Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Re: Improving Offline Wallets (i.e. cold-storage)
by
Rampion
on 27/03/2013, 23:58:36 UTC
Quote from: kjj on March 27, 2013, 11:56:09 PM
Quote from: meefozio on March 27, 2013, 10:48:05 PM
Quote from: kjj on March 27, 2013, 10:08:30 PM
Heh.  Autorun.

Also, why do you assume that you have total control over what gets written?

Because you load whatever CD-writing software you prefer, then you manually add the transaction file.  The disc must be blank in order to write to it, and unless the malicious code has also compromised your burning software, only what you specify to be written will be written.  And once it's written, the disc is physically unwritable.

Is this not currently the best method to transfer the transaction files thus far?  How about it, etotheipi?

Not just the writer software.  Also the driver, the host interface driver, the driver's firmware, the host interface's firmware, the BIOS, etc.  If we are assuming a clever attacker, we have to assume that one or all of those is owned.  If we aren't assuming a clever attacker, then there are WAY easier ways to move files around.

I still prefer the serial port approach.  If a getty is running on a serial line, then armory won't be able to open it.  And if armory can open it, then the getty can't run.  If armory is the intended use, then the problem will be apparent soon enough.  For extra paranoia, we could make an armory distro with a stripped down inittab.  Hell, add a SE policy to disallow anything but armory from opening /dev/ttyS*

An Armory distro would be great. Super secure and easy to use.