Bitcoin Forum
December 10, 2016, 03:04:33 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2  All
  Print  
Author Topic: BitVault LiveCD - Bitcoin Secure Transactions Environment  (Read 4290 times)
Globz
Newbie
*
Offline Offline

Activity: 14

www.kittybomber.com


View Profile WWW
June 24, 2011, 05:10:28 PM
 #1

The recent security concerns related to Bitcoin gave me the idea to create a LiveCD where you can do safe transactions without worrying about being infected by the trojan infostealer.Coinbit or being spied by anyone.

Features :
                                              -Use TrueCrypt to access your encrypted Wallet
                                              -If you wish you can surf the web anonymously with JonDoFox
                                              -You can use the client MegaIRC and join your favourite Bitcoin irc channel
                                              -You can also use the calculator to help you in your transactions
                                              -You can connect to the internet with OpenVPN (not yet implemented)
                                              -Block-chain already pre-loaded inside BitVault - you can manually update it
                                              -BitVault Wizard, easy step by step with almost no interaction from the user which install and configure
                                               the bitcoin client for you!




If you wish to know more about BitVault features, method of work and download link, please read this page : http://kittybomber.com/BitVault

I am also seeking volunteer to help me out with this project, read this page for more information : http://kittybomber.com/BitVault_dev


Please give me feedback and if you wish to see something implemented inside this LiveCD let me know!

EDIT:

-Added a new Bitcoin client support from coderrr : http://forum.mtgoxlive.com/showthread.php/11-Patching-The-Bitcoin-Client-To-Make-It-More-Anonymous
 - Please read this page if you wish to use this client http://www.kittybomber.com/config_guide

Feel free to donate : 1D5BjvQi7kGPUBpumWsN7kJ63hixEJcfFW

BitVault LiveCD - Bitcoin Secure Transactions Environment
http://www.kittybomber.com/BitVault
1481382273
Hero Member
*
Offline Offline

Posts: 1481382273

View Profile Personal Message (Offline)

Ignore
1481382273
Reply with quote  #2

1481382273
Report to moderator
1481382273
Hero Member
*
Offline Offline

Posts: 1481382273

View Profile Personal Message (Offline)

Ignore
1481382273
Reply with quote  #2

1481382273
Report to moderator
1481382273
Hero Member
*
Offline Offline

Posts: 1481382273

View Profile Personal Message (Offline)

Ignore
1481382273
Reply with quote  #2

1481382273
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481382273
Hero Member
*
Offline Offline

Posts: 1481382273

View Profile Personal Message (Offline)

Ignore
1481382273
Reply with quote  #2

1481382273
Report to moderator
1481382273
Hero Member
*
Offline Offline

Posts: 1481382273

View Profile Personal Message (Offline)

Ignore
1481382273
Reply with quote  #2

1481382273
Report to moderator
1481382273
Hero Member
*
Offline Offline

Posts: 1481382273

View Profile Personal Message (Offline)

Ignore
1481382273
Reply with quote  #2

1481382273
Report to moderator
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
June 24, 2011, 05:15:28 PM
 #2

I strongly recommend you apply Sipa's import/export patch, so that bitcoin addresses with their private keys can be exported and/or re-imported.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
Globz
Newbie
*
Offline Offline

Activity: 14

www.kittybomber.com


View Profile WWW
June 24, 2011, 05:28:05 PM
 #3

I strongly recommend you apply Sipa's import/export patch, so that bitcoin addresses with their private keys can be exported and/or re-imported.

Could you please provide me a link? I will look into this.

BitVault LiveCD - Bitcoin Secure Transactions Environment
http://www.kittybomber.com/BitVault
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
June 24, 2011, 05:47:21 PM
 #4

I strongly recommend you apply Sipa's import/export patch, so that bitcoin addresses with their private keys can be exported and/or re-imported.

Could you please provide me a link? I will look into this.

http://forum.bitcoin.org/?topic=3906.0

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
Globz
Newbie
*
Offline Offline

Activity: 14

www.kittybomber.com


View Profile WWW
June 24, 2011, 06:03:33 PM
 #5

I strongly recommend you apply Sipa's import/export patch, so that bitcoin addresses with their private keys can be exported and/or re-imported.

Could you please provide me a link? I will look into this.

http://forum.bitcoin.org/?topic=3906.0

Thanks, so it does only support this client version 0.3.20 ?

BitVault LiveCD - Bitcoin Secure Transactions Environment
http://www.kittybomber.com/BitVault
em3rgentOrdr
Sr. Member
****
Offline Offline

Activity: 434


youtube.com/ericfontainejazz now accepts bitcoin


View Profile WWW
June 24, 2011, 07:15:00 PM
 #6

I subscribing to this thread.  When anyone tries it out, please respond and give feedback.

"We will not find a solution to political problems in cryptography, but we can win a major battle in the arms race and gain a new territory of freedom for several years.

Governments are good at cutting off the heads of a centrally controlled networks, but pure P2P networks are holding their own."
Globz
Newbie
*
Offline Offline

Activity: 14

www.kittybomber.com


View Profile WWW
June 24, 2011, 09:01:25 PM
 #7

I subscribing to this thread.  When anyone tries it out, please respond and give feedback.

If you have any questions do not hesitate to ask me.

BitVault LiveCD - Bitcoin Secure Transactions Environment
http://www.kittybomber.com/BitVault
bitlotto
Hero Member
*****
Offline Offline

Activity: 672


BitLotto - best odds + best payouts + cheat-proof


View Profile WWW
June 24, 2011, 10:26:54 PM
 #8

I saw on your website you may be planning a linux cd. If so I'd consider Tiny Core Linux.
With it, you could have a download of ONLY 30 MB iso! That's with Bitcoin and a GUI. It would be easy to have something where the cd boots and prompts user to insert usb stick. Once usb is recognized Bitcoin is lauched and block chain copied off of usb stick and encrypted wallet copied and prompts for gpg password. Once done it could re-copy blockchain onto usb and update the encrypted wallet. Since there is almost no other software on it it, there would be less exploitable bugs.

*Next Draw Feb 1*  BitLotto: monthly raffle (0.25 BTC per ticket) Completely transparent and impossible to manipulate who wins. TOR
TOR2WEB
Donations to: 1JQdiQsjhV2uJ4Y8HFtdqteJsZhv835a8J are appreciated.
Globz
Newbie
*
Offline Offline

Activity: 14

www.kittybomber.com


View Profile WWW
June 24, 2011, 10:58:48 PM
 #9

I saw on your website you may be planning a linux cd. If so I'd consider Tiny Core Linux.
With it, you could have a download of ONLY 30 MB iso! That's with Bitcoin and a GUI. It would be easy to have something where the cd boots and prompts user to insert usb stick. Once usb is recognized Bitcoin is lauched and block chain copied off of usb stick and encrypted wallet copied and prompts for gpg password. Once done it could re-copy blockchain onto usb and update the encrypted wallet. Since there is almost no other software on it it, there would be less exploitable bugs.

Thanks for your reply, when comes the time I will follow your advice it seems like a great idea. If you ever wish to participate in the project let me know.

BitVault LiveCD - Bitcoin Secure Transactions Environment
http://www.kittybomber.com/BitVault
bitlotto
Hero Member
*****
Offline Offline

Activity: 672


BitLotto - best odds + best payouts + cheat-proof


View Profile WWW
June 24, 2011, 11:50:30 PM
 #10

Thanks for your reply, when comes the time I will follow your advice it seems like a great idea. If you ever wish to participate in the project let me know.
Check: https://forum.bitcoin.org/index.php?topic=22128.0

*Next Draw Feb 1*  BitLotto: monthly raffle (0.25 BTC per ticket) Completely transparent and impossible to manipulate who wins. TOR
TOR2WEB
Donations to: 1JQdiQsjhV2uJ4Y8HFtdqteJsZhv835a8J are appreciated.
Globz
Newbie
*
Offline Offline

Activity: 14

www.kittybomber.com


View Profile WWW
June 25, 2011, 12:18:45 AM
 #11

Thanks for your reply, when comes the time I will follow your advice it seems like a great idea. If you ever wish to participate in the project let me know.
Check: https://forum.bitcoin.org/index.php?topic=22128.0



yeah I just saw, if you find other people who would be interested to create this LiveCD, I will gladly help in the create and host it on my website. If not I will do it by myself but it might take a little while since I am really busy right now.

BitVault LiveCD - Bitcoin Secure Transactions Environment
http://www.kittybomber.com/BitVault
bitlotto
Hero Member
*****
Offline Offline

Activity: 672


BitLotto - best odds + best payouts + cheat-proof


View Profile WWW
June 25, 2011, 12:28:17 AM
 #12

Thanks for your reply, when comes the time I will follow your advice it seems like a great idea. If you ever wish to participate in the project let me know.
Check: https://forum.bitcoin.org/index.php?topic=22128.0



yeah I just saw, if you find other people who would be interested to create this LiveCD, I will gladly help in the create and host it on my website. If not I will do it by myself but it might take a little while since I am really busy right now.
If you made one like how I described it would be pretty sweet! I'll be watching!!

*Next Draw Feb 1*  BitLotto: monthly raffle (0.25 BTC per ticket) Completely transparent and impossible to manipulate who wins. TOR
TOR2WEB
Donations to: 1JQdiQsjhV2uJ4Y8HFtdqteJsZhv835a8J are appreciated.
Globz
Newbie
*
Offline Offline

Activity: 14

www.kittybomber.com


View Profile WWW
June 25, 2011, 03:59:09 AM
 #13

Thanks for your reply, when comes the time I will follow your advice it seems like a great idea. If you ever wish to participate in the project let me know.
Check: https://forum.bitcoin.org/index.php?topic=22128.0



yeah I just saw, if you find other people who would be interested to create this LiveCD, I will gladly help in the create and host it on my website. If not I will do it by myself but it might take a little while since I am really busy right now.
If you made one like how I described it would be pretty sweet! I'll be watching!!

I will do my best.

BitVault LiveCD - Bitcoin Secure Transactions Environment
http://www.kittybomber.com/BitVault
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 2100



View Profile
June 25, 2011, 03:53:36 PM
 #14


Liking these "Vault Environment" projects ... just watching.

So how sure are you that traces of the decrypted private keys are never left anywhere on the machine when you are all done? RAM, cache, buffers, etc? Isn't that somewhat hardware dependent? Be good if an embedded guy could have a look through it also.

Globz
Newbie
*
Offline Offline

Activity: 14

www.kittybomber.com


View Profile WWW
June 25, 2011, 04:27:08 PM
 #15


Liking these "Vault Environment" projects ... just watching.

So how sure are you that traces of the decrypted private keys are never left anywhere on the machine when you are all done? RAM, cache, buffers, etc? Isn't that somewhat hardware dependent? Be good if an embedded guy could have a look through it also.

Your TrueCrypt Container will remain on your USB key, you are using an instance of  TrueCrypt loaded inside your RAM to decrypt your container, then the program will mount a virtual drive for you so you can access your wallet, there is no interaction with your HDD. You could even boot up inside this LiveCD without your hard drive.

BitVault LiveCD - Bitcoin Secure Transactions Environment
http://www.kittybomber.com/BitVault
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 2100



View Profile
June 25, 2011, 04:42:19 PM
 #16


Liking these "Vault Environment" projects ... just watching.

So how sure are you that traces of the decrypted private keys are never left anywhere on the machine when you are all done? RAM, cache, buffers, etc? Isn't that somewhat hardware dependent? Be good if an embedded guy could have a look through it also.

Your TrueCrypt Container will remain on your USB key, you are using an instance of  TrueCrypt loaded inside your RAM to decrypt your container, then the program will mount a virtual drive for you so you can access your wallet, there is no interaction with your HDD. You could even boot up inside this LiveCD without your hard drive.

And is there some code that specifically scrubs the private keys out of RAM (and where-ever else) when you are done? probably just left to chance right?

Globz
Newbie
*
Offline Offline

Activity: 14

www.kittybomber.com


View Profile WWW
June 25, 2011, 04:46:32 PM
 #17


Liking these "Vault Environment" projects ... just watching.

So how sure are you that traces of the decrypted private keys are never left anywhere on the machine when you are all done? RAM, cache, buffers, etc? Isn't that somewhat hardware dependent? Be good if an embedded guy could have a look through it also.

Your TrueCrypt Container will remain on your USB key, you are using an instance of  TrueCrypt loaded inside your RAM to decrypt your container, then the program will mount a virtual drive for you so you can access your wallet, there is no interaction with your HDD. You could even boot up inside this LiveCD without your hard drive.

And is there some code that specifically scrubs the private keys out of RAM (and where-ever else) when you are done? probably just left to chance right?

When you are done with the LiveCD you will reboot inside your OS, your RAM will refresh and load your current OS, your container will be unmounted so there's no way to steal the wallet. If your private key would still be in memory the attacker would have to know first what to do with this "key"

BitVault LiveCD - Bitcoin Secure Transactions Environment
http://www.kittybomber.com/BitVault
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 2100



View Profile
June 25, 2011, 05:00:22 PM
 #18

Quote
If your private key would still be in memory the attacker would have to know first what to do with this "key"

.... well that would be the implicit assumption wouldn't it? Worms looking for bitcoin private keys anywhere they find them is the new background environment.

Globz
Newbie
*
Offline Offline

Activity: 14

www.kittybomber.com


View Profile WWW
June 25, 2011, 05:14:56 PM
 #19

Quote
If your private key would still be in memory the attacker would have to know first what to do with this "key"

.... well that would be the implicit assumption wouldn't it? Worms looking for bitcoin private keys anywhere they find them is the new background environment.

The current Malware is a Trojan and he's only looking for wallet.dat, I haven't heard of such worm reading your RAM for private key. If you find a link I will gladly read it and apply a proper solution to this problem.

BitVault LiveCD - Bitcoin Secure Transactions Environment
http://www.kittybomber.com/BitVault
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 2100



View Profile
June 25, 2011, 05:16:51 PM
 #20

Quote
If your private key would still be in memory the attacker would have to know first what to do with this "key"

.... well that would be the implicit assumption wouldn't it? Worms looking for bitcoin private keys anywhere they find them is the new background environment.

The current Malware is a Trojan and he's only looking for wallet.dat, I haven't heard of such worm reading your RAM for private key. If you find a link I will gladly read it and apply a proper solution to this problem.

... just looking ahead ... trying to think like a criminal.

Pages: [1] 2  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!