Bitcoin Forum
May 25, 2019, 08:12:19 AM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Bitcoin is not enough: we need open source hardware  (Read 441 times)
Lionel
Sr. Member
****
Offline Offline

Activity: 565
Merit: 300


View Profile
March 14, 2019, 01:59:30 PM
Merited by andulolika (3), LoyceV (2), butka (2), vapourminer (1), d5000 (1), AGD (1), ETFbitcoin (1), aliashraf (1), MagicByt3 (1), mixoftix (1)
 #1

When you say that your private key is in your hands, you mean that it is stored in a device you trust.
Or if it is on paper,  you assume that when you will import/use the PK on a device to make a payment/transfer, you trust that device.

What if the NSA asks hardware manufacturers to integrate spy chips in their devices?
Your PC may have a spy controller chip that reads your PK from your HD and sends it over to the NSA via your network card.

I'd like many open source computer and phone projects to pop up, but there are just a few of them and don't seem to get traction.
Maybe the people is still not concerned enough with their privacy. ... but hey we are talking about our life's savings here!
1558771939
Hero Member
*
Offline Offline

Posts: 1558771939

View Profile Personal Message (Offline)

Ignore
1558771939
Reply with quote  #2

1558771939
Report to moderator
1558771939
Hero Member
*
Offline Offline

Posts: 1558771939

View Profile Personal Message (Offline)

Ignore
1558771939
Reply with quote  #2

1558771939
Report to moderator
PLAY OVER 3000 GAMES
LIGHTNING FAST WITHDRAWALS
PLAY NOW
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1558771939
Hero Member
*
Offline Offline

Posts: 1558771939

View Profile Personal Message (Offline)

Ignore
1558771939
Reply with quote  #2

1558771939
Report to moderator
1558771939
Hero Member
*
Offline Offline

Posts: 1558771939

View Profile Personal Message (Offline)

Ignore
1558771939
Reply with quote  #2

1558771939
Report to moderator
RocketSingh
Legendary
*
Offline Offline

Activity: 1619
Merit: 1007


View Profile
March 14, 2019, 02:06:15 PM
Merited by bones261 (1), LoyceV (1)
 #2

You can create a Private Key just by pen, paper and a dice. 3 letter agencies can do a f**k about that.

DooMAD
Legendary
*
Offline Offline

Activity: 1988
Merit: 1301


Leave no FUD unchallenged


View Profile WWW
March 14, 2019, 02:16:30 PM
Last edit: March 15, 2019, 02:44:53 PM by DooMAD
Merited by ETFbitcoin (1), LoyceV (1)
 #3

It's not the easiest problem to solve.  Even if there was some sort of online repository where you could view the code for your firmware, you would also need the hardware itself to broadcast something like an MD5 checksum so you could check the integrity of your firmware on any given device and ensure it matches exactly what is in the repository.  

And the bigger question, even if you could get hardware to do that, how many people would actually bother to check it matches?  Is the average user really that security-conscious?

butka
Full Member
***
Offline Offline

Activity: 392
Merit: 210


View Profile
March 14, 2019, 02:19:14 PM
Merited by Lionel (5), bones261 (2), LoyceV (2), vapourminer (1), ETFbitcoin (1)
 #4

You are right in that having a closed source hardware, like Intel or AMD, can be a potential liability. I'm not overly familiar with this subject, but I think there are independent hardware manufacturer you can switch to, like Raspberry pi.  

Alternatively, if you use an air-gapped computer, you can get by even with closed source hardware, as discussed in this thread:

https://bitcointalk.org/index.php?topic=2690001.0

[...]

Even if I moved all of my private keys into an airgapped laptop which has never seen the internet after being formatted, when I wanted to sign an offline transaction into the online node... the node is still connected to the internet, could somehow a exploit happen in the process?

Signing an offline transaction with an airgapped device won't compromise your private keys, since the online device that transmits the transaction has no access to the private keys on the airgapped device.

However, the following possible exploits still prevail, regardless of Meltdown and Spectre:

-) A compromised USB stick could still grab your private keys from the airgapped device while copying the signed transaction for later transmission using the online device.

-) Simply moving a private key from an online device to an airgapped device will do little for your security. The private keys should be generated by the airgapped device itself.

-) Make sure your device is indeed airgapped and doesn't try to connect to any open Wifis that may be around.


Basically, every offline approach to wallet security still holds. Hot wallets are more susceptible to attacks than ever, at least until the security updates are out.
Lionel
Sr. Member
****
Offline Offline

Activity: 565
Merit: 300


View Profile
March 14, 2019, 02:44:22 PM
 #5

You are right in that having a closed source hardware, like Intel or AMD, can be a potential liability. I'm not overly familiar with this subject, but I think there are independent hardware manufacturer you can switch to, like Raspberry pi.  

Alternatively, if you use an air-gapped computer, you can get by even with closed source hardware, as discussed in this thread:

https://bitcointalk.org/index.php?topic=2690001.0

[...]

Even if I moved all of my private keys into an airgapped laptop which has never seen the internet after being formatted, when I wanted to sign an offline transaction into the online node... the node is still connected to the internet, could somehow a exploit happen in the process?

Signing an offline transaction with an airgapped device won't compromise your private keys, since the online device that transmits the transaction has no access to the private keys on the airgapped device.

However, the following possible exploits still prevail, regardless of Meltdown and Spectre:

-) A compromised USB stick could still grab your private keys from the airgapped device while copying the signed transaction for later transmission using the online device.

-) Simply moving a private key from an online device to an airgapped device will do little for your security. The private keys should be generated by the airgapped device itself.

-) Make sure your device is indeed airgapped and doesn't try to connect to any open Wifis that may be around.


Basically, every offline approach to wallet security still holds. Hot wallets are more susceptible to attacks than ever, at least until the security updates are out.

Very smart solution ! +5 merit

About the USB stick, what about if you don't use it: just generate a QR code of the signed tx on the airgapped PC, and you take a pic of the QR with a phone.
That eliminates the need to plug untrusted devices/sticks to the airgapped PC

The only thing left is mining. If you have a mining pool or are mining solo ( maybe a minor altcoin ) , you still need a fully synced node with the PK in its folder, and internet connection.
butka
Full Member
***
Offline Offline

Activity: 392
Merit: 210


View Profile
March 14, 2019, 03:42:14 PM
 #6

Very smart solution ! +5 merit
Thanks I appreciate it very much, but all the credit goes to @HeRetiK

About the USB stick, what about if you don't use it: just generate a QR code of the signed tx on the airgapped PC, and you take a pic of the QR with a phone.
That eliminates the need to plug untrusted devices/sticks to the airgapped PC
Yes, that's an excellent solution and as far as I can remember, it has been suggested before in this context of transferring signed transactions between the cold and hot wallets.

The only thing left is mining. If you have a mining pool or are mining solo ( maybe a minor altcoin ) , you still need a fully synced node with the PK in its folder, and internet connection.
Yes, that's right. I have no idea how this might be solved.
hosseinamin
Jr. Member
*
Offline Offline

Activity: 39
Merit: 17


View Profile
March 14, 2019, 04:14:01 PM
Merited by vapourminer (1)
 #7

FPGA can be a possible solutions for more controlled transaction signing. Since these devices are made for engineers to build chips.
domob
Legendary
*
Offline Offline

Activity: 1060
Merit: 1091


View Profile WWW
March 14, 2019, 04:21:29 PM
Merited by ETFbitcoin (2), bones261 (2), butka (1)
 #8

The only thing left is mining. If you have a mining pool or are mining solo ( maybe a minor altcoin ) , you still need a fully synced node with the PK in its folder, and internet connection.

Why is mining a problem?  At least for Bitcoin and alts that work similarly, you do not need the private key at all for constructing a block.  So you can create the private key and its corresponding address on your offline device, and then just use that in your online mining computer.

Two more things to be aware of when using an airgapped computer:
  • If the device is compromised, it could try to manipulate the transaction you are signing (i.e. change it to one that sends all your coins to the attacker).  As soon as the transaction gets onto your online computer, it could be broadcast.  So to be really secure, you need to verify the signed transaction independently and before putting it onto an insecure device connected to the internet.
  • A compromised airgapped computer could still try to leak your private key through the transaction signatures it generates.

Use your Namecoin identity as OpenID: https://nameid.org/
Donations: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS | GPG 0xA7330737
suzanne5223
Sr. Member
****
Offline Offline

Activity: 812
Merit: 273



View Profile
March 14, 2019, 04:56:02 PM
 #9

You can create a Private Key just by pen, paper and a dice. 3 letter agencies can do a f**k about that.
You seems not to understand the concern of the OP cause he was not talking about the creation of private keys but people privacy which might leak now or in the future if NSA tell computers and phone manufacturer company to integrate a spy chip and we both know that everything about crypto currency have to do with phones or computers.

           ▄▄████▄▄
      ▄▄███▀    ▀███▄▄
   ▄████████▄▄▄▄████████▄
  ▀██████████████████████▀
▐█▄▄ ▀▀████▀    ▀████▀▀ ▄▄██
▐█████▄▄ ▀██▄▄▄▄██▀ ▄▄██▀  █
▐██ ▀████▄▄ ▀██▀ ▄▄████  ▄██
▐██  ███████▄  ▄████████████
▐██  █▌▐█ ▀██  ██████▀  ████
▐██  █▌▐█  ██  █████  ▄█████
 ███▄ ▌▐█  ██  ████████████▀
  ▀▀████▄ ▄██  ██▀  ████▀▀
      ▀▀█████  █  ▄██▀▀
         ▀▀██  ██▀▀
.
WINDICE
.


      ▄████████▀
     ▄████████
    ▄███████▀
   ▄███████▀
  ▄█████████████
 ▄████████████▀
▄███████████▀
     █████▀
    ████▀
   ████
  ███▀
 ██▀
█▀
.


     ▄▄█████▄   ▄▄▄▄
    ██████████▄███████▄
  ▄████████████████████▌
 ████████████████████████
▐████████████████████████▌
 ▀██████████████████████▀
     ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
     ▄█     ▄█     ▄█
   ▄██▌   ▄██▌   ▄██▌
   ▀▀▀    ▀▀▀    ▀▀▀
       ▄█     ▄█
     ▄██▌   ▄██▌
     ▀▀▀    ▀▀▀
.


                   ▄█▄
                 ▄█████▄
                █████████▄
       ▄       ██ ████████▌
     ▄███▄    ▐█▌▐█████████
   ▄███████▄   ██ ▀███████▀
 ▄███████████▄  ▀██▄▄████▀
▐█ ▄███████████    ▀▀▀▀
█ █████████████▌      ▄
█▄▀████████████▌    ▄███▄
▐█▄▀███████████    ▐█▐███▌
 ▀██▄▄▀▀█████▀      ▀█▄█▀
   ▀▀▀███▀▀▀
.


.


.
OPlay NowO
.


.



.
.
Follow Us
▀▀▀▀▀▀▀▀▀▀▀▀
posi
Sr. Member
****
Offline Offline

Activity: 756
Merit: 295


View Profile
March 14, 2019, 05:08:46 PM
 #10

When you say that your private key is in your hands, you mean that it is stored in a device you trust.
Or if it is on paper,  you assume that when you will import/use the PK on a device to make a payment/transfer, you trust that device.

What if the NSA asks hardware manufacturers to integrate spy chips in their devices?
Your PC may have a spy controller chip that reads your PK from your HD and sends it over to the NSA via your network card.

I'd like many open source computer and phone projects to pop up, but there are just a few of them and don't seem to get traction.
Maybe the people is still not concerned enough with their privacy. ... but hey we are talking about our life's savings here!
I never thought of this kind of thing happening this before, I understand and respect your opinion. We definitely need an open source hardware because the possibility that the NSA will make this kind of move in the future is high but how can we this happening when we barely have the right link to achieve it.
Lucius
Legendary
*
Offline Offline

Activity: 1428
Merit: 1199


Fortis Fortuna Adiuvat


View Profile WWW
March 14, 2019, 06:04:23 PM
 #11

Perhaps the OP concern regarding NSA or some other USA agencies is justified by the fact that NSA is working for years on methods of monitoring and identification of bitcoin users. But I would bet that the Chinese in this matter are even more dangerous. Few years ago it was discovered they spy almost all American big companies, included even secret agencies and the ministry of defense.

I am not sure how we can protect our private keys in such world, Ledger or Trezor are too small to resist such challenges. Regardless of the methods we use for storage, nothing is 100% safe.

ETFbitcoin
Legendary
*
Offline Offline

Activity: 1652
Merit: 1767

Use SegWit and enjoy lower fees.


View Profile WWW
March 14, 2019, 06:15:15 PM
Merited by butka (2)
 #12

While i agree with your opinion, it's tall-order because :
1. Maintain open-source software is expensive and difficult, many companies don't bother do it especially because they obtain security through obscurity
2. Open-source isn't guarantee there's no spy or backdoor. For example, firmware on one of Bitmain's ASIC (i think it's Antminer S9) had a backdoor for remote shutdown.
3. One people simply can't verify all source-code of software/hardware he uses, he must trust others at some point.

While it's a bit off-topic, have you tried using computer for everyday usage only with open-source software/driver?
I tried it for a bit, but it's extremely difficult. There weren't any free/open-source driver for my wi-fi card and it's GPU driver isn't good enough is crap for 3D gaming.

I'm not overly familiar with this subject, but I think there are independent hardware manufacturer you can switch to, like Raspberry pi.  

Unfortunately, not all parts of Raspberry Pi is open source. Some hardware parts, especially it's SoC (System-on-a-chip) is closed source and it's open source GPU driver isn't as good as Proprietary GPU driver.

butka
Full Member
***
Offline Offline

Activity: 392
Merit: 210


View Profile
March 14, 2019, 07:26:15 PM
 #13

Unfortunately, not all parts of Raspberry Pi is open source. Some hardware parts, especially it's SoC (System-on-a-chip) is closed source and it's open source GPU driver isn't as good as Proprietary GPU driver.
I see. Thanks for correcting me. Despite not all parts being open source, do you still consider using Raspberry Pi a better option security-wise than using Intel/AMD hardware?
Carlton Banks
Legendary
*
Offline Offline

Activity: 2380
Merit: 1673



View Profile
March 14, 2019, 07:50:46 PM
 #14

It exists: the RISC-V ISA

The Bitcoin developers are ahead of the game somewhat, Bitcoin core 0.18.0 release will have RISC-V binaries

Vires in numeris
aliashraf
Hero Member
*****
Offline Offline

Activity: 812
Merit: 622


View Profile
March 15, 2019, 09:39:57 AM
 #15

It exists: the RISC-V ISA

The Bitcoin developers are ahead of the game somewhat, Bitcoin core 0.18.0 release will have RISC-V binaries
RISC-V is hardly relevant, it is open cpu design mainly with focus on the interface, i.e. instruction set. What op is worried about is manufacturer's malicious behavior not design flaws.

hatshepsut93
Hero Member
*****
Offline Offline

Activity: 1162
Merit: 713


Bitcoin realist


View Profile
March 15, 2019, 09:52:40 AM
 #16

What if someone:

1. Uses a hardcore cold storage setup.

2. Has a Faraday cage to ensure that there's no transmissions at all.

3. Generates private keys physically, for example with dice.

Would this be enough to defeat backdoored hardware?

Carlton Banks
Legendary
*
Offline Offline

Activity: 2380
Merit: 1673



View Profile
March 15, 2019, 09:56:25 AM
 #17

RISC-V is the only open instruction set out there, or at least the only modern design (the older MIPS stuff was open sourced recently if I remember rightly)

The only way to get total control of an open ISA as an end-user is to validate the chip design all by yourself, then fabricate the chip yourself in your garden shed. Presumably that's what you intend to do?

Vires in numeris
Lionel
Sr. Member
****
Offline Offline

Activity: 565
Merit: 300


View Profile
March 15, 2019, 02:24:57 PM
 #18

@hatshepsut93 If the "hardcore cold storage setup" is just a formatted PC with Linux, it's not a bulletfproof solution. It still suffers from the issue pointed out by @domob. The cold storage device in the Faraday cage may have a malicious memory controller chip that messes up the transaction script generated by your wallet, to put the attacker's receiving address in it.

@Carlton Banks Doing it the hard way ( by yourself from scratch) is obviously a solution. But i hoped it was not necessary.
But why would you build a hardware chip that fully implements a general-purpose ISA, like RISC-V  ?
You don't need the complexity of a general purpose ISA, when the functionality you need is just generating transactions.
Why don't design an ASIC chip just for that function? Should be simpler.
Carlton Banks
Legendary
*
Offline Offline

Activity: 2380
Merit: 1673



View Profile
March 15, 2019, 02:44:46 PM
 #19

But why would you build a hardware chip that fully implements a general-purpose ISA, like RISC-V  ?
You don't need the complexity of a general purpose ISA, when the functionality you need is just generating transactions.
Why don't design an ASIC chip just for that function? Should be simpler.

Like hatshepsut93 said, you can go the pencil and paper route to create the private/public keypairs. And like I said, if you want to use an open chip design, you still have to trust the manufacturer of the chip to produce the design according to the open spec

Vires in numeris
Lionel
Sr. Member
****
Offline Offline

Activity: 565
Merit: 300


View Profile
March 15, 2019, 02:44:52 PM
Merited by ETFbitcoin (1)
 #20

FPGA can be a possible solutions for more controlled transaction signing. Since these devices are made for engineers to build chips.

That would be a good compromise.
I am not into FPGAs, so i ask you: is it easy to verify there aren't suspicious components in there?

For motherboards  it is not easy to check.
See https://tech.slashdot.org/story/17/11/07/1041236/minix-intels-hidden-in-chip-operating-system
or https://itsfoss.com/fact-intel-minix-case/

Or even for CPU cores: https://www.tomshardware.com/news/x86-hidden-god-mode,37582.html
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!