Bitcoin Forum

I have been warning people about hardware wallets for years. Bitcoin is the most personal store of value. Don't break it by using untrusted third party soft/hardware:

https://krebsonsecurity.com/wp-content/uploads/2018/03/ledgerattack.pdf

Worth mentioning, that the guy who found this exploit is 15 ys young.

I'm amazed  :o
And I was about to buy one hardware wallet, but now, I will definitely not buy.

So what ways of keeping bitcoins safe do you recommend then? Many people consider hardware wallets as something that is not possible to breach because they were told so. In both Ledger and TREZOR there were discovered vulnerabilities which allowed potential attacker to extract the seed. I haven't heard of any issues with KeepKey. I was thinking of using an air-gapped computer for storing large amount of BTC and a hardware wallet in case I needed to travel and have some bitcoin with me just in case. Have you ever used any hardware wallet?

The only alternative I can think of would be paper wallets but, these are not suitable for spending on a regular basis. Hardware wallets are still a great choice IMO and since they are not vulnerable for remote attacks, they still have some credibility. Ledger nano statement on this when they released their latest firmware update:


The reason why no one found security issues on KeepKey is probably due to the small userbase they have compared to Trezor and Ledger nano S.

These kind of hardware wallets will grow stronger with time.
A indestructible and safe wallet is a very hard thing to accomplish.

This is a problem, and was already fixed by a firmware update.

I think it's also worth mentioning that this vulnerability, although scary, occurs only if the the attacker has physical access before setup of the seed.

It's nothing you need to really worry about if you buy directly from Ledger.
And if you care at least a minimum about security, you would never buy a Ledger Wallet from third party re-sellers.

TLDR: ledger hardwallet is still pretty safe, much safer than any hot wallet. Unless you have an airgapped PC, hardwallet is still a good choice.

Not 100% true, from what he said it was vulnerable to the "Evil Maid attack"
https://saleemrashid.com/2018/03/20/breaking-ledger-security-model/ (https://saleemrashid.com/2018/03/20/breaking-ledger-security-model/)


Which took them close to 4 months to put out and still is not properly alerting & forcing users to update.

Assuming you can trust everyone who handled the package from when it left their shipping dock till when it wound up in your mailbox.


THAT I agree with. And pretty safe is good for most people. But it's still not REALLY REALLY REALLY safe.

Just because you are paranoid does not mean that there are not people out to get you.....

-Dave

I think it is good to reduce the attack vectors to a minimum.
Bitcoin Core for example is a software that I trust. It is open source and some of the best developers (that I trust) are revisiting the code. So if you use an encrypted Bitcoin Core wallet with a very strong password for your cold storage, you should feel a lot safer, than with any hardware solution.

Of course, the fact that we have to use closed source computers to run Bitcoin Core, makes it impossible to be 100% safe esp. against state actors.

Well, this evil maid attack is even less risky. How would a hacker access my hardwallet, inside my house?
If he can get inside your house , well, he can force you to give your btc to him even on an airgapped PC using Bitcoin core, he doesn't even need to be a hacker, he just needs a weapon.

When you buy a ledger nano they come securely closed, and if the seal was violated you should discard it, as ledger recommendation. You don't need to trust anyone who handles the package..


If the user is the problem (like using infected pendrives, using violated hardwallets), any method is unsafe

Any other wallet on desktop or smartphone is exposed to the risk of keyloggers, Trojans... Hardwallets are not. Unless you have an airgapped PC , they are the best option. Even Bitcoin core on a daily use computer is not as safe.

But this discussion is pretty worthless.. it's a selected Paranoia. Hardwallets are safe enough. Ledger nano is also open source.

Also worth mentioning, he says a hardware wallet is still the safest practice unless you're top 1% of infosec experts.

Source: https://twitter.com/aantonop/status/976633545136443392

That's why it's called the evil maid, we can call it dishonest butler, sneaky plumber, corrupt cable tech.
Whatever. WE are human, we make mistakes, you left it siting next to your PC for whatever reason instead of putting it away. Under 3 minutes and a netbook. That's all they need.

They actually did not

https://i.imgur.com/yvsppSsl.jpg

And I think that set me off more then anything. They badmouthed other places for saying that their taper tape was worthless, while putting out a product that a 15 year old (yes a very smart one) cracked by himself.

Beyond this, I am dropping out of this thread. I doubt either one of us is going to change the others mind.

-Dave

What is the source for the 4 months? As far as i know this has been fixed pretty fast..




You don't have to trust anyone. You can verify everything yourself (hardware + firmware).
The ledger team has published a guide: https://support.ledgerwallet.com/hc/en-us/articles/115005321449-How-to-verify-the-security-integrity-of-my-Nano-S- (https://support.ledgerwallet.com/hc/en-us/articles/115005321449-How-to-verify-the-security-integrity-of-my-Nano-S-)




You don't have to use a closed source OS. You have decided for yourself to use closed source software.
Everyone is free to use the software he wants. There are a lot of open source linux distributions available on the internet.

Just because there are vulnerabilities found does not mean that they are inherently insecure. Do you say the same things about software wallets too (many of which have had vulnerabilities found and patched, just like with these hardware wallets)? Do you say the same thing about the general purpose computer you use which you don't even know how it works? Every piece of software and many pieces of hardware will have some vulnerability found in them; given enough time, it's almost inevitable.

That's slightly misleading. This 15 year old has dedicated a lot of time into working on hardware wallets, particularly in their firmware. He's been involved in numerous other vulnerability discoveries in the past with Trezors (and possibly Ledgers). The kid is very smart, probably smarter than you when it comes to hardware wallets. He's not just some random 15 year old who found this; he actually dedicated a lot of time into learning about how hardware wallets work and has been working with them for years.

I don't think you understand what an evil maid attack is. It is, by definition, a physical access attack. You need to have physical access to the device in order to perform any of the known vulnerabilities (which have since been patched). An evil maid attack means literally that someone (like a maid) enters your room physically and does something malicious to a device (hence an evil maid).

Vulnerabilities take time to fix and release. They can't just publish that there is a vulnerability or details about the vulnerability before a fix is available. It probably took them 4 months to figure out a solution. Also, Ledger can't force users to update, and there has been plenty of alerting (which, by the way, also cannot be forced).

There's a hardware and software attestation (https://support.ledgerwallet.com/hc/en-us/articles/115005321449-How-to-verify-the-security-integrity-of-my-Nano-S-) process that you can go through to ensure that your Ledger has not been tampered with.

https://saleemrashid.com/2018/03/20/breaking-ledger-security-model/
Scroll down to "Disclosure timeline"

Yes, I think hardware wallets are indeed inherently insecure, just like any SPV wallet. I also call every cryptocurrency exchange inherently insecure even though it might not have been hacked until now.

I don't know how you come to the conclusion, that I don't know how a computer works, but anyway ... just the knowledge about how it works, might still not be enough to trust it 100%, but I guess we have not much of choice until we see open source chip production. One good example is the latest Intel issue and I am sure there will be more to follow. Btw I have addressed this one already a few postings before in this topic:





I didn't say 'closed source OS' but 'closed source computers'. No problem. Misreading can happen.

I think that hardware wallets happen to be very much so in the spotlight right now. Let's not forget that there was also an Electrum vulnerability found and patched recently. I believe that part of this has to do with how long hardware wallets have existed compared to their software counterparts, and how much time people have spent researching them.

Personally, I trust hardware wallets more than software wallets still. I'm not sure they're inherently insecure, but I don't believe they're perfect either. I think as far as security versus convenience, they rank pretty high up there on my list.

I was amazed by this news, I thought that hardware wallets are top secure for saving our bitcoins, Indeed, I thought to buy one in the future, but after reading this PDF. I will keep my bitcoin in some web wallets as I don't have too much, in the same time, I will search for the secure wallet from now on.

Web wallets are much worse. Just use Bitcoin Core, or other similar software. Web wallets have many more attack vectors than local software.

Yeah, this is the problem with posts like this, spreading fud and misinformation about hardwallets......  that wasn't any critical bug, as the attacker need physical access..... But New comers may not understand that clearly enough and think web wallets are safer...

Yes, and that was irresponsible marketing. Most security-minded people know better than to blindly trust software/hardware just because it hasn't been broken yet. I believe exploits will continue to emerge when it comes to hardware wallets. Accordingly, users should tread with caution.

As for what I recommend -- traditional cold storage for most coins:


How about an air-gapped PC? Or an encrypted wallet on thumb drive? One of the points here is that nobody should be storing all (or most) of their coins in the same wallet they regularly spend from.

I still think hardware wallets are fine for day-to-day spending. But I would treat them like a hot wallet and be on the lookout for social engineering tactics.

It's worth noting that paper wallets have also been seen to have defects, and those have been corrected, and modern paper wallets are more secure than early ones were.

This.  With the proviso that this means a dedicated machine which is never connected to a network, and has hardware capable of non-contact connections (such as wifi and bluetooth) physically removed.  I state this explicitly, for I’ve observed that many people mistakenly believe that rebooting their network machines with a live CD/USB makes for an “airgap”.

Part of the advantage of an airgap machine is that the hardware can be purchased anonymously.  For ordinary individuals, buying an inexpensive laptop (sufficient for Bitcoin, PGP, etc.) off the shelf for cash is the only practical means I know for precluding any chance of a targeted supply-chain attack.  Wherefore this part of the Ledger vulnerability disclosure blog post (https://saleemrashid.com/2018/03/20/breaking-ledger-security-model/) caught my attention (boldface is in the original):


Well, that was always my biggest problem with hardware wallets!  How do I get one?

A company garners my distrust when it not only fails to adequately address this question, but gives its customers advice so irresponsible as to verge on negligence (archive.is link corrected to https):


Do they claim their hardware to be unhackable!?

The first rule of computer security is physical security.  If an attacker comes into physical possession of your hardware, then you must thence permanently consider that hardware to be compromised.

My understanding of tamper-resistant hardware wallets was always that they would resist extraction of keymat already stored on the device—backward-looking protection of data at rest.  Not that they would guarantee forward safety of the device after it had been in possession of an adversary.

An airgap PC with properly⁰ encrypted disks will also protect your coins against thieves who steal the device—but with the difficulty that this only moves the key management problem from one place to another:  How do you secure your disk encryption keys?  Tamper-resistant hardware could be quite helpful here; I’ve had some relevant thoughts, but of course, that would require obtaining uncompromised tamper-resistant hardware.

(Of course, an airgap PC which has been stolen and recovered must be treated as permanently compromised.)

---

0. Don’t get me started.

More or less they were claiming that it's unhackable, and that's my only issue with them.
https://www.ledger.fr/2015/03/27/how-to-protect-hardware-wallets-against-tampering/ (https://www.ledger.fr/2015/03/27/how-to-protect-hardware-wallets-against-tampering/)


This claim was proven false now.

Nevertheless in my opinion I still think a hardware wallet is more secure than any other wallets when used safely.
Just that hardware wallets do have security issues does not make any other type of wallet which have MORE security issues suddenly better.

My ranking of wallets in terms of security would be the following

• Hardware wallets
  If you don't take them outside of your home and attacker don't get physical access they are pretty safe -> with physical access as proven now it might not be safe
• Paper wallets
  If they are kept hidden in a secret place -> but with physical access by an attacker -> no security at all.
  If people carry them around I consider them worse than any mobile wallets (they do at least have a pin to secure the wallet).
• Airgapped PCs
  Pretty safe as long as an attacker don't get pyhsical access. I consider them worse than a hardware wallet because a PC/MAC/whatever even if not connected to the big world has a much bigger attack vector than a hardware wallet if getting pyhsical access.
• Any local hot wallets on PC/MAC
  With spyware or other malicious software these wallets can be easily compromised. No physical access necessary
• Any mobile wallets
  The security of such wallets is usually quite bad. Usually very short pin-codes are used to secure the wallet. As it's easy to lose them an attacker can get physical access to it.
• Online wallets where you control the private keys
• Online wallets where you don't control the private keys

Did I miss any type of wallet?

Beside of my listed ranking anyone can (and should) improve the security by combining several methods above and use multi signature addresses. In this case it is not possible to steal funds if just one of the methods is compromised.

Would be interested if someone has a different ranking than me.

You indeed did forget the most important and still the most secure: Bitcoin Core and all the other open source software where you download the entire blockchain and where you can encrypt the wallet.

Just a few additions:

Paper Wallets can be encrypted, which makes it more secure than cash, but still is open to a regular robbing with weapon use (Tell the password or die), but the main problem I think is that it can be destroyed very easy.

An encrypted wallet.dat fie can be renamed into Michael_Jackson-Earthsong.mp3 and you carry it around (or send it around). Place another unchanged and unencrypted wallet.dat file with a low amount for plausible deniabiity. There are other plausible deniability solutions like hidden partitions etc. Multiple backups make a file pretty much undestroyable.

I do not consider Core in a any way "most secure" in comparison with paper wallet or hardware wallets.Let's say user have Core on his PC,first he/she need to download 100+ GB of data and then encrypt wallet with strong password.If this user does not take care about online security(no or bad antivirus/firewall/antimalware...) it is very easy target for hackers(RAT,keylogger,malware,ransomware...).Also regular robbing will work in this case also,a gun pointing to your head will force you to decrypt your Core wallet or to give your paper wallet.

I think we can still consider hardware wallets pretty secure if they are ordered directly from the manufacturer what is possible with Ledger&Trezor.For now it is not known that someone has lost coins with hardware wallets(and that this is caused by security flaws in them),but there are countless examples of losing coins with almost all other methods of keeping coins.

In my opinion, there is nothing that is 100%  perfect in nature. As the time goes by, developments take place and this is how it leads to a better economy. So if there is a vulnerability in the hardware wallet, it will get rectified in the future developments. It is obviously not 100% secure but then it is way better than any other wallets. We can consider it as a best secure device to hold our cryptocurrencies.

Ledger Nano S has a feature to protect you against a regular robbing (like tell your private key or die).
It's called Alternative Pin or Hidden Account.

How to set up and/ or recover a hidden passphrase and alternate PIN on your Ledger Nano S?  (https://support.ledgerwallet.com/hc/en-us/articles/360000783134-How-to-set-up-and-or-recover-a-hidden-passphrase-and-alternate-PIN-on-your-Ledger-Nano-S-)


It works like this: You you will have 2 PIN. So if someone gets inside your house and say "give me your bitcoin or die" you can unlock just the basic wallet with your PIN. The other one is totally hidden, only unlockable with the second PIN.

This is a feature which not many users know... But pretty useful.

I consider the Bitcoin Core Client is a normal hot wallet. In terms of security it is not better or worse than any other hot wallet without the full blockchain. Of course there are clients which have better security than other. but from security perspective I throw all hot wallets into the same pot.

To have a full node instead of using a SPV client is indeed better but both wallets store the private keys in a similar way so they are the same for me in this regard.

You are right that paper wallets can be encrypted, but as you also say with force from an attacker none of the available wallets/key-stores would safe your coins.

The best security is when no one knows that you own any bitcoins. And you also don't have any traces on your PC/phone which might let anyone think you have some bitcoins (like installed bitcoin clients). This could be achieved in parts with an encrypted OS running inside a virtual machine which runs the bitcoin client.

The question is always, how paranoid you wanna be to secure the bitcoins. This also depends on how much you have to secure.

Your idea to encrypt and rename the wallet.dat (security by obscurity) might only work as long as you don't need it. If you want to create a transaction from this wallet.dat you need to encrypt it and load it with the bitcoin client. And when your PC is infected with malicious software it will not help you.

an other problem with hardware wallets is that it could be possible that user feel safe. and because of that they forget to be careful while handling with their coins. in short: hw wallets could lead to a false security.

Honestly, the same could be said of almost ANY wallet... hardware, software, online...

Just because there aren't any KNOWN vulnerabilities in any given wallet... doesn't mean that their aren't ANY vulnerabilities in any given wallet. I'm also a little unsure about the claim that an attacker can extract private keys/seed from a hacked device.

Looking at the the specifics of Saleem's detailed explanation and Ledger's write up... it would seem that a "supply chain" attacker can essentially set the device to output a specific "known" seed... rather than using a random one. That's not really "extracting" seeds/private keys... as the attacker already knows what the seed is.

Saleem claims in his write up:
However, I don't actually see any "proof" of the viability of this attack... the report write up was completely focused on how he managed to trick the Secure Element into accepting his modified MCU firmware by being able to reconstruct the image of the legit firmware by taking parts from multiple sources in the device.

Was it simply because you could theoretically load a keylogger that logged all the key presses from you entering your PIN and BIP39 passphrase and possibly the seed that was displayed on the screen? ???


In any case, Ledger are claiming that an update to 1.4.1 prevents this attack vector as it removes the ability to load and spoof custom MCU firmware... I guess the usual disclaimers that NOTHING is 100% secure apply! ;)

Ledger nano is safe.

I also agree that it is not safe to use hardware wallets. Several methods of protection are needed, combined protection against new threats that hackers from all over the world come up with.

In the end it comes down to ease of use and convenience and also flexibility. You do not want to install Bitcoin Core on every

computer, wherever you go. It is quite handy to have a secure hardware wallet in your pocket, when you move around a lot.

I can quickly pop in my hardware wallet at a friends house {non-bitcoiner} and have access to my coins to do a transaction

or to show him/her how it works. It is more secure than online wallets and more convenient than paper wallets.  ;)

This kid was briliant  :o

Pretty impressive for a 15 year old kid to find an exploit like this.

Then he's an innocent babe and wrong, or a liar.

On second thought maybe he's qualified his statements some kind of way, but that's really beside the point.

What happens if you buy "A Ledger" on eBay is that you get something that might look like a Ledger, and it might act like a Ledger, but it might actually be something very different.

There was a con recently on eBay concerning Trezor IIRC which involved "last minute instructions" included with the package shipped to the gullible mark. Several people lost their funds on that.

All Digital assets are unsecure in some way or another. Blockchain can't be hacked but cryptocurrency can be stolen from wallets, exchange etc. If you have large asset then don't store all of it in one medium like wallet, exchange etc.

Nothing is perfect. With the recent Ledger vulnerability the devs response and transparency was good. The security might not be perfect, but it will improve overtime.

That's too extreme. In most cases, use Bitkey https://bitkey.io/.

It would take someone familiar with Linux to use it, but all the information needed on how to make a bootable USB, use, and configure it are available online. There is no excuse for a newbie Bitcoiner not to learn.

As much as I hate McAfee, you can't argue with what he said: As long as there is technology in our daily lives, there will be hackers there, waiting on the sidelines, to break inside it. [Paraphrase]

As long as companies like Ledger and Trezor work quickly to patch any security vulnerabilities, we should be fine.

???

I'm not objecting just confused: Is it about firmware, BIOS, fucking NVIDIA device drivers or what? We have Linux and Free BSD, don't we? Is it impossible to have Core's wallet running on top of a clean installed Linux?

I'm seriously interested in your term 'closed source computer', actually it is my main research topic for the last couple of years, I'm just wondering how deep is your interpretation of this concept and whether you have developed any idea as an alternative?

 

There's more to a computer than just the OS. A lot of firmware such as processor microcode are closed source. So it doesn't matter whether the OS you use is open source; if the firmware for your hardware and the hardware itself is closed source, then you are at risk of that closed source being malicious or containing something that can be exploited. One example of this is the Intel Management Engine which could allow someone to remotely access and control your computer and there's no way to disable it because it is baked into the hardware and firmware, both of which are also closed source.

I never trusted hardware wallets, from my research, airgapped old laptops runnig some linux distro are the best way for cold storage. You must learn how to bring raw transactions from your airgapped computer into an online node, I haven't learned how to do this yet, I will eventually get into it. Unfortunately Core has no improved support for this like Armory does, so you must need to craft the transaction manually, presigned, then move this hash into the node to broadcast it... use a QR code or something so you can avoid USB surface attack.

You can't also leave the computer non fully encrypted. Encrypt the entire drive ideally. I haven't looked into this yet. I tested with Veracrypt before, I did it wrong and I bricked 3 HDDS on my 3 attempts, now they are useless, so beware with that. Do some testing first. I think Linux has no FDE support with Veracrypt, so you must use LUKS which is more complicated, haven't learned yet. Im not sure if dm-crypt is safe enough nowadays.

Hardware wallets might be not a best choice for cold storage, but they are still a good choice if you want to access your bitcoins on many different computers which might be compromised. I used to encrypt my Electrum seed using VeraCrypt but I was too scared of keyloggers and other malware. Right now I don't have to worry about it since my TREZOR has a touchscreen to input everything on the device. It is still possible that this model might get hacked anytime soon, time will show us.

Bitkey, https://bitkey.io/, has. Go to the site, click "usage" then click "coldstorage-offline". Very advisable for long term holders who have millions stored in Bitcoin.


I believe it would be less trouble to partition /home and encrypt that in case you need to reinstall.

I know about Intel's ME, but I was just asking OP whether he is mentioning it or what?

As of Intel's ME, there are solutions to  neutralize or disable it (https://puri.sm/posts/deep-dive-into-intel-me-disablement/) people even suggest not to use Intel processors made since 2008 and AMDs since 2013.

But I think it is not just about foolish architectures like this and even a system built around an 'innocent' 80386 cpu is susceptible not because of its bios or any other hardware potential backdoor but for a more inherent characteristic of our contemporary technological paradigm that allows machines to be dominated by attackers without disclosure.

By 'attackers' I don't just refer to crackers or state agents I am mentioning the owners, legitimate owners as well!
Imagine some black hat cracker who goes to the market buys a laptop, installs some evil software on it, plugs it to the internet and participates maliciously in some public protocol, trying to take advantage of its security holes while it is pretending to be a fair player, it is a hijacked laptop in my terminology!

Our current state in computing technology, gives unlimited access to the owner (and the army of crackers, hardware manufacturers, state organisations, ...) to install whatever s/he wants without disclosure.

This way people have access to 'things' that can be 'anything' and pretend to be 'something' else! This is totally a mess which security experts, cryptographers, ... are trying to cover it up, both desperately and inefficiently.

And here I am thinking that using a ledger ware is the best safe place to store my bitcoin as sometimes I travel a lot. I have been meaning to buy one since it's easily portable but seeing that article, I am quite confused.
I am always skeptical of storing my bitcoin in my laptops cause most times, I change laptops alot and I fear selling my used laptop to to stranger might leave a trace of my wallet.dat.  So is there any portable means of storing bitcoin that is not paper wallet?

I wasn't too comfortable with the hardware being "out of my control" during shipping etc., so I used other hardware wallet solution - simple, cheap/free and extremely safe:

Everyone has old unused laptops laying around. I took two laptops. On both I formatted hard drives and did clean reinstall of the system. 1 of these laptops will never be connected online, network adapters are disabled. On the other laptop, go straight to download section of electrum wallet. Download wallet and verify the authenticity. Take clean USB stick, format it and put downloaded electrum wallet there. Take the usb stick and insert it into the first laptop (the one without internet connection). Create wallet. This laptop will NEVER go online. If you are totally paranoid you can destroy the USB stick :)

The laptop with the internet active is used for Electrum - watch only wallet. This type of wallet has no access to your private keys, yet you can see your balances and iniciate transactions (these have to be confirmed via confirm file, created on the laptop with the original wallet).

This process should be reasonably safe.

I have also met with an opinion that you should use a computer which has never been connected to the Internet. I have no idea why would it be important beside potential malware being downloaded earlier. Your solution is definitely safe and recommended by many people but still, it isn't really convenient and portable. I guess it's the best choice for people who were thinking of using hardware wallets as their main "purse". I will personally stick to them since I send my coins often in many different places.

The important things to note from this entire episode are:

1. The recently exposed vulnerabilities in Ledger and Trezor have been patched - Update your devices!
2. NO wallet can be proven to be 100% secure and NO wallet should be treated as such
3. Despite our best efforts, there will always be a certain level of "trust" involved somewhere in the chain (hardware and/or software level)

As with a lot of things in life, it comes down to risk management and how much risk is "acceptable" in your specific situation - "Minimise the risk"™  8)

I agree with all of your points, and I personally own a ledger nano device but I also think that the Ledger team understated how vulnerable the device can be, especially once it is in the physical possession of someone else. I will probably continue to use it, as I think it's still got a very good security to usability ratio, but I think that it might have been advertised a bit as something it probably is not.

I think users have far more trust in the integrity and security of the software than the coders themselves.

This shows that keeping our coins safe has been ultimately cut down to such levels where we cannot trust anything, except our own deeds.
Keeping it safe is a matter of how safe we try to keep it - IT"S US WHO WILL NEED TO PERFORM EVERYTHING IN A KNOWLEDGEABLE MANNER.
Though, never thought that hardwares could really be unsafe (Had different thoughts though, like if our PC itself has a malware in it and if we use ouor hardware in such device). I trust paper wallets only, but are they also trustworthy? As they come from these "ONLINE" websites only, so shall we trust them too? And if everything's prone to vulnerability, what should be the best place we may put our coins at?

There shouldn't be any problems with a paper wallet as long as you generate it offline. I think there was an online generator which saved people's seeds and later stole their BTC. Extreme holder could encrypt and engrave it on something that would be fire and waterproof. That's one of the safest method if you don't plan spending your bitcoins or any other cryptocurrency for the next few years.

We have a lot of operating systems available on the Internet with different features and security measures. For example. TREZOR is open-source, this might encourage more developers, who may be concerned about security of their money, to create their own, separate version of what's supposed to run on your hardware wallet. They won't be able to fix issues connected with the hardware itself, though.

I think that hardware wallets are still one of the safest ways for safe storage of private keys,although from time to time a security vulnerability appears,but also very quickly after that we have update which fix the problem.This is something quite normal,not only with hardware wallets,but with any other device or operating system which exists today.

Paper wallets are good for long term storage if user is make such wallet offline in 100% clean device.But instead of paper I would always choose some more durable material such as plastic or metal.Then user just need to get private keys - engrave&save them in a safe place.To check balance it's enough to have public key so there is no need to touch "paper wallet".

It's not normal at all. Hardware wallets advertise themselves as being the most secure way of securing your private keys, but they continue to find themselves in a position that draws negative and unwanted attention. How long will people swallow this? I don't think much longer, because you can keep releasing firmware fixes and whatnot, but the more often you have to do this, the lower your overall credibility becomes as hardware wallet manufacturer. I was doubting whether or not to purchase one, but haven't done so because I am not going to put my faith in a piece of hardware that I personally don't know of what leaks its firmwire may contain that we don't yet know of, or even in the hardware part itself. I have been reading here and there that people owning hardware wallets will revert back to the old and solid paper wallets, and rightfully so.

I understand your stand,and many others think in that way,but is there so far even one recorded case that someone lost BTC or any other altcoin from hardware wallet and that the cause was a security breach?To my knowledge such a situation has not yet occurred,for safe storage and everyday use hardware wallets are currently the best choice.

But if user have large amount of coins and has no intention to spend them in the near future,then paper wallet represents the safest option for long term storage.Although every users need to know that paper is not something that lasts forever(or ink),we have users on this forum who have problem to read private keys because ink is faded.

We all are here for privacy and safety, both.
And as said somewhere, past performance does not guarantee future results. Everything is hypothetical and so is the usage of these hardwares, when even computers are not safe with our so-called perfect Anti-Virus which guarantees us that it holds the best properties and all the data that could prevent our PC from being hacked or be malware-affected, still can't fight the newer ones (Viruses) that are being badly released by those hackers with the intention to steal all our data - can you guarantee that such hardwares are trustworthy even after reading the complete PDF given herein by the OP?

Till this point in my reading in the crypto world, I had never even been exposed to the idea (nor did it occur to me) that hardware wallets were not as safe as they seemed. Thanks AGD for sharing this with a wider audience, was a fascinating read. At the very least, it is very good food-for-thought.  ;)

If your computer was fully encrypted and never accessed the internet, then how could it have a keylogger? Assuming it's properly airgapped, that is, no physical wifi card, ethernet card, or anything else of this nature, then even if somehow the computer got infected with a keylogger, how could the keylogger communicate with the attacker to send the logs?

Seems pretty solid to me. Meanwhile, hardware wallets have their own RNG and you can't just never be fully sure, and the fact that they are devices supposed to contain bitcoin by default it's just an obvious target.

I never said that hardware wallets are 100% secure,such a thing actually does not exist-but for daily use and for storage of not too large amounts of coins I think there is no better solution at this time.If user have 50 or 100 BTC only safe storage is something totally offline,with no connection to internet.

I read that report the day it was published and the author says :


So the greatest danger here came from delivery process,if someone wants to intercept the package and compromise the device before being delivered to the user.This is certainly possible,but if ordered directly from the manufacturer with tracking number I think the possibility of manipulation with package is very small.

All other attacks can be performed only remotely,and requires that user do some bad things like to allow install of custom MCU firmware or to have infected computer.

Ledger is update their firmware and says that all of these vulnerabilities are now fixed.Saleem Rashid confirms that some of problems are resolved in "Fixing The Attack" part,but even he is not sure that all problems are resolved.

In the end I can not guarantee that hardware wallets are worthy of trust,it is the decision of each user individually.So far there is no documented case that any user is lost coins in hardware wallet and that the cause for this is security flaw in device-but that does not mean that this will not happen in the future.

I would say that 4 months isn´t "very quickly" and definitely too long when it comes to a Bitcoin
hardware wallet.

In general I would simply advise people to spread their risk by using different ways of Bitcoin storage
simultaneously. E.g. keep a few Bitcoins in a hardware wallet, a few Bitcoins in a paper wallet where
parts of the mnemonic seed are stored at different locations, a few BTC in a  traditional wallet or a SPV client,
a few mBTC in one of the better mobile wallets (I´d recommend Samouraiwallet (https://samouraiwallet.com/)).
The only thing that I wouldn´t really recommend is storing Bitcoins on a computer that is often used
to browse the internet and is running a Windows OS. Storing Bitcoins on an exchange is also in general
a bad idea as the numerous exchange hacks in the past illustrate.

It is extremely unlikely that all of these different storage solutions are compromised simultaneously, which
makes it nearly impossible for you to lose all your funds. This is preferable to storing all your crypto wealth
in a single hardware wallet, because this puts you in the uncomfortable position where you are at risk
of losing 100 % of your coins if a serious vulnerability in Ledger/Trezor is discovered and exploited by
malicious actors.

On the other hand you are only risking a fraction of your Bitcoins if you heed my advice of spreading
your risk. In the long run losing 20 % of your Bitcoin stash due to a vulnerability or a lost/destroyed paper wallet
may prove to be inconsequential anyway, because 80 % of your Bitcoin stash will still be enough to make
you either financially independent or filthy rich (depending on the actual size of your BTC stash)  :D

All in all, I´d suggest that you should not trust any hardware wallet with 100 % of your funds and
that you should instead spread the risk by using several storage solutions.

Right, although the "someone" who has unfettered access to a computer with Intel ME is Intel themselves (and anyone else holding the code signing key for executing code on the ME processor). I think exploits were discovered last year where an attacker circumvented the use of the Intel code signing key, but I forget the specifics.


tldr: Intel owns your computer. Stop using Intel (AMD won't help you, they have a similar tech on newer CPUs too)



There's alot of skepticism about whether ME cleaning/disabling is of any real benefit. It's better than nothing, but the ME and it's firmware either still partly exists after cleaning (only something like 95% of the ME firmware can be flashed, otherwise the CPU refuses to initialise hardware components so the BIOS can load), or still exists completely after disabling (disabling is a feature that Intel designed, we're essentially trusting that the feature does what Intel claims it does).

Intel defined several negative numbered control rings for the ME to use. This means that the ME can function like a rootkit that forms an intentional part of an x86 computer's design. It cannot be removed completely, and so all Intel machines should be considered compromised hardware. The ME could lie to you about anything your machine is really doing, and surveill what happens on your machine. So the Intel ME could be used to steal all Bitcoins from every machine with an Intel ME, one can only speculate Intel must have those ME code signing keys under very limited access and very close supervision within the company.

Ironically (considering the title of this thread), hardware wallets mitigate this attack vector, as Bitcoin private keys on a hardware wallet shouldn't be accessible to the ME if a hardware wallet is secure enough. But don't let that comfort you too much, i reiterate: Intel are behaving in bad faith with their ME tech, please stop using Intel CPUs.


tldr; This should be (and may eventually become) a far more controversial scandal than Facebook selling user data to 3rd parties; Intel can collect ALL data from your machine, not just some of it. And Intel can lie to you about what your computer is really doing.

If that's the case what can we do then? What kind of microprocessor is your machine using? I mean f*c*ing intel is everywhere! I am about to change my old 2010 laptop (amd)? Do you have any suggestions?

I thought that using those hardware wallets is the most secure way of storing Bitcoins but now I am doubting, i guess i will keep my BTC on my online wallets with a password that i put on a safe place. But still i am planning to buy a ledger nano to try myself the security of that hardware wallet.

While a hardware wallet is not 100% secured (nothing is 100% secured) it is definetely better than an online wallet.
The attack surface of a web wallet is by far bigger than the attack surface of a hardware wallet.

The point is: If you decide to stop using your hardware wallet and put it in a safe place.. your coins are safe. Regardless of a vulnerability.
But a web wallet on the other hand can be attacked 24/7. Not that you just have to trust the developer of the wallet, you also have to trust they
are able to secure their whole infrastructure good enough.

While hardware wallets may not be the most secured storage option, it definetely can be regarded as more secured than an online wallet.

1. Keep that AMD laptop

Best advice right now is to keep pre-2013 AMD and (I think) pre-2007 Intel hardware (which in a stroke of irony are not receiving patches for those kernel memory access exploits that made the news for Intel recently).  


Alternative options to Intel/AMD (which are all compromises of some kind, and all involve more computing skills than x86 platforms):

• ARM chips (not open designs or fully user controllable, & ARM are beginning to introduce anti-features similar to those that Intel and AMD have, so careful research needed)
• IBM POWER chips (which are expensive, & not well supported, but the platform is fully user controllable AFAIK)
• RISC V chips (which are expensive, immature, & not at all widely used, although the design is more open than IBM POWER, and like POWER, whole tech platform is user controllable)

Intel and Microsoft are slowly turning the whole Wintel concept into something closer to owning a Nintendo console than using a proper computer. Using some kind of Unix style operating system on non-Intel hardware will be the only option, eventually.

hardware wallets certainly  can not give you 100% security, but I think they are the ones that are closer to total security. web wallets are definitely the worst in terms of security, paper wallet still has its risks (you can lose it, it can get damaged, it can be destroyed in the time), the dekstop wallet if you have a computer infected with a virus is dangerous. probably there is no totally safe method.

You see we can agree on somethings but few MS developers have woken up to the fact that Microsoft is locking them
out from the OS all over the place let alone are spying on every byte of data they can see.

Who would ever had thought that you would be getting a merit from me and take it from me, I don't get many to
give away but I am stuck with MS because it's all I know.

I suspect Goolge on Android devices is nearly as bad, they both have a bad track record, both work for the CIA/NSA

I agree with many of the comments made here. Hardwear wallets (cold storage devices) are much safer than online wallets, and my personal view is that paper wallets are the safest if you are in it for the long haul. Just make sure to purchase the desired hardwear wallet from the manufacturer, NOT from 3rd party sellers ( especially the ones you find on eBay ). 

Everything is safer than online wallets...

I agree that it took them a long time to make new firmware from first warning,but you have to consider that public info about vulnerability and time after Ledger released a new firmware was pretty short.That's how things work,the time required for something like this is always too long for users,and too short for company.In any case, they should react much faster there is no doubt about it.

Your advice to spread the risk to multiple wallets is good,and I think many users do just that.I personally never believed that the hardware wallet was absolutely safe,but that provides me very good security for storage and everyday use.But one should always keep in mind,it was made by humans and humans can hack it.

Thanks, I'll do my best to make my old laptop a long lasting machine. It's not going to be easy but everything I need is backed on my hard drives. So sad this is the situation we are in.

A hardware wallet can be safe, just cut the connection. That's what DigiSafeGuard is working on right now. There is no 100% security, but its as secure as it can get. At least as secure as a paper wallet.
https://www.digisafeguard.com

Any other hardware wallet having a usb connection or relaying on a chip security is not safe enough to put more than 5000 usd on it.

Just take an old laptop, load your favorite wallet and coins, then break or disable the wireless networking. Then break or disable the wired networking.

Although hardware wallets may have some issues, those issues are nothing compared to the problems of binding a machine to the greater world, uploading data and reporting in fashions the user is not privy to, and requiring downloading of supposed "updates" that are not comprehensible.

Right, and honestly I like that these hardware wallets are being heavily scrutinized, broken down, rebuilt, and broken down again while Bitcoin and other cryptocurrencies are still relatively early in the game and not that many people are actively using cryptos.

Having the simplicity and "security" of hardware wallets are crucial for mainstream adoption.

Yeah, but you don't want just any old laptop to do that on.  Like if you were to get one of your old laptops from 10 years ago that you were downloading a whole bunch of sketchy stuff on through limewire, I wouldn't think to recommend using something like that.  The most secure way is to buy a cheap laptop that has no wireless or bluetooth capabilities, and then load trusted/gpg verified files on the computer through booting it on a live-USB.

I would still use it. Of course that they can make the modifications on hardware wallet and steal your coins after you use it.
So buy it from the official seller and update it if needed.

No it doesnt worth mentioning that it was found by whom because whoever have found it just awsome discovery

I haven't heard of anyone losing coins in a hardware wallet yet. Other than a device that already had been previously opened. They set the seed words and password. Then sent the device and a copy of the seeds words-password to the new owner. The new owner thought he bought a new device and didn't reset it. The crooks just waited until the coins were in the wallet and stole them.   

Using an old processor doesn't also mean you have to use your old (non-wiped) hard drive.
An old laptop with a formatted hard drive and wireless adapter removed does its job very well.

There is also no need for running an OS as live version from an USB stick. It is absolutely fine to install an OS to your hard drive.
No connection adapters mean no connection. Regardless of the OS you are running and from how you boot it.

It's true,so far there is no report about such a case,and the reason is very simple-hack a hardware wallet is not easy work,it is much easier for hackers to focus on online wallets/exchanges and business with fake wallets/phishing links.

That example you mentioned is something completely different,human ignorance and stupidity are endless.I think that is partly the fault of the manufacturers who should sell devices only directly from the factory with great security measures.Buying hardware wallet from e-bay or or some similar site is nothing but an extra risk.

However manufacturers can not stop people to sell their wallets,but notice on the site that such purchase is not advisable would be a good move.

It is somewhat misleading to say that hardware wallets are not safe. Of course, if you lose your hardware wallets, there is a chance that the seed can be recovered through some of the ways highlighted in the article there but most people would not know how to break it.

So the key point here is that you should ensure you purchase directly from the company or a reliable vendor and ensure that you setup the device from scratch. This should go a long way in keeping your funds secure.

With paper wallets or web wallets, there is always a risk of key logging or malware that can exploit your data. Hardware wallets are safe.

There is normally in every branch a trade off between security and ease of use. Question is how much do you trust a storage method for how much bitcoin.

I wish we could already live in a world where only secured digital wallets exist... I know there are many technological safety measures that could be implemented within digital wallets that could ensure the users' privacy and personal security. This can even be much better in time!

but thease days there is no ather option to secure your funds without using coldstorage.....
but need somting more secure in future

Any old laptop?

An old laptop with a new SSD running a new Linux can be a pretty nice and secure computer. I say "a new SSD" only because an old hard drive is pretty risky.

Look, it's important to think clearly about the issues in this thread. Most any machine is safe, if it is loaded with a wallet that allows you access to your private keys, and if it is not capable of getting on the internet.

Don't just disable the networking, break or remove the adapter. Then you have a machine that can only be interfaced with through the USB or other ports.

But how do you actually do that? You need to do it physically?

I've been using an offline wallet to sign for a while, but I just disabled network adapters. I figured it was kinda bullshit, but the reality is that the risk is already pretty low. The offline machine was formatted clean and never connected to the internet. It seems to me that in either case (networking disabled vs. actually removed) the thumb drive you use for transporting raw transactions is a required attack vector.

Let's say Windows forces a shutdown/update and re-enables network adapters. What then? Some malware from the thumb drive keylogs my wallet password, swipes my private keys and......but there's no unprotected network to connect to. I'm not crazy for thinking the risk is low here am I? If there's malware sophisticated enough to do the above, then copy itself to the thumb drive and push the data from the online computer, then it seems like a PC with network adapter removed is prone to the same attack.

Yes. Removing all network adapter physically gives you a 100% guarantee that your offline machine won't communicate with any other device in its proximity.
Note that being 100% secured against an attack vector can almost never be reached.
This is one of the few cases where it is possible to absolutely secure yourself against an attack vector.




You are right, the risks are very low. But it still exists.
It all depends on how much you want your storage to be secured against which attack vectors.

And you are also right with the USB drive being the attack vector which would probably be the first one abused.
And it is indeed independent from your network adapters.

But there are other possibilities to transfer your unsigned TX to your offline machine and move your signed TX to your online pc.
The simpliest would probably be witht he help of two webcams:

• Create unsigned TX on online pc
• Display QR code of this TX
• Scan the QR code with webcam connected to your offline machine
• Sign the TX
• Display the QR code of the signed TX
• Scan this QR code with your webcam connected to your online PC
• Broadcast transaction

Note that to be on the safe side, you should NOT connect your webcam to an online PC after connecting it to your offline storage.
This attack vector (flashing webcam firmware with malicious version) is pretty unlikely.. but it also does exist.

HArdware wallet is the safest wallest till now as you can store the btcs as the way you like :)

I don't see me going back to downloading a block chain for each coin. And waiting to update or repair the blockchain before you can spend any coins :P.

Last weekend was spent updating and repairing 2 wallets, getting the coins out of a super secure offline signing wallet. And separating forks. I'm constantly helping users get access to their coins in their malfunctioning wallets:P. Corrupted data' human error etc etc etc. If your upgrade is tainted you could lose your coins that way.   

Not at all.

Say the machine is one of those that have a little slide switch on the side, for wireless on or off. Stages in disabling wireless are:

1) software disable
2) slide the switch
3) tape the switch over in the off position
4) glue the switch one position
5) take the slide switch out (requires removing the cover)
6) take the computer's wireless card out

Thanks, I hadn't considered using a setup with photos/QR codes. Interesting. Definitely seems more secure than a thumb drive (although I think a thumb drive attack on an offline/encrypted wallet has got to be a really sophisticated and targeted attack).

It is true that such an attack is really really unprobable.
But i think this does not really always have to be a targeted attack.

IMO there is definetely a possibility of a malware (in this case: virus) which does spread itself onto thumb drives targeting offline storages without being directly targeted.

Sure, this sounds more like paranoia and won't happen to 99.9% of the people, but the possibility does exist (even though a very small chance of happening).

it is better than your have none
you can use software to encrypt a usb flash to make a cheap hardware wallet

That's the best and most secure way. Not  the easiest way but when its about some hard Bitcoins, you don't want any risk. That's why we choose this method over usb like many other hardware wallets. Production is not ready but we are working hard to get it out soon:
https://www.digisafeguard.com

Not at all.
A hardware wallet is NOT simply an encrypted storage for your private keys.

A hardware wallet lets you access your private keys within an 'airgapped' environment.
You can use it even on an infected pc, without your private keys getting compromised.
It is made for secured storage AND convinient daily usage.


An encrypted USB on the other hand can only store your private keys encrypted.
And the moment you plug it into an pc which might be compromised and decrypt it, your private keys are exposed to theft.

While an encrypted thumb drive is a good way to store a backup (additional backup; not as the only backup) it is not comparable to a hardware wallet at all.

That's fairly accurate. The USB is perfectly good except at the point of access by another machine, while the hardware wallet is by design intended to be good in all cases.

"Access" by another machine of the hardware wallet keys is not possible.

Of course a USB could be accessed by an offline air gapped PC. And a hardware wallet could by design have it's records regenerated on a PC if the key word set were known.

A bad actor or government actor could exert influence on a hardware wallet company, say by causing certain items to be included in an update of the hardware wallet. This is at least in my opinion, a long term risk worth mulling over.

I think paper wallets are the best for cold storage.

Two keys ideas for paper wallets:
1. you write down multiple copies and store them in different secure places so you have redundancy and you don't lose your coins if something happens in one of those locations.
2. keep it secure even from physical theft by making some simple change to the private key that you remember. Your own simple encryption that is super easy to remember, like change the a couple characters by some amount. Then if a paper wallet were to get stolen the thief would have no chance of accessing the coins because only you know that you changed the key and only you know how you changed it. This could even help with #1 because then you could safely keep a copy of the paper wallet at say your family's house as a backup copy but you would know that nobody but you could ever access your coins using what is on that paper wallet.

So maybe you store a paper wallet in your house, one hidden in your car, one at your family's house, you could even store it on a usb stick or computer and it would be entirely secure since you changed the key. So you get redundancy from loss plus nobody can access your coins even if they get a hold of one of the places where you store your self-encrypted key.

Trusting any wallet (desktop, mobile, paper) 100% is most users' problem. First and foremost do not trust anything or anyone 100% in crypto world. Hardware wallets are insecure for me too. You have one seed and multiple altcoins connected to that same seed. If you loose your seed you are in the risk of loosing all your funds. Do not do that. If your crypto wealth is important do not store multiple crypto currencies in one wallet. On the other hand, you have to secure your seed and wallet separately. So it doesn't have much advantage compared to desktop or mobile wallet besides not being connected to the internet 7/24

And please don't forget; NO hardware wallets I am aware of store your (BIP improved) passphrases if you use them.  This means that even if someone gets your entire seed and would somehow know your hardware wallet PIN, they still get zero coins!  During a physical hack you can't recover something that isn't there - namely the needed passphrases.  Not even a subject for debate if you understand that the hardware wallet and the needed passphrases are not kept together.

Do I intend to store the ERC20 token on the TREZO wallet? Is your information secure? . If not cold wallet. Where should we store it? is feeling puzzled :( OMG  :( :o :o :o

What is your solution to that long term problem? I am puzzling myself to find the best possible way to store a few bitcoins long term and, as of today, I have no solution for that. If I look for security, in case I die, nobody will ever be able to recover my coins (until bitcoin cryptographic security is broken). I supposed that leaving a trezor behind could have been that solution but right now I don't think that is a viable option.

As you pointed, the purism laptops quoted by the other user do not fully get rid of ME, but as far as I know, the old Thinkpads which have Libreboot installed (which require a change in hardware, except the x60 which can be easily flashed) get rid of it at the highest level possible. I think this is as best as it gets. A t400 is still a decent laptop, specially with an SSD, it should do the job to run a Bitcoin node. I don't see any other option as realistic, I think this is as good as it gets?

I may buy one but I will not do Bitcoin stuff on it, I just want a spare laptop and I would like to try this one, but if I was running a node or wanted to use a laptop as cold storage, why not use one of these? seems pretty solid, I think it's the best we have so far. You could get two: use one as a node, and use the other as a hardware wallet in which you sign transactions, the put them in the node with a QR code to broadcast them, to avoid USB's risks (this one of course must not have wifi cards or anything else)

You can always go to MyEtherWallet.com and generate a new wallet. You will be given a private key which you can later use for accessing your wallet. The best thing about it that you can do it even while being offline so there is less risk that some kind of malware steals your key. After you save your private key, you can encrypt it using for example VeraCrypt and store it on multiple external drives. Hardware wallets are much more convenient because all you have to do is to plug in a hardware wallet your computer and use it with MEW. I use my TREZOR One for small amounts of cryptocurrencies in case I needed to spend them immediately.

I thought that using those hardware wallets is the most secure way of storing Bitcoins but now I am doubting, i guess i will keep my BTC on my online wallets with a password that i put on a safe place. But still i am planning to buy a ledger nano to try myself the security of that hardware wallet.

Online wallet is a bad choice. Use Bitcoin Core on an offline machine.

edit: https://medium.com/@tednobs/how-to-create-a-secure-bitcoin-cold-wallet-82f82be4bfa

There's an old saying, what was built by one man can always be broken by another one. There's no such thing as absolute security.

I've read this medium article, but I'm a bit confused about the second part (Funding & redeeming).

In the first part the author is doing everything right to keep everything on the offline laptop.
But then he suggests to copy the wallet.dat to an online computer?

For me this makes no sense. Why doing all those secure steps before to create a cold wallet and then just copy the wallet.dat to an online PC?
With this step the cold wallet instantly turn into a hot wallet. So what is the point here?
It does not matter for me, that the passphrase was never used so far.

In my understanding a cold wallet never touches a PC which is connected to any network.

I would only agree with the described way if the author would change one point and add one point.

1) The wallet.dat on the usb-drive should not be verified on any online PC. Only copy the wallet.dat on the online PC whenever you want to spend the coins.
2) Whenever you spend something from this wallet.dat, always spent EVERYTHING and then never use this wallet.dat again. Create a new one.

Hardware wallets are good for storing large amounts of unused money.

Hardware wallet system also exists the possibility of virus, cause your wallet to be invaded!

If the hardware wallet is lost or damaged it will be difficult to repair!

He tries to justify his methodology here:

Basically... as the wallet file is encrypted (hopefully with the 40+ char random password that has only ever been stored offline) it should be "fine" to have your wallet.dat on an online computer... or even cloud storage. I think the important point is the last one: "Choose what is right for you." You need to work out what your acceptable level of risk is and go with a method that fits that risk model.

In your case, that is a wallet.dat that never touches an online computer until you're wanting to redeem the coins... in the authors case... it is wallet.dat encryption is "bulletproof", I'll put the wallet.dat on cloud storage.

In my case... it's a hardware wallet ;)


Among other things...

No. As far as I'm aware, you can only flash the full firmware, which will effectively wipe the device... and unrecognised firmware should be flagged during the bootup sequence of the hardware wallet to indicate to the user that the device is not running officially signed firmware.

While you may not be able to repair the device, you can recover your funds by using your "seed mnemonic" (aka backup words) and importing it into BIP39/BIP44 compatible wallets for the coins you need to recover.

its not good i listen about hardware wallets that are more secure and safe and now you are saying its not safe,very big problem and must be resolve this from experts,now only option to save only wallets with password placed at safe place till no other solution.

So if hardware wallets are not safe then it is kinda useless to invest in one right now? If the point of this article is to make people aware of the dangers of using hardware wallets it just made them insecure. If the article is correct any retailer or seller (or even one of their employees) of  a hardware wallet can install a custom firmware before they even put it up to the shelves, yes I know they have stickers and security seals on their boxes but all of it can be easily tampered by a professional.

Maybe hardware wallet makers need to take it on to the next level of security like having a software where it can detect if your hardware wallets are compromised or not. In this way even if they had accessed your wallet you will know if your wallet was touched or not. But in my own personal opinion I would still want a hardware wallet where it is not always connected to the internet or to my desktop, my Bitcoin is more vulnerable out there.

Nothing beats the paper wallet

When you are really aware on the risk  of it then you should proceed with caution.We do know issues is already showed up and as a sensible token hodler you will eventually avoid it at all cost. Re-sellers of such wallet can possibly re-packed it and install any software which would compromise or exposed the keys.We have seen such problems thats why i decide to buy in the company itself but still i do have always the doubts that they do have those seeds yet they are the ones who do create and do the packaging.

On the thing being said above, the thing being created by someone can really be possibly be cracked or exploit some flaws by other person anytime.

Fire and water (and time) does.

What about this "steel" wallet?

https://cryptosteel.com/

Can't we even use those cheap memory cards in which we can store lots and lots of data with any sort of stuff or just private keys only?
Purchasing ~250 Memory Cards with just 2 GB memory will cost much less compared to what we need to pay for that steel thing. ;)
I believe that all of these 250 memory cards are not going to get corrupted at once (few may get corrupted, but not all of them).
Even 25 memory cards can save our Notepad file and have all our data stored without much hassle which we can easily access offline whenever we want to use our private keys to use our funds. Encryption of private keys and then keeping them safer in these memory cards is the best and cheapest way IMO.

Not when the "paper wallet" is made out of stainless steel.


The "long term storage problem" is the simplest thing in the world to solve. Consider that a bitcoin address is no more than a 50-some digit long number All you need is a copy of that number in a safe depot box.

An 'address' is a 160 binary number. This, of course, can be encoded in any format.
Just like it is done with the displayed addresses (Base 58 encoding).

But to be able to gain access over the funds sent to the address you need the private key (256 bit binary number), which also can be encoded into *any* format.


The question is wether you want to put it into a depot box.
It matters on how much you trust the phsysical security of this box.

If you want to keep it away from everyones knowledge, such a storage might not be the best idea.

Each generation of nand flash is much worse than the previous generation.

If you take a recent high capacity USB key, write it, and put it in a car on a hot day, most of the data will be damaged and the ECC/codecs in the flash controller will have to work their collective asses off to recover your data.

I would not expect the data to be on cheap memory cards in 2 years.  Read the specs from majior SSD manufacturers on data retention unpowered. 

Sort of right. I referred to the private key, which is a 50-some digit long number. How one encodes it does not address the question or affect the answer.

Next, the question was not "if you want to keep it away from everyone's knowledge."

But that really doesn't matter. Please take a moment to think this over.

A private key can of course be password encoded, or encoded using a private scheme. Most of the orientation on this thread is "How to save and THEN RETRIEVE bitcoins." This implies a device capable of the retrieval, a computer or a hardware wallet, whatever.

A paper wallet does not do this, it simply stores the values. Therefore it does not have the complexities of devices with computing capabilities or data storage capabilities.

It's quite reasonable to believe there will in the future be various ways to read these keys into active devices.

Ledger Hardware Receive Address Attack

Whenever using a hardware wallet  to send or receive. Make sure to check the display of your device to make sure the coins are going to the right address. A virus can change the address.

https://www.youtube.com/watch?v=9Wf1SFTQxAs

https://www.youtube.com/watch?v=sZuxHSM8p-Q

Paper wallet in a safe deposit box ftw lol

And if someone physically gets your paper wallet you lose the coins. Or you could have some technical problem when the day comes to use the coins. :D   

Yeah. This is a so called 'steel paper wallet'
Can I also create a 'wooden steel paper wallet'?

If someone physically gets your cash/gold/cloths/house/car you will lose your cash/gold/cloths/house/car. Or it could be damaged, burned, broken, etc.
You are never in safe for 100%, that's how our life works.

The question is wether "Be your own bank" still applies here if you let a bank be your bank instead of being the bank yourself.

Those boxes do not guarantee availability at any given moment.
This may be more secured (from stealing attempts) than storing private keys under your pillow, but is not a reliable (in terms of availability, access, etc.. ) long-term storage.

Those boxes can still be seized by the government.

Yeah, it's tough to "be your own bank" when your funds are physically in the custody of someone else. But every storage medium has its tradeoffs. It just depends what the biggest threats are.

A friend of a friend had his house burglarized and his safe stolen -- everything gone. Probably a targeted/inside job. Anyway, in hindsight, I guess he'd have been better off with a safe deposit box. I think the moral of that story is don't put all your eggs in one basket. You should never store everything in one place.

Maybe if his privatekeys were inside a drawer, they would not have been stolen. They would look worthless.

Or splitting privatekey/seed in two separate pieces of paper maybe a good idea also.

I would suggest, anyone that put a paper wallet in long term storage, see that a decoding program is placed there also. An example would be the bitaddress.org script. Whatever is needed. Toss an entire computer if you like, if you think that script won't run in ten years.

Whatever you put into long term storage, remove the batteries first.

I am most certainly not technical enough to grasp the extent of that document, but it does appear to imply that a hacker requires physical access to your device beforehand before hacking into it.

Everyone is aware of this threat. This is without doubt the pitfall of any hard wallet, not knowing how it was configured and what hands it has passed through beforehand.

Following on from this, however, has anyone else had any difficulty downloading the latest firmware from ledger?

I have recently converted from a PC to a Mac (help me lord) and am having trouble getting 1.4.1 onto my device. I know this sounds a really noob question but would there be any reason my ledger would read the software differently if it was previously connected to a windows based app rather than ios?

1.4.1 was a bit of a nuisance for some folks, getting "confusing error messages... however, Ledger have already released 1.4.2... https://www.ledger.fr/2018/04/17/announcing-ledger-firmware-1-4-2/

As noted in that blog post, they have a detailed step-by-step here: https://support.ledgerwallet.com/hc/en-us/articles/360002731113

I believe you can update directly from 1.3.1 to 1.4.2 without needing to load the 1.4.1 firmware. Also, going from Windows to MacOSX shouldn't make any difference to the device... it should switch without issue. What is the exact issue you've having? device not recognised? device recognised but update failing? ???

It IS a different program, being compiled under OS X and relying on somewhat different underlying libraries.

They say to use Google Chrome or Chromium as the browser, were you doing that?

yes I know, my friend once told me if using hardware it does not guarantee the safety of our coin .
and I'm still confused want to plunge into the world of cloudmining, I do not understand after I get the results of the developers think 'my money is where

In reality nothing guarantees the security and safety of your coins.
But a hardware wallet is one of the best (if not the best when looking at security/convinience) type of storage for your BTC.




You should reconsider this. Cloud mining mainly is just scam.

Why should someone rent his hardware and mine for you for less profit than he could have when just mining for themselves?
If you are heavily interested in mining, buy a mining rig and join a pool. But without cheap(!) electricity this is just a waste of energy (without any profit).

A safety deposit box is only as safe as those working at the bank.  :D

Allow me to say that all of this kind of "bugs" and "exploits" will not cause any problem to a normal user. You are SAFE! Nobody will modify the hardware wallet if you buy it from the official store(Trezor, ledger etc.).

No program can have access to the hardware wallet seed or private keys. To sign a transaction you need to press a button so every time you want to make a transaction you need to double check the outputs.

All other threads like man-in-the-middle attack are just theory.

Yes ! Your right hardware wallet have a lot of vulnerability.
But? What about paper wallet ?/is it advisable to use?

I would have to disagree with this.

First of all, contents of a safe deposit box should be "tamper evident." Google that it will become clear that any prowling in that box can and should be detected. Yes that can include taking pictures of anyone opening the box, using a cam that doesn't look like a cam.

Important contents should not be obvious. A paper wallet should not be on a piece of paper that shouts "BITCOIN KEYS." It might be engraved on something that looks like a family heirloom. Johnny's First Communication certificate. Etc.

They could be on a page that looked like a listing of bank account numbers, split into pieces.

These things would not stop a determined attacker that already knew you had a stash, so one additional level of security is needed.

That is the encoding of the private key with a key phrase that only you know.

At this point you have

1. A box that does not appear to have any bitcoin paper wallets.
2. one object of many in the box that has the keys or sequences.
3. The key needs another part that is not in the box.
4. The box has tamper evident contents, hence an intruder is detected.

Here is a concept of next generation highly secured hardware wallet:

                             Bkey.tech (http://Bkey.tech)

It is physically separated from untrusted environment and it`s inputs\outputs fully controlled by owner.

So it cannot be hacked remotely by design and very user friendly.

Also there will be several protective solutions to prevent "wrench attack".

From starting i was also against Hardware wallet, i am always referring to use electrum or mycelium desktop wallet as it dont need to backup the full node, just download the software and install it and backup the seed key and start using your bitcoin wallet. Only thing to secure is the seed key through which you can install the software anywhere and use your wallet.

After 8 pages of debate, I'm still not sure what my takeaway is...

For someone who's not serious in crypto, just playing around in the exchanges with little money, is a hardware wallet worth it?

The questions becomes considerably more significant with larger amounts of money involved, for sure. But some of the solutions seem to just be facsimiles of banks and fiat monies - paper wallets, storing in safes, multiple layers of authenticities. Does this mean in the end, when there are clearer standards that we just revert to "banking systems" that are slightly more customer friendly?

Everyone has the right to their own opinion and it is true that even hardware wallets are not perfect,but in terms of security hardware wallets are undoubtedly above desktop wallets.If you ask why,there is very simple answer-how many cases you know that hardware wallet is hacked and user is lost his coins(excluded wallets bought on E-bay/Amazon...)?And how many cases you can find that users lost coins in desktop wallets?You can find it very easily in hundreds of examples,fake desktop wallets are responsible for millions $ of stolen coins.

There is no 100% safe way to store coins,but every serious user should seek for best solution.

Yeah, this topic title is a bit misleading. Hardware wallets are much safer than any desktop wallet. Hardware wallets are safe to use even on a computer that is infected with a malware. Hardware wallets are an airgapped enviroment on your desktop.

In the problem related to hardwallets mentioned above the hacker had physical access to the hardwallet.

A hardware wallet's worth to you might depend on how much crypto you own. If you won't lose sleep losing whatever you own in those exchanges, then you might not need a hardware wallet after all since it costs a considerable amount of money.

I only use paper wallets, they do the job just as efficiently if not more.

Until now, I didn't use a hardware wallet to save my bitcoin, I didn't like this idea because it's still risky to damage your wallet or to lose it. I agree that it's very good for security and save your BTC carefully without any worriying to lose them, but I don't like that. I just want to save my bitcoin in an online wallet or in a desktop wallet like Electrum wallet. It's too easy to manage and had a good secuirty.

Damn, my nano ledger is worthless then? :o

Still secure enough for day today use, but I wouldn't trust it with big money.

No, the exploit has been patched as of firmware v1.4.1... (Note: current firmware is v1.4.2 which helps remove a couple of other theoretical attack vectors by forcing random starting numbers when entering PIN etc)

As far as I'm aware... there have been no known instances of this exploit "in the wild"... it was merely a "proof of concept" that was responsibly reported by the "15yr old kid" and was subsequently patched by Ledger.