Bitcoin Forum
December 07, 2016, 10:30:23 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Super secure environment  (Read 794 times)
Sandoz
Member
**
Offline Offline

Activity: 85


View Profile
June 06, 2011, 07:50:52 PM
 #1

Hi guys,

I wonder whether you have some tips for this scenario. I am scared of keyloggers and other spyware, thus I am thinking of accessing my most valuable bitcoin wallet from a secure environment. The plan:

1) Boot from a liveCD with my physical signature on it (this makes sure the OS is not tampered with, no persistence)
2) Load an encrypted USB stick (safe encryption makes sure I can backup images of the stick without worries)
3) Decrypt it with an on-screen keyboard to fool any hardware keyloggers
3) Run bitcoin from within the stick

Now, that's the theory. However is such a setup possible? Can anyone help me/us with the needed tools?

More specifically:
-Which linux livecd is best suited? I assume the more stuff there is on it, the less you can trust it
-What encryption for the stick? The liveCD must support it out-of-the-box. I don't care if I can read it only on linux, in the end I will ONLY access it from there (I was able to create a LUKS partition on a stick and I could decrypt it and see the contents but I am unable to run any executables on it. No idea how)

Any help would be greatly appreciated, I assume other people would like such an environment too!!

Thanks!!

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
borgfish
Member
**
Offline Offline

Activity: 75


View Profile
June 06, 2011, 08:11:43 PM
 #2

you might want to search the forum for a thread where 8999 lost btc are mentioned.
poor man used same paranoid setup and didnt backup his wallet after each and any transaction.

now to your question: i myself wouldnt trust usb sticks too much. Having above mentioned case in mind, you need more backups, why not on a system with FullDiskEncryption, Harddisk tied to mainboard via TPM (bitlocker?, dont know what linux can offer there)
If you want the usb stick badly, you could boot off it ?

Maybe there are encrypted sticks working with fingerprints which can be unlocked prior to the boot process ? dunno about that
Sandoz
Member
**
Offline Offline

Activity: 85


View Profile
June 06, 2011, 08:24:17 PM
 #3

you might want to search the forum for a thread where 8999 lost btc are mentioned.
poor man used same paranoid setup and didnt backup his wallet after each and any transaction.

now to your question: i myself wouldnt trust usb sticks too much. Having above mentioned case in mind, you need more backups, why not on a system with FullDiskEncryption, Harddisk tied to mainboard via TPM (bitlocker?, dont know what linux can offer there)
If you want the usb stick badly, you could boot off it ?

Maybe there are encrypted sticks working with fingerprints which can be unlocked prior to the boot process ? dunno about that


Hi Borgfish,

thanks for the reply. I am absolutely aware of the 8999 lost btc thing. Backup of a stick WOULD take place. Just from another OS: creating an image and put it online, on cd's etc. If the USB stick dies I would just take the image and rebuild another stick using that image

I don't trust booting from a stick. Why? There is not persistence. Someone could happily install any software on it (keylogger or whatever). With a CD you have your signature on it, maybe you check the hash.. but you are damn shure the OS is the same as before.

The FullDiskEncryption is intersting, I will look up that, thanks!
rebuilder
Legendary
*
Offline Offline

Activity: 1618



View Profile
June 06, 2011, 08:29:14 PM
 #4

roll a custom livecd with Dropbox or other cloud storage installed, have your encrypted wallet backed up there?

Selling out to advertisers shows you respect neither yourself nor the rest of us.
---------------------------------------------------------------
Too many low-quality posts? Mods not keeping things clean enough? Self-moderated threads let you keep signature spammers and trolls out!
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!