Bitcoin Forum
March 28, 2024, 04:59:15 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: USB Selfbooting Solid State Wallets - Secure - Manufacturer Needed!  (Read 2444 times)
TooCasual (OP)
Member
**
Offline Offline

Activity: 114
Merit: 10


You can't be Serious?!?


View Profile
February 26, 2013, 07:04:42 PM
 #1

Hello Everyone,

Wallet security is paramount on most everyone's mind.  I'm not talking about the wallets you use on your phones/tablets etc... they usually have small amounts of Bitcoin.  I'm talking about your "main bank", the whole enchilada, or your Bitcoin en mass... etc. Smiley ...and having it portable! (for storage in a safe or safety deposit box etc.)

Downloading and using a wallet for the average user on a Windows machine seems very risky with all the key loggers, trojans, viri etc.  Mac OS and Linux are not as vulnerable (except for password theft, laptop theft, and general lack of portability).  An online wallet certainly has its risks too! (hackers, servers down, loss or no internet connection)  So a portable standalone secure USB stick/key that is bootable on any computer (via POST not OS) is really what is required. 

I think its time the big guys who manufacture USB memory sticks (San Disk, Kingston, Verbatim, Lexar, Trancend, Patriot, Corsiar... etc.) should build a secure bootable usb wallet.  It would consist of: (bootable ROM (Linux encrypted OS and wallet files) with a large amount of RAM for the .dat files including the wallet.dat files (64G+ or bigger).   

Starting your machine with this USB stick inserted (after POST) it would prompt you for your password (and/or fingerprint) then boot into the software.  Following that, access to the wallet on the USB stick, including a different password for the transferring of any Bitcoins.  Using the current built of  (Bitcoin-Qt / bitcoind) as the industry standard.

Now, plugging the USB stick into an operating system (Windows, Mac OS, Linux) would display a locked drive, and all the .dat files including a further encrypted wallet.dat file.  This would allow users to back up their wallet.dat file elsewhere - in the case of USB stick damage or failure.

These big companies already have this implemented on most of their USB sticks (with hard coded (ROM) software etc.)  It's small work for any of them to produce a USB hard-wallet.

Some people already do similar to what I've described (without the ROM feature).  But, we need something for the mass majority.  Wallets in general being weakest link are a large concern to current Bitcoin users and new users too.  (How do I keep my BTC safe?? - without taking a computer course)

So lets solve the issue of our permanent wallet security.

The first company that gets the Bitcoin consortium (Gavin Andersen and group) stamp of approval on their product would make a ton-o-BTC... or that old fiat stuff Tongue

TC.
1711645155
Hero Member
*
Offline Offline

Posts: 1711645155

View Profile Personal Message (Offline)

Ignore
1711645155
Reply with quote  #2

1711645155
Report to moderator
1711645155
Hero Member
*
Offline Offline

Posts: 1711645155

View Profile Personal Message (Offline)

Ignore
1711645155
Reply with quote  #2

1711645155
Report to moderator
Be very wary of relying on JavaScript for security on crypto sites. The site can change the JavaScript at any time unless you take unusual precautions, and browsers are not generally known for their airtight security.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
buybtc
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
February 26, 2013, 08:51:07 PM
 #2

Have you seen the Paper USB drives?
TooCasual (OP)
Member
**
Offline Offline

Activity: 114
Merit: 10


You can't be Serious?!?


View Profile
February 26, 2013, 09:08:13 PM
 #3

Hmm, no I haven't.  Cool.  Wouldn't want to spill yer coffee on it and lose yer bitties in the process.  Hehe.

Nice to go green though.  They have to be large capacity  (64G +) for the .dat files...

TC
hazek
Legendary
*
Offline Offline

Activity: 1078
Merit: 1002


View Profile
February 26, 2013, 10:26:04 PM
 #4

Are you aware of this:
https://bitcointalk.org/index.php?topic=127587.0
https://bitcointalk.org/index.php?topic=122438.0

My personality type: INTJ - please forgive my weaknesses (Not naturally in tune with others feelings; may be insensitive at times, tend to respond to conflict with logic and reason, tend to believe I'm always right)

If however you enjoyed my post: 15j781DjuJeVsZgYbDVt2NZsGrWKRWFHpp
deepceleron
Legendary
*
Offline Offline

Activity: 1512
Merit: 1025



View Profile WWW
February 26, 2013, 11:42:10 PM
Last edit: February 27, 2013, 01:23:49 AM by deepceleron
 #5

This can be done now, you can boot off tinycore linux liveCD (12MB). For v0.8.0, install qt-4.x-base through "apps", wget http://iweb.dl.sourceforge.net/project/bitcoin/Bitcoin/bitcoin-0.8.0/bitcoin-0.8.0-linux.tar.gz, and tar xvf bitcoin-0.8.0-linux.tar.gz.



It will explode after you use up it's 1GB RAMdisk downloading blockchain though, so you install it to a 32GB flash drive, and you can now boot a full OS with full GUI Bitcoin off removable disk. You can encrypt the home directory so Bitcoin data is unreadable without booting and entering a password.

I could easily make such a thing preloaded with blockchain for sale, the trick would be convincing others it is trustable and that future ones I sell would remain trustable.
Rodyland
Hero Member
*****
Offline Offline

Activity: 499
Merit: 500


View Profile
February 26, 2013, 11:50:10 PM
 #6

I called it. Cheesy  Well, not quite, but it can't be far off once the ASICs are delivered.

https://bitcointalk.org/index.php?topic=14910.msg201278#msg201278

Beware the weak hands!
1NcL6Mjm4qeiYYi2rpoCtQopPrH4PyKfUC
GPG ID: E3AA41E3
deepceleron
Legendary
*
Offline Offline

Activity: 1512
Merit: 1025



View Profile WWW
February 26, 2013, 11:58:53 PM
 #7

I called it. Cheesy  Well, not quite, but it can't be far off once the ASICs are delivered.

https://bitcointalk.org/index.php?topic=14910.msg201278#msg201278

Mining != anything in this thread. There is BAMT for that.
nwbitcoin
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


You are a geek if you are too early to the party!


View Profile WWW
February 27, 2013, 12:21:54 AM
 #8

If you placed your virtualised tiny linux wallet in a trucrypt hidden volume, it doesn't need to go on any fancy usb stick - as long as its big enough for the blockchain?

http://www.truecrypt.org/hiddenvolume

its going to take longer to write a decent pass phrase than the time needed to set this up Wink

Maybe I should write a tutorial? Wink


*Image Removed*
I use Localbitcoins to sell bitcoins for GBP by bank transfer!
deepceleron
Legendary
*
Offline Offline

Activity: 1512
Merit: 1025



View Profile WWW
February 27, 2013, 12:41:37 AM
 #9

If you placed your virtualised tiny linux wallet in a trucrypt hidden volume, it doesn't need to go on any fancy usb stick - as long as its big enough for the blockchain?

http://www.truecrypt.org/hiddenvolume

its going to take longer to write a decent pass phrase than the time needed to set this up Wink

Maybe I should write a tutorial? Wink


If someone PwnD your computer, they also can have control and access to anything on it and anything you type.
nwbitcoin
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


You are a geek if you are too early to the party!


View Profile WWW
February 27, 2013, 12:43:58 AM
 #10

If you placed your virtualised tiny linux wallet in a trucrypt hidden volume, it doesn't need to go on any fancy usb stick - as long as its big enough for the blockchain?

http://www.truecrypt.org/hiddenvolume

its going to take longer to write a decent pass phrase than the time needed to set this up Wink

Maybe I should write a tutorial? Wink


If someone PwnD your computer, they also can have control and access to anything on it and anything you type.

But isn't that a risk with any computer?  Why would this be a bigger risk?

*Image Removed*
I use Localbitcoins to sell bitcoins for GBP by bank transfer!
TooCasual (OP)
Member
**
Offline Offline

Activity: 114
Merit: 10


You can't be Serious?!?


View Profile
February 27, 2013, 12:49:14 AM
 #11


That product does look great though.

Yes, but it's not exactly what I was suggesting.  Much cheaper solution <$60USD  (a permanent safe so to speak for the big load - I wouldn't want to carry it around with 100+BTC off my key-chain! Cheesy )


My only thinking is that the custom built USB-key wallet is something my GF, mother, dad, grandma, everyone one of my friends it seems and other non techy could use.  I have used tiny, puppy, ubuntu to a custom boot USB key my self.  But a simple to use finger print scanner on usb with rom based os (so they cant screw it up lol) and 64Gig+ portion to the .dat files.  

Its gotta be foolproof and very simple to use.  Security is paramount.

With one of the larger manufacturers making it (Sandisk, etc) people would trust it.  


TC
scintill
Sr. Member
****
Offline Offline

Activity: 448
Merit: 252


View Profile WWW
February 27, 2013, 01:02:33 AM
 #12

It will explode after you use up it's 1GB RAMdisk downloading blockchain though

I would rather use a lite client like Electrum, personally.  Then the stick is just a segregated place to keep your private keys and a know-clean OS.  Good enough for me.

1SCiN5kqkAbxxwesKMsH9GvyWnWP5YK2W | donations
deepceleron
Legendary
*
Offline Offline

Activity: 1512
Merit: 1025



View Profile WWW
February 27, 2013, 01:03:03 AM
Last edit: February 27, 2013, 01:36:08 AM by deepceleron
 #13

If someone PwnD your computer, they also can have control and access to anything on it and anything you type.

But isn't that a risk with any computer?  Why would this be a bigger risk?

Because we assume that you use your normal computer for doing things like clicking links like these (any of which could infect your computer with no input from you). Any virtual machine or encrypted sub-system that you run on your system is just as vulnerable since the remote attacker will have the same privileges as you on the main OS.

A USB boot drive is a more secure environment, especially one that comes with no web browser. You install it clean off a LiveCD as I describe above, so it is never potentially tainted. You only type it's password directly into the USB boot OS. The data can be made unreadable by anything other than the boot code on the USB. It's kernel can be firewalled to only accept incoming Bitcoin connections and nothing else.


With one of the larger manufacturers making it (Sandisk, etc) people would trust it.  
Assuming that a manufacturer made purpose-built Bitcoin device is automatically better is wrong. I wouldn't trust anything with software loaded up in a Chinese factory with my money, especially a device they know will contain my money.
Vernon715
Full Member
***
Offline Offline

Activity: 182
Merit: 100



View Profile
February 27, 2013, 01:08:53 AM
 #14

If you want to look for manufacturers, look on alibaba.com

It is kind of like a craigslist for outsourcing.

Please donate: 1FfJzfpGCXD6saKqmMs8W1qt9wouhA98Mj

http://bitcoinpyramid.com/r/1642

100101011010100100101010010111001010010101010100101001000100101010101010101010
TooCasual (OP)
Member
**
Offline Offline

Activity: 114
Merit: 10


You can't be Serious?!?


View Profile
February 27, 2013, 01:32:37 AM
 #15

Assuming that a manufacturer made purpose-built Bitcoin device is automatically better is wrong. I wouldn't trust anything with software loaded up in a Chinese factory with my money, especially a device they know will contain my money.

That is a good point...  (conspiracy back door key... lol)  Makes you wonder...

So... Then how do you (the bitcointalk users) tell people with almost zero tech skills how to make a high security wallet? As they all probably own a Windoze machine anyways.  Also, it has to be easy to use... Haha, think of all those CEO's, CFO, etc. out there... JK  Cool

nimda
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


0xFB0D8D1534241423


View Profile
February 27, 2013, 02:02:31 AM
 #16

Assuming that a manufacturer made purpose-built Bitcoin device is automatically better is wrong. I wouldn't trust anything with software loaded up in a Chinese factory with my money, especially a device they know will contain my money.

That is a good point...  (conspiracy back door key... lol)  Makes you wonder...

So... Then how do you (the bitcointalk users) tell people with almost zero tech skills how to make a high security wallet? As they all probably own a Windoze machine anyways.  Also, it has to be easy to use... Haha, think of all those CEO's, CFO, etc. out there... JK  Cool


Generate some entropy by throwing darts, then calculate the private and public keys with paper and pencil.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
February 27, 2013, 05:47:28 AM
 #17

If someone PwnD your computer, they also can have control and access to anything on it and anything you type.

But isn't that a risk with any computer?  Why would this be a bigger risk?

Because we assume that you use your normal computer for doing things like clicking links like these (any of which could infect your computer with no input from you). Any virtual machine or encrypted sub-system that you run on your system is just as vulnerable since the remote attacker will have the same privileges as you on the main OS.

A USB boot drive is a more secure environment, especially one that comes with no web browser. You install it clean off a LiveCD as I describe above, so it is never potentially tainted. You only type it's password directly into the USB boot OS. The data can be made unreadable by anything other than the boot code on the USB. It's kernel can be firewalled to only accept incoming Bitcoin connections and nothing else.


With one of the larger manufacturers making it (Sandisk, etc) people would trust it.  
Assuming that a manufacturer made purpose-built Bitcoin device is automatically better is wrong. I wouldn't trust anything with software loaded up in a Chinese factory with my money, especially a device they know will contain my money.

now that MSFT appears to be preventing booting from USB sticks in Windows 8, will your TinyCore USB system still work on those machines?
Zangelbert Bingledack
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


View Profile
February 27, 2013, 10:09:50 AM
 #18

Assuming that a manufacturer made purpose-built Bitcoin device is automatically better is wrong. I wouldn't trust anything with software loaded up in a Chinese factory with my money, especially a device they know will contain my money.

That is a good point...  (conspiracy back door key... lol)  Makes you wonder...

So... Then how do you (the bitcointalk users) tell people with almost zero tech skills how to make a high security wallet? As they all probably own a Windoze machine anyways.  Also, it has to be easy to use... Haha, think of all those CEO's, CFO, etc. out there... JK  Cool


Generate some entropy by throwing darts, then calculate the private and public keys with paper and pencil.

Tell me more!
nwbitcoin
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250


You are a geek if you are too early to the party!


View Profile WWW
February 27, 2013, 02:41:06 PM
 #19

If someone PwnD your computer, they also can have control and access to anything on it and anything you type.

But isn't that a risk with any computer?  Why would this be a bigger risk?

Because we assume that you use your normal computer for doing things like clicking links like these (any of which could infect your computer with no input from you). Any virtual machine or encrypted sub-system that you run on your system is just as vulnerable since the remote attacker will have the same privileges as you on the main OS.

A USB boot drive is a more secure environment, especially one that comes with no web browser. You install it clean off a LiveCD as I describe above, so it is never potentially tainted. You only type it's password directly into the USB boot OS. The data can be made unreadable by anything other than the boot code on the USB. It's kernel can be firewalled to only accept incoming Bitcoin connections and nothing else.


Technically speaking there is absolutely no difference in the security of either a virtual or a LiveCD OS - its all about convenience.

However, having thought about the problem again, do we actually need a physical wallet at all?

You have a cloud folder somewhere where your BTC files are stored.  You just need access to it occasionally to see how much the total is.   You don't need access to add to it, and you don't need more than the address to take from it.


If you could find out what the total was without entering the wallet, you would never need to go near your wallet.

Is my understanding of BTC wallets true?


Because on that basis, its going to be far, far safer to leave the data in the capable hands of a data centre, with no access to your private keys!

*Image Removed*
I use Localbitcoins to sell bitcoins for GBP by bank transfer!
cypherdoc
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
February 27, 2013, 03:00:18 PM
 #20

If someone PwnD your computer, they also can have control and access to anything on it and anything you type.

But isn't that a risk with any computer?  Why would this be a bigger risk?

Because we assume that you use your normal computer for doing things like clicking links like these (any of which could infect your computer with no input from you). Any virtual machine or encrypted sub-system that you run on your system is just as vulnerable since the remote attacker will have the same privileges as you on the main OS.

A USB boot drive is a more secure environment, especially one that comes with no web browser. You install it clean off a LiveCD as I describe above, so it is never potentially tainted. You only type it's password directly into the USB boot OS. The data can be made unreadable by anything other than the boot code on the USB. It's kernel can be firewalled to only accept incoming Bitcoin connections and nothing else.


Technically speaking there is absolutely no difference in the security of either a virtual or a LiveCD OS - its all about convenience.

However, having thought about the problem again, do we actually need a physical wallet at all?

You have a cloud folder somewhere where your BTC files are stored.  You just need access to it occasionally to see how much the total is.   You don't need access to add to it, and you don't need more than the address to take from it.


If you could find out what the total was without entering the wallet, you would never need to go near your wallet.

Is my understanding of BTC wallets true?


Because on that basis, its going to be far, far safer to leave the data in the capable hands of a data centre, with no access to your private keys!


this is the concept of offline wallets you speak of.  no need to ever connect your private keys to the internet.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!