Elwar (OP)
Legendary
Offline
Activity: 3598
Merit: 2386
Viva Ut Vivas
|
|
November 22, 2013, 08:02:32 AM |
|
I was going to buy a laptop solely for cold storage and was wondering if it would be of any use to get a Lenovo which has a fingerprint reader.
Would this be enough security so that only my fingerprint can allow access to the computer?
I would imagine that such a device would have workarounds for those who's reader stops working or they need into the computer without it.
I had one once when I worked for IBM as my work computer but they turned off the reader in the BIOS by default for us so I never used it.
|
First seastead company actually selling sea homes: Ocean Builders https://ocean.builders Of course we accept bitcoin.
|
|
|
Psychotron
|
|
November 22, 2013, 08:20:21 AM |
|
As far as I know, the fingerprint is binded with a password.
|
|
|
|
Elwar (OP)
Legendary
Offline
Activity: 3598
Merit: 2386
Viva Ut Vivas
|
|
November 22, 2013, 08:30:20 AM |
|
As far as I know, the fingerprint is binded with a password.
Hmm, so it is basically just inputting a password for you. That seems less secure since it would probably need to store the password on the computer. Any thoughts on the most secure computer/OS for cold storage? Preferably something small.
|
First seastead company actually selling sea homes: Ocean Builders https://ocean.builders Of course we accept bitcoin.
|
|
|
domob
Legendary
Offline
Activity: 1135
Merit: 1170
|
|
November 22, 2013, 10:40:24 AM |
|
I would think that the fingerprint offers only marginal protection. Why not simply install a system with full-disk encryption and a sufficiently long passphrase? Then whatever someone does / is able to do with your computer, the data is secure and not just protected by the operating system / BIOS not letting log in.
|
Use your Namecoin identity as OpenID: https://nameid.org/Donations: 1 domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NC domobcmcmVdxC5yxMitojQ4tvAtv99pY BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS | GPG 0xA7330737
|
|
|
/dev/null
|
|
November 22, 2013, 10:53:00 AM |
|
Laptop with fingerprint security... nah that would be too much for a cold storage. Its much better to print a paperwallet and store it in a safe place.
|
|
|
|
TheButterZone
Legendary
Offline
Activity: 3080
Merit: 1032
RIP Mommy
|
|
November 22, 2013, 10:55:51 AM |
|
A wise man once said that a fingerprint is more of a username than a password.
|
Saying that you don't trust someone because of their behavior is completely valid.
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
November 22, 2013, 10:58:20 AM |
|
A wise man once said that a fingerprint is more of a username than a password.
This. To op understand that biometrics aren't deterministic. The laptop records your fingerprint and then when a finger is swiped it compares the two and if they are close enough it decrypts the password and logs the user in. Key thing is the software decrypts the password, as in the decryption key is in the software, as in someone could potentially extract said decryption key.
|
|
|
|
/dev/null
|
|
November 22, 2013, 11:03:24 AM Last edit: November 22, 2013, 11:29:51 AM by /dev/null |
|
A wise man once said that a fingerprint is more of a username than a password.
This. To op understand that biometrics aren't deterministic. The laptop records your fingerprint and then when a finger is swiped it compares the two and if they are close enough it decrypts the password and logs the user in. Key thing is the software decrypts the password, as in the decryption key is in the software, as in someone could potentially extract said decryption key. Or in worst case he can simply cut op's finger and use it to decrypt password. Or he can put gun in op's secret places and ask him to finger his laptop. Fingerprint security is safe but what about you and your finger op?
|
|
|
|
TheButterZone
Legendary
Offline
Activity: 3080
Merit: 1032
RIP Mommy
|
|
November 22, 2013, 11:17:38 AM |
|
Mythbusters tested fingerprint scanners, and IIRC defeated them with a printout of their fingers that they either direct-scanned or lifted. LOL
|
Saying that you don't trust someone because of their behavior is completely valid.
|
|
|
hilariousandco
Global Moderator
Legendary
Offline
Activity: 4004
Merit: 2719
Join the world-leading crypto sportsbook NOW!
|
|
November 22, 2013, 02:38:01 PM |
|
I'm sure a fingerprint scanner would be pretty safe to stop somebody booting up your laptop, but couldn't somebody just take the harddrive out and then put it in a external caddy and then have access to your wallet?
I'd just go with storing it on a usb or paper wallet.
|
|
|
|
/dev/null
|
|
November 22, 2013, 02:46:50 PM |
|
I'm sure a fingerprint scanner would be pretty safe to stop somebody booting up your laptop, but couldn't somebody just take the harddrive out and then put it in a external caddy and then have access to your wallet?
I'd just go with storing it on a usb or paper wallet.
Even if someone is able to boot or not, if he have that laptop, OP's will loose his coins unless he makes backup somewhere which defeats the purpose of making a seperate cold wallet. I mean for example, if hdd got crashed, laptop got stolen or if anything happend with his laptop. He will loose his bitcoins. For safety he needs to make a backup.. something like paperwallet. Then why not just make some paper wallets and use them as cold storage instead of buying a expensive paperweight.
|
|
|
|
Carlton Banks
Legendary
Offline
Activity: 3430
Merit: 3080
|
|
November 22, 2013, 05:39:57 PM |
|
Also, a researcher recently came up with a technique that can take an impression of a fingerprint, 3D print that impression as a super thin piece of gelatin, and STILL fool a fingerprint reader that does validation for temperature ~= body temperature, as well as validating for the existence of a cardio-vascular pulse (just stick the gelatin impression on the end of your finger, Sean Connery style).
|
Vires in numeris
|
|
|
nanobtc
|
|
November 22, 2013, 06:21:48 PM |
|
I'm sure a fingerprint scanner would be pretty safe to stop somebody booting up your laptop, but couldn't somebody just take the harddrive out and then put it in a external caddy and then have access to your wallet?
I'd just go with storing it on a usb or paper wallet.
^ This | I work with Lenovo laptops that have fingerprint scanners. It does nothing to protect against a screwdriver. Yank the drive, put it in something else, and it's all there. Your Windows password is no protection at all. Disk encryption, or Truecrypt, or encrypting a wallet.dat however is very secure. But still, a whole laptop adds a lot of complexity/failure points.
|
Lennon: "free as a bird"
|
|
|
davida
|
|
November 22, 2013, 06:25:14 PM |
|
|
|
|
|
Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto
|
|
November 22, 2013, 10:03:10 PM |
|
Use a yubikey, in addition to TrueCrypt and a good long password. Take out the yubikey when not in use and keep it on your person.
|
|
|
|
501
Newbie
Offline
Activity: 28
Merit: 0
|
|
November 22, 2013, 10:38:43 PM |
|
All of the laptops/phones with fingerprint scanners have simple workarounds. Those scanners are there to stop your friends from snooping on your stuff when you're not there. It's not designed to stop an experienced thief from accessing your drives.
It also doesn't seem like ideal storage because if anyone breaks into your house, the first thing they'll steal will be your laptop.
I looked into all these extravagant cold storage options awhile ago until I realized that simply printing an encrypted paper wallet was the best and simplest solution. Assuming you encrypt the private key before printing it out (with a "good" cipher obviously), you can even leave the papers lying around wherever you want and they will be useless to anyone who finds them.
|
|
|
|
crazy_rabbit
Legendary
Offline
Activity: 1204
Merit: 1002
RUM AND CARROTS: A PIRATE LIFE FOR ME
|
|
November 22, 2013, 11:19:37 PM |
|
Paper wallet, Encrypted keys, Safe Deposit boxes, multiple countries. You're all set.
|
more or less retired.
|
|
|
Mondy
Member
Offline
Activity: 112
Merit: 10
|
|
November 22, 2013, 11:29:45 PM |
|
As far as I know, the fingerprint is binded with a password.
Hmm, so it is basically just inputting a password for you. That seems less secure since it would probably need to store the password on the computer. Any thoughts on the most secure computer/OS for cold storage? Preferably something small. [/quote Just place the wallet file on a usb, safest option. or a paper wallet maybe?
|
|
|
|
wmcleod
Newbie
Offline
Activity: 56
Merit: 0
|
|
November 23, 2013, 12:48:16 AM |
|
what if you die? how will your coins be accessed?
no fail safe...
|
|
|
|
corebob
|
|
November 23, 2013, 01:03:06 AM |
|
what if you die? how will your coins be accessed?
no fail safe...
This was discussed at the 2013 conference. They have some ideas around this I think.
|
|
|
|
|