/biz/ - Business & Finance

File: 93 KB, 296x297, 1530039956464.png [View same] [iqdb] [saucenao] [google]

Anonymous Tue Jan 14 14:46:04 2020 No.16851465 [Reply] [Original]

Anyone use an encrypted VM inside of their host machine to access their cryptos and hardware wallets? Thinking of doing this on a Windows 10 machine and use truecrypt to hold the VM container for max security. Look to see if anyone else has a set up like this.

>>	Anonymous Tue Jan 14 14:47:01 2020 No.16851484 1) AIRGAPPED LAPTOP 2) PAPER WALLETS 3) FULL NODE FOR VALIDATION encrypted vm ... don't make me laugh

>>	Anonymous Tue Jan 14 14:47:27 2020 No.16851492 >>16851484 D:

>>	Anonymous Tue Jan 14 15:12:59 2020 No.16851793 what

>>	Anonymous Tue Jan 14 16:06:21 2020 No.16852432 >>16851465 hardware wallets are secure enough. smartcards isolate the private key from the computer altogether.

>>	Anonymous Tue Jan 14 16:07:23 2020 No.16852455 >>16852432 just use a ledger, I know their CSO and the guy actually knows his stuff

>>	Anonymous Tue Jan 14 16:09:48 2020 No.16852478 >>16851465 Wont help you if your host system gets pwned and attacker can keylog you typing the password and shit

>>	Anonymous Tue Jan 14 16:10:18 2020 No.16852483 >>16852455 how safe is using my trezor?

>>	Anonymous Tue Jan 14 16:11:43 2020 No.16852503 >>16852483 safer than the VM idea The VM thing is safe if you do it on an airgapped machine though

>>	Anonymous Tue Jan 14 16:11:45 2020 No.16852505 >>16852455 >The ledger hardware cryptocurrency wallet is a confirmed scam.

Anonymous Tue Jan 14 16:18:42 2020 No.16852586
File: 205 KB, 1433x2025, ENw2uNZW4AAH8nT.jpg [View same] [iqdb] [saucenao] [google]

>>16852483
"pretty" safe against most threat actors *right now*, I'm not aware of any vuln being exploited in the wild but it is an inherently inferior architecture simply because the chips they use are pretty cheap stuff with none of that fancy built-in cryptography and counter-measures that "secure chips" (like Ledger's - which are basically used in the wild for a ton of other high security appliances in the military). If you look at the Ledger's specs and look up the components you will get a better idea of how "bad" the gap is. tl;dr Trezor is okay (and VM certainly aint overkill in that context) but Ledger is better (no need for a VM - private keys are very isolated from the software, chip with ton of builtin cryptography available makes for easier wallet support too)

Anonymous Tue Jan 14 16:21:06 2020 No.16852616

>>16852586
addendum: you want to balance between opsec protocols and usability. when you have an overkill (but safe) process you tend to develop "security fatigue" over time and become negligent. => use a safe and reasonable opsec protocol (where threat is state actor though) that you can repeat over time without becoming complacent about it.

Advanced search
Text to find
Subject [?]Search by post subject. Leave empty for any.
Username [?]Search for user name. Leave empty for any user name.
Tripcode [?]Search for tripcode. Leave empty for any.
Email [?]Search by email. Leave empty for any.
Filename [?]Search by image filename. Leave empty for any.
From Date [?]Enter what date to start searching from. Format is YYYY-MM-DD
To Date [?]Enter what date to start searching until. Format is YYYY-MM-DD
Image hash
Search in	All Posts OPs Only
Deleted posts	Show all posts Show only deleted posts Only show non-deleted posts
Internal posts	Show all posts Show only internal posts Show only archived posts
Order	New posts first Old posts first
Capcode	All Posts Only by Users Only by Mods Only by Admins Only by Developers
Results	Posts Threads
Action	[ Simple ]