Bitcoin Forum
November 11, 2024, 07:58:24 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Is this a safe way to store bitcoins? Ubuntu Encrypted on USB HD?  (Read 1935 times)
gigabytecoin (OP)
Sr. Member
****
Offline Offline

Activity: 280
Merit: 252


View Profile
June 14, 2011, 06:22:06 AM
 #1

So here is my "safety plan"...

1) Install ubuntu to a USB Hard Drive and select the option to "encrypt hard disks".

2) Install bitcoin on the ubuntu OS that is running off my USB hard drive with encryption.

3) Done.

You would need phyiscal access to my USB drive AND the login password in order to transfer and bitcoins.

The only other step I might include would be making a duplicate copy of that USB HDD and uploading it to "the cloud" but I don't know how to do that yet...

Would it be even "safer" to use a lesser known distribution like Fedora, CentOS, or some other linux variant that is less commonly used to run a bitcoin client perhaps?
Dude65535
Full Member
***
Offline Offline

Activity: 126
Merit: 101


View Profile
June 14, 2011, 06:32:29 AM
 #2

That should be safe so long as you use that OS only for sending and receiving bitcoins. There is a remote chance of something nasty living in the motherboard bios or a GPUs bios, but it is very unlikely. Also it would be a good idea to make sure that the permanent drives were never mounted when running from the USB drive.

If you have $100,000 or more worth of bitcoins you should consider a complete dedicated system.

1DCj8ZwGZXQqQhgv6eUEnWgsxo8BTMj3mT
bcearl
Full Member
***
Offline Offline

Activity: 168
Merit: 103



View Profile
June 14, 2011, 06:34:09 AM
 #3

You should disable SWAP space. This will make it unable to hibernate, but that's worth the security benefit!

It could be even better to use a smaller distribution, but I think Ubuntu is a good start. They have pretty good security policies (for example all kind of buffer and stack overflow protections, and special treatment for potentially dangerous stuff like PDF and printing servers).

Misspelling protects against dictionary attacks NOT
gigabytecoin (OP)
Sr. Member
****
Offline Offline

Activity: 280
Merit: 252


View Profile
June 14, 2011, 06:50:55 AM
 #4

That should be safe so long as you use that OS only for sending and receiving bitcoins. There is a remote chance of something nasty living in the motherboard bios or a GPUs bios, but it is very unlikely. Also it would be a good idea to make sure that the permanent drives were never mounted when running from the USB drive.

If you have $100,000 or more worth of bitcoins you should consider a complete dedicated system.

That is a worry indeed... as I would potentially be using this USB thumb drive across multiple machines. How common is such a thing from happening? I have only ever heard of a seagate hard drive shipping with malware on it and that was a very small batch a few years ago.

@bcearl: What security benefits do I notice by disabling swap space? What are the drawbacks of disable swap space? I have heard that disable swap space is recommended whenever running the OS from a USB hard drive due to wear on the flash memory or something?

What smaller distrubution would you suggest? I have time to play around with setting them up.
Dude65535
Full Member
***
Offline Offline

Activity: 126
Merit: 101


View Profile
June 14, 2011, 06:59:03 AM
 #5

I can't recall anything in recent history that has infected the bios. I don't know if this is due to better designs or if it simply that any such virus is too hardware specific to be worth the time to create. You are probably more likely to get struck by lightning. Since I don't know how much money you are protecting, it is up to you to decide what is an acceptable level of risk.

1DCj8ZwGZXQqQhgv6eUEnWgsxo8BTMj3mT
bcearl
Full Member
***
Offline Offline

Activity: 168
Merit: 103



View Profile
June 14, 2011, 07:00:29 AM
 #6

That should be safe so long as you use that OS only for sending and receiving bitcoins. There is a remote chance of something nasty living in the motherboard bios or a GPUs bios, but it is very unlikely. Also it would be a good idea to make sure that the permanent drives were never mounted when running from the USB drive.

If you have $100,000 or more worth of bitcoins you should consider a complete dedicated system.

1. That is a worry indeed... as I would potentially be using this USB thumb drive across multiple machines. How common is such a thing from happening? I have only ever heard of a seagate hard drive shipping with malware on it and that was a very small batch a few years ago.

2. @bcearl: What security benefits do I notice by disabling swap space? What are the drawbacks of disable swap space? I have heard that disable swap space is recommended whenever running the OS from a USB hard drive due to wear on the flash memory or something?

What smaller distrubution would you suggest? I have time to play around with setting them up.

1. If you don't need fancy graphics, maybe you can disable video hardware acceleration as well. But I don't know whether that protects you against that at all.

2.
Benefits: You don't have to worry that some memory page with critical data like keys or passwords gets stored on the disk.
Drawback: If you have enough memory and don't neet hibernation (suspend to disk), everything should be fine without swap.

Misspelling protects against dictionary attacks NOT
gigabytecoin (OP)
Sr. Member
****
Offline Offline

Activity: 280
Merit: 252


View Profile
June 14, 2011, 07:17:55 AM
Last edit: June 14, 2011, 07:28:47 AM by gigabytecoin
 #7

That should be safe so long as you use that OS only for sending and receiving bitcoins. There is a remote chance of something nasty living in the motherboard bios or a GPUs bios, but it is very unlikely. Also it would be a good idea to make sure that the permanent drives were never mounted when running from the USB drive.

If you have $100,000 or more worth of bitcoins you should consider a complete dedicated system.

1. That is a worry indeed... as I would potentially be using this USB thumb drive across multiple machines. How common is such a thing from happening? I have only ever heard of a seagate hard drive shipping with malware on it and that was a very small batch a few years ago.

2. @bcearl: What security benefits do I notice by disabling swap space? What are the drawbacks of disable swap space? I have heard that disable swap space is recommended whenever running the OS from a USB hard drive due to wear on the flash memory or something?

What smaller distrubution would you suggest? I have time to play around with setting them up.

1. If you don't need fancy graphics, maybe you can disable video hardware acceleration as well. But I don't know whether that protects you against that at all.

2.
Benefits: You don't have to worry that some memory page with critical data like keys or passwords gets stored on the disk.
Drawback: If you have enough memory and don't neet hibernation (suspend to disk), everything should be fine without swap.

Thanks guys.

Most of the motherboards I buy nowadays come with "virus protection" I think they are pushing... as in it would be tough to install a virus/trojan on the mobo/cpu or something?? I don't know.. :S

Don't have millions to protect, but I don't have much money period so even $1,000 is enough for me to start getting worried about!

Question: How would one make a duplicate bootable copy of this same USB hard drive?

And what if I received 200 mining pool payments to this wallet without loading up the OS? Would the wallet.dat keep track of all 200+ transactions? Doesn't it only do 100 at a time?
Dude65535
Full Member
***
Offline Offline

Activity: 126
Merit: 101


View Profile
June 14, 2011, 07:40:22 AM
 #8

Receiving payments to a existing address will never be a problem.

They only time you have to worry about a wallet getting out of date is if it is a backup of a wallet that is in use. Then you must update at least every 100 new addresses.

You create a new address when sending coins (unless there is no change to be returned), after receiving coins at the currently displayed address for the first time, when you successfully mine a block solo, or when you click the new address button. When those things have happened a total of 100+ times any backup will have an incomplete set of private keys.

1DCj8ZwGZXQqQhgv6eUEnWgsxo8BTMj3mT
gigabytecoin (OP)
Sr. Member
****
Offline Offline

Activity: 280
Merit: 252


View Profile
June 14, 2011, 07:58:09 AM
 #9

Receiving payments to a existing address will never be a problem.

They only time you have to worry about a wallet getting out of date is if it is a backup of a wallet that is in use. Then you must update at least every 100 new addresses.

You create a new address when sending coins (unless there is no change to be returned), after receiving coins at the currently displayed address for the first time, when you successfully mine a block solo, or when you click the new address button. When those things have happened a total of 100+ times any backup will have an incomplete set of private keys.

Isn't it possible to set the client to use more than 100 addresses by default?

If I were making an encrypted ubuntu usb drive, I would like to set it to 1,000,000 addresses by default obviously, since I wouldn't want to have to keep creating new copies of the operating system/usb drive. Right?
bcearl
Full Member
***
Offline Offline

Activity: 168
Merit: 103



View Profile
June 14, 2011, 08:04:41 AM
 #10

Receiving payments to a existing address will never be a problem.

They only time you have to worry about a wallet getting out of date is if it is a backup of a wallet that is in use. Then you must update at least every 100 new addresses.

You create a new address when sending coins (unless there is no change to be returned), after receiving coins at the currently displayed address for the first time, when you successfully mine a block solo, or when you click the new address button. When those things have happened a total of 100+ times any backup will have an incomplete set of private keys.

Isn't it possible to set the client to use more than 100 addresses by default?

If I were making an encrypted ubuntu usb drive, I would like to set it to 1,000,000 addresses by default obviously, since I wouldn't want to have to keep creating new copies of the operating system/usb drive. Right?

It is possible. The limit of 100 is for unused addresses only. But even that can be specified in the client software.

Code:
  -keypool=<n>       Set key pool size to <n> (default: 100)

Misspelling protects against dictionary attacks NOT
Dude65535
Full Member
***
Offline Offline

Activity: 126
Merit: 101


View Profile
June 14, 2011, 08:05:42 AM
 #11

There is a command line option to set the number of extra addresses to generate (-keypool=<n>). If you set it to 1,000,000 your computer is going to be crunching numbers for a long time to generate them all.

1DCj8ZwGZXQqQhgv6eUEnWgsxo8BTMj3mT
stakhanov
Full Member
***
Offline Offline

Activity: 175
Merit: 101


View Profile
June 14, 2011, 08:15:21 AM
 #12

I think the plan is good, but I don't think Ubuntu is the right choice. It's a big system, so there are many possible security flaws. I think I'd go with something like OpenBSD instead.
gigabytecoin (OP)
Sr. Member
****
Offline Offline

Activity: 280
Merit: 252


View Profile
June 14, 2011, 08:22:33 AM
 #13

I think the plan is good, but I don't think Ubuntu is the right choice. It's a big system, so there are many possible security flaws. I think I'd go with something like OpenBSD instead.

Damnit. I am creating the bootable ubuntu USB disk now Tongue If I am going to get serious about this however there is good reason to switch to the best possible operating system.

In everyone's opinion: what is the most secure linux operating system available out there to date?
bcearl
Full Member
***
Offline Offline

Activity: 168
Merit: 103



View Profile
June 14, 2011, 08:25:44 AM
 #14

I think the plan is good, but I don't think Ubuntu is the right choice. It's a big system, so there are many possible security flaws. I think I'd go with something like OpenBSD instead.

Damnit. I am creating the bootable ubuntu USB disk now Tongue If I am going to get serious about this however there is good reason to switch to the best possible operating system.

In everyone's opinion: what is the most secure linux operating system available out there to date?

I would use a minimal Ubuntu, not the full blown thing. Get rid of everything unnecessary.

Misspelling protects against dictionary attacks NOT
gigabytecoin (OP)
Sr. Member
****
Offline Offline

Activity: 280
Merit: 252


View Profile
June 14, 2011, 08:28:53 AM
 #15

I think the plan is good, but I don't think Ubuntu is the right choice. It's a big system, so there are many possible security flaws. I think I'd go with something like OpenBSD instead.

Damnit. I am creating the bootable ubuntu USB disk now Tongue If I am going to get serious about this however there is good reason to switch to the best possible operating system.

In everyone's opinion: what is the most secure linux operating system available out there to date?

I would use a minimal Ubuntu, not the full blown thing. Get rid of everything unnecessary.

And how exactly does a linux noob do that?

By downloading the "alternate" version and installing to USB hdd with only the "desktop" option installed perhaps?
interfect
Full Member
***
Offline Offline

Activity: 141
Merit: 100


View Profile
June 14, 2011, 08:29:14 AM
 #16

The most secure Linux is one that's off. Followed by one that's up-to-date and behind a proper firewall. It doesn't matter what distro you use, they all share the same kernel vulnerabilities.

One of the lesser-used *nixes like lone of the BSDs will have fewer people trying to crack it, but also fewer people trying to patch it.

Set your machine up behind a firewall that only allows Bitcoin traffic. Then nothing can get in except through a kernel hole in a very well-inspected part of the code, or a hole in the Bitcoin client.

On that note, when was the last time we did a security audit of the client? Are we sure there are no obvious buffer overflows to be found?
bcearl
Full Member
***
Offline Offline

Activity: 168
Merit: 103



View Profile
June 14, 2011, 08:32:32 AM
Last edit: June 14, 2011, 08:43:58 AM by bcearl
 #17

The most secure Linux is one that's off. Followed by one that's up-to-date and behind a proper firewall. It doesn't matter what distro you use, they all share the same kernel vulnerabilities.

One of the lesser-used *nixes like lone of the BSDs will have fewer people trying to crack it, but also fewer people trying to patch it.

Set your machine up behind a firewall that only allows Bitcoin traffic. Then nothing can get in except through a kernel hole in a very well-inspected part of the code, or a hole in the Bitcoin client.

On that note, when was the last time we did a security audit of the client? Are we sure there are no obvious buffer overflows to be found?

That's not true, there are a lot of measurement that are taken by different distros differently.

For example with Ubuntu:
- Everything is compiled with the GCC stack smash protection.
- Everything runs with NX flag (data is not executable)
- Dangerous applications are in an extra sandbox (e.g. CUPS (common unix printing system), evince pdf reader)

I don't like Ubuntu that much. But security is the reason I wouldn't change to another one. (At least I haven't found any convincing alternative.)

EDIT: Most distributions don't use those features because they cost performance. It is not that they aren't available in theory.

second EDIT:
Type "sudo apparmor_status" in Ubuntu, and you will get this:
Code:
apparmor module is loaded.
10 profiles are loaded.
10 profiles are in enforce mode.
   /sbin/dhclient
   /usr/bin/evince
   /usr/bin/evince-previewer
   /usr/bin/evince-thumbnailer
   /usr/lib/NetworkManager/nm-dhcp-client.action
   /usr/lib/connman/scripts/dhclient-script
   /usr/lib/cups/backend/cups-pdf
   /usr/sbin/cupsd
   /usr/sbin/tcpdump
   /usr/share/gdm/guest-session/Xsession
0 profiles are in complain mode.
2 processes have profiles defined.
2 processes are in enforce mode :
   /sbin/dhclient (20559)
   /usr/sbin/cupsd (1266)
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.

Misspelling protects against dictionary attacks NOT
Isosceles
Member
**
Offline Offline

Activity: 71
Merit: 10


View Profile
June 14, 2011, 12:09:31 PM
 #18

@bcearl : I'm installing Ubuntu on a USB drive at the moment, but I'm a relative linux newb. Do you have instructions for securing it for Bitcoin? ie. removing unnecessary apps, removing swap drive, setting up the firewall, etc.
Also, I read BSD has only had 2 security vulnerabilities in it's whole life. If that's true, it sounds secure, so why choose Ubuntu?

For all others following this path, here's the link to PenDrive Linux - a 1-step USB install of any linux distro
http://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3/
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!