Security flaws of this setup

[28e7166c23e70c2014feb5d64]

Consider a bitcoiner named Joe that has the following setup:

- Joe has a Linux machine.
- This machine is Joe's personal machine where he does everything, from watching movies to E-Banking.
- Joe is the only person that uses this machine, and no one else has access to it.
- Everything is run on his Linux user account `joe94`.
- `joe94` is sudoer.
- Joe installed Bitcoin Core and runs it with the default `bitcoin.conf`.
- Joe runs Electrs Electrum server.
- Joe has a Trezor hardware wallet.
- Joe uses the Trezor Suite app.
- Joe points the Trezor app to the local Electrum (instead of Trezor nodes).
- Joe follows all the "Trezor good practices" like storing his seed phrase only on physical media such as paper, checking the receiving address and sending address for every transaction, etc.
- Joe's computer is a laptop, so he can bring it anywhere and connect it to any random Wi-Fi network he finds on the go.

Would you consider Joe is at risk?

[LoyceV]

- Joe uses the Trezor Suite app.
- Joe points the Trezor app to the local Electrum (instead of Trezor nodes).

Why not use Electrum as a wallet instead of Trezor Suite?

Would you consider Joe is at risk?

At risk of what? Does Joe bring his Trezor hardware wallet with him?

- Joe runs Electrs Electrum server.
he can bring it anywhere and connect it to any random Wi-Fi network

I wouldn't run a server on public Wi-Fi. It just doesn't feel right.

[Amphenomenon]

Would you consider Joe is at risk?

This is pretty much risky. Connecting to random Wi-Fi is susceptible to man in the middle attacks.
Taking your pc around will increase the risks of it falling into hands of theft.
Using such pc to  run every activity online increase risks of malware.

While Joe coins are not directly at risks, his privacy and general security are.

[ABCbits]

- Joe has a Linux machine.
- This machine is Joe's personal machine where he does everything, from watching movies to E-Banking.

While malware designed for linux is rare, the risk is exist if watching movie involve pirated/cracked stuff.

- Joe's computer is a laptop, so he can bring it anywhere and connect it to any random Wi-Fi network he finds on the go.

Aside from MITM, evil twin attack (fake wifi hotspot with similar name with real one) can be risky if E-Banking is involved. Although using VPN you can trust supposed to solve this issue.

[suzanne5223]

Would you consider Joe is at risk?

Yes, I consider Joe to be at risk for using random/public WiFi networks because one of the strategies used by hackers to attack and also steal private data is to use public WiFi. Besides, some online thieves usually create their own public WiFi and disguise it as a genuine WiFi network.
There's no benefit in using public WiFi, and the price to pay is always a big one.

[LoyceV]

There's no benefit in using public WiFi

Not everyone has unlimited mobile data.

[suzanne5223]

There's no benefit in using public WiFi

Not everyone has unlimited mobile data.

You have a point, but if we think about the consequences and the level of how hacker use the man in the middle attack through the creation of fake Wi-Fi hotspots to read their target emails, steal personal information, and check the websites they are visiting, it is always better to always seek safety first, not some minutes of free public WiFi internet service.

[LoyceV]

You have a point, but if we think about the consequences and the level of how hacker use the man in the middle attack through the creation of fake Wi-Fi hotspots to read their target emails, steal personal information, and check the websites they are visiting, it is always better to always seek safety first, not some minutes of free public WiFi internet service.

That's what encryption is for: once my browser knows the security certificate for a website, no man in the middle can read the data.

[Amphenomenon]

You have a point, but if we think about the consequences and the level of how hacker use the man in the middle attack through the creation of fake Wi-Fi hotspots to read their target emails, steal personal information, and check the websites they are visiting, it is always better to always seek safety first, not some minutes of free public WiFi internet service.

That's what encryption is for: once my browser knows the security certificate for a website, no man in the middle can read the data.

Yes except from the evil twin attack, if the user is not using a VPN.

[Cricktor]

- Joe has a Linux machine.
...
- Joe's computer is a laptop, so he can bring it anywhere and connect it to any random Wi-Fi network he finds on the go.

Does this Linux laptop setup have a full disk encryption? I would recommend to use this for devices that are carried around and could easily be stolen.

I don't really like the random wifi networks usage but this can be mitigated.

It's imperative to carefully check certificates used in browsers to avoid MITM attacks.

Still not a big fan to use such a network "promiscuous" device for crypto wallets and e-banking.

- This machine is Joe's personal machine where he does everything, from watching movies to E-Banking.

I wouldn't want to use my daily driver for my crypto wallet stuff, but this depends strongly on what is done with the device and how security educated someone is and if the user does "risky" stuff on the internet. Some people install all the time some software they want to try out and whatnotelse. This could be a recipe for later desaster, especially when having all under one user account which is in the sudoers group. Priviledge escalation is only a step away...

Using a hardware wallet to secure private keys is good for Joe and mitigates a few problems that could arise with a daily driver device.

[LFC_Bitcoin]

Consider a bitcoiner named Joe that has the following setup:

- Joe has a Linux machine.
- Thismachine is Joe's personal machine where he does everything, from watching movies to E-Banking.
- Joe is the only person that uses this machine, and no one else has access to it.
- Everything is run on his Linux user account `joe94`.
- `joe94` is sudoer.
- Joe installed Bitcoin Core and runs it with the default `bitcoin.conf`.
- Joe runs Electrs Electrum server.
- Joe has a Trezor hardware wallet.
- Joe uses the Trezor Suite app.
- Joe points the Trezor app to the local Electrum (instead of Trezor nodes).
- Joe follows all the "Trezor good practices" like storing his seed phrase only on physical media such as paper, checking the receiving address and sending address for every transaction, etc.
- Joe's computer is a laptop, so he can bring it anywhere and connect it to any random Wi-Fi network he finds on the go.

Would you consider Joe is at risk?

Joe’s problems are the bolded. He really should be using a separate device for Bitcoin only. If he is dealing with large amounts of money then he needs a different device to do every day online activities. All it takes is one suspect torrent or file containing malware and Joe will be eating ramen.

[Cricktor]

...

I think you're painting a bit too harsh consequences for Joe, because Joe uses a hardware wallet which shields his wallet's private keys from malware, in theory and likely in practice too from what I've learned and experienced myself with Trezor and another hardware wallet. I say this also because OP said, that Joe follows good practices with usage of his hardware wallet.

An important thing is, to verify all details of a transaction BEFORE you sign it with your hardware wallet, check thoroughly every time amounts to be sent and most importantly the output addresses. This prevents stealing of coins when malware could manipulate the watch-only software wallet to assemble a transaction with outputs that aren't chosen by the user before the transaction is sent to the hardware wallet for signing.

I agree that it's not the best idea to use just one device for all your internet shit and e-banking and crypto wallet stuff. That kinda calls for desaster and using every wifi Joe might encounter has been criticized already here.

I highly recommend to setup mobile devices like a laptop with encrypted filesystem(s), simply because mobile devices are carried around, can be lost or stolen. Going to be pretty bad when unauthorized people gain access to your data on that device. The evil guys might find reasons to re-visit you with a few 5$ wrenches or even a heftier 25$ wrench with significantly more persuasive momentum.

Don't get me wrong, there's no easy rule, it depends how much someone knows about computer security, safe browsing practices and so on.

[Forsyth Jones]

Ideally, Joe would only use this device for Bitcoin. However, if Joe only uses this laptop at home and doesn't connect to public Wi-Fi networks, I don't see the need to buy a new laptop for another purpose.

It all depends on Joe's threat model. If Joe really needs to use this same laptop to connect to public Wi-Fi, he can download and use TaisOS on a bootable flash drive to browse the internet. TaisOS is an amnesic system that doesn't store anything in permanent memory when the equipment is turned off.

I have a laptop with dual boot: Windows 11 and Ubuntu 24.04. I only use Ubuntu to access forums, Reddit and my Bitcoin wallet. For more routine tasks, I boot into Windows and only connect to Wifi with a VPN enabled or at trusted relatives' homes.

In reality, I rarely open my laptop in public places. You should be concerned about your phone, which is much more likely to connect to public Wifi, and depending on your personal information, it could be much more valuable than your BTC balance, as it could be used as a way to extort money from you.

[LoyceV]

I have a laptop with dual boot: Windows 11 and Ubuntu 24.04. I only use Ubuntu to access forums, Reddit and my Bitcoin wallet. For more routine tasks, I boot into Windows and only connect to Wifi with a VPN enabled or at trusted relatives' homes.

I would never trust Windows to have access to my Linux drives.

[philipma1957]

I have a laptop with dual boot: Windows 11 and Ubuntu 24.04. I only use Ubuntu to access forums, Reddit and my Bitcoin wallet. For more routine tasks, I boot into Windows and only connect to Wifi with a VPN enabled or at trusted relatives' homes.

I would never trust Windows to have access to my Linux drives.

Yeah it is a case of " stupid cheap "

Or to be polite " pennywise and pound foolish "


I HAVE A STAND ALONE 2TB ssd 16GB LAPTOP FOR LINUX.

If you live in the USA buying a used laptop dropping in ram and a 2tb is cheap enough.

[Forsyth Jones]

I would never trust Windows to have access to my Linux drives.

Yeah it is a case of " stupid cheap "

Or to be polite " pennywise and pound foolish "


I HAVE A STAND ALONE 2TB ssd 16GB LAPTOP FOR LINUX.

If you live in the USA buying a used laptop dropping in ram and a 2tb is cheap enough.

Unfortunately, I don't live in the USA. Here where I live, a laptop costs the same as a popular car, it's very difficult to find someone with a top-tier laptop from the latest year.

I have two laptops with great configurations, this one also has a dual boot with Ubuntu. I'm thinking of formatting this second laptop and leaving it with only some Linux distro.

[LoyceV]

Here where I live, a laptop costs the same as a popular car

How is that possible? Are you comparing brand new top of the line laptops to very old cars?

it's very difficult to find someone with a top-tier laptop from the latest year.

That's rare here too, most people spend more money on their phone than on their laptop nowadays. But second hand business laptops are abundant and cheap, and those are great for running Linux.

this one also has a dual boot with Ubuntu.

You mention a dual boot, but only mention one OS. That's an interesting way of describing your configuration, I take it you take Windows as the de facto standard. I wouldn't even know what to do with Windows.

[ABCbits]

I have a laptop with dual boot: Windows 11 and Ubuntu 24.04. I only use Ubuntu to access forums, Reddit and my Bitcoin wallet. For more routine tasks, I boot into Windows and only connect to Wifi with a VPN enabled or at trusted relatives' homes.

I would never trust Windows to have access to my Linux drives.

Aside from security concern, it's known that windows update occasionally break your dual boot system where you can't boot into linux.

Unfortunately, I don't live in the USA. Here where I live, a laptop costs the same as a popular car, it's very difficult to find someone with a top-tier laptop from the latest year.

Out of curiosity, do you mind tell of you example of the laptop and popular car? You don't need to disclose where you live.

And when you say top-tier laptop, do you mean something like Apple laptop with most expensive option that cost $7000+?

[Furball808]

- Joe has a Linux machine.

Good start. Better than windows or macos. Lot more secure and stable. Runs smoothly and not crash prone compared to windows.

- This machine is Joe's personal machine where he does everything, from watching movies to E-Banking.

- Joe has a Trezor hardware wallet.

Generally not recommended to use your PC or what to do everything in especially if you are storing sensitive information related to money. (I am aware money is not the only possible risk of data leakage, there are lots of sensitive data that can be used against you in a PC or what device). But usually when you are holding bitcoin in the same device where you might encounter viruses or malware then that is when it gets a little sideways. But since you have trezor anyway then you only need to worry about your fiat in the bank. But I know many users who use their device with linux for gaming, editing and streaming and they have not caught challenges.

- Joe is the only person that uses this machine, and no one else has access to it.

Good security measure but malware can still infiltrate your device.

- Joe's computer is a laptop, so he can bring it anywhere and connect it to any random Wi-Fi network he finds on the go.

I have been mentioning malware across this post, and this is exactly how you will be getting that. Someone could tamper the software and download malware in your device without you even knowing. DO NOT CONNECT TO PUBLIC WIFIS. They are exposing you to many dangers.

[Cricktor]

Someone could tamper the software and download malware in your device without you even knowing. DO NOT CONNECT TO PUBLIC WIFIS. They are exposing you to many dangers.

Care to enlighten us how this could happen actually, given the premises that the target is a Linux box and assuming that it shouldn't be configured to be discoverable in a public wifi?

I'm not saying that public wifi is harmless, but from my own IT experience, I think you're painting a bit too much scary colors to the wall, aren't you. Of course, it depends how you configure your Linux box to act in a public network environment. If you allow stupid things, you're calling for trouble.

So, what's the actually working attack vectors in a public wifi. Genuinely curious!