JWWeatherman / yeticold

https://yeticold.com
Other
67 stars 24 forks source link

Videos To Do #108

Open Rspigler opened 3 years ago

Rspigler commented 3 years ago

For details: https://docs.google.com/document/d/1SVGSjn2RHRKv3Cw_dY_Nw4DQ8nA2KHAb9krmwJGF5dE/edit

For all levels:

Windows Verify:

Mac Verify:

Level 1:

Level 2:

Level 3:

Possible Change?

diggitydman commented 3 years ago

For details: https://docs.google.com/document/d/1SVGSjn2RHRKv3Cw_dY_Nw4DQ8nA2KHAb9krmwJGF5dE/edit

For all levels:

* [ ]  Creating the bootable USB for Macs too.

incomplete - Waiting for MAC from Robert.

* [ ]  Recovery of Wallets (Separate Video for each Level)

incomplete - Am I also demonstrating how to receive & send or just sending?

* [ ]  Clarify connecting to wifi is fine

complete - also demonstrated how to fix "No Wi-Fi Adapter Found" when wifi hardware driver is not installed

* [ ]  Clarify that instructions are started on original laptop and followed all the way through

complete

* [ ]  Yes, it takes a 'long time' to verify the chain, but the implications are huge

complete

* [ ]  Clarify entropy purpose

complete

* [ ]  Add a clip at the end of each video explaining they can get support in Slack, how to join, but that they should be slow to follow any advice given so that if they get bad instructions other folks have a chance to correct the error, since anyone can join the slack.  Mention JW, Will, and Robert are official members and our handles.

complete

Level 1:

* [ ]  Add clip at end, clarifying that any single 1 CD will recover your funds. That means you can lose any 4, but also if anyone else comes into contact with a CD and tries to steal your funds, they can.  Then mention the benefits of Level 2 (multisig).

incomplete

Level 2:

* [ ]  Add a clip showing depositing money and erasing the laptop.  Explain why the laptop is erased (to get rid of the single point of attack - all privkeys are created on one (secure) device, and then wiped before distributed).  Explain benefit of Level 3 - will add a second laptop to further increase security (the private keys will be airgapped).

incomplete - Waiting on Level 2 guide to add the erase.txt step and file in the documents folder like Level 3 has. Also waiting on issues with level 3 erase.txt to be resolved.

* [ ]  Again, add clip at the end where the 7 CDs are showed, and explain the situation.  (That as long as you have access to 3 of these, you control the bitcoin.  That means you can lose up to 4 of the CD's, and distribute control of the seeds.  If someone steals up to 2 of them, you are still safe).

incomplete

* [ ]  Mention the places we recommend storing them (lawyer, safety deposit box, accountant, parent, etc) and that at least 3 should be stored in another city in case of a flood or earthquake etc.

incomplete

Level 3:

* [ ]  Change desktop background on primary and secondary laptops to further differentiate

complete

* [ ]  Demonstrate autocomplete on seed check

incomplete

* [ ]  Explain how important seed check is, why it is worth going through the time

incomplete

* [ ]  Mention the places we recommend storing them (lawyer, safety deposit box, accountant, parent, etc) and that at least 3 should be stored in another city in case of a flood or earthquake etc.

incomplete

* [ ]  Explain benefit of upcoming Level 4 (multi-device multi-sig, so no possible single point of failure, and no need to wipe device after generation of seeds).

incomplete - I don't fully understand what's going on with Level 4, so I need a lesson before I try and explain it to others.

Possible Change?

* [ ]  For Level 2 and 3:  We incorrectly state that each CD should have 7 copies on it, rather than 1.  So you did as well, even though you correctly demonstrated that each CD should only have 1 unique seed on it.  Is this something that can be/should be corrected? @JWWeatherman

incomplete (red text has been fixed)

Rspigler commented 3 years ago

Awesome work!

Waiting for MAC from Robert.

Working on this.

Am I also demonstrating how to receive & send or just sending?

Good question. There's work ongoing for a nice guide on receiving/sending, but I think having it in the video is great as well. I'd prefer to have 2 videos per Level instead of 3. So how I see it, the videos should be Level X Recovery and Level X Setup (what you've currently donw, w/ Receiving/Sending at the end).

also demonstrated how to fix "No Wi-Fi Adapter Found" when wifi hardware driver is not installed

Great! What was the fix you proposed?

Waiting on Level 2 guide to add the erase.txt step and file in the documents folder like Level 3 has. Also waiting on issues with level 3 erase.txt to be resolved.

:thumbsup:

I don't fully understand what's going on with Level 4, so I need a lesson before I try and explain it to others.

Let's discuss on Slack

diggitydman commented 3 years ago

For all levels:

* [ ]  Creating the bootable USB for Macs too.

* [ ]  Recovery of Wallets (Separate Video for each Level)

* [x]  Clarify connecting to wifi is fine

* [x]  Clarify that instructions are started on original laptop and followed all the way through

* [x]  Yes, it takes a 'long time' to verify the chain, but the implications are huge

* [x]  Clarify entropy purpose

* [x]  Add a clip at the end of each video explaining they can get support in Slack, how to join, but that they should be slow to follow any advice given so that if they get bad instructions other folks have a chance to correct the error, since anyone can join the slack.  Mention JW, Will, and Robert are official members and our handles.

Level 1:

* [x]  Add clip at end, clarifying that any single 1 CD will recover your funds. That means you can lose any 4, but also if anyone else comes into contact with a CD and tries to steal your funds, they can.  Then mention the benefits of Level 2 (multisig).

Level 2:

* [ ]  Add a clip showing depositing money and erasing the laptop.  Explain why the laptop is erased (to get rid of the single point of attack - all privkeys are created on one (secure) device, and then wiped before distributed).

* [x]  Explain benefit of Level 3 - will add a second laptop to further increase security (the private keys will be airgapped).

* [x]  Again, add clip at the end where the 7 CDs are showed, and explain the situation.  (That as long as you have access to 3 of these, you control the bitcoin.  That means you can lose up to 4 of the CD's, and distribute control of the seeds.  If someone steals up to 2 of them, you are still safe).

* [x]  Mention the places we recommend storing them (lawyer, safety deposit box, accountant, parent, etc) and that at least 3 should be stored in another city in case of a flood or earthquake etc.

Level 3:

* [x]  Change desktop background on primary and secondary laptops to further differentiate

* [x]  Demonstrate autocomplete on seed check

* [x]  Explain how important seed check is, why it is worth going through the time

* [x]  Mention the places we recommend storing them (lawyer, safety deposit box, accountant, parent, etc) and that at least 3 should be stored in another city in case of a flood or earthquake etc.

* [x]  Explain benefit of upcoming Level 4 (multi-device multi-sig, so no possible single point of failure, and no need to wipe device after generation of seeds).

Possible Change?

* [x]  For Level 2 and 3:  We incorrectly state that each CD should have 7 copies on it, rather than 1.  So you did as well, even though you correctly demonstrated that each CD should only have 1 unique seed on it.  Is this something that can be/should be corrected? @JWWeatherman
diggitydman commented 3 years ago

Two commands for the Wifi adapter driver install: To find out what model WiFi adapter: sudo lshw -C network To download driver: sudo apt-get install rtl8821ce-dkms

diggitydman commented 3 years ago

So for all levels deposit, send, and wipe?

And then separate video for recovery?

JWWeatherman commented 3 years ago

All levels now step the user through the whole processes including wiping the laptop at the end. So if you just make sure you cover the entire set of steps this should be solid. We walk the user through setup, send/recieve, test each set of seeds (for L2 and L3), and wipe the laptop at the end.

JWWeatherman commented 3 years ago

Would also be awesome if we have a time stamp for each step so we can link to that in the code, but only if we can do that with less than about 1 hour or so per video.

Rspigler commented 3 years ago

Great work!

To download driver: sudo apt-get install rtl8821ce-dkms

Isn't that dependant on the network card?

Add a clip showing depositing money and erasing the laptop. Explain why the laptop is erased (to get rid of the single point of attack - all privkeys are created on one (secure) device, and then wiped before distributed).

^This should be on Level 3 as well, I'm adding it now.

@diggitydman IMO, you should have a setup video, and a recover video for Level 2 and Level 3. The setup video should have the bootable USB steps, the installing Ubuntu, setting up the wallet, testing the keys, depositing funds, and wiping the device (I believe you've done everything but deposit money and erase the laptop). Then the recover video should show how to recover the wallet (re-install Ubuntu, follow through yeti steps to download Core, recovery wallet, see funds there).

Rspigler commented 3 years ago

Include instructions to verify Ubuntu download in each video? Perhaps a separate video for verifying the Ubuntu download, with a popup on each video at the appropriate time, linking to it?

  1. Start with your main laptop (windows/mac)
  2. Download your (GUI implementation) of GPG (gp4win; GPGSuite for Mac)
  3. Verify it by just checking sha256sum (on first download)
  4. Install GPG
  5. Check GPG signature of download post-install
  6. Download Linux you want to download (Ubuntu)
  7. Verify

Confirm the posted shasum of recommended gpg4win and GPGSuite downloads, as well as the fingerprint of the key used to sign, by including it in the video.

Users can then verify this against what they see on their screen.

This would defend against most attack vectors

diggitydman commented 3 years ago

To download driver: sudo apt-get install rtl8821ce-dkms

Isn't that dependant on the network card?

Entering command sudo lshw -C network told me the model number of the network card, but not sure if sudo apt-get install MODEL#-dkms would work on a different model. Can always cut this out, but figured I would show it.

Add a clip showing depositing money and erasing the laptop. Explain why the laptop is erased (to get rid of the single point of attack - all privkeys are created on one (secure) device, and then wiped before distributed).

^This should be on Level 3 as well, I'm adding it now

Going to do this for Level 1 as well.

@diggitydman IMO, you should have a setup video, and a recover video for Level 2 and Level 3. The setup video should have the bootable USB steps, the installing Ubuntu, setting up the wallet, testing the keys, depositing funds, and wiping the device (I believe you've done everything but deposit money and erase the laptop). Then the recover video should show how to recover the wallet (re-install Ubuntu, follow through yeti steps to download Core, recovery wallet, see funds there).

Roger that

Include instructions to verify Ubuntu download in each video? Perhaps a separate video for verifying the Ubuntu download, with a popup on each video at the appropriate time, linking to it?

@JWWeatherman will have to weight-in on this

Rspigler commented 3 years ago

not sure if sudo apt-get install MODEL#-dkms would work on a different model.

I think it's great to keep, as long as you explained.

Going to do this for Level 1 as well.

I believe we intend Level 1 to be a persistent wallet? @JWWeatherman

JWWeatherman commented 3 years ago

I think we can show the user how to erase the hard drive for level 1, same as the others. We can maybe just mention it’s optional in cases when you need to send often.

We shouldn’t mention the WiFi card driver installation. For 99% of the drivers Ubuntu will have a driver pre installed. But we can put this in a troubleshooting guide.

Sent from ProtonMail Mobile

On Thu, Jan 21, 2021 at 9:31 PM, Robert Spigler notifications@github.com wrote:

not sure if sudo apt-get install MODEL#-dkms would work on a different model.

I think it's great to keep, as long as you explained.

Going to do this for Level 1 as well.

I believe we intend Level 1 to be a persistent wallet? @JWWeatherman

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or unsubscribe.

Rspigler commented 3 years ago

@diggitydman You get that?:

@JWWeatherman Can you comment on the Ubuntu verification here: https://github.com/JWWeatherman/yeticold/issues/108#issuecomment-764985892

diggitydman commented 3 years ago

Got it. Wifi card driver has been edited out.

* [x]  Get rid of the WiFi card driver installation
diggitydman commented 3 years ago

Not sure if you have gotten a chance to look at this yet @JWWeatherman, but I'm posting @Rspigler comments here and will start working on them.

Yeti Level 3 Bitcoin Wallet Setup Guide Edit Rough Draft https://youtu.be/JT6v6nzrM8A

@Rspigler Comments: 19:22. Instead of saying "Insert one of your blank CD's" Can you say, "Insert your CD labelled Seed 1".

20:20 Can you add this in: "For example, I am now going to Insert the CD labeled Seed 2, and copy the file labelled Seed 2 over to it. Then insert the CD labelled Seed 3, and copy the file labelled Seed 3 over, etc for all 7 Cd's."

20:45 Can you add this in: "So insert any of the remaining 7 CD's labelled 'Descriptor' CD's".

21:06 You say: "We are going to repeat that process for 6 more CD's". Can you instead say: "We are going to repeat that process, copying the same Descriptor.txt file onto 6 more CD's labelled 'Descriptor' before moving on to your Primary Laptop. Ensure that you have seven idential descriptor.txt files on all seven CD's labelled "Descriptor" before moving on".

22:59 Can you scroll through these pages to show what they look like and explain how to use them?

25:53 You used to have an explanation on the red/green color I believe? I like your explanation on the tabbing, but can you put the explanation back in also about how an error will make the 'check seed' red, and green means the seed is correct?

At the very end, you say Level 4 eliminates the need to delete the devices. That's my fault. That was originally one of my goals, but for privacy reasons, we will still be deleting the devices (so that storing with people can be explained like storing a Will - it can't be explained if you are storing a computer with them).

Rspigler commented 3 years ago

Seriously high quality work man, thanks!

Checking this off the list:

Add a clip showing depositing money and erasing the laptop. Explain why the laptop is erased (to get rid of the single point of attack - all privkeys are created on one (secure) device, and then wiped before distributed).

I think we should have a popup during the Ubuntu download section, to open a new video on how to verify the Ubuntu install for MacOS or Windows (two separate videos). Since it's already so long. And that way it can be inserted into any Yeti Level. I can help with the process if you need, also posted here (https://github.com/JWWeatherman/yeticold/issues/108#issuecomment-764985892).

diggitydman commented 3 years ago

UPDATED VIDEO: https://youtu.be/LzApCufNCZs

19:22. Instead of saying "Insert one of your blank CD's" Can you say, "Insert your CD labelled Seed 1".

Step 4 says to label the burned disc seed 1, which I just noticed I skipped. It wouldn't make sense to say "Insert your CD labelled Seed 1" when we haven't labeled anything yet with the current step flow. I will add the labeling step and that should clear things up.

complete

20:20 Can you add this in: "For example, I am now going to Insert the CD labeled Seed 2, and copy the file labelled Seed 2 over to it. Then insert the CD labelled Seed 3, and copy the file labelled Seed 3 over, etc for all 7 Cd's."

Same issue where it doesn't make sense with current step flow. I can say "For example, I am now going to insert another blank CD, copy the file labeled Seed 2 over to it, and then label it Seed 2. Then I will insert another blank CD, copy the file labeled Seed 3 over to it, and then label it Seed 3, etc for all 7 Cd's."

complete

20:45 Can you add this in: "So insert any of the remaining 7 CD's labelled 'Descriptor' CD's".

Same issue with the step flow. Again, I skipped step 4 and will add.

complete

21:06 You say: "We are going to repeat that process for 6 more CD's". Can you instead say: "We are going to repeat that process, copying the same Descriptor.txt file onto 6 more CD's labelled 'Descriptor' before moving on to your Primary Laptop. Ensure that you have seven identical descriptor.txt files on all seven CD's labelled "Descriptor" before moving on".

complete

22:59 Can you scroll through these pages to show what they look like and explain how to use them?

complete

25:53 You used to have an explanation on the red/green color I believe? I like your explanation on the tabbing, but can you put the explanation back in also about how an error will make the 'check seed' red, and green means the seed is correct?

complete

At the very end, you say Level 4 eliminates the need to delete the devices. That's my fault. That was originally one of my goals, but for privacy reasons, we will still be deleting the devices (so that storing with people can be explained like storing a Will - it can't be explained if you are storing a computer with them). So instead can you say something like this will make Yeti multi device as well as multi signature.

complete

I think we should have a popup during the Ubuntu download section, to open a new video on how to verify the Ubuntu install for MacOS or Windows (two separate videos). Since it's already so long. And that way it can be inserted into any Yeti Level. I can help with the process if you need, also posted here (#108 (comment)).

incomplete - I'm going to get all the levels done with the bootable MAC Ubuntu section before doing this since we will be using a pop-up link.

Rspigler commented 3 years ago

Step 4 says to label the burned disc seed 1, which I just noticed I skipped. It wouldn't make sense to say "Insert your CD labelled Seed 1" when we haven't labeled anything yet with the current step flow.

I don't understand what you mean by this. Can you put a timestamp? Step 4 is 'Download Yeti to to the Primary Laptop'

At 0:45, you walk through the user how to label all the CD's and everything they need to start the process.

diggitydman commented 3 years ago

Step 4 says to label the burned disc seed 1, which I just noticed I skipped. It wouldn't make sense to say "Insert your CD labelled Seed 1" when we haven't labeled anything yet with the current step flow.

I don't understand what you mean by this. Can you put a timestamp? Step 4 is 'Download Yeti to to the Primary Laptop'

At 0:45, you walk through the user how to label all the CD's and everything they need to start the process.

I should have said Step 10, point 4 at 20:12 on the updated video. https://youtu.be/LzApCufNCZs

You are right in the beginning we tell them to label them. The labeling step is then repeated in Step 10, point 4. and Step 11, point 4. This is what confused me. I think Step 10 & 11 need to be updated for it to make sense. The same goes for Level 1 & 2.

Rspigler commented 3 years ago

I am going to ping JW and Will on the changes necessary on step 10 and 11, and then you should be able to finish up those changes.

Rspigler commented 3 years ago

Moved everything to OP since they were getting spread out

Rspigler commented 3 years ago

Good find!

diggitydman commented 3 years ago

@Rspigler @JWWeatherman Updated Rough Drafts

Yeti Level 1 Wallet Setup Guide Rough Draft https://youtu.be/4CwYD2DctpA

Yeti Level 2 Wallet Setup Guide Rough Draft https://youtu.be/xZH5k32TZjg

Yeti Level 3 Wallet Setup Guide Rough Draft https://youtu.be/QUh1BqtiiYU

diggitydman commented 3 years ago

How To Verify Your Ubuntu Desktop Download On Windows 10 https://youtu.be/mDkDudHblh0

Rspigler commented 3 years ago

Great work!

Added to OP

Rspigler commented 3 years ago

Verify Ubuntu on Windows Creating the bootable USB for Macs too.

Done; updated.

Rspigler commented 3 years ago

Remaining Step 10/11 changes

Beautifully done

Rspigler commented 3 years ago

Recovery of Wallets (Separate Video for each Level)

The setup covers testing recovery now

diggitydman commented 3 years ago

https://youtu.be/WpYlF3OMX40

Indicate that User folder will be different for each user (6:55) Warn about lower/upper case ~Didn't mention this Fix delete/erase key (8:22) Make sure users double check fingerprints, read out Long Key ID (last 4 groupings) (8.57)

Rspigler commented 3 years ago

10:07 - you want to reconfirm that the (good) signature here has the same Long Key ID that you checked at 9:10 (you don't have to read it out again, just scan it and make sure that the user knows to check this as well). This should be done by verifying the output in the terminal of gpg --verify with the output above in the terminal (gpg --list-keys --with-fingerprint) 10:07 - address the Warning here "there is no indication that the signature belongs to the owner".
By checking the fingerprint, you have confirmed that the signature does belong to Ubuntu.

diggitydman commented 3 years ago

How To Verify Your Ubuntu Desktop Download On Windows 10 https://youtu.be/lPwffvomz9I

9:02 - Read full fingerprint out loud 10:50 - Double checking fingerprint and reading warning

How To Verify Your Ubuntu Desktop Download On macOS https://youtu.be/4oFVdcgIz2A

Rspigler commented 3 years ago

Really great work! Best videos out there on Ubuntu verification/installation, without a doubt. @JWWeatherman should do some PR with them.

I think we're all done! :smiley: Can you also now combine them into a single Level 3 video with timestamps?

Rspigler commented 3 years ago

All done, until we get Level 4, QR codes, taproot.... :sweat_smile:

diggitydman commented 3 years ago

I'm waiting to get @JWWeatherman decision on if we include them in the single level 3 video or not, as he may be able to work Ubuntu verification into the Yeti process somehow, but once we have a final draft I will definitely take care of the timestamps.

JWWeatherman commented 3 years ago

Let's go ahead and ship the new video without Ubuntu verification. I think we can add a step later to verify the Ubuntu signatures inside the Yeit script. If Ubuntu is already malware infested this can be compromised, but anything we can move from the windows/mac device to the ubuntu device we can automate and it is probably a wash from a security standpoint. I'll open an issue to add this feature in a future release now.

Rspigler commented 3 years ago

Commented here https://github.com/JWWeatherman/yeticold/issues/150

I'm cool with this. @diggitydman can you post links here when complete? I think you should still keep the verification videos (but separately) as it is great content and definitely still useful

diggitydman commented 3 years ago

https://www.youtube.com/watch?v=xCwSeYLrUb8 Published with timestamps in the description. @JWWeatherman told me he doesn't want to publish the verification vids yet. Waiting to hear from @willweatherman about if Level 1 and 2 erase step changes are still in the works (I don't know what he meant by this) before I publish.