Even air-gapped wallets aren't safe...

[cellard]

'the sound of hard drives', woah.

attack vectors are only going to become more clever. the incentives get more compelling by the year.

as for my airgapped computer, i took out all connectivity like the wifi card and bluetooth stuff and put a brand new hard drive in it. it's never been anywhere near the internet and never will. of course the OS came from the internet but it can't talk to it.

i sleep well enough at night. if ninjas come around and scan me while i sleep then so be it.

as for the skeptics, sometimes these things start off at the height being theoretical, then the refinements start to arrive...

I think at some point it becomes unhealthy to worry about such far fetched situations and you may end up making a bigger mistake due high levels of stress in the process.

If you are worried about someone building patterns from the HDD noise... an SSD makes no noise that I know off since it has no moving parts.

And again if you are worried about airwave signals you can buy one of these:



Then only open your computer inside the sealed tent.

[richardsNY]

as for the skeptics, sometimes these things start off at the height being theoretical, then the refinements start to arrive...

That's why I stopped using my Trezor and Nano S hardware wallets more than a month ago. I know for most people there isn't much to worry about, and the manufacturers come up with fixes in a quick fashion, but it's just too repetitive for me to feel good about these hardware wallets. I'm back using the less convenient paper wallets as cold storage option, but I don't mind losing convenience when I get more security for it in return. Usually people easily ignore things like exchange hacks and other situations having ended in coin loss, but they fortunately do pay close attention to their hard ware wallets, which is quite interesting.

[European Central Bank]

I think at some point it becomes unhealthy to worry about such far fetched situations and you may end up making a bigger mistake due high levels of stress in the process.

yep. life is indeed too short and there will always be new scares out there.

but maybe absolute guaranteed safety will always be slightly beyond reach. it does make me wonder about how stuff like that affects the perception of crypto for newcomers.

the hacks of legit services have usually been through some crazily obvious old chestnuts like an employee opening an email attachment. one day it might happen through one of these super techie methods at which point faith might crumble a little.

[Spendulus]

you use a QR code to move the pre-signed transaction from the air gapped computer which has no access to internet in anyway.....

QR-Codes are like a red flag to a bull and says "Read me, i am a password" to the O/S ....

But this is ridiculous.

SO WHAT? That's information you want to be transferred.

This discussion is falling into the logical error of the "Irrefutable Hypothesis."

[lum_dog_millionaire]

I guess it kinda goes to show you that the only un-hackable piece of technology is your good old fashioned brain! Bring back the brain wallets!

[HCP]

I guess it kinda goes to show you that the only un-hackable piece of technology is your good old fashioned brain! Bring back the brain wallets!

Yes... "un-hackable"... that's why no-one ever lost funds from a brain wallet...

https://www.deepdotweb.com/2017/06/09/bitcoin-brain-wallets-hackers-heaven/
https://bitcointalk.org/index.php?topic=1073845.0
https://www.ccn.com/researchers-describe-easy-way-crack-bitcoin-wallet-passwords/
https://www.reddit.com/r/Bitcoin/comments/1zti1p/17956_hacked_brainwallet_passwords/
https://securityaffairs.co/wordpress/44532/cyber-crime/103k-stolen-brain-wallets-attacks.html

[Aura]

Exactly... just like the Ledger wallet exploit was... And if you think people who setup a Pi are going to check every line of code in the distro that they download... you're the world's greatest optimist!

That's why checksums and digital signatures were invented. Also Github let's you see all changes that were done from the last release, so you don't have to check the whole code for back-doors every time a new version is released

[weeklyeth]

I think since, the eyes of hackers is on this new emerging cryptocurrency market, it is becoming increasingly difficult for them to hack from computers that are connected to the internet. Therefore, I think they are finding new ways. Before, we simply ignore that it is not possible, I think this needs more discussion and if necessary, steps need to be taken to protect ourselves. But, I guess, in general it is not easy to hack an air-gapped wallets.

[Spendulus]

I guess it kinda goes to show you that the only un-hackable piece of technology is your good old fashioned brain! Bring back the brain wallets!

Random speculation does NOT constitute realistic threats to security.

Random speculation does not support a theory of weakness against threats.