Bitcoin Forum
March 28, 2024, 09:42:04 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: Stop telling people that VMs could protect anything  (Read 9090 times)
bcearl (OP)
Full Member
***
Offline Offline

Activity: 168
Merit: 103



View Profile
June 11, 2011, 04:19:25 PM
 #21

so the same goes for the encrypted USB stick.  when its plugged into the host and unencrypted, its wide open?

Yes. A program can just ask for files and the system will decrypt them automatically.

Misspelling protects against dictionary attacks NOT
1711662124
Hero Member
*
Offline Offline

Posts: 1711662124

View Profile Personal Message (Offline)

Ignore
1711662124
Reply with quote  #2

1711662124
Report to moderator
1711662124
Hero Member
*
Offline Offline

Posts: 1711662124

View Profile Personal Message (Offline)

Ignore
1711662124
Reply with quote  #2

1711662124
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711662124
Hero Member
*
Offline Offline

Posts: 1711662124

View Profile Personal Message (Offline)

Ignore
1711662124
Reply with quote  #2

1711662124
Report to moderator
1711662124
Hero Member
*
Offline Offline

Posts: 1711662124

View Profile Personal Message (Offline)

Ignore
1711662124
Reply with quote  #2

1711662124
Report to moderator
xlcus
Legendary
*
Offline Offline

Activity: 966
Merit: 1009


View Profile
June 11, 2011, 04:21:31 PM
 #22

Use a separate user account for your bitcoin/wallet.  Then (assuming your main user account doesn't have administrator privileges), any wallet stealing processes you may encounter won't be able to access the wallet.
Jaime Frontero
Full Member
***
Offline Offline

Activity: 126
Merit: 100


View Profile
June 11, 2011, 04:23:51 PM
 #23

Use a separate user account for your bitcoin/wallet.  Then (assuming your main user account doesn't have administrator privileges), any wallet stealing processes you may encounter won't be able to access the wallet.

that would be the first line of defense - that (especially pre-7) windows users have surrendered by default: not running as admin.
gene
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250


View Profile
June 11, 2011, 04:29:46 PM
 #24

from http://kerneltrap.org/OpenBSD/Virtualization_Security

Quote
> Virtualization seems to have a lot of security benefits.

You've been smoking something really mind altering, and I think you
should share it.

x86 virtualization is about basically placing another nearly full
kernel, full of new bugs, on top of a nasty x86 architecture which
barely has correct page protection.  Then running your operating
system on the other side of this brand new pile of shit.

You are absolutely deluded, if not stupid, if you think that a
worldwide collection of software engineers who can't write operating
systems or applications without security holes, can then turn around
and suddenly write virtualization layers without security holes.

You've seen something on the shelf, and it has all sorts of pretty
colours, and you've bought it.

That's all x86 virtualization is.

The author was Theo de Raadt, (from the OpenBSD project)

*processing payment* *error 404 : funds not found*
Do you want to complain on the forum just to fall for another scam a few days later?
| YES       |        YES |
bcearl (OP)
Full Member
***
Offline Offline

Activity: 168
Merit: 103



View Profile
June 11, 2011, 04:34:45 PM
 #25

Use a separate user account for your bitcoin/wallet.  Then (assuming your main user account doesn't have administrator privileges), any wallet stealing processes you may encounter won't be able to access the wallet.

that would be the first line of defense - that (especially pre-7) windows users have surrendered by default: not running as admin.

Yes, but a VM is only a bad solution, a BSD system with a Windows guest wouldn't work for most users.

The only solution is a small isolated computer. Actually that computer could write transactions offline to a file, and the online-computer uses the transaction file only. Then no counterfeiting is possible.

Misspelling protects against dictionary attacks NOT
Jaime Frontero
Full Member
***
Offline Offline

Activity: 126
Merit: 100


View Profile
June 11, 2011, 04:40:04 PM
 #26

Use a separate user account for your bitcoin/wallet.  Then (assuming your main user account doesn't have administrator privileges), any wallet stealing processes you may encounter won't be able to access the wallet.

that would be the first line of defense - that (especially pre-7) windows users have surrendered by default: not running as admin.

Yes, but a VM is only a bad solution, a BSD system with a Windows guest wouldn't work for most users.

The only solution is a small isolated computer. Actually that computer could write transactions offline to a file, and the online-computer uses the transaction file only. Then no counterfeiting is possible.

yes.  isolation.

there are more ways to achieve that than taking yourself off the network, though.

i've given some recent thought to how malware is propagated.  it's targeted to OSs and browsers.  i wonder how much effort has been spent on writing the stuff for operating systems like... oh... Plan9?
cypherdoc
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
June 11, 2011, 04:48:32 PM
 #27

Use a separate user account for your bitcoin/wallet.  Then (assuming your main user account doesn't have administrator privileges), any wallet stealing processes you may encounter won't be able to access the wallet.

that would be the first line of defense - that (especially pre-7) windows users have surrendered by default: not running as admin.

Yes, but a VM is only a bad solution, a BSD system with a Windows guest wouldn't work for most users.

The only solution is a small isolated computer. Actually that computer could write transactions offline to a file, and the online-computer uses the transaction file only. Then no counterfeiting is possible.

yes.  isolation.

there are more ways to achieve that than taking yourself off the network, though.



i've given some recent thought to how malware is propagated.  it's targeted to OSs and browsers.  i wonder how much effort has been spent on writing the stuff for operating systems like... oh... Plan9?

so not much via email or downloads?
cypherdoc
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
June 11, 2011, 04:50:31 PM
 #28

as i asked above, wouldn't confining your browsing to the VM go a long way to protecting your wallet on the host?
Jaime Frontero
Full Member
***
Offline Offline

Activity: 126
Merit: 100


View Profile
June 11, 2011, 04:57:41 PM
 #29

Use a separate user account for your bitcoin/wallet.  Then (assuming your main user account doesn't have administrator privileges), any wallet stealing processes you may encounter won't be able to access the wallet.

that would be the first line of defense - that (especially pre-7) windows users have surrendered by default: not running as admin.

Yes, but a VM is only a bad solution, a BSD system with a Windows guest wouldn't work for most users.

The only solution is a small isolated computer. Actually that computer could write transactions offline to a file, and the online-computer uses the transaction file only. Then no counterfeiting is possible.

yes.  isolation.

there are more ways to achieve that than taking yourself off the network, though.



i've given some recent thought to how malware is propagated.  it's targeted to OSs and browsers.  i wonder how much effort has been spent on writing the stuff for operating systems like... oh... Plan9?

so not much via email or downloads?

not really.  i've opened (as an experiment) emails and downloads targeted to windows machines on linux machines.  no effect (although - for example - gmail targeted malware won't care about you OS).  the stuff using java and even python doesn't do much if you don't have those installed.  standard browser lockdown procedures are pretty effective, even on windows machines, given a little forethought.

a while ago, just for giggles, i installed 6 windows VMs, opened them all and networked them together.  i went and found some malware, let it infect them all, and watched it bounce around...
bcearl (OP)
Full Member
***
Offline Offline

Activity: 168
Merit: 103



View Profile
June 11, 2011, 04:58:35 PM
 #30

Use a separate user account for your bitcoin/wallet.  Then (assuming your main user account doesn't have administrator privileges), any wallet stealing processes you may encounter won't be able to access the wallet.

that would be the first line of defense - that (especially pre-7) windows users have surrendered by default: not running as admin.

Yes, but a VM is only a bad solution, a BSD system with a Windows guest wouldn't work for most users.

The only solution is a small isolated computer. Actually that computer could write transactions offline to a file, and the online-computer uses the transaction file only. Then no counterfeiting is possible.

yes.  isolation.

there are more ways to achieve that than taking yourself off the network, though.

i've given some recent thought to how malware is propagated.  it's targeted to OSs and browsers.  i wonder how much effort has been spent on writing the stuff for operating systems like... oh... Plan9?

That's not the point. It's not security to just say "nobody attacks me".

Misspelling protects against dictionary attacks NOT
kokojie
Legendary
*
Offline Offline

Activity: 1792
Merit: 1003



View Profile
June 11, 2011, 05:07:31 PM
 #31

NOT TRUE, a VM can be set up to be completely isolated from the host

If you set up a guest VM on a host computer, the programs in the guest VM can not (easily) attack the host computer.

But in the other direction, it is not true. Programs on the host machine can just manipulate the guest VM, e.g. just modify the disk image file.

Thus, a guest machine for bitcoin does not make sense at all (at least when the intended goal is protection).




But a hint may help:
A wallet file does not have to be online to receive money. You can just create a wallet on a offline computer and use the addresses.
Only if you want to spend money from that wallet, it has to be taken to an online machine.

btc: 15sFnThw58hiGHYXyUAasgfauifTEB1ZF6
Jaime Frontero
Full Member
***
Offline Offline

Activity: 126
Merit: 100


View Profile
June 11, 2011, 05:08:30 PM
 #32


That's not the point. It's not security to just say "nobody attacks me".

actually, in any rigorous security evaluation, that comes first.

it's put this way:  "who wants to steal or destroy what i want to protect?  and how good are they?"

how much money should one spend to defend the average, small website that sells $10 widgets and takes PayPal?  is the uberhacker of the russian steppes going to give you even a look?  no.  you don't have anything worth his time - so you really don't need to defend against him.

for that website, you need to defend against the average 22 year old hacker living in his parents' basement.  ...a not terribly expensive proposition.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
June 11, 2011, 05:09:42 PM
 #33

Use a separate user account for your bitcoin/wallet.  Then (assuming your main user account doesn't have administrator privileges), any wallet stealing processes you may encounter won't be able to access the wallet.

that would be the first line of defense - that (especially pre-7) windows users have surrendered by default: not running as admin.

Yes, but a VM is only a bad solution, a BSD system with a Windows guest wouldn't work for most users.

The only solution is a small isolated computer. Actually that computer could write transactions offline to a file, and the online-computer uses the transaction file only. Then no counterfeiting is possible.

yes.  isolation.

there are more ways to achieve that than taking yourself off the network, though.

i've given some recent thought to how malware is propagated.  it's targeted to OSs and browsers.  i wonder how much effort has been spent on writing the stuff for operating systems like... oh... Plan9?

That's not the point. It's not security to just say "nobody attacks me".



are the block chain files interchangeable btwn OS's like the wallet?
bcearl (OP)
Full Member
***
Offline Offline

Activity: 168
Merit: 103



View Profile
June 11, 2011, 05:58:46 PM
 #34

are the block chain files interchangeable btwn OS's like the wallet?

Yes. That's what the P2P network is for. It distributes the block chain.

Misspelling protects against dictionary attacks NOT
AaronM
Member
**
Offline Offline

Activity: 76
Merit: 10


View Profile WWW
June 11, 2011, 06:12:22 PM
 #35

as i asked above, wouldn't confining your browsing to the VM go a long way to protecting your wallet on the host?

Yes, it would help. I would use a VM that doesn't try to do fancy optimization like using hardware virtualization or x86-to-x86 translation.  A simple, "pure" VM has less opportunities for its programmers to screw up and introduce security holes. Maybe QEmu?

Do as little as possible outside of a VM, and have Bitcoin running either outside all VMs or in a separate VM from your browsing/email/whatever.

Also, see my thread about Qubes: http://forum.bitcoin.org/index.php?topic=11837.0;topicseen

Spare some BTC for a biology student? 1DZcEUEo9rX7LQWcYzVR6Btqj2sMqRznbB
bcearl (OP)
Full Member
***
Offline Offline

Activity: 168
Merit: 103



View Profile
June 11, 2011, 06:14:20 PM
 #36

as i asked above, wouldn't confining your browsing to the VM go a long way to protecting your wallet on the host?

Yes, it would help. I would use a VM that doesn't try to do fancy optimization like using hardware virtualization or x86-to-x86 translation.  A simple, "pure" VM has less opportunities for its programmers to screw up and introduce security holes. Maybe QEmu?

Do as little as possible outside of a VM, and have Bitcoin running either outside all VMs or in a separate VM from your browsing/email/whatever.

Also, see my thread about Qubes: http://forum.bitcoin.org/index.php?topic=11837.0;topicseen

You seem to be talking about emulators as opposed to VMs. That's even more waste, and emulation software is even more likely to have vulnerabilities than hardware virtualization.

Misspelling protects against dictionary attacks NOT
mcdett
Full Member
***
Offline Offline

Activity: 157
Merit: 100



View Profile
June 11, 2011, 06:47:07 PM
 #37

When people write trojans, viruses, etc. they largely do it for profit (the good ones anyway).  They deveop their program to go after the the largest market possible.  Most of the people partaking in bitcoin are running it on Windows XP/7 or Mac.  Many are running the core systems (mining operations, information infrastructure) on linux and BSD.

The threat agents will develop the first round of bitcoin specif software focusing on a Windows XP system utilizing a pre-existing attack vector (un-patched SMB or IE zero day vulns).

You must take a risk based aproach to how you hold your btc:

1 - Thrift account (no more than 200usd exposure) - Windows XP with standard bitcoin software.  Password protect your login and make sure your running some decent anti-virus

2 - Easy access large account (no more than 10,000usd of exposure) - VMware image of Ubuntu JeOS with OS based full disk encyption.  Has no services running (if it's running apache you fail) and a stable release of bitcoind.  Connect this only to known trusted nodes when needing to spend coins.

3 - Hard access mother account (all those secret coins generated the first year) - Every possible disk that ever held a private key is suspect.  Almost all of those should have been wiped with random data 5 times.  <-- before doing that account key pairs should be replicated to 3 tpyes of medium (dvdrw, flash drive, usb ext. hd) and each of these medium would be placed at separate bank security deposit boxes.



my 00.02 btc
matt.collier
Member
**
Offline Offline

Activity: 105
Merit: 10



View Profile
June 11, 2011, 07:53:54 PM
 #38

Protection through obscurity is the answer.

http://bitcoinvm.bitcoincommons.org/

cypherdoc
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
June 11, 2011, 08:07:28 PM
 #39

Protection through obscurity is the answer.

http://bitcoinvm.bitcoincommons.org/



well, it seems to me the whole premise of this thread is to refute what you've done.
matt.collier
Member
**
Offline Offline

Activity: 105
Merit: 10



View Profile
June 11, 2011, 09:02:22 PM
 #40

Just want to make sure that no one else does what I've done so that malware will never be written to target my bitcoin.
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!