pull down to refresh
157 sats \ 9 replies \ @justin_shocknet 10h \ on: Cake Wallet's Free 'Cupcake' App Transforms Old Smartphones Into Hardware Wallet bitcoin
LOL, isn't Cake supposed to be a privacy wallet?
An Apple thin-client as a HWW... what will these Monerotards come up with next...
Do you think there is any way a phone could safely be used as a hardware signer?
For example:
- if it's running graphene or something
- if it has the radios disabled
- if you keep it in a place where there is no radio signal (ie cabin in the woods)
- if it doesn't do anything else
Or is a phone always insecure? In which case, can a laptop be that much better?
reply
I'm not aware of any secure phone hardware, the lack of opensource hardware is a problem more generally... keep in mind I also think all HWW's to date are larp and only useful in a multi-vendor/multi-sig setup because they all rely on closed source chips.
"Klepto" is one such example of why disabling radios means nothing because signatures themselves are a potential exfil vector. There are surely others we don't know about.
The asterisk to this is the scope of your threat model. Bitcoin may have liberated us from financial institutions and most nation-states, but not super-powers who's security zones shape supply chains.
Personally I'm not too worried about the NSA opening Pandora's box to steal my 300k sats.
reply
Well, that's exactly what I'm thinking. I don't need a hardware signer that keeps three letter agencies from taking my bitcoin -- they can take much more than that if they want -- I'm just interested in keeping some sats secure from your average thief...and a big part of that is not getting included in a data breach of people who have paid hundreds of dollars for a device that is specifically made for securing large amounts of bitcoin.
reply
Yep, and our shared outlook on that would put all HWW vendors out of business if everyone was as lucid. They sell largely on virtue signal and naivete.
If we exclude the NSA et-al from our threat model then running Bitcoin on a clean Linux or BSD install within a militarized network zone wins simply on the commodity footprint.
HWW's add risk to that by removing the benefit of obscurity, and additional software to use them creates vectors beyond what might already exist in operating systems and Bitcoin itself.
Using phones as commodity hardware per Cupcake:
eliminating shipping and supply-chain risks
Yes, I like this and its better than a purpose-built HWW (ignoring the inherent supply chain risk since its commoditized)
a mobile application
Not good, this adds footprint, particularly in an iOS setting where afaik you're not able to actually verify what you're running.
Also phones are not durable and easily misplaced, which highlights that it's solving the wrong problem that is the root of most lost coin: People putting seeds in stupid places either in terms of backup or recovery.
There's good solutions and simple solutions, phone signers feel like the worst of both.
reply
There's good solutions and simple solutions, phone signers feel like the worst of both.
Nice summary. It is too bad though because phones have a power source, a processor, memory and a camera or nfc, so they have all the tools you might need to be a hardware signer. It's just a bummer they are so owned by the google and apple.
reply
What, are you too cool for a Huawei phone? ;)
google and apple
Again this is fine if we're not concerned with the NSA stealing our coin, but privacy larps that use Cake/Monero would shit a kitten to know they're broadcasting telemetry that is not protected by Pandora's box.