|
Title: Should hardware wallets use secure elements for max security? Post by: Ducker Smith on December 11, 2019, 09:45:19 AM Your crypto is particularly vulnerable to physical attacks if your hardware wallet doesn't have a secure element. Physical attacks or a lost device are always going to be a threat to Hodlers, but all the more so if your hardware wallet doesn't have a secure element.
Any thoughts? Title: Re: Should hardware wallets use secure elements for max security? Post by: Pmalek on December 11, 2019, 10:07:09 AM They should have a secure element, yes. The secure element is where the private keys are generated and stored and it makes sure that your private keys never leave the safety of the device.
Ledger explains the Secure Element topic very well here > https://www.ledger.com/academy/security/the-secure-element-whistanding-security-attacks/ Title: Re: Should hardware wallets use secure elements for max security? Post by: ThatRandom8543 on December 11, 2019, 02:17:30 PM Your crypto is particularly vulnerable to physical attacks if your hardware wallet doesn't have a secure element. Physical attacks or a lost device are always going to be a threat to Hodlers, but all the more so if your hardware wallet doesn't have a secure element. Any thoughts? While its true that hw wallet can be vulnerable to physical attacks, if you dont have a strong additional passphrase, an secure element could be just as vulnerable. Some wallets have taken additional steps to wipe the private key from the hw wallet if the wallet is opened or tampered with, which is a smart move, but could also be problematic. Having an additional passphrase will provide more protection since its not stored on an hw wallet and you could also split your coins across different passphrases. Title: Re: Should hardware wallets use secure elements for max security? Post by: bitmover on December 11, 2019, 05:12:30 PM I don't understand what is the op so worried about.
If you lose your device and for some reason a hacker finds it, he will not be able to steal your funds, unless if it is a zero day exploit (which nobody knows any for now). If someone try your pin 3 times device will reset. The maximum security for now for your bitcoins is a ledger nano or a trezor. Title: Re: Should hardware wallets use secure elements for max security? Post by: bitbro678 on December 12, 2019, 02:43:02 AM I don't understand what is the op so worried about. Without a secure element, the hardware wallet cab be easily hacked with side channel attack. Check this: https://thenextweb.com/hardfork/2019/12/10/cryptocurrency-shapeshift-keepkey-wallet-cold-hacker-voltage-attack/If you lose your device and for some reason a hacker finds it, he will not be able to steal your funds, unless if it is a zero day exploit (which nobody knows any for now). If someone try your pin 3 times device will reset. The maximum security for now for your bitcoins is a ledger nano or a trezor. Title: Re: Should hardware wallets use secure elements for max security? Post by: bitmover on December 12, 2019, 09:59:17 AM The maximum security for now for your bitcoins is a ledger nano or a trezor. Well, this is why I suggested ledger o trezor, and not shitkeys You cannot buy any shitful product and just because it is labeled"hardware wallet" expect it to have security. Title: Re: Should hardware wallets use secure elements for max security? Post by: HCP on December 13, 2019, 06:45:39 PM Well, this is why I suggested ledger o trezor, and not shitkeys It's worth noting that both Ledger and Trezor have been affected by "exploits" in the past... The Trezor ONE actually has a similar (the same?) problem as the KeepKey, as they use the same micro-controllers...https://medium.com/@Zero404Cool/trezor-security-glitches-reveal-your-private-keys-761eeab03ff8 https://medium.com/@Zero404Cool/frozen-trezor-data-remanence-attacks-de4d70c9ee8c I guess this is the problem with being "popular"... you're always going to be the target :-\ Title: Re: Should hardware wallets use secure elements for max security? Post by: TimDavis on December 20, 2019, 04:56:13 AM Your crypto is particularly vulnerable to physical attacks if your hardware wallet doesn't have a secure element. Physical attacks or a lost device are always going to be a threat to Hodlers, but all the more so if your hardware wallet doesn't have a secure element. Any thoughts? While its true that hw wallet can be vulnerable to physical attacks, if you dont have a strong additional passphrase, an secure element could be just as vulnerable. Some wallets have taken additional steps to wipe the private key from the hw wallet if the wallet is opened or tampered with, which is a smart move, but could also be problematic. Having an additional passphrase will provide more protection since its not stored on an hw wallet and you could also split your coins across different passphrases. Title: Re: Should hardware wallets use secure elements for max security? Post by: Pmalek on December 21, 2019, 07:39:31 AM what if I forget or lose the passphrase? If you lost just the password, aka the 25th seed word, you might be able to recover it. Brute forcing it with the appropriate software could work if you know parts of the passphrase, special characters used it it and how it should look. If you have no idea what the passphrase was brute forcing it would be impossible or take a lifetime. |