhaps adding a demo copy of WinHex or another suitable hex editor that can do full disk scans may be helpful for deleted/corrupted wallet recovery.  See this thread:

http://forum.bitcoin.org/index.php?topic=22697.msg285466#msg285466

I have another one: TAILS Linux (the amnesic...): http://tails.boum.org/about/index.en.html

That's is my favorite livecd as it does everything possible for anonymity... Every internet connection goes through tor by default, the memory is immediately overwritten as soon as you unplug the boot medium (someone with a gun comes in, you raise your hands and step away from the computer automatically unplugging the USB stick from which you booted and which is connected to your belt), it has a nice on-screen keyboard to defeat hardware keyloggers, provides a MAC changer for anonymity in hostile environments... And they are even so paranoid that they want to remove truecrypt support (check their site for the rationale)

They are considering to add a bitcoin client per default in the future. For me this is quite a great candidate for a paranoid BitVault distro (Thanks for NOT calling it VaultCoin)

sounds awesome ... there will be an immediate market for these for sure .... and has some interesting evolutionary direction possibilities also ...

Sounds like a really cool distro. If you guys have more security stuff that you would like to see implemented inside BitVault, please let me know.

Seems like a good idea, I found this free HexEditor and you can do a search of your hard drive.

http://mh-nexus.de/en/programs.php


I will add it to BitVault.

A few things I'm wondering about based on the text on the website...

How exactly (besides being a LiveCD) does it ensure that it cannot be infected, especially since it's based on Windows?

Where did you get the idea that Linux is a "command line interface"? Environments on Linux like GNOME and KDE are often far more userfriendly than the Windows environment, and it's possible to customize Linux distributions to such a degree that you can make it only have the necessary controls for the purpose of the OS (which, in this case, would be Bitcoin-related tasks).

Now I also took a look at the screenshots... and I see a (commandline) batch file that is used to do transactions? Now seeing as you just mentioned you wanted to avoid command line interfaces, why use a batch file?

It can be infected, but you will be browsing the net anonymously and you are using firefox with no-script, Enforce HTTPS, harden Adobe Acrobat against attacks, this should help you a lot read : http://anonymous-proxy-servers.net/wiki/index.php/JonDoFox_extension_for_Firefox  Remember that you are using this LiveCD for Transactions only, you should only browse bitcoin related websites/forums to minimize the risks.


About Linux, the problem is most of the time you have to configure a lot of stuff with a command line to make it work properly on your computer, of course I know GNOME and KDE but like I said I wanted to use Windows as my first distro, I will make a Linux distro.


For the batchfile, if pressing enter is too hard for the user than I do not know what to tell you.

For the PDF reader I'd advise using Foxit Reader, both because it's a lot lighter/faster and more secure.

I've used SuSE (with both KDE and GNOME) for years, and never really had to use the commandline. When I did, it was usually because I *wanted* to mess around, not because something didn't work. Puppy Linux (which would be more useful for something like this) combined with IceWM gave me pretty much the same experience: no commandline needed to use it, at all. I work on (non-profit) refurbishing of computers regularly, and often use Puppy Linux on them, and never really had anything that didn't work out of the box.

I was only refering to the "commandline" thing :)

EDIT: Regarding KDE vs. GNOME, I'd certainly recommend GNOME for ease of use, KDE is simply too bloated and messy nowadays. For something like a simple Live CD however, IceWM would probably be the best choice.

Yeah I would use GNOME too, I will look into this, thanks for the advice!

I am currently looking for a compiled Windows version of sipa's client  or else I will try to build it under Windows.

Thanks.

So if I see some Delta Force dudes bursting through my window it would be safer to reboot instead of shutting down?

Just read this article and it seems like it doesn't make a difference:
http://www.zdnet.com/blog/security/cryogenically-frozen-ram-bypasses-all-disk-encryption-methods/900

"This same attack works without the compressed air or RAM migration if the computer is configured for USB or LAN boot. You simply put in a USB dongle and boot off that dongle or you can boot off the network. Booting off the optical drive is probably just as easy and more likely to work. Then you can dump the RAW memory contents to the USB dongle or a network share"

https://tails.boum.org/ is good and can run bitcoin without modification, however http://dee.su/liberte is rock solid, though would require a new bitcoin client to be compiled. And this is a must have patch for anonymity: https://forum.bitcoin.org/index.php?topic=24784.0 (also import/export for power users)

Indeed. I think both distros have the same goal. I don't know the difference very well but what I like about tails is the daemon which immediately wipes the memory as soon as you eject the cd or start the shut down sequence. But that could be ported to liberté too I guess

Liberte does that as well. Liberte is smaller, faster, and much more locked down than TAILS. Tails will let you run external applications (such as bitcoin) without reconfiguring the ISO. Liberte will not. You must pre-generate the Liberte image and it will be verified on boot. After booting into the GUI, root/sudo is not possible. I believe both encrypt the swap space. Try it. Liberte is very restrictive, but quite secure, to the point of being impractical for anything but communication.

On the contrary, I'd think that Bitcoin virus writers will likely place their viruses on Bitcoin related websites and forums.