|
BookLover
|
|
December 24, 2014, 03:04:39 PM |
|
I believe the problem is not malware infecting your computer through the the power cable, but existing malware leaking information through the power cable.
|
|
|
|
Newar
Legendary
Offline
Activity: 1358
Merit: 1001
https://gliph.me/hUF
|
|
December 24, 2014, 03:09:13 PM |
|
I believe the problem is not malware infecting your computer through the the power cable, but existing malware leaking information through the power cable.
This could be avoided if running the computer off batteries, which are only charged from main when they are disconnected from the computer.
|
|
|
|
bellicose
Sr. Member
Offline
Activity: 1120
Merit: 263
Sovryn - 300-500% APY on USDT Deposit
|
|
December 24, 2014, 03:11:30 PM |
|
There is good post "Schneier on Security" from 2013 year about Air Gaps: https://www.schneier.com/blog/archives/2013/10/air_gaps.htmlLooks like it is still actual. Most of Bitcoin's users could just follow him with their 10 - 20 BTC in cold wallets. Holder with 1mil$ in BTC probably would like to hardening this way little bit more.
|
|
|
|
Newar
Legendary
Offline
Activity: 1358
Merit: 1001
https://gliph.me/hUF
|
|
December 24, 2014, 03:48:57 PM |
|
There is good post "Schneier on Security" from 2013 year about Air Gaps: https://www.schneier.com/blog/archives/2013/10/air_gaps.htmlLooks like it is still actual. Most of Bitcoin's users could just follow him with their 10 - 20 BTC in cold wallets. Holder with 1mil$ in BTC probably would like to hardening this way little bit more. His step 1: 1. When you set up your computer, connect it to the Internet as little as possible. For bitcoin air-gapping that is already not acceptable. You just don't connect it to the Internet.
|
|
|
|
bellicose
Sr. Member
Offline
Activity: 1120
Merit: 263
Sovryn - 300-500% APY on USDT Deposit
|
|
December 25, 2014, 12:55:13 AM |
|
...
His step 1: 1. When you set up your computer, connect it to the Internet as little as possible. For bitcoin air-gapping that is already not acceptable. You just don't connect it to the Internet. He talking about " set up". He means, that at the first boot something anyway shall be downloaded from the network.
|
|
|
|
Newar
Legendary
Offline
Activity: 1358
Merit: 1001
https://gliph.me/hUF
|
|
December 25, 2014, 07:28:46 AM |
|
...
His step 1: 1. When you set up your computer, connect it to the Internet as little as possible. For bitcoin air-gapping that is already not acceptable. You just don't connect it to the Internet. He talking about " set up". He means, that at the first boot something anyway shall be downloaded from the network. Which would suck if you picked up a beastie during that process, wouldn't it?
|
|
|
|
bellicose
Sr. Member
Offline
Activity: 1120
Merit: 263
Sovryn - 300-500% APY on USDT Deposit
|
|
December 25, 2014, 08:14:17 AM Last edit: December 25, 2014, 08:24:46 AM by bellicose |
|
...
His step 1: 1. When you set up your computer, connect it to the Internet as little as possible. For bitcoin air-gapping that is already not acceptable. You just don't connect it to the Internet. He talking about " set up". He means, that at the first boot something anyway shall be downloaded from the network. Which would suck if you picked up a beastie during that process, wouldn't it? Dear, this beastie shall looks like Stuxnet, it must know that you are air-gapped. It is like attack against nuclear power station. Chance to be infected by such worm while first and last boot of air-gap station is 0.00000000 ... 000001 % Easiest ways to protect your self against such worms, DON'T USE microsoft SOFTWARE. Better to take one of the Linux's LiveCD Additionally, any device or media connected once to the Air-Gapped Station shall not be used ever. For example, you bring data on DVD 4.0 Gb of blockchain or anything else, this media shall be destroyed, burned, annihilated. In - yes, out - no.
|
|
|
|
Newar
Legendary
Offline
Activity: 1358
Merit: 1001
https://gliph.me/hUF
|
|
December 25, 2014, 08:36:39 AM |
|
Dear, this beastie shall looks like Stuxnet, it must know that you are air-gapped. It is like attack against nuclear power station. Chance to be infected by such worm while first and last boot of air-gap station is 0.00000000 ... 000001 % Easiest ways to protect your self against such worms, DON'T USE microsoft SOFTWARE. Better to take one of the Linux's LiveCD Additionally, any device or media connected once to the Air-Gapped Station shall not be used ever. For example, you bring data on DVD 4.0 Gb of blockchain or anything else, this media shall be destroyed, burned, annihilated. In - yes, out - no. You're missing my point. The risk of being infected by malware without ever connecting to the Internet = x The risk of being infected by malware by connecting to the Internet once = x +1 Most malware is not known and Linux is by no means immune. (But I agree, it's a better alternative than Windows) If "out = no", how will you spend your bitcoins?
|
|
|
|
ChineseSavior (OP)
|
|
December 31, 2014, 02:05:20 AM |
|
I believe the problem is not malware infecting your computer through the the power cable, but existing malware leaking information through the power cable.
This could be avoided if running the computer off batteries, which are only charged from main when they are disconnected from the computer. so this is 100% true? Can anyone else verify this? Also you can never let a airgap computer touch the network. I have no idea why that article says connect to the network as little as possible? You're supposed to never connect. Anything you move over to the airgap computer should be through usb stick and then the usb stick essentially smelted.
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
December 31, 2014, 03:36:34 AM |
|
Anything you move over to the airgap computer should be through usb stick and then the usb stick essentially smelted.
It would be safer to use QR codes rather than USB devices (due to potential attack vectors) but if you are going to use USB there is no reason to "destroy" the device (the point is to simply not re-use it).
|
|
|
|
bellicose
Sr. Member
Offline
Activity: 1120
Merit: 263
Sovryn - 300-500% APY on USDT Deposit
|
|
December 31, 2014, 03:48:45 AM |
|
Dear, this beastie shall looks like Stuxnet, it must know that you are air-gapped. It is like attack against nuclear power station. Chance to be infected by such worm while first and last boot of air-gap station is 0.00000000 ... 000001 % Easiest ways to protect your self against such worms, DON'T USE microsoft SOFTWARE. Better to take one of the Linux's LiveCD Additionally, any device or media connected once to the Air-Gapped Station shall not be used ever. For example, you bring data on DVD 4.0 Gb of blockchain or anything else, this media shall be destroyed, burned, annihilated. In - yes, out - no. You're missing my point. The risk of being infected by malware without ever connecting to the Internet = x The risk of being infected by malware by connecting to the Internet once = x +1 Most malware is not known and Linux is by no means immune. (But I agree, it's a better alternative than Windows) If "out = no", how will you spend your bitcoins? I'm talking about media, such as DVD / CD / or usb-device. You could print your priv_key of cold wallet on the paper with printer. Further, import it on the connected to the network computer side. Thereafter, spend your Bitcoins as much faster as it possible!!!!! (((; This is what called Air-Gap and what called Sneakernet. See also: Bell–LaPadula model - Up - yes, Down - no. In such way, your Air Gapped Station simply can't leak any data to the network.
|
|
|
|
ChineseSavior (OP)
|
|
December 31, 2014, 03:26:55 PM |
|
Anything you move over to the airgap computer should be through usb stick and then the usb stick essentially smelted.
It would be safer to use QR codes rather than USB devices (due to potential attack vectors) but if you are going to use USB there is no reason to "destroy" the device (the point is to simply not re-use it). I guess I like to say destroy because then I cant use it on network (or someone else) ever again on purpose or by mistake compromising my whole network. Even if I marked the devices in red it could still happen if a family member, TSA, boogyman etc gets there hands on it and says "what's this" and plugs it into a computer (which 2014 will be 99% likely on network) now your whole op is compromised because of someone intentional or otherwise. Additionally I am not quite sure I understand how QR codes keep you safe from malware. Please correct me if I am wrong but computers communicate using the most basic of 1's and 0's. In theory if the QR code program on each end was malware. It could simply decode the QR data and format it to do whatever corrupt bidding you could fit on a QR code (no idea). I do know that when I was a kid I programmed a basic hard drive delete program. It was so small if I had to guess I could get it into QR format somehow.... could be way off base tho but makes sense in my head at least. **edit** I guess you're saying that because my airgap computer is snapping photos of the QR codes and the airgap comp never touches the network that there is no way for the airgap comp to transmit back data w/o it generating its own QR code. wireless signal, Lan, IR, etc etc. If that makes sense. Even if they were to encode my private keys into a QR code it could never make it back to the network because the airgap computer physically has no way of talking.
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
December 31, 2014, 03:29:18 PM |
|
A QR code just contains *data* (no program) so it is very different to a USB device (that can contain things like autorun programs).
*EDIT* the use of QR codes is "dumb comms" vs. USB which is "smart comms" - when it comes to best security practices the "dumber" the better (audio cables are another approach that has been worked on).
Note that narrowing the comms down to "one channel" (i.e. just cams) is much better than having to deal with multiple potential comms channels.
|
|
|
|
bellicose
Sr. Member
Offline
Activity: 1120
Merit: 263
Sovryn - 300-500% APY on USDT Deposit
|
|
January 03, 2015, 04:20:43 PM |
|
To the completeness: https://en.wikipedia.org/wiki/BadBIOSBadBIOS is an alleged computer virus reported by network security researcher Dragos Ruiu in October 2013[1] with the power to be transmitted from one device to other across air gaps using ultrasonic communication between a computer's speakers and microphone
|
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1540
No I dont escrow anymore.
|
|
January 03, 2015, 05:05:25 PM |
|
To the completeness: https://en.wikipedia.org/wiki/BadBIOSBadBIOS is an alleged computer virus reported by network security researcher Dragos Ruiu in October 2013[1] with the power to be transmitted from one device to other across air gaps using ultrasonic communication between a computer's speakers and microphone No Mic, no problem.
|
Im not really here, its just your imagination.
|
|
|
|