What is the likely hood that OS's are corrupted even on a clean install.
Eg consider the air gapped computer. You sign a transaction onto a usb.
Unknown to you the os was waiting, and deposits privkeys/waller/paswords (key logged) on to the usb in an obfuscated way even perhaps piecemeal over 100 transactions.
The OS you plug the usb into for the client is waiting for a catch points and then sends this data up.
All your coins taken / disappear, even though you had an air gapped Laptop.
even for linux, who is watching every line in ubuntu to see some code does not do this?
what is the solution to this?
the only sure fire way I can think of is you would photograph a qr code that held the signed transaction then this photo could be uploaded onto the client.
as things stand I'm not sure that airgaped but using usb to transfer, are really safe.
Eg consider the air gapped computer. You sign a transaction onto a usb.
Unknown to you the os was waiting, and deposits privkeys/waller/paswords (key logged) on to the usb in an obfuscated way even perhaps piecemeal over 100 transactions.
The OS you plug the usb into for the client is waiting for a catch points and then sends this data up.
All your coins taken / disappear, even though you had an air gapped Laptop.
even for linux, who is watching every line in ubuntu to see some code does not do this?
what is the solution to this?
the only sure fire way I can think of is you would photograph a qr code that held the signed transaction then this photo could be uploaded onto the client.
as things stand I'm not sure that airgaped but using usb to transfer, are really safe.
Of course, if the OS cannot be trusted, then the photo method won't work anyhow.
How can you be sure that when the bitcoin address was generated, the OS didn't supply a false "random" private key? Perhaps the OS uses a hidden algorithm to provide private keys that appear to be random, but which are actually predictable?