Bitcoin Forum
May 25, 2017, 09:11:35 AM *
News: If the forum does not load normally for you, please send me a traceroute.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Super secure environment  (Read 827 times)
Sandoz
Member
**
Offline Offline

Activity: 85


View Profile
June 06, 2011, 07:50:52 PM
 #1

Hi guys,

I wonder whether you have some tips for this scenario. I am scared of keyloggers and other spyware, thus I am thinking of accessing my most valuable bitcoin wallet from a secure environment. The plan:

1) Boot from a liveCD with my physical signature on it (this makes sure the OS is not tampered with, no persistence)
2) Load an encrypted USB stick (safe encryption makes sure I can backup images of the stick without worries)
3) Decrypt it with an on-screen keyboard to fool any hardware keyloggers
3) Run bitcoin from within the stick

Now, that's the theory. However is such a setup possible? Can anyone help me/us with the needed tools?

More specifically:
-Which linux livecd is best suited? I assume the more stuff there is on it, the less you can trust it
-What encryption for the stick? The liveCD must support it out-of-the-box. I don't care if I can read it only on linux, in the end I will ONLY access it from there (I was able to create a LUKS partition on a stick and I could decrypt it and see the contents but I am unable to run any executables on it. No idea how)

Any help would be greatly appreciated, I assume other people would like such an environment too!!

Thanks!!

1495703495
Hero Member
*
Offline Offline

Posts: 1495703495

View Profile Personal Message (Offline)

Ignore
1495703495
Reply with quote  #2

1495703495
Report to moderator
1495703495
Hero Member
*
Offline Offline

Posts: 1495703495

View Profile Personal Message (Offline)

Ignore
1495703495
Reply with quote  #2

1495703495
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
borgfish
Member
**
Offline Offline

Activity: 75


View Profile
June 06, 2011, 08:11:43 PM
 #2

you might want to search the forum for a thread where 8999 lost btc are mentioned.
poor man used same paranoid setup and didnt backup his wallet after each and any transaction.

now to your question: i myself wouldnt trust usb sticks too much. Having above mentioned case in mind, you need more backups, why not on a system with FullDiskEncryption, Harddisk tied to mainboard via TPM (bitlocker?, dont know what linux can offer there)
If you want the usb stick badly, you could boot off it ?

Maybe there are encrypted sticks working with fingerprints which can be unlocked prior to the boot process ? dunno about that
Sandoz
Member
**
Offline Offline

Activity: 85


View Profile
June 06, 2011, 08:24:17 PM
 #3

you might want to search the forum for a thread where 8999 lost btc are mentioned.
poor man used same paranoid setup and didnt backup his wallet after each and any transaction.

now to your question: i myself wouldnt trust usb sticks too much. Having above mentioned case in mind, you need more backups, why not on a system with FullDiskEncryption, Harddisk tied to mainboard via TPM (bitlocker?, dont know what linux can offer there)
If you want the usb stick badly, you could boot off it ?

Maybe there are encrypted sticks working with fingerprints which can be unlocked prior to the boot process ? dunno about that


Hi Borgfish,

thanks for the reply. I am absolutely aware of the 8999 lost btc thing. Backup of a stick WOULD take place. Just from another OS: creating an image and put it online, on cd's etc. If the USB stick dies I would just take the image and rebuild another stick using that image

I don't trust booting from a stick. Why? There is not persistence. Someone could happily install any software on it (keylogger or whatever). With a CD you have your signature on it, maybe you check the hash.. but you are damn shure the OS is the same as before.

The FullDiskEncryption is intersting, I will look up that, thanks!
rebuilder
Legendary
*
Offline Offline

Activity: 1618



View Profile
June 06, 2011, 08:29:14 PM
 #4

roll a custom livecd with Dropbox or other cloud storage installed, have your encrypted wallet backed up there?

Selling out to advertisers shows you respect neither yourself nor the rest of us.
---------------------------------------------------------------
Too many low-quality posts? Mods not keeping things clean enough? Self-moderated threads let you keep signature spammers and trolls out!
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!