Air gapping

[BlackHatCoiner]

SeedSigner is in fact one of the best projects out there. And unfortunately not a lot of people talk about it. People prefer to use Ledgers... I mean, what the ...

Welcome to marketing.

Anyway, o_e_l_e_o recently told me about this: https://monerosigner.com/ which is the essentially a SeedSigner fork for monero. I just mention it because, you never know who could be interested.

I checked it out. It is absolutely essential to have the respective SeedSigner to Monero, but as far as I can see, it's under development. I wouldn't use it to store important amounts there. Instead, I would rather dedicate a spared laptop (which costs less than a RPi zero), airgap it, and install the officially supported Monero GUI wallet from getmonero.org.

I don't say you are paranoid or something like that but there are so many people who have this illogical fear that someone will hack their computer via recording LED blinking and someone will hack their wallet because BIP wordlist is public and 12 words are too easy to guess

I partially agree, but consider this: comprehending everything a computer executes during operation is an immensely time-consuming task. It involves delving into intricate details, ranging from understanding your computer's architecture and the functions of each hardware component to grasping concepts like elliptic curve cryptography. Disabling the components that enable network connectivity is as straightforward as flipping a coin and ensuring it generates unbiased entropy.

[1714702988]

1714702988

[1714702988]

1714702988

[1714702988]

1714702988

[1714702988]

1714702988

[apogio]

I checked it out. It is absolutely essential to have the respective SeedSigner to Monero, but as far as I can see, it's under development. I wouldn't use it to store important amounts there. Instead, I would rather dedicate a spared laptop (which costs less than a RPi zero), airgap it, and install the officially supported Monero GUI wallet from getmonero.org.

Man, I totally agree with you and everyone who says that, but unfortunately I don't have an old laptop or pc or any device like that. But as far as the MoneroSigner is concerned, until it is properly released and tested I wouldn't use it either.

[Synchronice]

My concerns with a software level airgap are not that someone is going to be able to extract data via monitoring my fan speed or electricity usage or one of the other novel techniques which has been described, but rather that a software level airgap is only ever one misclick, one settings change (accidental or malicious), one tiny adjustment, etc., aware from becoming a hot wallet. Additionally, a software level airgap is almost impossible for the user to verify themselves. If you turn on airplane mode on your phone, how can you confirm and verify for yourself that your phone is not transmitting any data at all via cellular, WiFi, Bluetooth, NFC, RFID, and so on?

A hardware level airgap is simply much safer.

I don't argue with you, hardware lever airgap is much safer without a doubt but my point was that software level airgap isn't very dangerous for average computer user who lives in average neighborhood. There are people who don't know how to disassemble Laptop.What if I am that person and live in a village in a big house, in masonry walls and I have password set on my Wi-Fi? So if I don't type Wi-Fi's password in computer, computer won't be able to log in. To be honest, I don't argue with you because your advice is the most correct one, I am just stating, I don't feel like software airgap is dangerous in some cases. Overall, I suggest everyone to follow your advice for better security.

Disabling the components that enable network connectivity is as straightforward as flipping a coin and ensuring it generates unbiased entropy.

Yes, that's true either. I just noticed that you are back, was it a one day farewell? Anyway, you are welcome.

[o_e_l_e_o]

So if I don't type Wi-Fi's password in computer, computer won't be able to log in.

Be aware that there are attacks which can utilize your WiFi without you being connected to a network. Yes, these are far more complex and technical and require an attacker to be in your local vicinity, but they are still possible.

I don't feel like software airgap is dangerous in some cases.

I wouldn't call it dangerous, per se, but just less secure than a hardware airgap. As I've said above, a software airgap is still much more preferable to a standard hot wallet.

[apogio]

I don't argue with you, hardware lever airgap is much safer without a doubt but my point was that software level airgap isn't very dangerous for average computer user who lives in average neighborhood. There are people who don't know how to disassemble Laptop.What if I am that person and live in a village in a big house, in masonry walls and I have password set on my Wi-Fi? So if I don't type Wi-Fi's password in computer, computer won't be able to log in. To be honest, I don't argue with you because your advice is the most correct one, I am just stating, I don't feel like software airgap is dangerous in some cases. Overall, I suggest everyone to follow your advice for better security.

I wouldn't call it dangerous, per se, but just less secure than a hardware airgap. As I've said above, a software airgap is still much more preferable to a standard hot wallet.

What is considered a software airgap? I don't understand how software could help being airgaped? Like a software that blocks WiFi or one that blocks Bluetooth?

[o_e_l_e_o]

Software level airgap - you have turned off your WiFi in your OS.

Hardware level airgap - you have physically removed your WiFi card (or never had one to begin with).

[apogio]

Software level airgap - you have turned off your WiFi in your OS.

Hardware level airgap - you have physically removed your WiFi card (or never had one to begin with).

I think both are very secure, but software airgap has 2 possible flaws:
1. software malware like the one you mentioned in the answers above.
2. it's just one click away from becoming "non-airgapped". I think this has also been mentioned somewhere above.

In any case, yes, hardware level airgap is not so prone to errors.

[Synchronice]

Software level airgap - you have turned off your WiFi in your OS.

Hardware level airgap - you have physically removed your WiFi card (or never had one to begin with).

I think both are very secure, but software airgap has 2 possible flaws:
1. software malware like the one you mentioned in the answers above.
2. it's just one click away from becoming "non-airgapped". I think this has also been mentioned somewhere above.

In any case, yes, hardware level airgap is not so prone to errors.

If you are under threat of attack, i.e. live in a 100-unit apartment where god knows who is your neighbor or your neighbors' guests, believe me, you can be in trouble. If you live in a single-family home and your neighbors and your area is a very safe area where strangers don't move, then to my mind, software airgap alone can't be an issue. But as o_e_l_e_o pointed, software level airgap will always be less safer than hardware level airgap and I suggest you to stick with his advice.

Answer to your questions:
1. If your computer has never been connected to internet, you won't have software malware unless your manufacturer already gave you an infected computer, i.e. you can't do anything if there exists hardware backdoors in every modern equipment. To be honest, I am afraid, as science and technology develops, the higher the hardware backdoor chances will be. That's why I prefer to use very old device.
2. If there is no wireless signal in your area, just one click can't make your device non-airgapped. If you are absolutely alone in 2km radius and you have an Wi-Fi with password, I don't think your computer is going to hack the password. Absolutely every advice should be suited to individual threats and possibilities. If you are under a serious cyber attack threat, then simply air-gapping your computer is not enough, you need to isolate the room where your computer is located, block all wireless signals and use a Faraday Cage.