You are viewing a single comment's thread from:
RE: Tomshwom's Advanced Crypto Security Guide (Part 3) - Creating a Secure Wallet
Any offline OS will suffice, but they need to be run natively, not in a VM on an online host. I like Tails for the amnesic aspect, which helps guarantee that no malware is present on the system. It is also documented well and has a lot of tools in place that make it a nice option for crypto.
Alright. Another question concerning the guide: You worte to always physically disconnect the internet, e.g. by turning off the router. Wouldn't it be more easy to completely disable the network deamon of Tails? On quora I read " If you really get paranoid go into /etc/init.d subdirectories and disable start of the internet daemon xinitd to assure that nothing can ever connect to you." I couldn't find this daemon on Tails, tough. Do you have any idea?
Physical disconnection is a partial move towards total black-box conditions, like inside a Faraday cage where no electrical emissions are leaking out. Ideally, this is how you'd want to generate/access private keys if you're doing so electronically.
Disabling the device drivers themselves on something like Linux is a valid solution for keeping info from leaking off of that system, but on a phone or other less open-source systems you can potentially still be connected even when wifi is turned off.
Additionally, you don't really want Alexa listening while you recite your mnemonic phrase aloud while verifying it, or your smart phone to be pointed at the screen/keyboard while sensitive info is being used. We surround ourselves with top-quality surveillance equipment, and the privacy-minded person will take all the steps (even ones that can be argued to be excessive) to protect themselves & their most valuable information.