Bitcoin Forum
July 21, 2018, 11:12:37 PM *
News: Latest stable version of Bitcoin Core: 0.16.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 4 »  All
  Print  
Author Topic: Do you REALLY trust hardware wallets?  (Read 458 times)
cheefbuza
Member
**
Offline Offline

Activity: 182
Merit: 15

Cryptocurrency. Blockchain. Repeat.


View Profile WWW
March 11, 2018, 09:33:07 PM
 #21

Nothing is bulletproof. Especially centralization for ex. Ledger Nano S or Binance where there is mass adoption it's never good.
I believe you always find a good one that is not having too much attention. I mean eventually, hardware wallets are more secure than any other wallets I believe but everything is safe until hacked right? So I guess it can be all about time, either just spread it in a few wallets or choose always the second alternative or something like that. The best solution is: do not keep all your eggs in one basket, that's very simple and up to you.
Probably no strong hardware wallet such as Ledger Nano S will be hacked or somehow lose balance but even if there's a chance of 0.0000001% and you are very worried then that's your solution.

https://cryptobuza.com/ - my personal amateur crypto blog.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1532214757
Hero Member
*
Offline Offline

Posts: 1532214757

View Profile Personal Message (Offline)

Ignore
1532214757
Reply with quote  #2

1532214757
Report to moderator
1532214757
Hero Member
*
Offline Offline

Posts: 1532214757

View Profile Personal Message (Offline)

Ignore
1532214757
Reply with quote  #2

1532214757
Report to moderator
Aura
Sr. Member
****
Offline Offline

Activity: 462
Merit: 266



View Profile
March 11, 2018, 09:51:23 PM
 #22

... Armory+cheapo computer...

It's a hardware wallet with even better security and validity, but at a fraction of the cost.
Until you factor in the need for a (non-pruned) full node required for the online portion of your Armory setup and the space/bandwidth requirements that involves.

As opposed to plugging a HW wallet into your cheapo computer (or even your mobile phone with a $2 OTG cable).

There are pros/cons to both setups... but honestly, I believe HW wallets made air-gapped offline/online two computer setups pretty much obsolete.
You're right, although HDD space has become relatively cheap lately. But I believe Electrum also offers the same functionality (offline signer) without the need for a full node, I just prefer Armory. I'm lucky to have my full node running at my parents home with 300Mbps internet. Maybe I'm just a little too paranoid.

       ▀
   ▄▄▄   ▄▀
   ███ ▄▄▄▄  ██
       ████
    ▄  ▀▀▀▀
▄▄
      ██    ▀▀
██▄█▄▄▄████████
▄▄▄▄▄▄▄▄▀▀███▀▀▀
██████████████████
████▄▀▄▀▄▀███▀▀▀▀▀
████▄▀▄▀▄▀███ ▀
████▄▀▄▀▄▀████████
▀█████████████████
]
CoinPayments
█████
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████
█████
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████
█████
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████
BitCryptex
Full Member
***
Online Online

Activity: 280
Merit: 121


Polish translation service https://bit.ly/2K7snsh


View Profile WWW
March 12, 2018, 08:30:13 PM
 #23

You're right, although HDD space has become relatively cheap lately. But I believe Electrum also offers the same functionality (offline signer) without the need for a full node, I just prefer Armory. I'm lucky to have my full node running at my parents home with 300Mbps internet. Maybe I'm just a little too paranoid.

Using HDD and a full node setup has also some disadvantages. Almost everyone here experienced the pain of 3 days long synchronization, hardware wallets are ready to go once you plug them into your computer. HDD setup is less portable, it takes some time for a full node to start and then check if there were any new block found. Usually, full nodes run 24/7 but my point is that you are not able to use them instantly on the go. There is nothing wrong with being too careful.

Aura
Sr. Member
****
Offline Offline

Activity: 462
Merit: 266



View Profile
March 12, 2018, 09:48:21 PM
 #24

You're right, although HDD space has become relatively cheap lately. But I believe Electrum also offers the same functionality (offline signer) without the need for a full node, I just prefer Armory. I'm lucky to have my full node running at my parents home with 300Mbps internet. Maybe I'm just a little too paranoid.

Using HDD and a full node setup has also some disadvantages. Almost everyone here experienced the pain of 3 days long synchronization, hardware wallets are ready to go once you plug them into your computer. HDD setup is less portable, it takes some time for a full node to start and then check if there were any new block found. Usually, full nodes run 24/7 but my point is that you are not able to use them instantly on the go. There is nothing wrong with being too careful.
Most people will indeed experience 3+ days synchronization, for me I think it was less. But I don't use this setup because it's portable, but rather because it's reliability. Don't get my wrong, hardware wallet are a very good choice as a wallet, but I prefer to do it myself and also to contribute to decentralization.

       ▀
   ▄▄▄   ▄▀
   ███ ▄▄▄▄  ██
       ████
    ▄  ▀▀▀▀
▄▄
      ██    ▀▀
██▄█▄▄▄████████
▄▄▄▄▄▄▄▄▀▀███▀▀▀
██████████████████
████▄▀▄▀▄▀███▀▀▀▀▀
████▄▀▄▀▄▀███ ▀
████▄▀▄▀▄▀████████
▀█████████████████
]
CoinPayments
█████
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████
█████
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████
█████
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████
BitCryptex
Full Member
***
Online Online

Activity: 280
Merit: 121


Polish translation service https://bit.ly/2K7snsh


View Profile WWW
March 12, 2018, 09:58:28 PM
 #25

Most people will indeed experience 3+ days synchronization, for me I think it was less. But I don't use this setup because it's portable, but rather because it's reliability. Don't get my wrong, hardware wallet are a very good choice as a wallet, but I prefer to do it myself and also to contribute to decentralization.

I understand your point of view. I was also thinking of setting up a node which would run 24/7, but I'm still not sure whether do it at home or rent a dedicated server for it. Also, you can mix both full node and hardware wallet. TREZOR, for example, allows you to use Insight which you can setup on your own machine. The same thing goes for Electrum, it's great that we have so many options to choose from.

Aura
Sr. Member
****
Offline Offline

Activity: 462
Merit: 266



View Profile
March 13, 2018, 02:53:03 PM
 #26

Most people will indeed experience 3+ days synchronization, for me I think it was less. But I don't use this setup because it's portable, but rather because it's reliability. Don't get my wrong, hardware wallet are a very good choice as a wallet, but I prefer to do it myself and also to contribute to decentralization.

I understand your point of view. I was also thinking of setting up a node which would run 24/7, but I'm still not sure whether do it at home or rent a dedicated server for it. Also, you can mix both full node and hardware wallet. TREZOR, for example, allows you to use Insight which you can setup on your own machine. The same thing goes for Electrum, it's great that we have so many options to choose from.
That's a nice feature, I personally feel that hosting your own node it worth it. You're not only helping to decentralization but you also have more independent security. In SPV mode you rely on being able to connect to at least one honest node and that's solved by running your own.

       ▀
   ▄▄▄   ▄▀
   ███ ▄▄▄▄  ██
       ████
    ▄  ▀▀▀▀
▄▄
      ██    ▀▀
██▄█▄▄▄████████
▄▄▄▄▄▄▄▄▀▀███▀▀▀
██████████████████
████▄▀▄▀▄▀███▀▀▀▀▀
████▄▀▄▀▄▀███ ▀
████▄▀▄▀▄▀████████
▀█████████████████
]
CoinPayments
█████
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████
█████
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████
█████
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████ ██
█████
Spazzer
Member
**
Offline Offline

Activity: 168
Merit: 81


View Profile WWW
March 13, 2018, 03:42:37 PM
 #27

Most people will indeed experience 3+ days synchronization, for me I think it was less. But I don't use this setup because it's portable, but rather because it's reliability. Don't get my wrong, hardware wallet are a very good choice as a wallet, but I prefer to do it myself and also to contribute to decentralization.

I understand your point of view. I was also thinking of setting up a node which would run 24/7, but I'm still not sure whether do it at home or rent a dedicated server for it. Also, you can mix both full node and hardware wallet. TREZOR, for example, allows you to use Insight which you can setup on your own machine. The same thing goes for Electrum, it's great that we have so many options to choose from.
That's a nice feature, I personally feel that hosting your own node it worth it. You're not only helping to decentralization but you also have more independent security. In SPV mode you rely on being able to connect to at least one honest node and that's solved by running your own.

Agreed,

I am so torn when it comes to wallets and hardware wallets. I think there is going to a big wakeup call for many users when not using a hardware wallet. It's definitely the safest option right now for daily use.

pooya87
Legendary
*
Offline Offline

Activity: 1344
Merit: 1106


Buy bitcoin they said... who listened?


View Profile
March 14, 2018, 06:59:46 AM
 #28

Most people will indeed experience 3+ days synchronization, for me I think it was less. But I don't use this setup because it's portable, but rather because it's reliability. Don't get my wrong, hardware wallet are a very good choice as a wallet, but I prefer to do it myself and also to contribute to decentralization.

I understand your point of view. I was also thinking of setting up a node which would run 24/7, but I'm still not sure whether do it at home or rent a dedicated server for it. Also, you can mix both full node and hardware wallet. TREZOR, for example, allows you to use Insight which you can setup on your own machine. The same thing goes for Electrum, it's great that we have so many options to choose from.
That's a nice feature, I personally feel that hosting your own node it worth it. You're not only helping to decentralization but you also have more independent security. In SPV mode you rely on being able to connect to at least one honest node and that's solved by running your own.

it is worth mentioning that just running a full node is not always equal to helping the network and decentralization. not exactly anyways.
you will help the network only if you are accepting connections, relaying blocks and transactions. but sometimes people who run a full node only sync with the network (download the blocks) and don't accept any connection and don't give anything.

HCP
Hero Member
*****
Offline Offline

Activity: 672
Merit: 887

<insert witty quote here>


View Profile
March 14, 2018, 12:43:31 PM
 #29

Exactly, if Bitcoin Core isn't setup with "listen=1" or the "allow incoming connections" GUI option, you're not really doing anything running a wallet and sponging data from actual full nodes...

If you want to support the Bitcoin network, you must allow inbound connections.

When Bitcoin Core starts, it establishes 8 outbound connections to other full nodes so it can download the latest blocks and transactions. If you just want to use your full node as a wallet, you don’t need more than these 8 connections—but if you want to support lightweight clients and other full nodes on the network, you must allow inbound connections.

Spendulus
Legendary
*
Offline Offline

Activity: 1946
Merit: 1015



View Profile
March 18, 2018, 04:01:10 AM
 #30

Nothing is bulletproof. Especially centralization for ex. Ledger Nano S or Binance where there is mass adoption it's never good.
I believe you always find a good one that is not having too much attention. I mean eventually, hardware wallets are more secure than any other wallets I believe but everything is safe until hacked right? So I guess it can be all about time, either just spread it in a few wallets or choose always the second alternative or something like that. The best solution is: do not keep all your eggs in one basket, that's very simple and up to you.
Probably no strong hardware wallet such as Ledger Nano S will be hacked or somehow lose balance but even if there's a chance of 0.0000001% and you are very worried then that's your solution.

There are a number of ways to lose coins, not just hacking.

These have been detailed in help requests but briefly, wallet gets corrupted, passcode gets lost, hard drive problems, coming back to it after a couple years, nothing works, etc.

I have some difficulty in believing that a hardware wallet is any better than an encrypted wallet.dat file on a thumb drive or two, or somehow more reliable than a paper wallet.  One thing to keep in mind is to not mix complexity with long term storage.

What then is complexity? It could be Bitcoin core with a full database, it could be an encrypted wallet.dat on an encrypted thumb drive. It could be a Trezor with a secondary hidden file structure.

Could be a number of things, but simplicity is highly related to long term reliability.
Greenkarki
Member
**
Offline Offline

Activity: 280
Merit: 19


View Profile
April 01, 2018, 02:12:26 PM
 #31


Not yet have an experience with hardware wallet as i fine Nano has been the best hardware wallet amongst others. Its more secured and much friendly and adaptive to use from one place to other places and is adaptive to any device. Let me try it bit later as my earnings are much low

gentlemand
Legendary
*
Online Online

Activity: 1708
Merit: 1192


Hello You


View Profile
April 12, 2018, 06:14:11 PM
 #32

This thread gave me the willies a bit.

https://bitcointalk.org/index.php?topic=3290558.0

Due to a technical problem with BCH Ledger rerouted this guy's tx and didn't tell him. He thought it was lost.

Hannahanto
Full Member
***
Offline Offline

Activity: 392
Merit: 107



View Profile
April 12, 2018, 06:18:59 PM
 #33



I dont have an experience in hardware wallets. But i will try to use but not now, but i heard that hardware wallets is very safe to use. Some people are told Ledger Nano wallet is good to use. This wallet is more secure and easy to use.Ledger Nano is adopted by all devices. The ledger has excellent support for many cryptocurrencies

M O Z O   //     $31M RAISED!     PRE-LISTED on Coinrail     $450k Bounty Tradable on 8/8/18
●            ●                       VERSACE & 38,000 Stores are accepting MOZO TOKENS                       ●            ●
●            ●            WHITEPAPER        MEDIUM        TELEGRAM        ANN THREAD            ●            ●
HCP
Hero Member
*****
Offline Offline

Activity: 672
Merit: 887

<insert witty quote here>


View Profile
April 14, 2018, 02:48:30 AM
 #34

This thread gave me the willies a bit.

https://bitcointalk.org/index.php?topic=3290558.0

Due to a technical problem with BCH Ledger rerouted this guy's tx and didn't tell him. He thought it was lost.
It is impossible for Ledger to "reroute" a transaction... once a transaction is signed, it cannot be modified without breaking the signature and rendering the transaction invalid. You can't change the destination. The real issue was the user simply not understanding what was happening and freaking out.

The actual cause of the problem was the new BCH node software released in preparation for the upcoming fork... it was incompatible with the Ledger wallet software and meant that the Ledger wallet software was simply not displaying transactions and balances correctly. Ledger had to re-index the entire BCH blockchain so that their system could find all the appropriate transactions when a users wallet would request the information via the API.

Note that no funds were in danger of being lost... they were just temporarily unable to be displayed.

It's like your email app being unable to connect and/or talk to the email server correctly... end result, your emails are still there... you just can't see them.

Spendulus
Legendary
*
Offline Offline

Activity: 1946
Merit: 1015



View Profile
April 14, 2018, 04:25:05 AM
 #35

I don't really trust hardware wallets, that's why I don't own one. My main reason is the lack of open-source for example, Ledger wallet is only partial open-source. That means that there is still some code running on the hardware that you can't verify. Besides that, they are quite expensive compared to air-gapped machines that only require an old PC. I have more fate in a computer, without internet capability running a wallet compiled from source (Armory) than pre-configured hardware. Armory allows you to sign transactions on your air-gapped machine and managing your wallet on an online PC without sign access (watching-only).
They certainly add a level of convenience, especially for all of the coins the support.
That's is certainly a benefit for people who store altcoins. But for my personal situation not, as I only store Bitcoin and some Litecoin.

Also, a ledger nano s for example is much cheaper than any laptop/very cheap desktop you'd find, I don't think it's fair to assume that everybody would have an old computer lying around.
Even the old computers that schools have, will run an offline version of Armory. I bet you can get these for less than 10 bucks on a flea market or elsewhere. Also Armory has support for single board computers like the Raspberry Pi, that can be bought for $25. It's a hardware wallet with even better security and validity, but at a fraction of the cost.
.....

Support for Armory has been weak for the OS X for some time, and future support for the MS version is not certain.

However, note that Armory supports regeneration using a keyword sequence. And that page you print out can have an encryption key.
So there is really no reason for the old PC, right?

Yesterday's computers likely will not work on tomorrow's database.

Armory requires a full copy of the CORE database, so the "old PC" will need something > 200 GB available. Since the CORE database is growing, any reasonable projection for the storage needs after say 5 years is what, maybe 500-800 GB?
MoneyMotivatesMe
Jr. Member
*
Offline Offline

Activity: 98
Merit: 0


View Profile
April 15, 2018, 07:57:13 AM
 #36

Not totally but it's more reliable than anything in the crypto space.
Commie
Full Member
***
Offline Offline

Activity: 322
Merit: 102


View Profile
April 17, 2018, 09:34:11 AM
 #37

Can't see it posted here before, so read and think - https://krebsonsecurity.com/wp-content/uploads/2018/03/ledgerattack.pdf
HCP
Hero Member
*****
Offline Offline

Activity: 672
Merit: 887

<insert witty quote here>


View Profile
April 17, 2018, 11:34:31 AM
 #38

Can't see it posted here before, so read and think - https://krebsonsecurity.com/wp-content/uploads/2018/03/ledgerattack.pdf
There was a whole thread devoted to it here: https://bitcointalk.org/index.php?topic=3167854.0 (including a link to the original blog post by the original author Saleem Rashid)

In any case, the vulnerability has been patched according to Ledger as of the latest firmware. Again, it just highlights the fact that NO solution is 100% secure...

786SehrishAkhtar
Jr. Member
*
Offline Offline

Activity: 147
Merit: 0


View Profile
April 17, 2018, 12:06:14 PM
 #39

We don't have second option because its much secure than MEW or any other online wallet.

↢↢↢↢│   MPCX   │↣↣↣↣
│ Digital Wealth Management Platform │
- PRE-ICO STARTS NOW - (https://mpcx.co/)
BitMaxz
Legendary
*
Offline Offline

Activity: 1134
Merit: 1026

Bitmain miners is getting worst.


View Profile
April 17, 2018, 05:48:14 PM
 #40

We don't have second option because its much secure than MEW or any other online wallet.
MEW is only for altcoin, unlike hardware wallets like ledger nano s and trezor wallets support almost all cryptocurrencies including bitcoin and ethereum.

MEW is not secured as you think every time you open your MEW wallet you need to copy paste your private key from time to time to open your wallet online. So if your computer is infected with malware and viruses any time soon thief can get your copy pasted private key history and stole all of your altcoins and ERC20 token.

Unlike hardware wallets that they can protect and hide your private keys and before they can transfer any coins from your hardware wallet, it will ask for a pin that you can only be the one can open your hardware wallet.

Pages: « 1 [2] 3 4 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!