Using a software wallet on a dedicated, strictly offline OS.

[BernyJB]

Ok, I tried to use Tails as a vehicle for a cold(ish) wallet, but the thing is so horribly inconvenient I ended up discarding the idea.

So here's another question for you, more knowledgeable guys:

I'm thinking about installing Porteus on a pendrive, and Coinomi in it, and use it strictly offline to store my coins, using paper wallets to transfer money in and out the software wallets as needed.

So, to be more clear: I'd only connect Porteus to the internet to update it, say once a week, for example. Any crypto trading would be made directly to the corresponding paper wallet on a different OS (Fedora, which I'm currently using), and then the paper wallet would be moved into Porteus offline, and the funds will be transferred to Coinomi.

I'm on the fence whether to use Porteus on a pendrive or it or another light distro on Virtualbox for Coinomi, as I don't know how safe Virtualbox is.

So, the questions are:

1. Is either method suitable as an alternative to a hardware wallet? I know they're not as convenient, but that's not a problem.
2. Which method is better, from a "strictly security" standpoint?
3. The virtualbox method is more convenient, as I can have it (and the wallet) in my computer all the time. How secure would it be?

Thank you all for the replies. 

[1715086765]

1715086765

[1715086765]

1715086765

[1715086765]

1715086765

[1715086765]

1715086765

[jackg]

The security of a virtualbox depends on the security of the computer that hosts it. It's Filesystem is just another Filesystem in your machine and if you mount it often enough, most attack types will probably still be able to find your wallet - there would be ways to make this harder but it still would not be too hard to attack.

The pendrive method would be what I'd go with, you can pick up big USB sticks for quite cheap now though - is there a reason you couldn't buy one for mounting fedora or something you're more used to (or was the minimalism security consciousness over fedora's dependencies/software that comes with it)?

[BernyJB]

The security of a virtualbox depends on the security of the computer that hosts it. It's Filesystem is just another Filesystem in your machine and if you mount it often enough, most attack types will probably still be able to find your wallet - there would be ways to make this harder but it still would not be too hard to attack.

My question would be: if I don't access that virtual machine while I'm online, could it be accessed anyway, be it while I share the paper wallets with the main OS, or when I update it?

The pendrive method would be what I'd go with, you can pick up big USB sticks for quite cheap now though - is there a reason you couldn't buy one for mounting fedora or something you're more used to (or was the minimalism security consciousness over fedora's dependencies/software that comes with it)?

Not really. I already have a 16GB stick, which should be more than enough to install Fedora. I just don't want to waste drive space on things I won't use.

[hatshepsut93]

I'm thinking about installing Porteus on a pendrive, and Coinomi in it, and use it strictly offline to store my coins, using paper wallets to transfer money in and out the software wallets as needed.

So, to be more clear: I'd only connect Porteus to the internet to update it, say once a week, for example.

"Strictly offline" and "connect once per week" are mutually exclusive things. The point of offline is to be isolated from potentially infected environment, but you want to so easily break this principle. Same goes for virtualization.

And why do you want to get involved with paper wallets? They are less secure if you are going to sweep the keys on online machine, compared to using offline machine to sign transactions.

IMO when you deal with Bitcoin security should be your #1 priority and convenience should be the last thing you worry about, because all your coins are at stake, and you don't want to lose them all because you were too lazy to spend some extra 10 minutes on making an offline transaction or spend $100 on a hardware wallet.

[o_e_l_e_o]

"Strictly offline" and "connect once per week" are mutually exclusive things. The point of offline is to be isolated from potentially infected environment, but you want to so easily break this principle. Same goes for virtualization.

And why do you want to get involved with paper wallets? They are less secure if you are going to sweep the keys on online machine, compared to using offline machine to sign transactions.

+1 to all of this.

Whatever machine is running your offline wallet should be permanently airgapped and never go online again.

If you want to create paper wallets, then they should be created from your airgapped machine using a dumb printer without any WiFi capabilities and without an internal storage or cache which might store a copy of your paper wallet. If you want to spend from those paper wallets, then you should import them back to your airgapped machine and use a complementary watch only wallet on your online machine to create the necessary transaction for signing on your airgapped machine.

Coinomi is closed source and so is a bad choice of wallet.

I have never used Porteus so can't comment on your choice of distro, but if you don't want to use Tails then my personal choice would be Qubes.

[dkbit98]

I'm thinking about installing Porteus on a pendrive, and Coinomi in it, and use it strictly offline to store my coins, using paper wallets to transfer money in and out the software wallets as needed.

I never used Porteus so I can't speak about that, but I can tell you that Coinomi wallet is closed source and it's not the best option for any cold wallet.
Electrum or Wasabi wallet would be the best options for Bitcoin, or hardware wallets if you have more altcoins in your portfolio.

I'm on the fence whether to use Porteus on a pendrive or it or another light distro on Virtualbox for Coinomi, as I don't know how safe Virtualbox is.

You can disable internet connection in Virtualbox settings and that would make it safer for sure, but all the files would still be on your computer that is connected to internet.

Is either method suitable as an alternative to a hardware wallet? I know they're not as convenient, but that's not a problem.

I would say that airgapped hardware wallets are much better option that using virtual box on system with internet connection, even if you disable it in the settings.
Best cold storage is when you format your hard drive, install fresh Linux OS with open source wallet, and NEVER connect that computer with internet.

[BernyJB]

Thank you all.

hatshepsut93: true. but I'm worried about my OS eventually quitting on me if I fail to update it. It did happen to me when I started with Linux, and I don't want it to happen again, especially not when there's money involved.
About the paper wallets, initially I wanted to use them offline as a means to transport the funds between my wallet and my main OS (Fedora), but since I posted I read about coinomi's "issues", and other wallets' false claims and whatnot, and that got me seriously thinking about using the paper wallets also as my main wallets inside Porteus. Fact is, open or closed source, you can't really trust that "somebody" in the developing team may not have a different agenda than your security, and a number of problems I've been having with Fedora 34 and 35 (not related to security) are proof of that.

o_e_l_e_o: yeah, I chose Porteus mostly because of its size. I didn't know about Qubes. I'll read on it. I just don't want to deal with Debian's BS anymore, and, to be honest, Fedora is also starting to piss me off, so Porteus being based on Slackware seemed like a good option.
Yeah, the idea is to create the paper wallets offline, and keep them strictly offline, always.

dkbit98: yeah, I imagined something like that. So virtualbox is not gonna happen.
I read about coinomi after I posted.  There's a thread in the forum about it, and about other wallets as well. That's why I'm thinking about using paper wallets offline. No hidden code to deal with.
Hardware wallets are very expensive in my country (everything is), so they're not an option. The reason I got turned off with Tails is it won't even let me install the extra wallet (without jumping through hoops to do it). Now, I understand you can't shortcut security, but I'm not a computer guru, and Tails is definitely too complicated for me.

ETFbitcoin: well, one malware is one too many...
The reason I was considering to use virtualbox is mostly for convenience, as I could open a virtual machine in my computer if needed. But if there's any chance it may be less than 100% safe, it's out.

I guess that puts Tails back in the game, as it's designed to not rely on updates. Guess I'm gonna have to do some more reading...

[jackg]

My question would be: if I don't access that virtual machine while I'm online, could it be accessed anyway, be it while I share the paper wallets with the main OS, or when I update it?

Yes it could be accessed while you're online as the filesystem will still be there on the drive. I doubt the driver for reading a vdl/ISO is that huge too that a virus couldn't pack it in itself to attack a system - especially in the future if there aren't many attacking that now.

7zip can read a lot of different archive files (I've used it on ISOs before) and it's console version is 900kb.

Not really. I already have a 16GB stick, which should be more than enough to install Fedora. I just don't want to waste drive space on things I won't use.

If you don't plan to use the stick for anything else, you can put as big a system on it as you want - I'm assuming you'd be doing live boots though too so you don't need space for files?

I guess that puts Tails back in the game, as it's designed to not rely on updates. Guess I'm gonna have to do some more reading...

You probably still need to find an operating system you're happy using though too...

You're probably going to want to update your OS every so often too, even if you just put a months' old version on and keep going that way every few months (providing there aren't critical updates).

[BernyJB]

My question would be: if I don't access that virtual machine while I'm online, could it be accessed anyway, be it while I share the paper wallets with the main OS, or when I update it?

Yes it could be accessed while you're online as the filesystem will still be there on the drive. I doubt the driver for reading a vdl/ISO is that huge too that a virus couldn't pack it in itself to attack a system - especially in the future if there aren't many attacking that now.

7zip can read a lot of different archive files (I've used it on ISOs before) and it's console version is 900kb.

Yeah, I'm definitely not taking that risk. Thanks for the heads up. 

Not really. I already have a 16GB stick, which should be more than enough to install Fedora. I just don't want to waste drive space on things I won't use.

If you don't plan to use the stick for anything else, you can put as big a system on it as you want - I'm assuming you'd be doing live boots though too so you don't need space for files?

I installed Fedora 35 last night (xfce), and it was 15.5 GiB (about 16.6 GB) right out of the box, so it wouldn't even fit in the pendrive. I'm getting the feeling I'm getting into waters that are way too deep for my skill level though. And messing things up would indeed be very expensive for me at this time.

I guess that puts Tails back in the game, as it's designed to not rely on updates. Guess I'm gonna have to do some more reading...

You probably still need to find an operating system you're happy using though too...

You're probably going to want to update your OS every so often too, even if you just put a months' old version on and keep going that way every few months (providing there aren't critical updates).

Well, I'm an Openbox user, and Tails seemed pretty slim. and my needs are actually pretty simple: I just want the OS to get out of the way while I'm working.
 Shouldn't have much problem... right?

[ABCbits]

ETFbitcoin: well, one malware is one too many...

Fair point. Anyway, i just remembered the name of the malware which is "Crisis". If you're curious, check this paper, specifially page 9-11.

The reason I was considering to use virtualbox is mostly for convenience, as I could open a virtual machine in my computer if needed. But if there's any chance it may be less than 100% safe, it's out.

Take note there's nothing such as 100% safe or invulnerable. You need to choose security/convenience trade-off which is suitable for your use case.

[SquirrelJulietGarden]

You can use tail-OS or air-gapped wallets.

How to Install Tails OS on USB flash drive for Wallet Purpose
[Guide] Secure air-gapped crypto wallet storage method

[Welsh]

As you say, if convenience isn't a problem then realistically yeah. Though, a properly created offline wallet will always be more secure than a hardware one which connects to the internet. Simply because there may be undiscovered bugs etc.

 Though, as for your VirtualBox question; Generally, it's pretty safe. If your worried about malicious code getting access, then usually they need to be able to infiltrate the VirtualBox from the host, or visa versa. Therefore, it offers additional security in a virtual way, as the name implies. However, physical isolation to your daily machine will always be more secure, there's no way around it.

Physical isolation creates a physical break between the two machines, and if one of them is offline the only attack vector that's realistically probable is locally. Honestly though, if you aren't going to be accessing the wallet regularly, just create it using a offline computer recently formatted, probably worth updating micro code etc. Then, back up the private key in whatever way you want, although not digitally. Do it physically and then wipe that machine, and continue to install your daily operating system that you intend on using for every day use.

Take note there's nothing such as 100% safe or invulnerable. You need to choose security/convenience trade-off which is suitable for your use case.

Right. I feel like I've uttered the following words more than once on this forum, and probably thousands of times outside of it; security isn't about making the most unbreakable system, it's about balancing security, and convenience. If you have the convenience as low as possible, it's likely going to have some security flaws, while if you have your security so high that the convenience is non existent, then it's likely going to be something you either make a mistake doing or forget how it's done. 

For example; if you make a 251 character long password, instead of a 25 character long password, it's likely going to be hard to remember, and therefore the convenience is such a hindrance, you're going to lose access to your Bitcoin. However, if make a password 4 characters long, instead of 25 then that's going to be too easy for attackers.

I'm all for balance, and one of life's biggest conundrums is balancing; Security, Privacy, and Convenience.

[o_e_l_e_o]

What was your issue with Tails? You said it wouldn't let you install an "extra wallet"? Was this Coinomi? If you are only looking at using bitcoin, Tails comes bundled with Electrum already installed, which is a far superior wallet to Coinomi anyway.

I'm all for balance, and one of life's biggest conundrums is balancing; Security, Privacy, and Convenience.

Which is why I am a big proponent of using multiple different wallets. I use hot wallets on online devices (computers and phones), hardware wallets, cold wallets on airgapped computers, and completely non-digital back ups (not strictly "paper wallets" in the classic sense since I back up seed phrases rather than individual private keys, but essentially the same idea). I want the convenience of a mobile wallet for when I'm spending bitcoin in person when I'm out and about - unlock my wallet, scan a QR code, done - but I'm not trusting the security of a mobile wallet with any more money than I would be happy carrying around in my wallet in cash. Importing my non-digital back ups via a clean airgapped computer and transferring unsigned transactions for signing and back again for broadcasting is far more inconvenient, but that's the level of security I want for the bulk of my holdings.

I think using a single wallet for both holding and spending opens you up to too many additional risks, as well as compromising your privacy.

[BernyJB]

Thanks again for the replies. 

ETFbitcoin I'll check it out. Thank you. 
I realize 100% security is more of an euphemism than a reality. I'm just not willing to compromise my security knowingly.
When I was working as an alarm installer, one of my favorite phrases was "the security of the system is not about shielding your place, nor about catching the burglar. It's about having a reputation so a burglar with half a brain will choose the next house upon seeing our sign". I'm just trying to make it as hard for a hacker as possible.

SquirrelJulietGarden Thank you, I will read up on it.

Welsh: true. But the difference in entropy between a 25 character password and a 30 character password is huge. And if you use alphanumeric characters + punctuation signs (compared to a purely alphanumeric password), it's much bigger. You don't need a 251 character password (would be cool though  ) to be safe.

o_e_l_e_o: as I keep on learning, my issues kinda change...
As of now, my biggest issue with Tails is that I intend to rely somewhat heavily on altcoins, and Electrum is a Bitcoin-only wallet, so I need to get another wallet. Coinomi was my first choice, based only on the number of cryptocurrencies it accepts, but I've been reading on it, and it's out now. Right now (pending a lot more research), I'm thinking Exodus.

[hatshepsut93]

Thank you all.

hatshepsut93: true. but I'm worried about my OS eventually quitting on me if I fail to update it. It did happen to me when I started with Linux, and I don't want it to happen again, especially not when there's money involved.
About the paper wallets, initially I wanted to use them offline as a means to transport the funds between my wallet and my main OS (Fedora), but since I posted I read about coinomi's "issues", and other wallets' false claims and whatnot, and that got me seriously thinking about using the paper wallets also as my main wallets inside Porteus.

I don't know how an OS can quit on you, I have been using the same installation of Tails on a USB stick for years without any problems.

Using paper wallets to transfer funds is not optimal, you can just make a transactions on offline machine, transfer it via another USB stick to the offline machine, sign it there, transfer it back to online machine and broadcast, or even scan the QR code with your phone and broadcast it from a wallet on your phone like Electrum. This way you won't have to expose your private keys to any online machines.

Fact is, open or closed source, you can't really trust that "somebody" in the developing team may not have a different agenda than your security, and a number of problems I've been having with Fedora 34 and 35 (not related to security) are proof of that.

This doesn't mean that they are equal. Hundreds of other people have reviewed the code of an open source wallet and didn't find any backdoors. Doesn't mean that they aren't there, but the probability is much lower than with closed-source wallets.

[o_e_l_e_o]

As of now, my biggest issue with Tails is that I intend to rely somewhat heavily on altcoins, and Electrum is a Bitcoin-only wallet, so I need to get another wallet.

I can't really help you there I'm afraid, since I avoid the vast majority of altcoins given that they are 99% scams. If you are planning on holding a lot of alts, then the easiest way to do so would probably be to buy a reputable hardware wallet, and would immediately solve many of the issues you are encountering. You could even use your hardware wallet and its associated software via an offline machine if you really wanted (although this is probably unnecessary), but you would first have to make sure it supports exporting and importing unsigned transactions.

Using paper wallets to transfer funds is not optimal, you can just make a transactions on offline machine, transfer it via another USB stick to the offline machine, sign it there, transfer it back to online machine and broadcast, or even scan the QR code with your phone and broadcast it from a wallet on your phone like Electrum. This way you won't have to expose your private keys to any online machines.

This is exactly how you should spend from paper wallets too - by importing them in an airgapped machine. Think of paper wallets not as an alternative to an airgapped wallet, but an extension of them used to keep your wallet in a non-digital format. You still need the airgapped device to interact with the paper wallet safely.

But yes, if you import your paper wallet directly to an online device, then you risk your coins.

[BernyJB]

I'm reading about the whole thing, watching courses and whatnot, and I'm starting to think the whole "risk" thing is a bit... overrated.
Yeah, the risk definitely does exist. But there are thousand of cryptocurrency traders that keep enormous amounts of money in online wallets (and even in the exchanges), and nothing (much) happens.
I think I'm gonna have to rethink my strategy...