Cold storage security

[2112]

You have clearly demonstrated that you are an asshole.  But that doesn't mean I won't accept advice from you.  Everyone has their own deficiencies, and clearly yours is a social deficiency, having no tact (or desire to try being tactful) in your expressions that everyone is dead wrong unless they are exactly right.  But I have thick skin, and can look past this.  Especially because you tend to have valuable input somewhere in your asshole ramblings.  After all, extreme technical competence usually comes with quirkier personalities.  I'll assume that's what your problem is...

(a): The Makefile is there because I put it there. I wanted to distribute everything with the executable, because it's all part of the same project.  Perhaps the organization of the files could be improved, but the only people looking for it will know what to do with it when they find it.  I'm not sure what your point was about this.

(b),(c): You have a good point that static linking is a security benefit, in addition to being easier to distribute.  I will look to see how much more stuff I can static-compile.

(d):  I do not agree about duck-typed languages being such a problem.  Sure, they leave room for poor/inexperienced programmers to make messier, more error-prone code.  But the quality of the final product is on the programmer, not the language they used.  Type-checking and error handling is superfluous throughout Armory code, and I am constantly testing everything I can.  I know you're probably going to be an asshole and point me to 10 different lines of code out of the 25,000 lines throughout Armory, where I didn't check variable types, or demonstrated some poor coding practice.  Well, go ahead.  I might even fix those lines.  But I won't apologize for having bugs in my, or doing something sub-optimal.  We can't all be good at everything.  

If you want to continue to discuss this, please do so on the Armory thread, or PM.  As I said, I'm happy to take reasonable advice from you.  However, your attitude is very likely to turn off others who otherwise would listen to your advice, but brush you off because you are so abrasive.

Thank you very much for your understanding about my lack of style. I'm more worried that my rant was lacking clearness in the description of the possible avenues of attack.

Basically (a) & (d) are about the same idea: the distribution of source code should be clearly separated from the distribution of the compiled code. By mixing the two you inadvertently opened Armory to the attack by overriding/redefining some of its function/classes by dropping the overriding source anyplace where the Python interpreter could pick it up.
I didn't wanted to spark the discussion about benefit/drawbacks of static-typing vs. duck-typing. As far software security the duck-typed dynamic compiler/interpreter has a serious drawback of being able to accidentaly pick up leftover/changed code from many places in the file system which only Python expert will be able to locate.

The mixing of source/compiled representation also effectively nullifies the benefits of signing the compiled/executable code: anything in it can be changed by a very short (less than 100 bytes) .py file placed away from Armory appication directories.

Another thing that I didn't explained clearly is that Armory Online and Armory Offline have drastically different security postures. I was under impression that you actually understand this differentiation and posted in this thread to spark discussion how to further differentiate the two.

Anyway, it is great that you were able to rise over the presentation style used. I'm going to post a single link to very neutral/matter of fact presentation about offline system security.

http://gaming.nv.gov/index.aspx?page=51

then search for "Technical Standards for Gaming Devices".

For everyone who thinks that they will be better served by a ultra-polite, glad handing and slick presentations: please review the posts of
vadimg and shtylman about the BitFloor.

https://bitcointalk.org/index.php?action=profile;u=37089;sa=showPosts
https://bitcointalk.org/index.php?action=profile;u=37090;sa=showPosts

Again thanks to etotheipi for understanding the substance over the style.

[1715247784]

1715247784

[1715247784]

1715247784

[1715247784]

1715247784

[1715247784]

1715247784

[etotheipi]

Basically (a) & (d) are about the same idea: the distribution of source code should be clearly separated from the distribution of the compiled code. By mixing the two you inadvertently opened Armory to the attack by overriding/redefining some of its function/classes by dropping the overriding source anyplace where the Python interpreter could pick it up.
I didn't wanted to spark the discussion about benefit/drawbacks of static-typing vs. duck-typing. As far software security the duck-typed dynamic compiler/interpreter has a serious drawback of being able to accidentaly pick up leftover/changed code from many places in the file system which only Python expert will be able to locate.

The mixing of source/compiled representation also effectively nullifies the benefits of signing the compiled/executable code: anything in it can be changed by a very short (less than 100 bytes) .py file placed away from Armory appication directories.

All I can say is that what you have identified as potential vulnerabilities make sense, and I'm interested to dive further into mitigating this.  However, you could've simply emailed, PM'd or posted in my thread about this months ago, and I would've been happy to act on it.  Instead, you lurk in the shadows, popping your head out occasionally to insult people's intelligence for not knowing what you know, and the people who could be best aided by your experience will essentially ignore you, even if you have something important to say.

Please continue this conversation in the Armory thread, so we can stop derailing this thread.

[Dabs]

Is the whole amount public, or only for each client or customer? What I mean is, if I were a customer, I should of course know how much bitcoins you have that are assigned to me, but should I also know another customers amount of bitcoins. Maybe that information need not be public.

In which case, people can only speculate how many bitcoins you have in total, but not exactly. If that is true, then no one can ever be sure how much more bitcoins you control.

Kindly correct me if I am wrong. I do not know what business or service you are planning to do, so I do not know how it will operate.

For password security, you could try using a Yubikey or something similar (static mode maybe.) You will never remember the entire password and it can be destroyed convincingly to bad guys so they know they can't get anything from you. A backup should exist, and you can use the bank safety deposit box for that purpose.

Or you could design your own "panic room" not unlike the bank, or the storage unit. Like a large vault. It could be anywhere, it could be undetectable, it could be secret, no one knows where it is, etc.

Again, physical security.

If using remote computers through secure channels, you could always encrypt those systems. Backups get encrypted too.

Personally, I'd just have a laptop with my own mobile internet to do the transactions, and it never leaves my person, has tamper proof seals, and is auto-format/auto-wipe when I don't do something right. It will of course be encrypted so just wiping the keys (or the first and last megabyte) is more than enough to render it useless.

You could use a virtual machine or virtual OS that sits in an encrypted volume (such as TrueCrypt) but is only mounted manually, on a drive that has a wipe function in the startup folder that will wipe the same volume unless you stop it in time.

I actually made a small program to partially wipe a file on a drive. (I use TrueCrypt on Windows XP, you could use FAT32 instead of NTFS.) That way the file is gone if you don't boot it properly, and a single button short-cut or key combination will also do the same thing or do an instant shutdown, also keeping the data (and the private keys) safe.

If you are operating like something like a pawn shop or investing firm or bank like in nature or money changer, then you MUST have physical security, or at least a building that has double locks to give you enough time to push the panic button.

There are some things about your operation that should be kept secret from everyone else, like the nature of your self-destruct mechanism, your passwords, your yubikey, your fingerprints or other biometric security, and the location of your safe room.

If your business can not afford to hire even one armed security guard, then it is not something you should be doing. You'd have to weigh the cost-benefit analysis of this yourself.

Again, personally, I would do my own physical security, and acquire my own firearm (actually, I already have one) but that really depends on where you live and the laws of your country.

Businessmen in my country who are rich enough usually hire at least one bodyguard. There are very few who are completely unarmed, and only because no one else really knows what they're doing, and it's easy to keep some things secret around here.

I don't know what your business is, so I'm sorry if none of what I said can apply to you. I run a business that has several branches in several malls (it's an old fashioned business selling specialty items, unfortunately not for bitcoins) and I've learned how to protect myself from all but the most determined attackers.

[SgtSpike]

Is the whole amount public, or only for each client or customer? What I mean is, if I were a customer, I should of course know how much bitcoins you have that are assigned to me, but should I also know another customers amount of bitcoins. Maybe that information need not be public.

In which case, people can only speculate how many bitcoins you have in total, but not exactly. If that is true, then no one can ever be sure how much more bitcoins you control.

Kindly correct me if I am wrong. I do not know what business or service you are planning to do, so I do not know how it will operate.

For password security, you could try using a Yubikey or something similar (static mode maybe.) You will never remember the entire password and it can be destroyed convincingly to bad guys so they know they can't get anything from you. A backup should exist, and you can use the bank safety deposit box for that purpose.

Or you could design your own "panic room" not unlike the bank, or the storage unit. Like a large vault. It could be anywhere, it could be undetectable, it could be secret, no one knows where it is, etc.

Again, physical security.

If using remote computers through secure channels, you could always encrypt those systems. Backups get encrypted too.

Personally, I'd just have a laptop with my own mobile internet to do the transactions, and it never leaves my person, has tamper proof seals, and is auto-format/auto-wipe when I don't do something right. It will of course be encrypted so just wiping the keys (or the first and last megabyte) is more than enough to render it useless.

You could use a virtual machine or virtual OS that sits in an encrypted volume (such as TrueCrypt) but is only mounted manually, on a drive that has a wipe function in the startup folder that will wipe the same volume unless you stop it in time.

I actually made a small program to partially wipe a file on a drive. (I use TrueCrypt on Windows XP, you could use FAT32 instead of NTFS.) That way the file is gone if you don't boot it properly, and a single button short-cut or key combination will also do the same thing or do an instant shutdown, also keeping the data (and the private keys) safe.

If you are operating like something like a pawn shop or investing firm or bank like in nature or money changer, then you MUST have physical security, or at least a building that has double locks to give you enough time to push the panic button.

There are some things about your operation that should be kept secret from everyone else, like the nature of your self-destruct mechanism, your passwords, your yubikey, your fingerprints or other biometric security, and the location of your safe room.

If your business can not afford to hire even one armed security guard, then it is not something you should be doing. You'd have to weigh the cost-benefit analysis of this yourself.

Again, personally, I would do my own physical security, and acquire my own firearm (actually, I already have one) but that really depends on where you live and the laws of your country.

Businessmen in my country who are rich enough usually hire at least one bodyguard. There are very few who are completely unarmed, and only because no one else really knows what they're doing, and it's easy to keep some things secret around here.

I don't know what your business is, so I'm sorry if none of what I said can apply to you. I run a business that has several branches in several malls (it's an old fashioned business selling specialty items, unfortunately not for bitcoins) and I've learned how to protect myself from all but the most determined attackers.

Dabs, thanks for the input.  Unfortunately, because of the type of business, every address I was holding coins in would be public, and people could then look at the blockchain to find the balances.  The whole amount would be public, not by choice.

I bolded the part about body guards.  I am curious if ANYONE dealing in Bitcoins has hired one for their Bitcoin business?  I honestly cannot think of any of those companies making enough to impart some of the profits towards a bodyguard.  Regardless, it is certainly not something I would be able to do.  If physical protection like that is a requirement, then it's not a business I can start.

I do have my own firearms, and am not afraid to use them on any intruder.

And certainly, I agree that some of the measures of security should be obscured.

[Dabs]

I'm sure you have your reasons for not telling us what kind of business would require such kind of full disclosure. But the moment you started operating it, then everyone would know what it is, and that's not going to stop someone with more capital to do a copy-cat business.

Why not think of a solution that does not require full disclosure? People would have to some how trust you anyway. Look at the exchanges, they have hundreds of thousands of bitcoins. Of course, one is located in Japan, so ... ... you've got physical security right there.

Look at, hmmm, I can't think of anything else really, maybe Silk Road. But the important thing is that people should trust you and maybe there is no need for everyone to know everything, just what it is in the blockchain particular to them, and the rest of the info is summarized so they have an idea.

In my particular case, I only have armed security guards because I employ people in the factory. It is located away from the city, away from the malls that sell the items. Around the immediate area, several crimes have happened but it seems they are crimes of opportunity and chance from small petty criminals (theft of items in unguarded areas, theft of items locked by a wooden door, homicide between drunk people, etc.)

There is a small chance someone will attempt to rob my place because if you have as many people as I do, one might suspect that on some days they might be paid a small amount of cash each. One way I have addressed that is to minimize the cash and majority go through banks. It has actually happened before several years ago at a different location. Thankfully, no one was hurt, they just lost their money. Twice was too much, so we changed strategies and used more deliveries of smaller amounts that would not attract the interest of robbers. Finally, we now require all workers to have their own bank account or cash card, and most of the time (still not all the time) they get paid that way.

But there are still items at the physical location, like raw materials, which are worth a lot to those people who know what they are, and how to make products out of it. Fortunately, this is sort of a niche market so the most thieves could do is steal them and sell them cheap. And then we'd know who did it or what happened.

Actually, the armed guards I have are probably no good if there is still a determined attacker. They are meant as a deterrent to the small time robbers.

Watch any movie. One particular movie I remember is Firewall starring Harrison Ford and Paul Bettany. There is no way you can realistically and reasonably protect yourself from that kind of attack. You can read the plot at wikipedia or any other movie website. Unless you don't like spoilers and actually want to watch the movie, but I like knowing the story ahead of time.

This tactic is called tiger robbery or tiger kidnapping. The counter measure for this is requiring two or more people to do the transaction. None of you need be armed or have bodyguards (although it really helps if you do.) This is like those nuclear launch thingies, or mission impossible thingies that require two or more people to agree on something before it can be done.

That way, people would have to kidnap two or more people. The more, the harder it is. But if you eventually control hundreds of thousands or millions of bitcoins, then they have all the incentive in the world to hire their own personal SWAT team to do the job.

If I were evil, I could get rich systematically invading other wealthy people and threatening their families in exchange for money. Most people are unprotected (or at least they seem so.)

Makes me wonder why no one has tried robbing Bill Gates or Donald Trump or one of those billionaires, I mean, just kidnap their children right? And ask for a measly $10 million dollars in cash. ... ... Oops, I just found out they do have bodyguards. But hey, he controls a few billion dollars, so the risk is gotta be worth it. Doing it Firewall style would prevent the bodyguards and police to get involved.