0 sats \ 11 replies \ @Michelson_Morley 8 Sep 2023 \ on: What if your threat model does include a nation state ? tech
What is the threat? (asking honestly, I don't understand anything about this, you're talking about north korea being a threat to bitcoin? what are they gonna do, buy so many computers they can take over the currency—thereby destroying its value and making everyone move on to another currency?)
Stealing of bitcoin holdings.
Via any number of methods , ultimately resulting in a keystroke logger or something being planted.
Hardware wallets mitigate the risk to some extent.
reply
Most folks advise to never type your seed phrase anywhere, so that should significantly reduce the impact of keyloggers, no?
reply
I’m guessing most folks record it somewhere on their hard drive ?
For example , the post the other day with a GPG encrypted copy of the pass phrase. They entered the alphanumeric password at some point and had the pass phrase (seed phrase I guess ?) in a plain text file.
What are the best practices these days ? Anyone to follow / read for good security guides (for crypto specifically ).
Mostly this is an academic thought exercise , a “curated gentle troll” meant to get the community thinking and ideating.
As someone who’s taken many security precautions (including an air gapped offline root CA and GPG primary private key , using multiple yubikeys (one for daily use , one for more sensitive things , one for airgap ) , I take security quite seriously.
I’m always interested to discover new resources
reply
Quite simply I think keeping the seed offline forever is what people do. Physical backups, seed plates, etc. as soon as you put it on a computer, the attack vector increases exponentially. Other folks can weigh in though, I’m just one person
reply
deleted by author
reply
Consider me flattered and honored!
reply
deleted by author
reply
🫡
deleted by author
reply
I know your being somewhat sarcastic.
My money is on the entire FAANG etc having their Thales based root CA keys compromised . I’ve been less than impressed with security measures taken around key material and/or network security in general.
Once you start really understanding the full capabilities and vulnerabilities of these commercial CA appliances , you realize how massive the attack surface is.
My current stack is Nitro key HSM with XCA on an air gapped laptop. Keep it all in a decent safe with cameras and alarm system.
reply
deleted by author
reply