Good portable HDD for cold wallet

[As03]

I have a bitcoin core full node and also using it as my wallet. Reading you all it seems bad because I'm connected to the internet but I do nothing except running the node.
What would you do ? and can you explain the steps for better security ?

PS : how can malware infect me if I do nothing on this PC/node ?

[1715242977]

1715242977

[1715242977]

1715242977

[1715242977]

1715242977

[Cricktor]

...

Your wallet is a hot wallet running on your online node. Your node runs in an OS which is exposed to some extend to the internet. Zero-day exploits or upcoming vulnerabilities of your OS, its components (use only the minimum necessary!) and maybe node could lead to an attack vector for malware.

It's unlikely you do nothing with your node and your wallet otherwise you won't need them. Your node just does its thing and keeps track of the blockchain and maintains your wallet's balance keeping track of relevant transactions and UTXOs related to your wallet.

To keep security up for the OS and your node & wallet living within:

• keep the OS updated and hope updates don't introduce severe vulnerabilities
• keep the OS as minimal as possible: less components, less potential attack surface
• keep the OS behind a firewall and expose only strictly necessary ports to the internet (in most cases you're safe enough behind a NAT router's firewall)
• don't do your daily internet shit on that machine, avoid using any browser on that machine, avoid email on that machine
• full storage device encryption is recommend for that machine if it could get stolen by thieves
• don't forget to have a decent and safe regular backup scheme for that machine, too (redundancy is key)
• use a hot watch-only wallet on that machine and a decent hardware wallet to sign transactions (I don't speak of Ledger crap here); always, I mean ALWAYS, check carefully all transaction's outputs details on the independant display sceen of the decent hardware wallet; NEVER miss that step

[As03]

...

Your wallet is a hot wallet running on your online node. Your node runs in an OS which is exposed to some extend to the internet. Zero-day exploits or upcoming vulnerabilities of your OS, its components (use only the minimum necessary!) and maybe node could lead to an attack vector for malware.

It's unlikely you do nothing with your node and your wallet otherwise you won't need them. Your node just does its thing and keeps track of the blockchain and maintains your wallet's balance keeping track of relevant transactions and UTXOs related to your wallet.

To keep security up for the OS and your node & wallet living within:

• keep the OS updated and hope updates don't introduce severe vulnerabilities
• keep the OS as minimal as possible: less components, less potential attack surface
• keep the OS behind a firewall and expose only strictly necessary ports to the internet (in most cases you're safe enough behind a NAT router's firewall)
• don't do your daily internet shit on that machine, avoid using any browser on that machine, avoid email on that machine
• full storage device encryption is recommend for that machine if it could get stolen by thieves
• don't forget to have a decent and safe regular backup scheme for that machine, too (redundancy is key)
• use a hot watch-only wallet on that machine and a decent hardware wallet to sign transactions (I don't speak of Ledger crap here); always, I mean ALWAYS, check carefully all transaction's outputs details on the independant display sceen of the decent hardware wallet; NEVER miss that step

Ok so I guess that's pretty much what I do so it's fine ( its an other pc just running the node, I'm not doing anything else on it )

I have to work on storage encryption and could you please explain your last point ?

[Cricktor]

• use a hot watch-only wallet on that machine and a decent hardware wallet to sign transactions (I don't speak of Ledger crap here); always, I mean ALWAYS, check carefully all transaction's outputs details on the independant display sceen of the decent hardware wallet; NEVER miss that step

I have to work on storage encryption and could you please explain your last point ?

My main message is:
A software wallet that secures private keys can't surely protect them from sophisticated enough malware on the same device. The malware could intercept the software wallet, steal keys or manipulate a user's transaction's outputs to divert funds to the malware author's address(es).

A watch-only wallet does not contain private keys and therefore can't leak them and can't sign transactions on its own. It needs a signing device like a hardware wallet which protects the private keys from internet attacks or malware.

Using a hardware wallet usually has two involved components: a watch-only software wallet, likely on an online device for interaction with the user and the hardware wallet that takes a transaction to be signed, displays the transaction's details on its own independant display for verification purposes by the user BEFORE the hardware wallet is commanded by some independant user interaction, e.g. with a physical button on the hardware wallet to sign the transaction and pass it signed back to the software wallet on the online device to broadcast it to the network.

The purpose to always check the transaction's details before you sign them on the hardware wallet's display is that no malware on a potentially infected computer running the watch-only software wallet part can manipulate the transaction details before it is passed for signing to the hardware wallet. You want to make sure your transaction's outputs are exactly what you expect them to be: only your intended output destination address(es) and your wallet's internal change address to return excess coins of spent inputs back to your wallet, usually.
Thorough verification of all output addresses is not entirely easy if you assume the computer and your software wallet component could be infected. To exclude manipulated output addresses by some malware, you would need a second independant offline device OR your hardware wallet verifies and shows that the change address output actually belongs to your own wallet.

[satscraper]

Has there ever been any substantial evidence for a sort of malicious HDD firmware targeting crypto users? Never ever heard of it.

In vast cases the attack vectors on  crypto users are hidden to the naked eye,  thus, their stash loss might be due to the malware hidden in HDD firmware. Research shows that such kind of malware exists and may lurk in relevant drivers or many years. Thus,  I wouldn’t be surprised if they eventually found out they’d lost their  stashes   by courtesy of infected HDD firmware.