How do I get the HTML for a paper wallet onto an airgapped PC? The very act of putting it onto a usb from my hot pc exposes the firmware. Please explain like I'm a little slow
How do I get the HTML for a paper wallet onto an airgapped PC?
How do I get the HTML for a paper wallet onto an airgapped PC? The very act of putting it onto a usb from my hot pc exposes the firmware. Please explain like I'm a little slow
You could hand write it in, for example. However you might find it easier to save the html file to a CD or SD card, and copy it in from there: the “autorun” security flaw was solved like twenty years ago
Wait, so CDs and SDs aren't vulnerable to firmware changes? Is auditing the fucking code the only way to be sure? Please be patient
While memory sticks could conceivably have firmware, that doesn’t help the attacker because
A. The keys are not known until the html file is opened by the airgapped computers browser
B. But the browser doesn’t open the file until you’ve disconnected the stick
Being airgapped there’s no mechanism that subverted firmware for the stick can learn what the keys will be
CDs have No firmware at all
ah, beautiful. thank you kind sir. I idiotically assumed if they could attack the firmware, they could attack the airgapped PC so effectively as to get it online lmao. Didn't think it through step by step, thats embarrassing.
No problem
Yes if you can; and checking the hash on the airgapped computer matches the hash before the file is copied to the stick
It’s just after 1am here so I’m out. You are asking good questions and being careful, which is more than 99% of anons here can say. Keep it up - you are going to make it.
Although it would still be worth auditing the HTML code, right? Or is that not an attack vector, only reading the key the html produces is
HTML is markup, aka not executable code. It won't produce anything. If you want to be 100% schizoproof, download an open source wallet, transfer it to the airgapped device then run a hash check on it to verify integrity before generating a key. Compare the hash you get to the hash on the repo, if they match, it's safe.
But in theory a hacker could change my paper wallet key generator to only generate keys they already have generated, no?
sure, but that wouldn't be HTML. He would be modifying one of many possible methods in the hash generator sequence, probably in javascript. A man in the middle attack. But we're getting into the weeds here when it is completely unnecessary to solve your problem.
Download the open source repo. Move it to where you want it. Run a hash check on the folder (either SHA-1 or SHA-256, idk if they have "upgraded" or not), compare it to the github repo hash where you downloaded it from. If it matches? The code is untampered.
easy enough, thanks
Bluetooth?
Ho
lee
phuk
dm me
take your meds you fucking retard
There are meds for stupidity? Or are you suggesting hot pcs aren't compromised, kek
no one wants your shitcoins, idiot.
i hold whatever crypto you hold so they're not shitcoins, jerk.
i swing. I don't hold.
you hold fiat
no I don't. I spend fiat. there's no point in saving to fund banks.
so you hold precious metals and real estate? you hold something. blow and rapport with hookers?
I'm holding in a fat turd right now. cope harder, shitcoin hodlr
good one. you're kinda being a jerk tonight, everything alright?
fuck off, you insufferable homosexual. don't try to pull some holier than thou shit.
When was the last time someone hugged you
my wife is hugging me right now and she asked why you're being such a little queer.
You're full of anger, maybe you should work on yourself and spend less time here. You'll be happier. I recommend practicing mindfulness and exercising regularly, for starters.
didn't read. shut up.
yes you did. Seriously though, this level of anger isn't heathy. Do some thinking on that, okay?
didn't read. I don't care.
I care. Mindfulness really helped with my anger issues. Try it out. Sam Harris has a helpful course on it if it's a little daunting
what's you kik, i wanna stay in touch
kys pedo
You have hateful associations with everything kek. I dont actually use kik, whats your facebook
I stand by my assessment.
As do I. You have serious issues, i wish you luck
moron
Google opsec, do some reading
using google breaks opsec, dumbo
I was telling you to do some reading on the subject, sorry, I should use complete sentences with you.
There are 30 chinese teenagers and 4 russians reading our conversation through your network, and they absolutely want my shitcoins
schizo
I don't even understand the question. Obviously you don't transfer keys to an airgapped PC. That defeats the entire purpose. You generate the keys on the airgapped PC and only sign transactions there.
yeah my original question was stupid. I was saying you transfer the paper wallet html to produce the keys someway. I thought even doing that turned it into a hot pc. Luckily starlink wifi adaptor autorun programs aren't out yet
What is a hot PC?
a PC that has been online. Any computer that's been online is 100% compromised if you're a normie with bad opsec like myself
just a reminder if CBDCs do happen, airgapped paper wallets will be the way to transact them.
Here you go man
>>>/po/
wouldn't LULZ be better for teaching me opsec? or do you not know what that is
Papercraft & Origami is the best board if you want to learn how to make a paper wallet. Youtube also works
Folding the paper isn't the hard part
how are you going to insert something when it's airgapped? you're going to need to broadcast from some kind of wireless device directly to the computer, but that wireless device needs to be airgapped as well so you're back in step one. Maybe pic related will help, you could type in the code manually, but with the gloves it'll be difficult
we already solved this complex problem, sir. Hot usb stick is fine as long as you unplug it from airgapped pc before loading html and maybe also audit the html/js to be sure
put it in a faraday bag up ur ass anon
Thanks for spoonfeeding
imagine having no idea what you're doing and then jumping through all of these loops just to save $50 on a hardware wallet.
Its really not hard despite how I managed to make it seem in this thread. Generating your own keys and putting them on paper or metal is the only way to be 100% sure, unless you trust ledger or can audit trezor.
audit trezor code. Both of those are honestly probably fine, but I prefer a physical key.
Because as I understand it, you're essentially just making your own hardware wallet
Hi mega retard here. Why not just use a hardware wallet?
https://github.com/bitkey/bitkey
kill yourself