AGD (OP)
Legendary
 Offline
Activity: 2069
Merit: 1164
Keeper of the Private Key
|
 |
March 22, 2018, 07:32:02 AM |
|
I have been warning people about hardware wallets for years. Bitcoin is the most personal store of value. Don't break it by using untrusted third party soft/hardware: https://krebsonsecurity.com/wp-content/uploads/2018/03/ledgerattack.pdfWorth mentioning, that the guy who found this exploit is 15 ys young. |
|
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
ricreis394
Newbie
Offline
Activity: 37
Merit: 0
|
 |
March 22, 2018, 09:08:21 AM |
|
I'm amazed  And I was about to buy one hardware wallet, but now, I will definitely not buy. |
|
|
|
|
Rath_
aka BitCryptex
Legendary
Offline
Activity: 1876
Merit: 3131
|
|
March 22, 2018, 09:11:45 AM |
|
So what ways of keeping bitcoins safe do you recommend then? Many people consider hardware wallets as something that is not possible to breach because they were told so. In both Ledger and TREZOR there were discovered vulnerabilities which allowed potential attacker to extract the seed. I haven't heard of any issues with KeepKey. I was thinking of using an air-gapped computer for storing large amount of BTC and a hardware wallet in case I needed to travel and have some bitcoin with me just in case. Have you ever used any hardware wallet?
|
|
|
|
|
OmegaStarScream
Staff
Legendary
Offline
Activity: 3458
Merit: 6099
|
The only alternative I can think of would be paper wallets but, these are not suitable for spending on a regular basis. Hardware wallets are still a great choice IMO and since they are not vulnerable for remote attacks, they still have some credibility. Ledger nano statement on this when they released their latest firmware update: Important note: there are some claims on Reddit and Twitter about a critical security issue being found on the Nano S. This is incorrect. The issues found are serious (that’s why we highly recommend the update), but NOT critical. Funds have not been at risk, and there was no demonstration of any real life attack on our devices. We will disclose all technical details after March 20th.
I haven't heard of any issues with KeepKey.
The reason why no one found security issues on KeepKey is probably due to the small userbase they have compared to Trezor and Ledger nano S. |
|
|
|
|
klaaas
|
|
March 22, 2018, 10:26:06 AM |
|
These kind of hardware wallets will grow stronger with time.
A indestructible and safe wallet is a very hard thing to accomplish.
|
|
|
|
bitmover
Legendary
Offline
Activity: 2282
Merit: 5887
bitcoindata.science
|
|
March 22, 2018, 10:50:18 AM |
|
This is a problem, and was already fixed by a firmware update. I think it's also worth mentioning that this vulnerability, although scary, occurs only if the the attacker has physical access before setup of the seed. It's nothing you need to really worry about if you buy directly from Ledger. And if you care at least a minimum about security, you would never buy a Ledger Wallet from third party re-sellers. TLDR: ledger hardwallet is still pretty safe, much safer than any hot wallet. Unless you have an airgapped PC, hardwallet is still a good choice. |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
DaveF
Legendary
Offline
Activity: 3458
Merit: 6235
Crypto Swap Exchange
|
|
March 22, 2018, 02:03:31 PM Merited by DarkStar_ (2), AGD (1) |
|
This is a problem, and was already fixed by a firmware update.
I think it's also worth mentioning that this vulnerability, although scary, occurs only if the the attacker has physical access before setup of the seed.
Not 100% true, from what he said it was vulnerable to the "Evil Maid attack" https://saleemrashid.com/2018/03/20/breaking-ledger-security-model/This is a problem, and was already fixed by a firmware update.
Which took them close to 4 months to put out and still is not properly alerting & forcing users to update. And if you care at least a minimum about security, you would never buy a Ledger Wallet from third party re-sellers.
Assuming you can trust everyone who handled the package from when it left their shipping dock till when it wound up in your mailbox. TLDR: ledger hardwallet is still pretty safe, much safer than any hot wallet. Unless you have an airgapped PC, hardwallet is still a good choice.
THAT I agree with. And pretty safe is good for most people. But it's still not REALLY REALLY REALLY safe. Just because you are paranoid does not mean that there are not people out to get you..... -Dave |
|
|
|
AGD (OP)
Legendary
Offline
Activity: 2069
Merit: 1164
Keeper of the Private Key
|
|
March 22, 2018, 02:08:59 PM |
|
So what ways of keeping bitcoins safe do you recommend then? Many people consider hardware wallets as something that is not possible to breach because they were told so. In both Ledger and TREZOR there were discovered vulnerabilities which allowed potential attacker to extract the seed. I haven't heard of any issues with KeepKey. I was thinking of using an air-gapped computer for storing large amount of BTC and a hardware wallet in case I needed to travel and have some bitcoin with me just in case. Have you ever used any hardware wallet?
I think it is good to reduce the attack vectors to a minimum. Bitcoin Core for example is a software that I trust. It is open source and some of the best developers (that I trust) are revisiting the code. So if you use an encrypted Bitcoin Core wallet with a very strong password for your cold storage, you should feel a lot safer, than with any hardware solution. Of course, the fact that we have to use closed source computers to run Bitcoin Core, makes it impossible to be 100% safe esp. against state actors. |
|
|
|
bitmover
Legendary
Offline
Activity: 2282
Merit: 5887
bitcoindata.science
|
|
March 22, 2018, 02:15:39 PM
Last edit: March 22, 2018, 02:30:42 PM by bitmover |
|
This is a problem, and was already fixed by a firmware update.
I think it's also worth mentioning that this vulnerability, although scary, occurs only if the the attacker has physical access before setup of the seed.
Not 100% true, from what he said it was vulnerable to the "Evil Maid attack" https://saleemrashid.com/2018/03/20/breaking-ledger-security-model/This is a problem, and was already fixed by a firmware update.
Which took them close to 4 months to put out and still is not properly alerting & forcing users to update. And if you care at least a minimum about security, you would never buy a Ledger Wallet from third party re-sellers.
Assuming you can trust everyone who handled the package from when it left their shipping dock till when it wound up in your mailbox. TLDR: ledger hardwallet is still pretty safe, much safer than any hot wallet. Unless you have an airgapped PC, hardwallet is still a good choice.
THAT I agree with. And pretty safe is good for most people. But it's still not REALLY REALLY REALLY safe. Just because you are paranoid does not mean that there are not people out to get you..... -Dave Well, this evil maid attack is even less risky. How would a hacker access my hardwallet, inside my house? If he can get inside your house , well, he can force you to give your btc to him even on an airgapped PC using Bitcoin core, he doesn't even need to be a hacker, he just needs a weapon. When you buy a ledger nano they come securely closed, and if the seal was violated you should discard it, as ledger recommendation. You don't need to trust anyone who handles the package.. If the user is the problem (like using infected pendrives, using violated hardwallets), any method is unsafe Any other wallet on desktop or smartphone is exposed to the risk of keyloggers, Trojans... Hardwallets are not. Unless you have an airgapped PC , they are the best option. Even Bitcoin core on a daily use computer is not as safe. But this discussion is pretty worthless.. it's a selected Paranoia. Hardwallets are safe enough. Ledger nano is also open source. |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
|
|
DaveF
Legendary
Offline
Activity: 3458
Merit: 6235
Crypto Swap Exchange
|
|
March 22, 2018, 02:32:30 PM |
|
Well, this evil maid attack is even less risky. How would a hacker access my hardwallet, inside my house?
If he can get inside your house , well, he can force you to give your btc to him even on an airgapped PC using Bitcoin core, he doesn't even need to be a hacker, he just needs a weapon.
When you buy a ledger nano they come securely closed, and if the seal was violated you should discard it, as ledger recommendation. You don't need to trust anyone who handles the package..
But this discussion is pretty worthless.. it's a selected Paranoia. Hardwallets are safe enough.
If the user is the problem (like using infected pendrives, using violated hardwallets), any method is unsafe
That's why it's called the evil maid, we can call it dishonest butler, sneaky plumber, corrupt cable tech. Whatever. WE are human, we make mistakes, you left it siting next to your PC for whatever reason instead of putting it away. Under 3 minutes and a netbook. That's all they need. When you buy a ledger nano they come securely closed, and if the seal was violated you should discard it, as ledger recommendation. You don't need to trust anyone who handles the package..
They actually did not  And I think that set me off more then anything. They badmouthed other places for saying that their taper tape was worthless, while putting out a product that a 15 year old (yes a very smart one) cracked by himself. Beyond this, I am dropping out of this thread. I doubt either one of us is going to change the others mind. -Dave |
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
March 22, 2018, 06:27:15 PM |
|
This is a problem, and was already fixed by a firmware update.
Which took them close to 4 months to put out and still is not properly alerting & forcing users to update. What is the source for the 4 months? As far as i know this has been fixed pretty fast.. Assuming you can trust everyone who handled the package from when it left their shipping dock till when it wound up in your mailbox.
You don't have to trust anyone. You can verify everything yourself (hardware + firmware). The ledger team has published a guide: https://support.ledgerwallet.com/hc/en-us/articles/115005321449-How-to-verify-the-security-integrity-of-my-Nano-S-Of course, the fact that we have to use closed source computers to run Bitcoin Core, makes it impossible to be 100% safe esp. against state actors.
You don't have to use a closed source OS. You have decided for yourself to use closed source software. Everyone is free to use the software he wants. There are a lot of open source linux distributions available on the internet. |
|
|
|
achow101
Staff
Legendary
Offline
Activity: 3374
Merit: 6535
Just writing some code
|
|
March 22, 2018, 07:02:31 PM |
|
Just because there are vulnerabilities found does not mean that they are inherently insecure. Do you say the same things about software wallets too (many of which have had vulnerabilities found and patched, just like with these hardware wallets)? Do you say the same thing about the general purpose computer you use which you don't even know how it works? Every piece of software and many pieces of hardware will have some vulnerability found in them; given enough time, it's almost inevitable. Worth mentioning, that the guy who found this exploit is 15 ys young.
That's slightly misleading. This 15 year old has dedicated a lot of time into working on hardware wallets, particularly in their firmware. He's been involved in numerous other vulnerability discoveries in the past with Trezors (and possibly Ledgers). The kid is very smart, probably smarter than you when it comes to hardware wallets. He's not just some random 15 year old who found this; he actually dedicated a lot of time into learning about how hardware wallets work and has been working with them for years. I don't think you understand what an evil maid attack is. It is, by definition, a physical access attack. You need to have physical access to the device in order to perform any of the known vulnerabilities (which have since been patched). An evil maid attack means literally that someone (like a maid) enters your room physically and does something malicious to a device (hence an evil maid). Which took them close to 4 months to put out and still is not properly alerting & forcing users to update.
Vulnerabilities take time to fix and release. They can't just publish that there is a vulnerability or details about the vulnerability before a fix is available. It probably took them 4 months to figure out a solution. Also, Ledger can't force users to update, and there has been plenty of alerting (which, by the way, also cannot be forced). Assuming you can trust everyone who handled the package from when it left their shipping dock till when it wound up in your mailbox.
There's a hardware and software attestation process that you can go through to ensure that your Ledger has not been tampered with. What is the source for the 4 months? As far as i know this has been fixed pretty fast..
https://saleemrashid.com/2018/03/20/breaking-ledger-security-model/Scroll down to "Disclosure timeline" |
|
|
|
AGD (OP)
Legendary
Offline
Activity: 2069
Merit: 1164
Keeper of the Private Key
|
|
March 22, 2018, 08:03:38 PM |
|
Just because there are vulnerabilities found does not mean that they are inherently insecure. Do you say the same things about software wallets too (many of which have had vulnerabilities found and patched, just like with these hardware wallets)? Do you say the same thing about the general purpose computer you use which you don't even know how it works? Every piece of software and many pieces of hardware will have some vulnerability found in them; given enough time, it's almost inevitable. Worth mentioning, that the guy who found this exploit is 15 ys young.
That's slightly misleading. This 15 year old has dedicated a lot of time into working on hardware wallets, particularly in their firmware. He's been involved in numerous other vulnerability discoveries in the past with Trezors (and possibly Ledgers). The kid is very smart, probably smarter than you when it comes to hardware wallets. He's not just some random 15 year old who found this; he actually dedicated a lot of time into learning about how hardware wallets work and has been working with them for years. ... Yes, I think hardware wallets are indeed inherently insecure, just like any SPV wallet. I also call every cryptocurrency exchange inherently insecure even though it might not have been hacked until now. I don't know how you come to the conclusion, that I don't know how a computer works, but anyway ... just the knowledge about how it works, might still not be enough to trust it 100%, but I guess we have not much of choice until we see open source chip production. One good example is the latest Intel issue and I am sure there will be more to follow. Btw I have addressed this one already a few postings before in this topic: ....
Of course, the fact that we have to use closed source computers to run Bitcoin Core, makes it impossible to be 100% safe esp. against state actors.
... Of course, the fact that we have to use closed source computers to run Bitcoin Core, makes it impossible to be 100% safe esp. against state actors.
You don't have to use a closed source OS. You have decided for yourself to use closed source software. Everyone is free to use the software he wants. There are a lot of open source linux distributions available on the internet. I didn't say 'closed source OS' but 'closed source computers'. No problem. Misreading can happen. |
|
|
|
|
RGBKey
|
|
March 22, 2018, 10:27:36 PM |
|
I think that hardware wallets happen to be very much so in the spotlight right now. Let's not forget that there was also an Electrum vulnerability found and patched recently. I believe that part of this has to do with how long hardware wallets have existed compared to their software counterparts, and how much time people have spent researching them.
Personally, I trust hardware wallets more than software wallets still. I'm not sure they're inherently insecure, but I don't believe they're perfect either. I think as far as security versus convenience, they rank pretty high up there on my list.
|
|
|
|
|
|
seven2smoke1
|
|
March 22, 2018, 10:32:52 PM |
|
I was amazed by this news, I thought that hardware wallets are top secure for saving our bitcoins, Indeed, I thought to buy one in the future, but after reading this PDF. I will keep my bitcoin in some web wallets as I don't have too much, in the same time, I will search for the secure wallet from now on. |
|
|
|
|
|
RGBKey
|
|
March 22, 2018, 10:37:12 PM |
|
I was amazed by this news, I thought that hardware wallets are top secure for saving our bitcoins, Indeed, I thought to buy one in the future, but after reading this PDF. I will keep my bitcoin in some web wallets as I don't have too much, in the same time, I will search for the secure wallet from now on. Web wallets are much worse. Just use Bitcoin Core, or other similar software. Web wallets have many more attack vectors than local software. |
|
|
|
|
bitmover
Legendary
Offline
Activity: 2282
Merit: 5887
bitcoindata.science
|
|
March 22, 2018, 10:39:07 PM
Last edit: March 22, 2018, 11:11:46 PM by bitmover |
|
I thought that hardware wallets are top secure for saving our bitcoins, Indeed, I thought to buy one in the future, but after reading this PDF. I will keep my bitcoin in some web wallets as I don't have too much, in the same time, I will search for the secure wallet from now on.
Yeah, this is the problem with posts like this, spreading fud and misinformation about hardwallets...... that wasn't any critical bug, as the attacker need physical access..... But New comers may not understand that clearly enough and think web wallets are safer... |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
squatter
Legendary
Offline
Activity: 1666
Merit: 1196
STOP SNITCHIN'
|
|
March 22, 2018, 10:54:02 PM |
|
So what ways of keeping bitcoins safe do you recommend then? Many people consider hardware wallets as something that is not possible to breach because they were told so. Yes, and that was irresponsible marketing. Most security-minded people know better than to blindly trust software/hardware just because it hasn't been broken yet. I believe exploits will continue to emerge when it comes to hardware wallets. Accordingly, users should tread with caution. As for what I recommend -- traditional cold storage for most coins: I still treat hardware wallets as experimental -- perhaps safer than a typical hot wallet setup, but nowhere near the safety of actual cold storage. Keeping all private keys on one or two devices that plug into online computers just feels way too risky to me. I use tried-and-true cold storage methods (paper wallets, encrypted offline .dat) for 80-90% of my coins. I know that compromising those keys from me would take an extremely targeted attack on me -- the likelihood of that is low. Whereas, I believe that hardware wallets are generally a very big target for hackers, and methods for remote exploits are now emerging.
The biggest takeaway from this report, I think, is don't put all your eggs in one basket.
The only alternative I can think of would be paper wallets but, these are not suitable for spending on a regular basis.
How about an air-gapped PC? Or an encrypted wallet on thumb drive? One of the points here is that nobody should be storing all (or most) of their coins in the same wallet they regularly spend from. I still think hardware wallets are fine for day-to-day spending. But I would treat them like a hot wallet and be on the lookout for social engineering tactics. |
|
|
|
Spendulus
Legendary
Offline
Activity: 2898
Merit: 1386
|
|
March 23, 2018, 02:18:16 AM |
|
So what ways of keeping bitcoins safe do you recommend then? Many people consider hardware wallets as something that is not possible to breach because they were told so. Yes, and that was irresponsible marketing. Most security-minded people know better than to blindly trust software/hardware just because it hasn't been broken yet. I believe exploits will continue to emerge when it comes to hardware wallets. Accordingly, users should tread with caution. As for what I recommend -- traditional cold storage for most coins: I still treat hardware wallets as experimental -- perhaps safer than a typical hot wallet setup, but nowhere near the safety of actual cold storage. Keeping all private keys on one or two devices that plug into online computers just feels way too risky to me. I use tried-and-true cold storage methods (paper wallets, encrypted offline .dat) for 80-90% of my coins. I know that compromising those keys from me would take an extremely targeted attack on me -- the likelihood of that is low. Whereas, I believe that hardware wallets are generally a very big target for hackers, and methods for remote exploits are now emerging.
The biggest takeaway from this report, I think, is don't put all your eggs in one basket.
The only alternative I can think of would be paper wallets but, these are not suitable for spending on a regular basis.
How about an air-gapped PC? Or an encrypted wallet on thumb drive? One of the points here is that nobody should be storing all (or most) of their coins in the same wallet they regularly spend from. I still think hardware wallets are fine for day-to-day spending. But I would treat them like a hot wallet and be on the lookout for social engineering tactics. It's worth noting that paper wallets have also been seen to have defects, and those have been corrected, and modern paper wallets are more secure than early ones were. |
|
|
|
|
|
