I’m super happy that Techlore invited me on their YouTube channel to talk security and privacy 😀
Henry was mostly interested in my work with BusKill (an open-source dead man switch), but our conversation ran a gamut of issues regarding security and privacy — including
- How to mitigate State-sponsored interdiction attacks,
- minimizing attack surfaces of mobile phones with broadband processors,
- the threats of AI “identity verification” systems on privacy,
- and much more
You can watch the full video below
Can’t see video above? Watch it on PeerTube at tehlore.tv or on YouTube at youtu.be/cptk6aBbJpU
If you’d like to purchase a BusKill cable, click here.
Related Posts
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
Wow the living without a Phone part was interesting. I was not aware that in the UK phones with phone plans that are not linked to a real Identity would prevent you from opening a bank account. Makes me wonder if in the US this will change cause I have prepaid no contract phone for my bank and that works currently.
I think this will get better once WebAuthn Secure Payment Confirmation has more widespread adoption by browsers, and banks have better support for hardware security tokens to satisfy the PSD2’s dynamic linking requirement for transcation confirmations.
Could you put together an offline wallet guide for long term Monero storage that sidesteps hardware wallets. Specifically addressing the Tailored Access Threat Model for those concerned and supply chain attack vectors?
Given your background in cryptocurrency security, I’d appreciate your perspective on whether a passphrase offset alone provides sufficient protection, or if a multisig arrangement in addition would be advisable or needed. I feel though that multisig if not set up properly adds too much complexion for backups and if not done right equals gothas ya feel.
While I’m not referring to post quantum defenses (which neither Monero nor Bitcoin currently implement), I do believe Monero already offers stronger intrinsic security then Bitcoin.
I’m also not a huge fan of hardware wallets. For Monero cold-storage, I think the best thing is to use TAILS to create a new wallet in feather. Record the seedphrase, restore height, and view-only key in a new keepass file. Use a password >= 20 characters in length for the keepass file. Store the (encrypted) keepass file in at least 3 geographically dispersed locations.
You can keep the view-only feather wallet on your daily driver, but only ever restore the spend-key wallet inside TAILS. And only ever decrypt the keepass file (with your monero wallet seed phrase) inside TAILS.