It has come to our attention that there exists bios level malware that can run before your regular operating system starts. This malware does not require onsite, manual installation on a computer in order to infect it, and can be delivered to a victim through an infected usb stick or through the internet, among other ways. This malware operates at the bios system level which is the first software to run when a computer is switched on. Once installed, this program, known as a rootkit or bootkit, can theorectically give total remote control of your computer to an attacker via the internet and can be immune to full operating system reformats and even regular software flashes of the bios chip. This kind of malware is often employed in ransomware attacks which cripple computer systems. Even if the network cards are physically removed; in the context of bitcoin storage, keystroke and other data such as seeds may conceivably be stored on some other form of non volatile memory on your computer (such as a connected if not mounted hard drive, or hardware firmware, or the bios chip itself). This data can then later be delivered to a hacker through your regular operating system's internet connection.
It is unknown the full capabilities or limitations of these malware as they relate to the Linux usb operating systems used in our bitcoin storage methods. However, it is suffice to say that any type of malware existing in our methods is unacceptable. Even though our usb drives are completely formatted before and after each and every use and there is never an internet connection used during the data creation, there may be unknown vulnerabilities. Even though all important data is fully encrypted in two different formats and your regular hard drive is never mounted during the creation stages, there may be unknown vulnerabilities.
For these reasons, anyone who is seriously looking to store and transact with any significant amount bitcoins needs to invest in an additional laptop which will be used as a dedicated offline computer only for bitcoin purposes. Every single time, before the computer is switched on, users will need to open the computer up and disconnect the battery and then all the RAM cards, to reset the system before reinserting them. This computer will also physically have all its network, bluetooth and sound cards, as well as its microphone and connected hard drive removed. Do not use the computer if any of the network cards or bluetooth devices cannot be physically removed from the computer. Any connected mouse or keyboard used with the computer needs to be newly purchased to prevent compromised firmware from affecting the operating system. Furthermore, any and all bitcoin transactions done on this computer will be via the offline signing method through QR codes using an external webcam; and any external device insertion (such as a usb stick) must be strictly monitored. Taking these extra measures and using the Linux usb operating system methods here will dramatically increase the security of your bitcoin data. It cannot be understated the added security obtained by using this offline computer in this way. It is the difference between night and day and as such, is now considered an essential part of the bitgoldwallet storage methods.
Additionally, anyone with significant amounts of bitcoins is advised to use as their offline computer a simple laptop that can run the unregistered version of Windows 7 but which ideally cannot run Windows 10. It needs to be a computer that was released in the year 2012 or before. Go overseas and buy one in person if this is what you need to do to acquire one. A simple computer is less likely to have sophisticated hardware and/or software preinstalled discretely which can secretely transmit your data to a third party. On top of this; if you can afford it, it is recommended that you invest in, and use a double layered Faraday tent whenever you are using your dedicated offline laptop computer. The computer should only be ever turned on while it is being used inside at least 1 layer of the sealed tent, and the laptop battery should be physically removed whenever the laptop is not switched on.
The most secure process and storage method will always take into account all possible, albeit unlikely, attack vectors. For this reason, it is essential whenever using the computer to assume that all the information seen on your computer screen is visible to a hacker via a Van Eck phreaking attack or via sophisticated surveillance/hidden camera equipment. Therefore, avoid showing seeds and private keys and passwords on the computer screen at all times. If you are saving the seed words onto a text document for example, then you can save it in tiny size 3 font and then highlight the characters completely in yellow font and yellow highlight so the words cannot be seen. If you are about to enter seed words into the electrum program or another location, scroll the electrum program left or right of the screen so that the text you type (or copy and paste into) is not visible on the computer screen. Lastly, whenever you type sensitve data into the keyboard you should hide yourself and your laptop under a piece of fabric, if you are not already operating within a tent.