Desktop wallet: any risk of hardware backdoor?

[FullofSats]

Noob question: I am planning to buy a new desktop PC and to store bitcoin on Bitcoin Core Desktop Wallet full node.

I am currently doing that on my laptop. I bought it from ZaReason, it's tailor made designed to run linux.

Now I moved to Taiwan and don't want to import from abroad, since so much hardware is produced here. Knowing that

• I'd format the hard drive to get rid of preinstalled Windows OS
• I'd get these specs:
  
  • B360 HD3 | Motherboard,
  • Intel Core i7-9700 Processor,
  • (x4) Kingston 16Gb ram,
  • 256Gb Intel SSD 760p,
  • (x2) Toshiba 4Tb HDD, GA 1030 OC 3G Graphics Card.,
  • my own TV as monitor with HDMI,
  • USB wired keyboard.

Do you think there is any possibility of hardware backdoor, or any leftovers from Windows, that would put my bitcoin at risk? I plan to use it as my main, home workstation.

[1714150568]

1714150568

[1714150568]

1714150568

[OmegaStarScream]

You should be fine after formatting the device, there is no reason to be that paranoid, especially for a small amount. If you're planning to store large amounts (anything more than 500$), then, you should definitely consider investing in a hardware wallet (Ledger or Trezor).

[AdolfinWolf]

Do you think there is any possibility of hardware backdoor, or any leftovers from Windows, that would put my bitcoin at risk? I plan to use it as my main, home workstation.

There is a huge difference between it being possible, and it being likely.

I'd say that, unless you're specifically targeted, the chances of someone tampering with your hardware is extremely small.
Although i also doubt someone would be able to "hack" a processor to spy on you, even if you were to be specifically "targeted". I think it has happend/is possible, but then we're really talking about government operations 95% of the time.

any leftovers from Windows,

This would be more likely, and much easier for someone to do. But a simple factory reset where you override the previous partitions really should be sufficient. Except of course if the previous owner of your harddrive has worked at the NSA and knows how to create such a persistent virus. -- aka: extremely unlikely if not impossible .

[FullofSats]

Good to know. I'll go on with it.

[Abdussamad]

- Why are you paying for windows if you don't want it?

- Why are you purchasing from a vendor that you think is going to install a backdoor in your PC's hardware?

- I recommend getting a larger SSD if you want to store the whole blockchain on it. If you intend to enable pruning then you don't need a large SSD but if you don't then I suggest getting a 1TB one. You will want to store the whole blockchain if you intend to add/remove wallets regularly. Syncing the blockchain on a hard drive will take longer so you need the SSD for that.

[FullofSats]

- Why are you paying for windows if you don't want it?

I specify to the vendors that I do not want Windows whatsoever. I do not pay for it. But I can't be sure it wasn't ever installed on my product in the past.

- Why are you purchasing from a vendor that you think is going to install a backdoor in your PC's hardware?

Vendors are just guys who purchase hardware from suppliers and build PCs for clients. Even if I have a good relationship with a vendor it doesn't mean I'm sure about the reliability of every hardware piece. That's why I specified the specs of the PC I intend to buy, and the fact I live in Taiwan, because I wouldn't trust anything made in mainland China, but I know Taiwan exports processors to the whole world.

- I recommend getting a larger SSD if you want to store the whole blockchain on it. If you intend to enable pruning then you don't need a large SSD but if you don't then I suggest getting a 1TB one. You will want to store the whole blockchain if you intend to add/remove wallets regularly. Syncing the blockchain on a hard drive will take longer so you need the SSD for that.

Thanks for the suggestion I really appreciate.

[bartekjagoda]

Noob question: I am planning to buy a new desktop PC and to store bitcoin on Bitcoin Core Desktop Wallet full node.

I am currently doing that on my laptop. I bought it from ZaReason, it's tailor made designed to run linux.

Now I moved to Taiwan and don't want to import from abroad, since so much hardware is produced here. Knowing that

• I'd format the hard drive to get rid of preinstalled Windows OS
• I'd get these specs:
  
  • B360 HD3 | Motherboard,
  • Intel Core i7-9700 Processor,
  • (x4) Kingston 16Gb ram,
  • 256Gb Intel SSD 760p,
  • (x2) Toshiba 4Tb HDD, GA 1030 OC 3G Graphics Card.,
  • my own TV as monitor with HDMI,
  • USB wired keyboard.

Do you think there is any possibility of hardware backdoor, or any leftovers from Windows, that would put my bitcoin at risk? I plan to use it as my main, home workstation.

Yes, you have a backdoor, every intel cpu has a backdoor for nsa or their three letter friends to snoop on you.

Go with raspberry pi or arm or amd

[pereira4]

Noob question: I am planning to buy a new desktop PC and to store bitcoin on Bitcoin Core Desktop Wallet full node.

I am currently doing that on my laptop. I bought it from ZaReason, it's tailor made designed to run linux.

Now I moved to Taiwan and don't want to import from abroad, since so much hardware is produced here. Knowing that

• I'd format the hard drive to get rid of preinstalled Windows OS
• I'd get these specs:
  
  • B360 HD3 | Motherboard,
  • Intel Core i7-9700 Processor,
  • (x4) Kingston 16Gb ram,
  • 256Gb Intel SSD 760p,
  • (x2) Toshiba 4Tb HDD, GA 1030 OC 3G Graphics Card.,
  • my own TV as monitor with HDMI,
  • USB wired keyboard.

Do you think there is any possibility of hardware backdoor, or any leftovers from Windows, that would put my bitcoin at risk? I plan to use it as my main, home workstation.

Yes, you have a backdoor, every intel cpu has a backdoor for nsa or their three letter friends to snoop on you.

Go with raspberry pi or arm or amd

Not every Intel... you should be safe if you use a Core2Duo, but only if you Libreboot it, which means you will need to do hardware changes unless you buy one that is directly modified by someone you can trust. There are some Laptops like the Thinkpad x60 which only require you to flash the bios and do some changes without modifying the hardware.

If you want it to be ME free by default, you have to go as back as Pentium 4...

With AMD, you have PSP, so it's the same, and you can't disable it, we know less about the PSP than the ME. You would need to back in time too, I think 2013 was the last year it was PSP free. Still faster than a Raspberry.

[malevolent]

Not every Intel... you should be safe if you use a Core2Duo, but only if you Libreboot it, which means you will need to do hardware changes unless you buy one that is directly modified by someone you can trust. There are some Laptops like the Thinkpad x60 which only require you to flash the bios and do some changes without modifying the hardware.

If you want it to be ME free by default, you have to go as back as Pentium 4...

With AMD, you have PSP, so it's the same, and you can't disable it, we know less about the PSP than the ME. You would need to back in time too, I think 2013 was the last year it was PSP free. Still faster than a Raspberry.

There are some workarounds against IME, and Purism and System76 sell laptops with the IME disabled. They all have Intel laptops, though, not sure how things look with AMD.

[pereira4]

Not every Intel... you should be safe if you use a Core2Duo, but only if you Libreboot it, which means you will need to do hardware changes unless you buy one that is directly modified by someone you can trust. There are some Laptops like the Thinkpad x60 which only require you to flash the bios and do some changes without modifying the hardware.

If you want it to be ME free by default, you have to go as back as Pentium 4...

With AMD, you have PSP, so it's the same, and you can't disable it, we know less about the PSP than the ME. You would need to back in time too, I think 2013 was the last year it was PSP free. Still faster than a Raspberry.

There are some workaround against IME, and Purism and System76 sell laptops with the IME disabled. They all have Intel laptops, though, not sure how things look with AMD.

Purism aren't safe.. it's an overpriced gimmick. You can't disable IME with the modern CPU's that are used in Purism laptops. It's a workaround with Coreboot but you still have Intel's propietary binary blobs. There's no workaround, you need old hardware, and you need to do the hardware changes I said, if you want to use Intel and be as private as possible. You need Libreboot, not Coreboot, and thus you are limited to a very small array of hardware. Same applies for System76. They are using i5s and i7s.

With AMD there's nothing to do, other than buying older hardware.

[Abdussamad]

because I wouldn't trust anything made in mainland China, but I know Taiwan exports processors to the whole world.

Almost all hardware is made in china.

[bitmover]

• I'd format the hard drive to get rid of preinstalled Windows OS
• I'd get these specs:
  
  • B360 HD3 | Motherboard,
  • Intel Core i7-9700 Processor,
  • (x4) Kingston 16Gb ram,
  • 256Gb Intel SSD 760p,
  • (x2) Toshiba 4Tb HDD, GA 1030 OC 3G Graphics Card.,
  • my own TV as monitor with HDMI,
  • USB wired keyboard.

Do you think there is any possibility of hardware backdoor, or any leftovers from Windows, that would put my bitcoin at risk? I plan to use it as my main, home workstation.

Probably no hardware backdoors, but this is a good computer. This is probably going to your daily use computer, right? There are many other risks involved than only hardware backdoor.

As OmegaScream said, just buy a hardware wallet. It will be much safer, and you can use desktop wallets with your hardware wallet (such as electrum, for example).

[naska21]

snip

I would rather be more concerned about routers' backdoors instead of looking for them  in motherboards, graphic cards, monitors etc  that are full of  various microchips. Almost all  routers are vulnerable to hackers' attacks. Read for example the Huawei case.  Routers by other manufactures are not so different in that  respect.

[josephdd1]

In a decade of Bitcoin's existence and with billions of dollars at play. No one has been hacked through hardware backdoor installed in brand new computer hardware. I think you're being over-paranoid.

[Carlton Banks]

There are some workaround against IME, and Purism and System76 sell laptops with the IME disabled. They all have Intel laptops, though, not sure how things look with AMD.

Purism aren't safe.. it's an overpriced gimmick. You can't disable IME with the modern CPU's that are used in Purism laptops. It's a workaround with Coreboot but you still have Intel's propietary binary blobs. There's no workaround, you need old hardware, and you need to do the hardware changes I said, if you want to use Intel and be as private as possible. You need Libreboot, not Coreboot, and thus you are limited to a very small array of hardware. Same applies for System76. They are using i5s and i7s.

With AMD there's nothing to do, other than buying older hardware.

right, but if you use that old equipment that Libreboot will run on with it's fully free software/open source firmware, then you're still susceptible to CPU microcode flaws that are no longer fixed for those old EOL'ed hardware platforms.

I agree with you both on all points though. Unfortunately, everything hardware related is a compromise right now, the only fully free new platforms are POWER8/9 (expensive, and IBM are not easy to trust), and RISC-V (expensive, and underpowered, and sponsored by the usual rogues gallery of Intel, Google, IBM etc)

I've opted to: do almost nothing, buy cheap hardware and very infrequently