Is Qubes OS compatilable with Ledger Nano S/Trezor/Keepkey?

Maksymilian Skica

unread,

Jan 14, 2017, 3:18:12 PM1/14/17

to qubes...@googlegroups.com

Hi,

Does anyone actually make Qubes OS working with some bitcoin hardware
wallet? I want to buy one now and my first requirement is that it will
work with Qubes.

--
Maks
PGP = 0xE23489A3
9223 3C31 D90E F4D7 F614 C215 628D 448E E234 89A3

signature.asc

Marek Marczykowski-Górecki

unread,

Jan 14, 2017, 8:39:50 PM1/14/17

to Maksymilian Skica, qubes...@googlegroups.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Sat, Jan 14, 2017 at 09:17:32PM +0100, Maksymilian Skica wrote:
> Hi,
>
> Does anyone actually make Qubes OS working with some bitcoin hardware
> wallet? I want to buy one now and my first requirement is that it will
> work with Qubes.

Yes, it should work using qvm-usb. At least Trezor do work.

- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJYetLfAAoJENuP0xzK19csHIMH/ihx8tx2LUGlVgvUSptwa52h
Oor7Y/zeaDbeZzDsFCXwca2XVtfhm+idkqehmk6VamYeVRAeVg9iBYGlLWG4sC8M
hBsIiz4ZOWBqWokBSRFO72PZDqbwkz6E2cCuWXFanRkPrWfTNFGruf3OjYN52fCC
gCLpLWgsAMVEQH4OunrQJSDkBgcIfEobtDwFqxckdGVen/pos+C0sI0DBO8WVQiK
y3rw7MRp5X0brRycbVJ531TRsFVK+nZCcFdO4x/aSQDaXIQlm+RfxR6VQQzIjC+c
qP3vxy1IbNOGQYPmhQTVIU0BHysT6cJBt58GdUEiLz3u7RYCjMuQvjXPYnfE+P8=
=8Z0H
-----END PGP SIGNATURE-----

Franz

unread,

Jan 16, 2017, 12:37:21 AM1/16/17

to Marek Marczykowski-Górecki, Maksymilian Skica, qubes...@googlegroups.com

On Sat, Jan 14, 2017 at 10:39 PM, Marek Marczykowski-Górecki <marm...@invisiblethingslab.com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Sat, Jan 14, 2017 at 09:17:32PM +0100, Maksymilian Skica wrote:
> Hi,
>
> Does anyone actually make Qubes OS working with some bitcoin hardware
> wallet? I want to buy one now and my first requirement is that it will
> work with Qubes.

Yes, it should work using qvm-usb. At least Trezor do work.

Also assigning to a Trezor-VM the USB controller of a USB expresscard dedicated to Trezor, it works perfectly.

Best

Fran

- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJYetLfAAoJENuP0xzK19csHIMH/ihx8tx2LUGlVgvUSptwa52h
Oor7Y/zeaDbeZzDsFCXwca2XVtfhm+idkqehmk6VamYeVRAeVg9iBYGlLWG4sC8M
hBsIiz4ZOWBqWokBSRFO72PZDqbwkz6E2cCuWXFanRkPrWfTNFGruf3OjYN52fCC
gCLpLWgsAMVEQH4OunrQJSDkBgcIfEobtDwFqxckdGVen/pos+C0sI0DBO8WVQiK
y3rw7MRp5X0brRycbVJ531TRsFVK+nZCcFdO4x/aSQDaXIQlm+RfxR6VQQzIjC+c
qP3vxy1IbNOGQYPmhQTVIU0BHysT6cJBt58GdUEiLz3u7RYCjMuQvjXPYnfE+P8=
=8Z0H
-----END PGP SIGNATURE-----

--
You received this message because you are subscribed to the Google Groups "qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscribe@googlegroups.com.
To post to this group, send email to qubes...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170115013942.GB3974%40mail-itl.

For more options, visit https://groups.google.com/d/optout.

Tai...@gmx.com

unread,

Jan 16, 2017, 2:08:35 AM1/16/17

to Franz, Marek Marczykowski-Górecki, Maksymilian Skica, qubes...@googlegroups.com

>> email to qubes-users...@googlegroups.com.

>> To post to this group, send email to qubes...@googlegroups.com.
>> To view this discussion on the web visit https://groups.google.com/d/
>> msgid/qubes-users/20170115013942.GB3974%40mail-itl.
>> For more options, visit https://groups.google.com/d/optout.
>>

Am I the only one who thinks it is a horrible idea to use a closed
source hardware device designed by a bunch of kids and probably made in
china to manage lots of money?

Hardware crypto sucks because it can't be verified without a team of
PhD's and millions of dollars in equipment.

Franz

unread,

Jan 16, 2017, 7:45:37 AM1/16/17

to Tai...@gmx.com, Marek Marczykowski-Górecki, Maksymilian Skica, qubes...@googlegroups.com

email to qubes-users+unsubscribe@googlegroups.com.

To post to this group, send email to qubes...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/
msgid/qubes-users/20170115013942.GB3974%40mail-itl.
For more options, visit https://groups.google.com/d/optout.

Am I the only one who thinks it is a horrible idea to use a closed source hardware device designed by a bunch of kids and probably made in china to manage lots of money?

Hardware crypto sucks because it can't be verified without a team of PhD's and millions of dollars in equipment.

Well, every way has its own problems. We have seen that even using a cold VM with Qubes may fail because of a Xen bug, so the most reasonable with money is to share the risk among different and independent routes, so if one fails you'll not loose everything. So Trezor may well be one of them.

That said, isn't this https://github.com/trezor/ some indication that we may trust Trezor a little bit?

Best

Fran

Tai...@gmx.com

unread,

Jan 16, 2017, 4:39:10 PM1/16/17

to Franz, Marek Marczykowski-Górecki, Maksymilian Skica, qubes...@googlegroups.com

>>>> email to qubes-users...@googlegroups.com.

>>>> To post to this group, send email to qubes...@googlegroups.com.
>>>> To view this discussion on the web visit https://groups.google.com/d/
>>>> msgid/qubes-users/20170115013942.GB3974%40mail-itl.
>>>> For more options, visit https://groups.google.com/d/optout.
>>>>
>>>> Am I the only one who thinks it is a horrible idea to use a closed
>> source hardware device designed by a bunch of kids and probably made in
>> china to manage lots of money?
>>
>> Hardware crypto sucks because it can't be verified without a team of PhD's
>> and millions of dollars in equipment.
>>
> Well, every way has its own problems. We have seen that even using a cold
> VM with Qubes may fail because of a Xen bug, so the most reasonable with
> money is to share the risk among different and independent routes, so if
> one fails you'll not loose everything. So Trezor may well be one of them.
>
> That said, isn't this https://github.com/trezor/ some indication that we
> may trust Trezor a little bit?
> Best
> Fran
>

That repo doesn't have the source for the device, nor the
compilation/flashing instructions (tivo'ized!) and the firmware and
hardware isn't open source either.

It also needs a web-app and a browser plugin on chrome of all things to
properly function.
It hasn't been audited by an outside firm for security and it uses the
insecure USB bus which can easily be fucked around with.

If you have that much money in bitcoin maybe you should simply buy and
carry around a novena or an old coreboot compatible small laptop, you
could have them talk to eachother via rs-232 serial which is very safe
much safer than black box crypto.

Marek Marczykowski-Górecki

unread,

Jan 16, 2017, 5:38:22 PM1/16/17

to Tai...@gmx.com, Franz, Maksymilian Skica, qubes...@googlegroups.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I think you've missed the second repo on this page:
https://github.com/trezor/trezor-mcu
and here:
http://doc.satoshilabs.com/trezor-tech/hardware.html

Just out of curiosity - I've compiled it (very simple instructions) and
the resulted binary have exactly the same hash as the binary firmware
downloadable from their website.

> It also needs a web-app and a browser plugin on chrome of all things to
> properly function.

Or a simple python tool (https://github.com/trezor/python-trezor). Or
electrum wallet (also open source). And probably many more have support
for it.

> It hasn't been audited by an outside firm for security

I don't know any, but as none of your other asserts are true, I will assume
the same here.

> and it uses the
> insecure USB bus which can easily be fucked around with.

Yes, USB is quite complex, especially on the host side. On the device
side there is also some complexity, but much less. Especially when you
implement only serial-like link (disguised as HID device).
Actually in case of Trezor, I'd be more concerned about adding too much
functionality (gpg, ssh-agent, u2f and more...).

> If you have that much money in bitcoin maybe you should simply buy and carry
> around a novena or an old coreboot compatible small laptop, you could have
> them talk to eachother via rs-232 serial which is very safe much safer than
> black box crypto.

Of course you can do whatever you like. Some consider hardware wallets
secure enough, some do not. But lets use facts when taking such
decision.

- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJYfUtWAAoJENuP0xzK19cs7EsH/1iEeEppkVsRJRV1Q2Hs54BP
S2ed5UKM+Vj1sug7FFAG42q8kWhIljB9AguueObVuew0qf63QqGidB0xzO9urRYi
Oye6N9w3grNZ10MEJc3gsDpm7sZwNJEIh9ZL/xrd/OiYY0CFbTelhQ0yawSVwoO7
BEIw02Ui3cIFV82da4vv9vxFGcSb4f0UcQEROUuo2CXSu8uHZh408W6L3v+YhmKI
prTYBGLQjBfjrJVAdnmqycaCAFS2/diSAcesTnEz4kIeYcJHhPE13r9Q/ntyvY9j
9Zuc9/qA24Z3h3L16YHd4Z8bHoNj//8q4u+w51udZiyHe5tb/GpK8g957fd16NA=
=0WJy
-----END PGP SIGNATURE-----

Tai...@gmx.com

unread,

Jan 16, 2017, 9:41:14 PM1/16/17

to Marek Marczykowski-Górecki, Franz, Maksymilian Skica, qubes...@googlegroups.com

Ahh my mistake, I didn't see the MCU repo and I had spent 5mins on their
website without finding anything more than marketing speak so I assumed
that was the case.

Reply all

Reply to author

Forward