Bitcoin Forum
December 14, 2017, 01:47:11 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Can be encrypted virtual machine as good as real offline computer?  (Read 872 times)
And1
Member
**
Offline Offline

Activity: 62



View Profile
March 20, 2013, 09:27:30 PM
 #1

I don't like idea of having another comp for offline wallet (I travel a lot).
I'm thinking about seting up Ubuntu on VMWare Player, that will be encrypted from inside, not just outer container which seems easier to break. Also connection will be turned off from inside.

Two questions:
1. When ill run this system ill have to put in pass phrase. If I have keylogger, this password will be logged. Can it be used somehow by trojan to decrypt or run and decrypt the virtual system?
2. When system is run and going, is it's image decrypted and vulnerable from host system?
1513259231
Hero Member
*
Offline Offline

Posts: 1513259231

View Profile Personal Message (Offline)

Ignore
1513259231
Reply with quote  #2

1513259231
Report to moderator
1513259231
Hero Member
*
Offline Offline

Posts: 1513259231

View Profile Personal Message (Offline)

Ignore
1513259231
Reply with quote  #2

1513259231
Report to moderator
1513259231
Hero Member
*
Offline Offline

Posts: 1513259231

View Profile Personal Message (Offline)

Ignore
1513259231
Reply with quote  #2

1513259231
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513259231
Hero Member
*
Offline Offline

Posts: 1513259231

View Profile Personal Message (Offline)

Ignore
1513259231
Reply with quote  #2

1513259231
Report to moderator
Foxpup
Legendary
*
Offline Offline

Activity: 2044



View Profile
March 21, 2013, 01:16:13 AM
 #2

This is a Bad Idea. Virtual machines provide no security against this threat, and are certainly no substitute for a real offline wallet.

When ill run this system ill have to put in pass phrase. If I have keylogger, this password will be logged. Can it be used somehow by trojan to decrypt or run and decrypt the virtual system?
Yes. The host system has access to everything the guest system does, including all your encrypted files. Access to encrypted files + access to passphrase = files not encrypted any more.

When system is run and going, is it's image decrypted and vulnerable from host system?
If the host system has a keylogger, it doesn't matter. See above.

Will pretend to do unverifiable things (while actually eating an enchilada-style burrito) for bitcoins: 1K6d1EviQKX3SVKjPYmJGyWBb1avbmCFM4
tilex
Newbie
*
Offline Offline

Activity: 15



View Profile
March 21, 2013, 05:23:51 AM
 #3

Instead of a whole separate machine or a VM maybe consider using a bootable Linux LiveCD/USB with no network access.  It's not perfect, but it's better than nothing and it's pretty portable.
deathcode
Sr. Member
****
Offline Offline

Activity: 392



View Profile
March 21, 2013, 05:45:45 AM
 #4

I don't like idea of having another comp for offline wallet (I travel a lot).
I'm thinking about seting up Ubuntu on VMWare Player, that will be encrypted from inside, not just outer container which seems easier to break. Also connection will be turned off from inside.

Two questions:
1. When ill run this system ill have to put in pass phrase. If I have keylogger, this password will be logged. Can it be used somehow by trojan to decrypt or run and decrypt the virtual system?
2. When system is run and going, is it's image decrypted and vulnerable from host system?


If you know what a keylogger is, most likely you have enough knowledge to not get infected by one. My offline wallet is in a virtual machine in a VMWARE ESxi server that has the vmdk file stored in a NAS protected with RAID 5 so...
How often do I turn on that VM? about once a month to download the new blocks and get my rewards from the pools.
Do I need to enter my passphrase? Not at all unless I want to perform a transaction, And I added the address in blockchain as a watch-only just to make sure I'm getting paid.
So, in short, I wouldn't use a local VM to store the wallet because you rely on one hard drive.
I do rely on a VM to keep my wallet, but the actual virtual hard drive (vmdm) is safely stored in a NAS with redundancy, worst case scenario (The actual NAS fails) I buy a similar one and I install the drives there (been there, done that)
I hope my experience helps.
Otherwise, just create a paper wallet which I also have.

And1
Member
**
Offline Offline

Activity: 62



View Profile
March 21, 2013, 06:49:11 AM
 #5

10 years ago was such page about firewall leak tests. There was trojans able to leak into processes and escape every firewall. This experience taught me that little is impossible, it's rather who is programming a virus. If there is huge money to earn, some pro guy may sit to it and we will have repeation from summer 2011 Smiley

Thx a lot for your answers!
deathcode
Sr. Member
****
Offline Offline

Activity: 392



View Profile
March 21, 2013, 07:07:00 AM
 #6

10 years ago was such page about firewall leak tests. There was trojans able to leak into processes and escape every firewall. This experience taught me that little is impossible, it's rather who is programming a virus. If there is huge money to earn, some pro guy may sit to it and we will have repeation from summer 2011 Smiley

Thx a lot for your answers!
If a computer is not listening to any ports, then the best virus in the world cannot get in (unless a human allows it)
Trust me, I'm one of those "pros" you're talking about. Smiley

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!