Transfer keys between USBs

[_Arnold_]

Hi

Is it safe to transfer private keys between to USBs, that are connected to the computer, at the same time? (two USBs inserted into the computer in other words)

I mean to hold the "alt"-button and drag/copy one key to the other USB. Is this safe to do from a security-perspective?

Or will the computer have some kind of memory of the file going between the two USBs so that a hacker can go into my computer and find the key/file?

[Coding Enthusiast]

As soon as you connect your USB disk to your computer, the Operating System and any program that is running on it can have access to your USB disk data (unless it is blocked by Anti virus or something). And it is not hard for a malware to copy itself on your USB disk (infect it so to speak) or read and copy its data.

For example if it is a bitcoin specific malware it can read your USB, analyze the files to see if it can find a wallet file, a list of private keys, ... and using those private keys it can broadcast it to the attacker or sweep them!

If you want to transfer sensitive information like your private keys, then do it on a clean and "air tight gapped ^{sorry, my English sucks sometimes!}" computer. You can use a live linux without persistence which is disconnected from the internet.

[_Arnold_]

Ok what is a live Linux and an airtight computer?

[zottejos]

Ok what is a live Linux and an airtight computer?

You can pick any live distro... But Tails is known to be one of the most secure ones out there.
The "air tight" part, i presume, means that it's not connected to the internet... Basically: unplug any utp cable, and make sure wlan is disabled.

[Bitcoinsummoner]

I think its even you are using other OS its still not safe anytime soon if you are not using your usb for a long time or just few months usb can be damage i have lots of transcends usb disk i am using them for making bootable usb but i stop using it for few months but they are damage and never detect in computer or laptop.
So if you really want to be safe the only thing that i know your bitcoin are safe is to buy trezor wallet you can use it offline and save your bitcoin for a long time. its immune to viruses and keyloggers..

[HCP]

He means "air gapped"... basically, it is as described above... a computer disconnected from all networks (and other devices). The idea being that it helps to prevent any hacking or malware etc unless the person has physical access to the machine.

The "Live" distro is a self contained Operating System that will boot from a dvd/cdrom or usb drive and does not require any permanent storage. It will load itself completely into RAM without needing any harddrive etc.

"Tails" is one of the more widely known "live" distro for the crypto world: https://tails.boum.org/

[Abdussamad]

Ok what is a live Linux and an airtight computer?

Live linux is a linux distribution that runs from a DVD, USB or other removable drive and which does not change things on your hard drive. It is like a virgin system that makes no permanent changes to your computer.

An air gapped (not airtight) computer is one that is never connected to any computer network. The term dates back to when we connected to computer networks using physical wires i.e. ethernet cables. To be air gapped means that their is gap between the cable and the port on the back of your PC i.e. the cable is not plugged in so there is no connection to the network.

In this day and age an air gapped computer would not be capable of network access via both wired and wireless means. So it would not have a WIFI card or a mobile network access. The hardware for such wireless access has to be removed from the computer for it to be a true air gapped PC (because otherwise deeply embedded malware could be making such connections without your knowledge).

The idea behind an air gapped computer is that any malware that might infect the computer can't communicate with the outside world so it can't steal your secrets i.e. your private keys.

[Last of the V8s]

http://trilema.com/2013/how-to-airgap-a-practical-guide/

[Mike Mayor]

Well what happens when you transfer data from a us to your hard drive ? It's the same thing. What you asking doesn't really make any sense. Nothing wrong with copying data from one drive to another. I see people talking about programs that steal your info off your usb. Please don't listen to these people they have no clue what they saying. Things don't run on your own without you rinning or installing them yourself end of.

Also to people who are paranoid. Please don't use computers. If you that paranoid computers aren't for you.

[hexafraction]

I see people talking about programs that steal your info off your usb. Please don't listen to these people they have no clue what they saying. Things don't run on your own without you rinning or installing them yourself end of.

Clearly you live under a rock, are illiterate, or didn't think before posting. I spot 304 hits for published CVEs mentioning remote code execution in Microsoft's products alone. Just search nvd.nist.gov for "remote code execution" and you'll see.

There's being paranoid, and then there's taking appropriate precautions. Spyware that transmits sensitive data such as cryptographic keys from disks and USB devices is not unheard of.

[systemv]

It can be very unsafe in Windows. If you are very concerned about security - use Linux, no network connected, same size USB drive and do low level disk copy such as:

dd if=/dev/sdX of=/dev/sdY bs=2M

where sdX source, sdY target. Be careful, that will destroy everything on sdY

[hexafraction]

It can be very unsafe in Windows. If you are very concerned about security - use Linux, no network connected, same size USB drive and do low level disk copy such as:

dd if=/dev/sdX of=/dev/sdY bs=2M

where sdX source, sdY target. Be careful, that will destroy everything on sdY

What if /dev/sdX is a bigger drive than /dev/sdY and the key file happens to have been fragmented/moved to the end of /dev/sdX? And why not make bs equal to the underlying physical sector size? If running on a secure offline system you should just be able to use cp and skip the raw disk copy nonsense.

[skyline247]

Hi

Is it safe to transfer private keys between to USBs, that are connected to the computer, at the same time? (two USBs inserted into the computer in other words)

I mean to hold the "alt"-button and drag/copy one key to the other USB. Is this safe to do from a security-perspective?

Or will the computer have some kind of memory of the file going between the two USBs so that a hacker can go into my computer and find the key/file?

Your best bet is actually creating a paper wallet.

Go to https://bitaddress.org to get started. Here you will get your public and private keys whereby you can send Bitcoins to them and print your keys onto physical paper that no one else will ever know except you. This is the absolute safest way to store Bitcoins. It is basically like fiat cash money, except Bitcoins instead.

[aoihs00]

Reply:

As soon as you connect your USB disk to your computer, the Operating System and any program that is running on it can have access to your USB disk data (unless it is blocked by Anti virus or something). And it is not hard for a malware to copy itself on your USB disk (infect it so to speak) or read and copy its data.


For example if it is a bitcoin specific malware it can read your USB, analyze the files to see if it can find a wallet file, a list of private keys, ... and using those private keys it can broadcast it to the attacker or sweep them!


If you want to transfer sensitive information like your private keys, then do it on a clean and "air tight gapped ^{sorry, my English sucks sometimes!}" computer. You can use a live linux without persistence which is disconnected from the internet.

I dont understand few things in this post. How can a malware read the file is related to wallet or not? It should be present there to do that and guess transferring from one USB to directly another won't give the file path to malware? Moreover, is it possible to send file via sandbox of antivirus where no malware can even touch the stuff.

[Coding Enthusiast]

I dont understand few things in this post. How can a malware read the file is related to wallet or not?

The same way a worm copies itself on your USB disk when you connect it to an infected computer. And checking contents of a file is not a hard thing when it is not encrypted!

Code:

WatchForConnectedDevicesViatUSB().RunAsLongAsSystemIsRunning(inBackground = true);
if(newDeviceDetected)
{
   GetAllFiles().Containing("Wallet", "bitcoin",....);
   ReadContent();
   if(content.IsPrivateKey)
   {
       SendToAttacker();
   }
}

[Mike Mayor]

I see people talking about programs that steal your info off your usb. Please don't listen to these people they have no clue what they saying. Things don't run on your own without you rinning or installing them yourself end of.

Clearly you live under a rock, are illiterate, or didn't think before posting. I spot 304 hits for published CVEs mentioning remote code execution in Microsoft's products alone. Just search nvd.nist.gov for "remote code execution" and you'll see.

There's being paranoid, and then there's taking appropriate precautions. Spyware that transmits sensitive data such as cryptographic keys from disks and USB devices is not unheard of.

Remote activation can only happen when when there is something on the victims pc to to allow it to run. You can't magically run things remotely on someone's oc without tricking them into installing something first or it finds an exploit into something they already have installed. Dude go put on your little tin foil hat. Paranoid.

[HCP]

Remote activation can only happen when when there is something on the victims pc to to allow it to run. You can't magically run things remotely on someone's oc without tricking them into installing something first or it finds an exploit into something they already have installed. Dude go put on your little tin foil hat. Paranoid.

So that whole "wannacry" thing was just a made up story by people being paranoid and nothing to do with exploits in Windows Operating System services then?

Given that there have been so many "0 day exploit" attacks in the past... and no doubt will be more in the future... being a little bit "paranoid" when it comes to valuable (and easily "stolen") digital assets is not necessarily a bad thing.

[TechPriest]

I dont understand few things in this post. How can a malware read the file is related to wallet or not?

The same way a worm copies itself on your USB disk when you connect it to an infected computer. And checking contents of a file is not a hard thing when it is not encrypted!

Code:

WatchForConnectedDevicesViatUSB().RunAsLongAsSystemIsRunning(inBackground = true);
if(newDeviceDetected)
{
   GetAllFiles().Containing("Wallet", "bitcoin",....);
   ReadContent();
   if(content.IsPrivateKey)
   {
       SendToAttacker();
   }
}

So it's good idea to rename documents or folders which contain your private keys. Viruses can parse file and folder names but they can't open random files.

[Amevalentine]

As soon as you connect your USB disk to your computer, the Operating System and any program that is running on it can have access to your USB disk data (unless it is blocked by Anti virus or something). And it is not hard for a malware to copy itself on your USB disk (infect it so to speak) or read and copy its data.

For example if it is a bitcoin specific malware it can read your USB, analyze the files to see if it can find a wallet file, a list of private keys, ... and using those private keys it can broadcast it to the attacker or sweep them!

If you want to transfer sensitive information like your private keys, then do it on a clean and "air tight gapped ^{sorry, my English sucks sometimes!}" computer. You can use a live linux without persistence which is disconnected from the internet.

1. Make sure your computer clean from virus/rat. scan it first by antivirus, antikeylogger, etc
2. Turn off internet connection.
3. Make folder with different name on your other USB disk.
4. You can copy it safe now.

[hexafraction]

So it's good idea to rename documents or folders which contain your private keys. Viruses can parse file and folder names but they can't open random files.

No, that's complete BS. A virus can make a system call to obtain a file handle for reading just like any other user-mode program can. If Notepad (or your favorite choice of benign program) can open files on the computer, what keeps a virus from doing so?