|
Samarkand
|
 |
March 30, 2018, 10:53:10 AM |
|
...
I think that hardware wallets are still one of the safest ways for safe storage of private keys,although from time to time a security vulnerability appears,but also very quickly after that we have update which fix the problem.This is something quite normal,not only with hardware wallets,but with any other device or operating system which exists today.
...
I would say that 4 months isn´t "very quickly" and definitely too long when it comes to a Bitcoin hardware wallet. In general I would simply advise people to spread their risk by using different ways of Bitcoin storage simultaneously. E.g. keep a few Bitcoins in a hardware wallet, a few Bitcoins in a paper wallet where parts of the mnemonic seed are stored at different locations, a few BTC in a traditional wallet or a SPV client, a few mBTC in one of the better mobile wallets (I´d recommend Samouraiwallet). The only thing that I wouldn´t really recommend is storing Bitcoins on a computer that is often used to browse the internet and is running a Windows OS. Storing Bitcoins on an exchange is also in general a bad idea as the numerous exchange hacks in the past illustrate. It is extremely unlikely that all of these different storage solutions are compromised simultaneously, which makes it nearly impossible for you to lose all your funds. This is preferable to storing all your crypto wealth in a single hardware wallet, because this puts you in the uncomfortable position where you are at risk of losing 100 % of your coins if a serious vulnerability in Ledger/Trezor is discovered and exploited by malicious actors. On the other hand you are only risking a fraction of your Bitcoins if you heed my advice of spreading your risk. In the long run losing 20 % of your Bitcoin stash due to a vulnerability or a lost/destroyed paper wallet may prove to be inconsequential anyway, because 80 % of your Bitcoin stash will still be enough to make you either financially independent or filthy rich (depending on the actual size of your BTC stash)  All in all, I´d suggest that you should not trust any hardware wallet with 100 % of your funds and that you should instead spread the risk by using several storage solutions. |
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
Carlton Banks
Legendary
 Offline
Activity: 3430
Merit: 3071
|
|
March 30, 2018, 11:02:22 AM
Last edit: March 30, 2018, 11:45:26 AM by Carlton Banks |
|
There's more to a computer than just the OS. A lot of firmware such as processor microcode are closed source. So it doesn't matter whether the OS you use is open source; if the firmware for your hardware and the hardware itself is closed source, then you are at risk of that closed source being malicious or containing something that can be exploited. One example of this is the Intel Management Engine which could allow someone to remotely access and control your computer and there's no way to disable it because it is baked into the hardware and firmware, both of which are also closed source.
Right, although the "someone" who has unfettered access to a computer with Intel ME is Intel themselves (and anyone else holding the code signing key for executing code on the ME processor). I think exploits were discovered last year where an attacker circumvented the use of the Intel code signing key, but I forget the specifics. tldr: Intel owns your computer. Stop using Intel (AMD won't help you, they have a similar tech on newer CPUs too) As of Intel's ME, there are solutions to neutralize or disable it people even suggest not to use Intel processors made since 2008 and AMDs since 2013. There's alot of skepticism about whether ME cleaning/disabling is of any real benefit. It's better than nothing, but the ME and it's firmware either still partly exists after cleaning (only something like 95% of the ME firmware can be flashed, otherwise the CPU refuses to initialise hardware components so the BIOS can load), or still exists completely after disabling (disabling is a feature that Intel designed, we're essentially trusting that the feature does what Intel claims it does). Intel defined several negative numbered control rings for the ME to use. This means that the ME can function like a rootkit that forms an intentional part of an x86 computer's design. It cannot be removed completely, and so all Intel machines should be considered compromised hardware. The ME could lie to you about anything your machine is really doing, and surveill what happens on your machine. So the Intel ME could be used to steal all Bitcoins from every machine with an Intel ME, one can only speculate Intel must have those ME code signing keys under very limited access and very close supervision within the company. Ironically (considering the title of this thread), hardware wallets mitigate this attack vector, as Bitcoin private keys on a hardware wallet shouldn't be accessible to the ME if a hardware wallet is secure enough. But don't let that comfort you too much, i reiterate: Intel are behaving in bad faith with their ME tech, please stop using Intel CPUs. tldr; This should be (and may eventually become) a far more controversial scandal than Facebook selling user data to 3rd parties; Intel can collect ALL data from your machine, not just some of it. And Intel can lie to you about what your computer is really doing. |
Vires in numeris
|
|
|
Karartma1
Legendary
Offline
Activity: 2310
Merit: 1422
|
|
April 05, 2018, 02:16:38 PM |
|
If that's the case what can we do then? What kind of microprocessor is your machine using? I mean f*c*ing intel is everywhere! I am about to change my old 2010 laptop (amd)? Do you have any suggestions?
|
|
|
|
|
Coin_trader
Copper Member
Legendary
Offline
Activity: 2772
Merit: 1169
Leading Crypto Sports Betting & Casino Platform
|
|
April 05, 2018, 02:56:25 PM |
|
I thought that using those hardware wallets is the most secure way of storing Bitcoins but now I am doubting, i guess i will keep my BTC on my online wallets with a password that i put on a safe place. But still i am planning to buy a ledger nano to try myself the security of that hardware wallet.
|
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
April 05, 2018, 03:36:21 PM |
|
I thought that using those hardware wallets is the most secure way of storing Bitcoins but now I am doubting, i guess i will keep my BTC on my online wallets with a password that i put on a safe place.
While a hardware wallet is not 100% secured (nothing is 100% secured) it is definetely better than an online wallet. The attack surface of a web wallet is by far bigger than the attack surface of a hardware wallet. The point is: If you decide to stop using your hardware wallet and put it in a safe place.. your coins are safe. Regardless of a vulnerability. But a web wallet on the other hand can be attacked 24/7. Not that you just have to trust the developer of the wallet, you also have to trust they are able to secure their whole infrastructure good enough. While hardware wallets may not be the most secured storage option, it definetely can be regarded as more secured than an online wallet. |
|
|
|
Carlton Banks
Legendary
Offline
Activity: 3430
Merit: 3071
|
If that's the case what can we do then? What kind of microprocessor is your machine using? I mean f*c*ing intel is everywhere! I am about to change my old 2010 laptop (amd)? Do you have any suggestions?
1. Keep that AMD laptop Best advice right now is to keep pre-2013 AMD and (I think) pre-2007 Intel hardware (which in a stroke of irony are not receiving patches for those kernel memory access exploits that made the news for Intel recently). Alternative options to Intel/AMD (which are all compromises of some kind, and all involve more computing skills than x86 platforms): - ARM chips (not open designs or fully user controllable, & ARM are beginning to introduce anti-features similar to those that Intel and AMD have, so careful research needed)
- IBM POWER chips (which are expensive, & not well supported, but the platform is fully user controllable AFAIK)
- RISC V chips (which are expensive, immature, & not at all widely used, although the design is more open than IBM POWER, and like POWER, whole tech platform is user controllable)
Intel and Microsoft are slowly turning the whole Wintel concept into something closer to owning a Nintendo console than using a proper computer. Using some kind of Unix style operating system on non-Intel hardware will be the only option, eventually. |
Vires in numeris
|
|
|
bekkioPEK
Member
Offline
Activity: 356
Merit: 12
|
|
April 05, 2018, 04:24:06 PM |
|
hardware wallets certainly can not give you 100% security, but I think they are the ones that are closer to total security. web wallets are definitely the worst in terms of security, paper wallet still has its risks (you can lose it, it can get damaged, it can be destroyed in the time), the dekstop wallet if you have a computer infected with a virus is dangerous. probably there is no totally safe method.
|
|
|
|
Anti-Cen
Member
Offline
Activity: 210
Merit: 26
High fees = low BTC price
|
|
April 05, 2018, 04:26:07 PM
Last edit: April 05, 2018, 04:55:48 PM by Anti-Cen |
|
Right, although the "someone" who has unfettered access to a computer with Intel ME is Intel themselves (and anyone else holding the code signing key for executing code on the ME processor). I think exploits were discovered last year where an attacker circumvented the use of the Intel code signing key, but I forget the specifics.
You see we can agree on somethings but few MS developers have woken up to the fact that Microsoft is locking them out from the OS all over the place let alone are spying on every byte of data they can see. Who would ever had thought that you would be getting a merit from me and take it from me, I don't get many to give away but I am stuck with MS because it's all I know. I suspect Goolge on Android devices is nearly as bad, they both have a bad track record, both work for the CIA/NSA |
Mining is CPU-wars and Intel, AMD like it nearly as much as big oil likes miners wasting electricity. Is this what mankind has come too.
|
|
|
vnck25
Member
Offline
Activity: 392
Merit: 11
|
|
April 05, 2018, 10:59:37 PM |
|
I agree with many of the comments made here. Hardwear wallets (cold storage devices) are much safer than online wallets, and my personal view is that paper wallets are the safest if you are in it for the long haul. Just make sure to purchase the desired hardwear wallet from the manufacturer, NOT from 3rd party sellers ( especially the ones you find on eBay ).
|
|
|
|
|
AGD (OP)
Legendary
Offline
Activity: 2069
Merit: 1164
Keeper of the Private Key
|
|
April 06, 2018, 06:53:07 AM |
|
I agree with many of the comments made here. Hardwear wallets (cold storage devices) are much safer than online wallets, and my personal view is that paper wallets are the safest if you are in it for the long haul. Just make sure to purchase the desired hardwear wallet from the manufacturer, NOT from 3rd party sellers ( especially the ones you find on eBay ).
Everything is safer than online wallets... |
|
|
|
Lucius
Legendary
Offline
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
|
|
April 06, 2018, 10:13:49 AM |
|
...
I think that hardware wallets are still one of the safest ways for safe storage of private keys,although from time to time a security vulnerability appears,but also very quickly after that we have update which fix the problem.This is something quite normal,not only with hardware wallets,but with any other device or operating system which exists today.
...
I would say that 4 months isn´t "very quickly" and definitely too long when it comes to a Bitcoin hardware wallet. In general I would simply advise people to spread their risk by using different ways of Bitcoin storage simultaneously. E.g. keep a few Bitcoins in a hardware wallet, a few Bitcoins in a paper wallet where parts of the mnemonic seed are stored at different locations, a few BTC in a traditional wallet or a SPV client, a few mBTC in one of the better mobile wallets (I´d recommend Samouraiwallet). The only thing that I wouldn´t really recommend is storing Bitcoins on a computer that is often used to browse the internet and is running a Windows OS. Storing Bitcoins on an exchange is also in general a bad idea as the numerous exchange hacks in the past illustrate. It is extremely unlikely that all of these different storage solutions are compromised simultaneously, which makes it nearly impossible for you to lose all your funds. This is preferable to storing all your crypto wealth in a single hardware wallet, because this puts you in the uncomfortable position where you are at risk of losing 100 % of your coins if a serious vulnerability in Ledger/Trezor is discovered and exploited by malicious actors. On the other hand you are only risking a fraction of your Bitcoins if you heed my advice of spreading your risk. In the long run losing 20 % of your Bitcoin stash due to a vulnerability or a lost/destroyed paper wallet may prove to be inconsequential anyway, because 80 % of your Bitcoin stash will still be enough to make you either financially independent or filthy rich (depending on the actual size of your BTC stash) All in all, I´d suggest that you should not trust any hardware wallet with 100 % of your funds and that you should instead spread the risk by using several storage solutions. I agree that it took them a long time to make new firmware from first warning,but you have to consider that public info about vulnerability and time after Ledger released a new firmware was pretty short.That's how things work,the time required for something like this is always too long for users,and too short for company.In any case, they should react much faster there is no doubt about it. Your advice to spread the risk to multiple wallets is good,and I think many users do just that.I personally never believed that the hardware wallet was absolutely safe,but that provides me very good security for storage and everyday use.But one should always keep in mind,it was made by humans and humans can hack it. |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
Karartma1
Legendary
Offline
Activity: 2310
Merit: 1422
|
|
April 06, 2018, 06:05:15 PM |
|
If that's the case what can we do then? What kind of microprocessor is your machine using? I mean f*c*ing intel is everywhere! I am about to change my old 2010 laptop (amd)? Do you have any suggestions?
1. Keep that AMD laptop Best advice right now is to keep pre-2013 AMD and (I think) pre-2007 Intel hardware (which in a stroke of irony are not receiving patches for those kernel memory access exploits that made the news for Intel recently). Thanks, I'll do my best to make my old laptop a long lasting machine. It's not going to be easy but everything I need is backed on my hard drives. So sad this is the situation we are in. |
|
|
|
|
|
nokati
|
|
April 07, 2018, 09:26:52 PM |
|
A hardware wallet can be safe, just cut the connection. That's what DigiSafeGuard is working on right now. There is no 100% security, but its as secure as it can get. At least as secure as a paper wallet. https://www.digisafeguard.comAny other hardware wallet having a usb connection or relaying on a chip security is not safe enough to put more than 5000 usd on it. |
|
|
|
Spendulus
Legendary
Offline
Activity: 2898
Merit: 1386
|
|
April 08, 2018, 05:34:56 PM |
|
Right, although the "someone" who has unfettered access to a computer with Intel ME is Intel themselves (and anyone else holding the code signing key for executing code on the ME processor). I think exploits were discovered last year where an attacker circumvented the use of the Intel code signing key, but I forget the specifics.
You see we can agree on somethings but few MS developers have woken up to the fact that Microsoft is locking them out from the OS all over the place let alone are spying on every byte of data they can see. Who would ever had thought that you would be getting a merit from me and take it from me, I don't get many to give away but I am stuck with MS because it's all I know. I suspect Goolge on Android devices is nearly as bad, they both have a bad track record, both work for the CIA/NSA Just take an old laptop, load your favorite wallet and coins, then break or disable the wireless networking. Then break or disable the wired networking. Although hardware wallets may have some issues, those issues are nothing compared to the problems of binding a machine to the greater world, uploading data and reporting in fashions the user is not privy to, and requiring downloading of supposed "updates" that are not comprehensible. |
|
|
|
|
chennan
Legendary
Offline
Activity: 1316
Merit: 1004
|
|
April 08, 2018, 07:41:46 PM |
|
These kind of hardware wallets will grow stronger with time.
A indestructible and safe wallet is a very hard thing to accomplish.
Right, and honestly I like that these hardware wallets are being heavily scrutinized, broken down, rebuilt, and broken down again while Bitcoin and other cryptocurrencies are still relatively early in the game and not that many people are actively using cryptos. Having the simplicity and "security" of hardware wallets are crucial for mainstream adoption. |
|
|
|
chennan
Legendary
Offline
Activity: 1316
Merit: 1004
|
|
April 08, 2018, 07:48:36 PM |
|
Right, although the "someone" who has unfettered access to a computer with Intel ME is Intel themselves (and anyone else holding the code signing key for executing code on the ME processor). I think exploits were discovered last year where an attacker circumvented the use of the Intel code signing key, but I forget the specifics.
You see we can agree on somethings but few MS developers have woken up to the fact that Microsoft is locking them out from the OS all over the place let alone are spying on every byte of data they can see. Who would ever had thought that you would be getting a merit from me and take it from me, I don't get many to give away but I am stuck with MS because it's all I know. I suspect Goolge on Android devices is nearly as bad, they both have a bad track record, both work for the CIA/NSA Just take an old laptop, load your favorite wallet and coins, then break or disable the wireless networking. Then break or disable the wired networking. Although hardware wallets may have some issues, those issues are nothing compared to the problems of binding a machine to the greater world, uploading data and reporting in fashions the user is not privy to, and requiring downloading of supposed "updates" that are not comprehensible. Yeah, but you don't want just any old laptop to do that on. Like if you were to get one of your old laptops from 10 years ago that you were downloading a whole bunch of sketchy stuff on through limewire, I wouldn't think to recommend using something like that. The most secure way is to buy a cheap laptop that has no wireless or bluetooth capabilities, and then load trusted/gpg verified files on the computer through booting it on a live-USB. |
|
|
|
|
Kumic
|
|
April 08, 2018, 10:56:05 PM |
|
I would still use it. Of course that they can make the modifications on hardware wallet and steal your coins after you use it.
So buy it from the official seller and update it if needed.
|
|
|
|
faultunfmuzzled8
Copper Member
Newbie
Offline
Activity: 168
Merit: 0
|
|
April 09, 2018, 12:59:21 AM |
|
No it doesnt worth mentioning that it was found by whom because whoever have found it just awsome discovery
|
|
|
|
|
|
justmyname
|
|
April 09, 2018, 01:18:19 AM |
|
I haven't heard of anyone losing coins in a hardware wallet yet. Other than a device that already had been previously opened. They set the seed words and password. Then sent the device and a copy of the seeds words-password to the new owner. The new owner thought he bought a new device and didn't reset it. The crooks just waited until the coins were in the wallet and stole them.
|
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
April 09, 2018, 08:36:22 AM |
|
Yeah, but you don't want just any old laptop to do that on. Like if you were to get one of your old laptops from 10 years ago that you were downloading a whole bunch of sketchy stuff on through limewire, I wouldn't think to recommend using something like that. The most secure way is to buy a cheap laptop that has no wireless or bluetooth capabilities, and then load trusted/gpg verified files on the computer through booting it on a live-USB.
Using an old processor doesn't also mean you have to use your old (non-wiped) hard drive. An old laptop with a formatted hard drive and wireless adapter removed does its job very well. There is also no need for running an OS as live version from an USB stick. It is absolutely fine to install an OS to your hard drive. No connection adapters mean no connection. Regardless of the OS you are running and from how you boot it. |
|
|
|
|
