Ledger – What is the threat model of a Bitcoin HSM / Hardware Wallet?


Which threat model do they protect themselves from and are vulnerable to?

Hardware wallets are security appliances with different hardware and equipment, but the overall concept is largely identical. A trusted device has cryptographic keys, lets you view information on a dedicated screen, and accepts secure input through its own interface (buttons or touchscreen).

Enter image description here

In the Hardware Wallet security model, a user interacts with his untrusted host device to create a transaction that pays an amount to an address. The transaction is then sent to the hardware wallet to compose the transaction, including the cryptographic signatures. The user is expected to review the displayed information (namely the amount) and confirm the transaction on his device. Each transaction must be explicitly acknowledged on the hardware device, and the host can not perform transactions without this permission.

This differs from the traditional software wallet model, where a user interacts with an untrusted host who, upon entering the wallet encryption key, can execute any transaction at any height to any destination.


To what extent do generally accepted practices for using these devices improve the safety of storing Bitcoin?

Many of the security notices for using hardware wallets offer very little additional security or merely the illusion of security rather than actual action.

Enter image description here

A common security practice is to check that the address on your hardware exchange matches the address you wanted to send to the host computer using the companion application. This is completely meaningless since the destination address is provided by the untrusted host. The mismatched address is an indication of absolutely nothing but a fatal software error of the device.


How safe are these devices for storing Bitcoin

The ultimate security of the device relies on the manufacturer's trust, as software flaws can very easily make it possible to completely steal or lose money and insert invisible backdoors. The past has shown that many of the available devices are subject to serious code quality concerns, have poor hardware security design choices, and may otherwise be an insecure choice for the storage of funds.

backdoors

Backdoors in Bitcoin transactions are easy to create and hard to detect, especially if they are sporadic, especially because of some of the capabilities of EDCSA. ECDSA signatures contain a number that is generated from a supposedly random source. However, if this number is designed to contain third-party values, it may deny the secret private key or other information and be valid at the same time. Modern software implementations of ECDSA use (deterministic generation) (5) for the secret nonce value, but this is not verifiable without using the private key for validation.

Code quality

All of today's devices have had serious problems with their open source implementations of ECDSA cryptography, or their implementation has simply been run as a fully closed source to avoid analysis.

  1. The Bitcoin Trezor was originally shipped with an ECDSA implementation based on a Python library that has been transliterated c, This code was strangely slow, revealing a (very large timing sidechannel attack) (6). If you are physically close to the device while signing a transaction, enough information is displayed during execution time to expose private key material. The Trezor otherwise had a significant number of bootloader, timing, power analysis and hardware vulnerabilities.

  2. The Ledger Nano has an amateur hour error in the bootloader that allows a complete bypass of security on at least the main processor processing user input and communication. In most microcontrollers, the layout of the memory has repeating sections and multiple locations where data can be accessed. The bootloader simply did not know this and allowed arbitrary changes to the security-related code.

  3. The CoinKite hardware series uses micro-ecc, a discontinued "ECDSA for Arduino" that contains absolutely no tests and is prone to at least one timing attack.


Using a hardware wallet to store Bitcoin is not a bulletproof choice. These are a series of security compromises that must address and understand the threats and weaknesses of the equipment.

Do Desktop PC Motherboards Need Hardware Token Authentication?

Scenario: I am building a desktop computer. I buy an ASUS XYZ motherboard because it does not work without hardware token authentication – or, even better, the operating state can only be changed by unplugging the connector. The XYZ motherboard comes with two YubiKeys. If I lose this, I can buy additional copies from ASUS after I have issued the bond and passed a DNA test.

I'm joking about the DNA test. Or maybe not. The question is, is there anything like the ASUS XYZ motherboard?

An earlier question initially seemed to be looking for the same information, but their focus on laptops seems to explain the obvious satisfaction with a data-centric software solution (eg, Sophos SafeGuard Easy).

Hardware – Is shutting down a process dangerous for a computer?

It's been a while since this question crossed my mind.

I know that forcing shutdown of an application can become an error factor in certain cases. For example, during a database operation, a sudden application stop may cause the database to become inconsistent.

But what happens in other cases when a process is executed in the terminal (eg the interpreter Python)?

Can this affect the source code? or create a kind of Heisenbug?

Is there a technical explanation for what happens when everything stops abruptly?

This question interests me, because one day a server suddenly went out and someone asked me if it was dangerous for the hardware and software. I do not know what to say.

Forensics – a person based on e.g. on motherboard hardware ID?

Hardware has hardware ID, I'm interested in how hackers do it – even if they're in the internet cafe or somewhere in public Wi-Fi, using TOR or some other form of protection. Assuming the government somehow got their hardware ID, could they trace it back? I think hackers probably use modified hardware or stolen etc. But I'm just curious how it is.

Hardware – How to identify which device is malicious

I am facing a surprising problem: A Windows 10 computer seems to use keyboard and mouse alone on the login screen.

So I advise:

  • This is not a software intervention, as the program should have access to the shell and use commands from programs instead of logging in.

  • It may be a hardware attack. On this computer, a (known and purchased) device is connected via USB.

Here's my question: is there a way to identify the malicious device? And even better, to record what kind of command it's trying to use? (Yes, I am playful.)

– A little more context
I observed this behavior after opening this laptop and leaving it alone for about 10 minutes.
The virtual keyboard was open, and the program seems to be pretty much lost when you click an empty spot that usually has the menu icon.

[GET] CompTIA JK0-801 A + Exam for practicing network and PC hardware

You will get a good 80% in the main exam when you take this CompTIA JK0-801 A + exam to practice network and PC hardware

https://www.udemy.com/course/compti…-hardware-practice-exam-n/?couponCode=JK0-801

Peace and success! :)

6 practice tests
0.0 (0 ratings)
64 students enrolled
Created by INFO IT HUB
Published 9/2019
English

:)

Blockchain – Ask about the functionality of a hardware wallet

I want to roll my own hardware wallet with a USB stick. I have some concerns:

  1. Do I have to download the entire blockchain to create a new wallet?
  2. Do I have to download the entire blockchain to the USB stick and save it to be able to send and receive credit?
  3. Do I need to connect the USB wallet to send money?
  4. Do I need to connect the USB wallet to get money?

,

  • I hope the answer to the first question is "no", as I'm really not out to download and maintain a local copy of the entire blockchain. It's such a waste of space.
  • I hope the answer to the second question is "no". Again, I do not want to spend the time and bandwidth downloading the entire blockchain, and I do not want to have to save it. That's gigabytes that could be spent on something else.
  • I hope the answer to question three is "no" for security reasons. I do not want random transactions on the other side of the world to transfer my money without my consent.
  • I hope the answer to question four is "Yes" for practical reasons. I do not want to pocket my wallet every time somebody sends me money.

I understand that there is the public key to receive and the private key to send. Am I right to think that in principle you only need to protect the private key? If that's the case, do not I have to download the entire blockchain?

android x86 – Touchscreen firmware available, how is hardware enabled?

I have Android x86 8.1 installed and with a few improvements silead_ts.fwI was able to get the touchscreen to work properly, as it was originally faulty. But then I installed another x86 distribution – PrimeOS. Now the touchscreen does not work anymore, even after replacing the correct silead file with lib/firmware,

I tried to run getevent, While 8.1 recognizes the touch screen as a Silead 1680, PrimeOS does not show it at all. I've noticed that the touchscreen on PrimeOS seems to work for some.

Is there a way to enable the touch screen? Or debug the problem?
I use PrimeOS Standard with Linux 4.14.x kernel

Hardware – Fake USB Flash Drive purchased from Aliexpress. Seller says it is not fake. How to make final proofs

I bought a 64GB USB flash drive to check the size I provided as an answer in the following link:

Check the actual size of the USB flash drive

Here's a picture of my terminal executing the commands:

My terminal output (red rectangle)

The f3probe indicates an actual size of 32 GB.

The seller said that this is wrong and uploaded a picture with a counter-proof:

Proof of the seller

Shows the size of 61 GB.

Are these tests reliable?

If so, which one is right?

If my test is the right one, is there enough evidence to win a dispute in Aliexpress? If not, what evidence should I add?