Let’s talk about a guy named Joe who's into Bitcoin and his setup:
- Joe's using a Linux machine.
- This is his personal computer where he does everything, from binge-watching shows to handling online banking.
- He’s the only one who uses this machine, so there’s no one else with access.
- All his activities are done under his Linux user account, called `joe94`.
- The `joe94` account has sudo privileges.
- Joe installed Bitcoin Core and runs it using the standard `bitcoin.conf` settings.
- He also operates the Electrs Electrum server.
- Joe owns a Trezor hardware wallet.
- He makes use of the Trezor Suite application.
- Instead of connecting to Trezor nodes, he points the Trezor app to his local Electrum server.
- Joe sticks to all the recommended practices for Trezor, like keeping his seed phrase on paper only, and double-checking the receiving and sending addresses for transactions.
- Since Joe's using a laptop, he can take it anywhere and hop on any random Wi-Fi network he encounters.
So, do you think Joe is putting himself at risk?
Is this setup actually secure?
19 replies 325 views
humbleledgerLegendary
Posts: 1027 · Reputation: 6554
#2Oct 15, 2025, 01:12 PM
Why not use Electrum as a wallet instead of Trezor Suite?
At risk of what? Does Joe bring his Trezor hardware wallet with him?
I wouldn't run a server on public Wi-Fi. It just doesn't feel right.
byte_protoFull Member
Posts: 84 · Reputation: 625
#3Oct 17, 2025, 09:39 AM
This is pretty much risky. Connecting to random Wi-Fi is susceptible to man in the middle attacks.
Taking your pc around will increase the risks of it falling into hands of theft.
Using such pc to run every activity online increase risks of malware.
While Joe coins are not directly at risks, his privacy and general security are.
While malware designed for linux is rare, the risk is exist if watching movie involve pirated/cracked stuff.
Aside from MITM, evil twin attack (fake wifi hotspot with similar name with real one) can be risky if E-Banking is involved. Although using VPN you can trust supposed to solve this issue.
Yes, I consider Joe to be at risk for using random/public WiFi networks because one of the strategies used by hackers to attack and also steal private data is to use public WiFi. Besides, some online thieves usually create their own public WiFi and disguise it as a genuine WiFi network.
There's no benefit in using public WiFi, and the price to pay is always a big one.
humbleledgerLegendary
Posts: 1027 · Reputation: 6554
#6Oct 17, 2025, 12:51 PM
Not everyone has unlimited mobile data.
You have a point, but if we think about the consequences and the level of how hacker use the man in the middle attack through the creation of fake Wi-Fi hotspots to read their target emails, steal personal information, and check the websites they are visiting, it is always better to always seek safety first, not some minutes of free public WiFi internet service.
humbleledgerLegendary
Posts: 1027 · Reputation: 6554
#8Oct 17, 2025, 07:25 PM
That's what encryption is for: once my browser knows the security certificate for a website, no man in the middle can read the data.
byte_protoFull Member
Posts: 84 · Reputation: 625
#9Oct 18, 2025, 12:30 AM
Yes except from the evil twin attack, if the user is not using a VPN.
Does this Linux laptop setup have a full disk encryption? I would recommend to use this for devices that are carried around and could easily be stolen.
I don't really like the random wifi networks usage but this can be mitigated.
It's imperative to carefully check certificates used in browsers to avoid MITM attacks.
Still not a big fan to use such a network "promiscuous" device for crypto wallets and e-banking.
I wouldn't want to use my daily driver for my crypto wallet stuff, but this depends strongly on what is done with the device and how security educated someone is and if the user does "risky" stuff on the internet. Some people install all the time some software they want to try out and whatnotelse. This could be a recipe for later desaster, especially when having all under one user account which is in the sudoers group. Priviledge escalation is only a step away...
Using a hardware wallet to secure private keys is good for Joe and mitigates a few problems that could arise with a daily driver device.
yield_moonFull Member
Posts: 102 · Reputation: 297
#11Oct 19, 2025, 06:46 PM
Joes problems are the bolded. He really should be using a separate device for Bitcoin only. If he is dealing with large amounts of money then he needs a different device to do every day online activities. All it takes is one suspect torrent or file containing malware and Joe will be eating ramen.
I think you're painting a bit too harsh consequences for Joe, because Joe uses a hardware wallet which shields his wallet's private keys from malware, in theory and likely in practice too from what I've learned and experienced myself with Trezor and another hardware wallet. I say this also because OP said, that Joe follows good practices with usage of his hardware wallet.
An important thing is, to verify all details of a transaction BEFORE you sign it with your hardware wallet, check thoroughly every time amounts to be sent and most importantly the output addresses. This prevents stealing of coins when malware could manipulate the watch-only software wallet to assemble a transaction with outputs that aren't chosen by the user before the transaction is sent to the hardware wallet for signing.
I agree that it's not the best idea to use just one device for all your internet shit and e-banking and crypto wallet stuff. That kinda calls for desaster and using every wifi Joe might encounter has been criticized already here.
I highly recommend to setup mobile devices like a laptop with encrypted filesystem(s), simply because mobile devices are carried around, can be lost or stolen. Going to be pretty bad when unauthorized people gain access to your data on that device. The evil guys might find reasons to re-visit you with a few 5$ wrenches or even a heftier 25$ wrench with significantly more persuasive momentum.
Don't get me wrong, there's no easy rule, it depends how much someone knows about computer security, safe browsing practices and so on.
yield_forkFull Member
Posts: 162 · Reputation: 728
#13Oct 21, 2025, 01:39 PM
Ideally, Joe would only use this device for Bitcoin. However, if Joe only uses this laptop at home and doesn't connect to public Wi-Fi networks, I don't see the need to buy a new laptop for another purpose.
It all depends on Joe's threat model. If Joe really needs to use this same laptop to connect to public Wi-Fi, he can download and use TaisOS on a bootable flash drive to browse the internet. TaisOS is an amnesic system that doesn't store anything in permanent memory when the equipment is turned off.
I have a laptop with dual boot: Windows 11 and Ubuntu 24.04. I only use Ubuntu to access forums, Reddit and my Bitcoin wallet. For more routine tasks, I boot into Windows and only connect to Wifi with a VPN enabled or at trusted relatives' homes.
In reality, I rarely open my laptop in public places. You should be concerned about your phone, which is much more likely to connect to public Wifi, and depending on your personal information, it could be much more valuable than your BTC balance, as it could be used as a way to extort money from you.
humbleledgerLegendary
Posts: 1027 · Reputation: 6554
#14Oct 21, 2025, 06:19 PM
I would never trust Windows to have access to my Linux drives.
hodler2019Legendary
Posts: 2182 · Reputation: 12913
#15Oct 21, 2025, 08:34 PM
Yeah it is a case of " stupid cheap "
Or to be polite " pennywise and pound foolish "
I HAVE A STAND ALONE 2TB ssd 16GB LAPTOP FOR LINUX.
If you live in the USA buying a used laptop dropping in ram and a 2tb is cheap enough.
yield_forkFull Member
Posts: 162 · Reputation: 728
#16Oct 23, 2025, 04:53 PM
Unfortunately, I don't live in the USA. Here where I live, a laptop costs the same as a popular car, it's very difficult to find someone with a top-tier laptop from the latest year.
I have two laptops with great configurations, this one also has a dual boot with Ubuntu. I'm thinking of formatting this second laptop and leaving it with only some Linux distro.
humbleledgerLegendary
Posts: 1027 · Reputation: 6554
#17Oct 24, 2025, 08:25 PM
How is that possible? Are you comparing brand new top of the line laptops to very old cars?
That's rare here too, most people spend more money on their phone than on their laptop nowadays. But second hand business laptops are abundant and cheap, and those are great for running Linux.
You mention a dual boot, but only mention one OS. That's an interesting way of describing your configuration, I take it you take Windows as the de facto standard. I wouldn't even know what to do with Windows.
Aside from security concern, it's known that windows update occasionally break your dual boot system where you can't boot into linux.
Out of curiosity, do you mind tell of you example of the laptop and popular car? You don't need to disclose where you live.
And when you say top-tier laptop, do you mean something like Apple laptop with most expensive option that cost $7000+?
jake.chainSenior Member
Posts: 280 · Reputation: 1307
#19Oct 25, 2025, 06:28 AM
Good start. Better than windows or macos. Lot more secure and stable. Runs smoothly and not crash prone compared to windows.
Generally not recommended to use your PC or what to do everything in especially if you are storing sensitive information related to money. (I am aware money is not the only possible risk of data leakage, there are lots of sensitive data that can be used against you in a PC or what device). But usually when you are holding bitcoin in the same device where you might encounter viruses or malware then that is when it gets a little sideways. But since you have trezor anyway then you only need to worry about your fiat in the bank. But I know many users who use their device with linux for gaming, editing and streaming and they have not caught challenges.
Good security measure but malware can still infiltrate your device.
I have been mentioning malware across this post, and this is exactly how you will be getting that. Someone could tamper the software and download malware in your device without you even knowing. DO NOT CONNECT TO PUBLIC WIFIS. They are exposing you to many dangers.
Care to enlighten us how this could happen actually, given the premises that the target is a Linux box and assuming that it shouldn't be configured to be discoverable in a public wifi?
I'm not saying that public wifi is harmless, but from my own IT experience, I think you're painting a bit too much scary colors to the wall, aren't you. Of course, it depends how you configure your Linux box to act in a public network environment. If you allow stupid things, you're calling for trouble.
So, what's the actually working attack vectors in a public wifi. Genuinely curious!
Related topics
- CipherSeed: A Comprehensive Guide to Super-Secure Crypto Wallet Backups 5
- Simple Offline Wallet (key-pair) Setup on Linux Without GUI 0
- bitcoin-qt sync issues and slow speeds 6
- Recovering a Bitcoin wallet and address 8
- Creating a list of non-zero wallets and their balances using Python 4
- Curious about recovering BTC from 2010/2011 7