Is old 3.5 floppy safer than USB drive for cold storage?

[rodgerdoger]

Honnestly I think paper with redundancy is the best, but the exploit is difficult to execute and will not really be a big deal.

[1714846207]

1714846207

[1714846207]

1714846207

[1714846207]

1714846207

[1714846207]

1714846207

[1714846207]

1714846207

[Connor936]

I guess most people are missing the main question. I already have paper backups in a safety deposit box. The only thing I'm temporarily storing are files created on my cold storage (offline computer), or the only computer that contains the private keys. These "signature files" are stored to the floppy, then my online computer will read them from the floppy and broadcast the transaction. I can do this with a USB drive also but because of the BadUSB hack I was wondering if the old technology would be safer - I know the USD hack won't work on an FDD controller.

I think a better solution would be to use QR codes to transmit the unsigned/signed TXs between computers (I think this was suggested once or twice above). This would prevent any physical attack to your offline computer and would ensure that nothing that has touched your online computer will ever touch your offline computer

[Newar]

I think a better solution would be to use QR codes to transmit the unsigned/signed TXs between computers (I think this was suggested once or twice above). This would prevent any physical attack to your offline computer and would ensure that nothing that has touched your online computer will ever touch your offline computer

For spending from cold storage, yes. See CIYAM's solution: https://susestudio.com/a/kp8B3G/ciyam-safe

For tx signing, not so easy:

[...]

Okay, so that gets us back to the original question of "how much data do we have to transfer between online and offline computer?"  Unfortunately, the simplest case is not relevant to this discussion:  you have to design the protocol around the 99.9'th percentile case:  which is the case that someone has an offline donation address that they want to clear out.  Let's say they have received 40 donations.

So the transaction will have 40 inputs and 2 outputs. 

The bulk of the data is the supporting transactions which can be anything (transactions created by the donors).  Each one itself may have dozens of inputs, and the signatures are necessarily included!  Let's assume 30 "standard" supporting transactions, and the other ten have 10 inputs each.

• Tx-to-be-signed:  30 inputs (unsigned) of 48 bytes each, and two outputs of 40 bytes each = 1.5 kB 
• 30 standard supporting tx:  250 bytes each = 7.5 kB
• Ten larger tx:  180 bytes for each input (signed), so about 2 kB each = 20 kB

So the online computer needs to communicate 30 kB to the offline computer in this case.  And the offline computer needs to transfer back 30 signatures, which is, at best, 2 kB at a minimum.  The "maximum" a QR code can handle is 3 kB of binary, so that's 10 QR codes from online to offline.  1-2 QR codes the other way.

So the protocol should handle 30 kB without causing a lot of pain.  If the user has to wait a little bit because of a slow communication rate, that's okay because this case is abnormal and waiting 60s for the transfer isn't the end of the world.  But if they can't succeed because it's confusing and they can't figure out how many and which QR codes have been scanned, or which webcam they're supposed to be pointing at which device, and frustrated there are wires everywhere, etc.  Then there's a problem...

As you can tell, I'm very sensitive to the "convenience" of a given feature.  I think the biggest barrier to security is convenience -- users just don't use things that are inconvenient.  But I also don't want to sacrifice security, at all, no matter how much work it is for me.  Which is why there are so many recommendations here that are great, but don't quite the bill.  But I'm pretty sure a solution exists where the user can actually have both, in which case everyone wins

[CIYAM]

This is what I really don't *get* when Armory (in particular) talk about offline signing for "cold storage" - it always seems as though they are trying to solve problems for "idiots" (but they seem to forget that "idiots and ingenious" and are going to lose their BTC no matter which software they use - and yes I don't recommend CIYAM Safe for "idiots").

Why on earth would I have "40 donations" to a "cold storage address" that should never have never published.

CIYAM Safe works perfectly on the assumption that you "know what you are doing" and you don't go "publishing your cold storage addresses publicly" (so there should only be 1 UTXO to deal with every time which works perfectly with just QR codes - one to receive the unsigned raw tx and one to send the signed raw tx).

[Moria843]

I guess most people are missing the main question. I already have paper backups in a safety deposit box. The only thing I'm temporarily storing are files created on my cold storage (offline computer), or the only computer that contains the private keys. These "signature files" are stored to the floppy, then my online computer will read them from the floppy and broadcast the transaction. I can do this with a USB drive also but because of the BadUSB hack I was wondering if the old technology would be safer - I know the USD hack won't work on an FDD controller.

I think a better solution would be to use QR codes to transmit the unsigned/signed TXs between computers (I think this was suggested once or twice above). This would prevent any physical attack to your offline computer and would ensure that nothing that has touched your online computer will ever touch your offline computer

Sounds good, but how would I get the QR codes off of the offline computer and onto the online computer. I can generate them on the offline computer and scan them into my phone, but how do I get them to the online computer without using a wand or some other USB interface I'm trying to avoid?

[bornil267645]

I don't think there's any significant difference between the floppy and USB. They both have same kind of storage or at least I have used both of them.

[Newar]

This is what I really don't *get* when Armory (in particular) talk about offline signing for "cold storage" - it always seems as though they are trying to solve problems for "idiots" (but they seem to forget that "idiots and ingenious" and are going to lose their BTC no matter which software they use - and yes I don't recommend CIYAM Safe for "idiots").

Why on earth would I have "40 donations" to a "cold storage address" that should never have never published.

CIYAM Safe works perfectly on the assumption that you "know what you are doing" and you don't go "publishing your cold storage addresses publicly" (so there should only be 1 UTXO to deal with every time which works perfectly with just QR codes - one to receive the unsigned raw tx and one to send the signed raw tx).

Because like you said the other day, Armory is a wallet, that offers the possibility to keep the private keys cold. It's not a single key cold storage. Doesn't matter if it's 40 tx to one address or 40 different addresses. Say you have armoryd (watch-only) giving out addresses to customers. Later you want to spend from those, via the offline computer. There's the problem there.

[Newar]

Sounds good, but how would I get the QR codes off of the offline computer and onto the online computer. I can generate them on the offline computer and scan them into my phone, but how do I get them to the online computer without using a wand or some other USB interface I'm trying to avoid?

Built-in webcam on the online PC? Reads the QR code from the offline PC and you always can double check and compare the output the software provides (QtQR for Linux, for example). But depending on tx size you'll end up scanning several QR codes. (etotheipi's post)

[blastmaster]

In addition to the 5.25 inch floppy of course, I just use 2 USB drives and a CD all kept in different places. Done.

[CIYAM]

It's not a single key cold storage.

Not sure what you mean by this - but just to be clear you can have as many "keys" as you like using CIYAM Safe.

[BIGbangTheory]

Sounds good, but how would I get the QR codes off of the offline computer and onto the online computer. I can generate them on the offline computer and scan them into my phone, but how do I get them to the online computer without using a wand or some other USB interface I'm trying to avoid?

Built-in webcam on the online PC? Reads the QR code from the offline PC and you always can double check and compare the output the software provides (QtQR for Linux, for example). But depending on tx size you'll end up scanning several QR codes. (etotheipi's post)

Many computers with built in webcam have built in wifi so if the OP is trying to avoid using USB period then he would probably not to be dealing with a computer that could have it's wifi antenna enabled (although this is serious tinfoil hat status).

@moria I believe the risk of using a USB drive is very low. You can further minimize this risk by utilizing good physical security to both your USB drive and your computer that holds the private keys.

[CIYAM]

Many computers with built in webcam have built in wifi so if the OP is trying to avoid using USB period then he would probably not to be dealing with a computer that could have it's wifi antenna enabled (although this is serious tinfoil hat status).

Funnily enough when I bought the old laptop that I use for my "offline system" here in China I got my wife to ask them to remove the WiFi card which surprised the store owner a lot (prompting him to ask why). She looked at him blankly for a few seconds and then explained that the problem is that when she gets online she always ends up in fights with people on the internet so her husband doesn't want her to be able to get online.

[Newar]

Many computers with built in webcam have built in wifi so if the OP is trying to avoid using USB period then he would probably not to be dealing with a computer that could have it's wifi antenna enabled (although this is serious tinfoil hat status).

Disable it in the BIOS? Or in the OS on first run? Some come with hardware switches that you can super-glue in the off position? Not really a problem.

[Newar]

It's not a single key cold storage.

Not sure what you mean by this - but just to be clear you can have as many "keys" as you like using CIYAM Safe.

I understand that. I think the approach is different.

If I understand correctly, CIYAM Safe is meant to put coins in a cold storage as you would with a paper wallet. Put one bitcoin in address A and one in address B. Now, to spend 1.5 BTC for example in single transaction from CIYAM Safe I imagine is a bit tricky?

Whereas with Armory it will create a single transaction 2 BTC -> 1.5 BTC and 0.5 BTC change (to a new adddress) for you. It will also try and select the optimal inputs for a transaction.

I think they are just different solutions to different use cases.

[CIYAM]

I think they are just different solutions to different use cases.

Indeed - I don't deal with "cold storage" like *normal transactions* (and I seriously doubt that anyone else does either).

The basic idea is that you have X "cold storage addresses" and then you "move funds to a hot wallet" from one at a time.

[evok3d]

I would probably keep a copy on as many mediums and platforms as you can think being safe, such as :

- Print it out
- Encrypted backups on different mediums
- Put it in a vault if you have to

I would not say one single method is safe enough. You dont know what is going to happen long term.

[evok3d]

I ended up using audio using minimodem. This [1] is in the Armory section and for Linux, but it might give you some ideas (you can transmit any kind of data). Cheap investment too for a 3.5mm jack-jack cable.

[1] https://bitcointalk.org/index.php?topic=735111.0

This is a pretty pro way of doing this, though i would not really bother unless you have a large amount of bitcoins

[BTCfan668]

It's not a single key cold storage.

Not sure what you mean by this - but just to be clear you can have as many "keys" as you like using CIYAM Safe.

I understand that. I think the approach is different.

If I understand correctly, CIYAM Safe is meant to put coins in a cold storage as you would with a paper wallet. Put one bitcoin in address A and one in address B. Now, to spend 1.5 BTC for example in single transaction from CIYAM Safe I imagine is a bit tricky?

Whereas with Armory it will create a single transaction 2 BTC -> 1.5 BTC and 0.5 BTC change (to a new adddress) for you. It will also try and select the optimal inputs for a transaction.

I think they are just different solutions to different use cases.

Most people do not send bitcoin directly from their cold storage to the address(es) they are sending to. In my experience most businesses will have a "hot wallet" that will contain a "target" amount of bitcoin. If the hot wallet gets too low then bitcoin will be transferred from their cold storage into their hot wallet. If the hot wallet starts to get too much bitcoin then the company will transfer some of the bitcoin to their cold storage

[pumawolf]

i dont trust usb drives. i have a magnetic field machine i use in my room time to time. i have my flash drives in my closet. my flash drives dont work anymore, lucky i pull my coins out way before it happen. im very paranoid about my coins now, i dont fuk around no more,i hand write my private keys, twice.

[Eisenhower34]

Many computers with built in webcam have built in wifi so if the OP is trying to avoid using USB period then he would probably not to be dealing with a computer that could have it's wifi antenna enabled (although this is serious tinfoil hat status).

Disable it in the BIOS? Or in the OS on first run? Some come with hardware switches that you can super-glue in the off position? Not really a problem.

If it is in there, in theory it can be used. Some people want to use thicker "tinfoil hats" then others. I personally don't think it is necessary to go to these extremes (or to the extremes that CIYAM went to above) as I believe the incremental amount of security is low