Stop purchasing hardware wallets. The $0 Paranoid Security Setup.

14 replies 272 views
Posts: 13 · Reputation: 110
#1Jan 27, 2021, 03:18 PM
Spending $200 on a sleek titanium hardware wallet with bluetooth and a fancy screen isn’t real security. You're just increasing the risk of being hacked. Marketing has tricked everyone into believing that staying secure costs money. But it doesn’t. It just requires some self-control. The main rule is pretty straightforward. If your operating system has network drivers activated and connects to the internet, your private keys should never go near it. No exceptions. Here’s the real $0 cypherpunk approach. Just grab a cheap, empty USB stick and install Tails OS on it. Tails runs entirely in RAM and erases everything as soon as you shut it down. Take an old, junk laptop and actually take out the wifi card from the motherboard. Boot Tails without any internet connection. Open up Electrum, which is already included, generate your seed, and write it down in metal. That’s your cold storage set up. Now, how do you use it without messing things up? Enter psbt (partially signed bitcoin transactions). You export the zpub master public key from that offline laptop to your everyday phone or PC. This creates a watch-only wallet. You can check your balance and create new receiving addresses, but your keys aren’t on the phone. Hackers can’t steal what isn’t there. When you need to transfer coins, create the raw transaction on your online phone. Transfer the psbt file via QR code or a second USB drive to the offline Tails laptop. Sign the transaction on the offline device. Then send the signed file back to the online device and broadcast it. Your keys remain offline for good. The operating system wipes itself clean on shutdown. You rely on open-source code verified by thousands of developers rather than some proprietary chip from a company that could probably have leaks.
2 Reply Quote Share
matrix365Senior Member
Posts: 184 · Reputation: 1104
#2Jan 27, 2021, 07:55 PM
USB stick is one of things can be used for your wallet backups, and using Tails OS is good too, but remember that USB stick can have technical problems and might be dead anytime so you must have multiple USB sticks for your wallet backups and perhaps other backup methods too. With wallet backups, it's always recommended to do multiple wallet backups. How to Install Tails OS on USB flash drive for Wallet Purpose.
6 Reply Quote Share
yield51Member
Posts: 1 · Reputation: 52
#3Jan 28, 2021, 06:34 AM
Be mindful of version synchronization: Regularly (e.g., every six months) create a new Tails boot drive to ensure that Electrum's version doesn't fall behind the network consensus.
3 Reply Quote Share
benledgerSenior Member
Posts: 359 · Reputation: 1254
#4Jan 30, 2021, 02:00 AM
Why not just get a hardware wallet like Trezor? tens of thousands have been sold and this combined with stamping the seed phrase into metal is a proven strategy? I agree that there is no need to buy a titanium, colour screen wallet, a sub $100 Trezor will suffice. Buying an old laptop and removing the wifi card is way to technical for a lot of people.
3 Reply Quote Share
im_viperFull Member
Posts: 35 · Reputation: 336
#5Jan 31, 2021, 03:16 AM
I wonder what type of a hardware wallet comes with Bluetooth  . Isn't that stupid and unnecessary? Tails OS running on a USB stick isn't for everyone, if you are tech savvy you can do this. I would rather advise newbies to go with hardware wallet. Airgapped hardware wallet exactly. No Bluetooth, No internet connection, fully airgapped. Tails OS thus works but it can be very complicated for many beginners and some of them don't want to go through this process at all. For such people, airgapped hardware wallet is best. You making it sound like all hardware wallet has Bluetooth is misleading, even if the hardware wallet is titanium and cost $200 like you've said, they will never have Bluetooth, you are free to prof this wrong. Also Trezor and few other $60 hardware wallets will get the job done, no need to complicate things.
3 Reply Quote Share
LuckyCoinLegendary
Posts: 832 · Reputation: 4795
#6Jan 31, 2021, 09:21 AM
No, it's not used for wallet backups. You didn't read the OP clearly. The USB is only for launching Tails OS, not for storing your wallet. Your wallet backup is just the metal seed phrase. One of the disadvantages of this method though is that you can't airgap altcoins like this, so if you're holding altcoins, then a Ledger Nano X is basically the industry standard for all the mobile and web3 wallets. Despite all of Ledger's faults.
2 Reply Quote Share
GigaNodeSenior Member
Posts: 211 · Reputation: 1080
#7Feb 2, 2021, 02:52 AM
One of the disadvantages of running a crypto wallet in Tails OS is the complexity, the setup isn't something that many newbies can handle unless they have technical knowledge, forcing on a newbie can come with some mistakes. Other disadvantages are as follow. 1. Slower Performance Tails routes internet connection through Tor right?, it's surely going to be slower compared to a regular OS. 2. Limited Compatibility You can't run Tails OS on all available hardwares without small hiccups here and there, it has limited compatibility with certain software and hardware. Anything else is sleek with Tails OS.
3 Reply Quote Share
wizard_rocketFull Member
Posts: 77 · Reputation: 381
#8Feb 2, 2021, 05:09 AM
OP has already mentioned to stamp the seed phrase on metal plate and the USB sticks are only for booting Tails OS. I consider this as a good technique to stay secure from hackers stealing your keys. Having a backup on a metal plate will make it secure for a long time and Tails OS is perfect for crypto as it gets wiped out in every run. It surely is not a very convenient way to access and make transactions from your wallet but convenience is risky and has a price.
2 Reply Quote Share
def1777Full Member
Posts: 194 · Reputation: 685
#9Feb 2, 2021, 10:57 AM
This is just misinformation. 99.99% of people losing funds are using this advice. It is not easy or safe to handle your own cyber security. Buy a professional hardware that will do that for you. Hardware wallets are safe. Trezor is the best one. Pay $100 and have security for decades. They are cheap and safe.
4 Reply Quote Share
matrix365Senior Member
Posts: 184 · Reputation: 1104
#10Feb 2, 2021, 03:22 PM
There are many hardware wallets from open source to close source. Even open source, hardware wallets are different in quality too, so let's choose best one to buy and use for long term storage. People sometimes try to save money but they don't put safety of their fund as a highest priority that deserves to be assigned a budget for purchasing a hardware wallet to use. They want to save small money, then lose a big fund eventually. [GUIDE] How to buy a Hardware Wallet the right way [LIST] Open Source Hardware Wallets
2 Reply Quote Share
GigaNodeSenior Member
Posts: 211 · Reputation: 1080
#11Feb 3, 2021, 01:26 PM
$60 would even do the magic, the result is all over the internet, as there are cheap hardware wallets that costs less than $100, this is a new year also, many promo sales will occur again this year, so if anyone has a bigger plan in mind to go for the higher end hardware wallet they can wait for those sales to happen again. Many beginners can't do the Tail OS thing themselves, I guess OP have no beginners close to them for once, if not he should be able to figure out that they always have no clue and they easily fumble with everything they touch, Tails OS / Crypto wallet is best for people who are good with tech normally, there is no better recommendation than a hardware wallet.
1 Reply Quote Share
CalmYieldSenior Member
Posts: 268 · Reputation: 1575
#12Feb 3, 2021, 04:42 PM
Passing files through a secondary USB stick in between online and offline devices is not what I would consider OpSec.  Any device you plug that interacted with the external world is a risk.  QR codes are fine.  Better, I would argue. ----- Using Tails OS with a Bitcoin wallet is as simple as booting up the system and searching for Electrum.  I would argue it is in fact much more simple than Windows, Linux et cetera considering it runs live and does not need any setup. I never found Tails to be slower than Windows or Ubuntu.  There definitely is a difference due to it running the connection through Tor but it is unnoticeable.  Moreover, if one is interested in a 'Paranoiac OpSec Setup' then Tor is pretty much a necessity anyway.
4 Reply Quote Share
john.cobraHero Member
Posts: 408 · Reputation: 2145
#13Feb 3, 2021, 08:34 PM
The same one that allows you to store your seed with third parties for $10 a month The OP actually wrote a good post, even though the topic has been covered hundreds of times on the forum. I completely agree that the safest way to store private keys is by creating an air-gapped wallet on a computer, before which we physically remove all hardware that can enable wireless communication. It may sound complicated, but I'm sure you can find a few videos that will guide you step by step. Of course, there are also air-gapped wallets that we can buy, which is an easy way for maximum security that you can achieve today when storing your private keys.
4 Reply Quote Share
Posts: 13 · Reputation: 110
#14Feb 3, 2021, 11:25 PM
lmao the amount of cope in here from hw wallet owners is crazy. U guys shill trezor like its magic. Go read the kraken labs report. Voltage glitching the stm32 chip. Seed extracted in 15 mins flat. Or ledger literally pushing an update to send ur encrypted keys to the cloud. You dont own the hardware, u own a corporate promise. privacyG is the only one making sense about qr codes. Swapping usb sticks between online and offline machines is a joke. Badusb firmware jumps the gap instantly. Optical airgaps fix this. A webcam reading base64 text cannot execute malware. U can literally decode the raw hex manually. Crying about a 5 min boot time for tails is wild. If u need bluetooth 1-click signing so u can trade from the toilet, u deserve to get drained. Convenience kills bags.
0 Reply Quote Share
CalmYieldSenior Member
Posts: 268 · Reputation: 1575
#15Feb 4, 2021, 04:07 AM
People are looking for convenience, not OpSec.  They are wearing Meta Smart Glasses while taking a crap nowadays.  I would say humanity has been on a strong constant regress since around 2015 on pretty much all sides. Tails takes less than 5 minutes from powering the computer on to launching Electrum on some pre 2010 computers that I have.  Considering I keep my Hardware Wallets in a safe place, it takes way more than 15 minutes to boot the system, find the Hardware Wallet, find a data cord, check for system updates, check for Hardware Wallet app updates, check for Hardware Wallet system updates, check for Wallet updates, verifying Signatures of downloaded updates for legitimacy, installing them all and finally being ready to use them. OpSec means making sure I am not exposed to zero-day vulnerabilities for each of the four separate things getting updates, it is a lot more than just launching a Linux device that has not been powered on and updated for 7 months and launching the SPV Electrum Wallet that maliciously asks me to update to a fake version because I am still using a cave man era version exposed to the online world. I would argue they are choosing convenience while the actually most convenient are still the 'inconvenient OpSec' ways.  This includes the convenience of not having a semi heart attack every time a new Ledger or Trezor leak comes around or the terror of finding a fake Ledger letter or even Hardware Wallet in the mailbox of my personal address. But.  To each their own.
2 Reply Quote Share

Related topics