Bitcoin Forum
November 11, 2024, 10:23:22 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 4 5 »  All
  Print  
Author Topic: Hardware wallets still aren't secure, and they never will be. Use paper wallets  (Read 1874 times)
HCP
Legendary
*
Offline Offline

Activity: 2086
Merit: 4361

<insert witty quote here>


View Profile
July 10, 2019, 10:28:54 PM
 #21

One of the best things about HW wallets is that you are bound to notice when its stolen and it will give you time to respond appropriately - not so with your software wallet.
Not necessarily... there are use cases that I've seen where users claim they either have more than one HW and then store them in various remote locations (safety deposit, "trusted" family/friend, hidden location etc).

If you have something stored in a remote location, it may be some time before you're aware of a theft.

█████████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████
█████████████████████████
.
BC.GAME
▄▄░░░▄▀▀▄████████
▄▄▄
██████████████
█████░░▄▄▄▄████████
▄▄▄▄▄▄▄▄▄██▄██████▄▄▄▄████
▄███▄█▄▄██████████▄████▄████
███████████████████████████▀███
▀████▄██▄██▄░░░░▄████████████
▀▀▀█████▄▄▄███████████▀██
███████████████████▀██
███████████████████▄██
▄███████████████████▄██
█████████████████████▀██
██████████████████████▄
.
..CASINO....SPORTS....RACING..
█░░░░░░█░░░░░░█
▀███▀░░▀███▀░░▀███▀
▀░▀░░░░▀░▀░░░░▀░▀
░░░░░░░░░░░░
▀██████████
░░░░░███░░░░
░░█░░░███▄█░░░
░░██▌░░███░▀░░██▌
░█░██░░███░░░█░██
░█▀▀▀█▌░███░░█▀▀▀█▌
▄█▄░░░██▄███▄█▄░░▄██▄
▄███▄
░░░░▀██▄▀


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
Chris! (OP)
Legendary
*
Offline Offline

Activity: 1382
Merit: 1123



View Profile
July 13, 2019, 12:44:52 AM
Last edit: July 13, 2019, 02:18:57 AM by Chris!
Merited by ABCbits (1)
 #22

Well, if you'd bothered to read it, then you would know that it didn't have anything to do with change addresses, paper burning or water damage or other "blah blah blah".

It was a very real "bug" that was discovered in a relatively popular Paper Wallet Generator that seemed to result in the same keys being generated for "different" users etc.

Covered already. Don't trust crappy sources of entropy. Again, not a paper wallet vulnerability.

What is being described here it not an airgapped device.

I know. The idea was that somehow wifi would unwittingly be connected on an air-gapped computer. If I don't have a wifi card and I don't have an ethernet cable the chance of any of my info leaking onto the web is zero unless someone is extremely close by, looking over my shoulder or picking up radio waves etc.

Disconnecting a computer in this way, even if booting from a live USB/CD, does not guarantee safety by any means.

What do you mean by that? The only real vulnerabilities that I'm aware of would be radio waves, someone filming me/shoulder surfing and a cold boot attack. A farady tent and some hot ram would solve all of these issues. Is there anything else that I'm missing?

The computer could get infected while online.


Air... Wait for it... Gapped. There is no "while online" on my air-gapped machine. It simply does not have the capability to connect to the internet. I also use a fresh live usb for each boot. Please read through my posts instead of clinging onto what you misunderstood in one of my posts.

Your private keys will be in your RAM, and may be on your HDD, depending on your specific method of generating your private keys.

They're in your RAM for a few minutes tops just FYI. Less if you apply heat. See https://www.semanticscholar.org/paper/On-the-Practicability-of-Cold-Boot-Attacks-Gruhn-M%C3%BCller/b02403d3239a6d6e78911192f4f82ce987a78944

If you cool your ram down (cold boot attack) you can hang onto this info longer. It's difficult to pull off in the best situation, and you have a very short window of opportunity. Take a hairdryer to your ram after you do a shutdown and you're good to go.

My air-gapped machine doesn't have a HDD. There's no reason to have internal storage.

If you take a paper wallet out of your safe to spend some of your coin, someone could take a picture of your paper wallet to compromise the seed, minus your passphrase.

This should never ever ever be done. Sweep everything. Newbs do this and their change is sent to a change address that they don't have private keys to. Yet another way user error is going to screw you over if you don't know what you're doing.  


Again, user error is not a vulnerability.
I am going to disagree with this statement fact. If a process is so complex that the average user is going to make a mistake, this is a vulnerability user "mistake".

FYFY.

Sorry, you're right. Not user error. "User mistake". You're totally right.

If I take 4 random chemicals in a janitor's closet, mix them together and make mustard gas is that:

A. User "mistake"
Or
B. A vulnerability and these chemicals should never be used by anyone ever again?

Wait, an even better scenerio:

A doctor goes into a complicated heart surgery. They screw up, cut through an artery and the patient dies.

Do they:

A. Go to court because of user error/gross negligence

Or

B. That surgery is never performed again because it's "too dangerous for normal people to do".?

You could learn a lot from this conversation.

I 100% disagree. All I see is a ton of misinformation and FUD (mainly user error = vulnerability).

You're telling my that I'm on wifi, the private keys are stored in my RAM, HDD etc. You don't even know what an air-gapped system is so what exactly am I supposed to be learning from you?

So far I've learned that you blindly trust a hardware wallet manufacturer instead yourself to generate your own private keys. That's not a lesson in my books. That's a step backwards from being your own bank.



Updated OP and moved the topic for less biased exposure.
HCP
Legendary
*
Offline Offline

Activity: 2086
Merit: 4361

<insert witty quote here>


View Profile
July 13, 2019, 06:14:54 AM
Merited by o_e_l_e_o (2), ABCbits (1)
 #23

Covered already. Don't trust crappy sources of entropy. Again, not a paper wallet vulnerability.
Actually it is... because it applies to all wallets. Sure, it's easy to say "Don't trust crappy sources of entropy"... but then, how is your average user meant to know what is and what isn't a crappy source of entropy? Huh


Quote
Wait, an even better scenerio:

A doctor goes into a complicated heart surgery. They screw up, cut through an artery and the patient dies.
Do they:
A. Go to court because of user error/gross negligence
Or
B. That surgery is never performed again because it's "too dangerous for normal people to do".?
I'm not sure what you're trying to prove with that scenario? My take away from that is that only experienced users (doctors) should be using paper wallets (performing heart surgery) due to the risks involved. Huh

So, I think you've missed what PrimeNumber7 seemed to be getting at... The fact that a given procedure is complex is a "risk" and needs to be mitigated. You mitigate the risks in heart surgery by having experience surgeons perform the procedure. In the case of paper wallets, advising the average joe on the street that paper wallets are "fine" for the average joe on the street is ignoring all of the "risks" inherent with using them... "crappy entropy", issues with change, issues with spending, lack of understanding of what air-gapped really means etc.

One only needs to view the Bitcoin Tech Support, "Wallet" support and B&H subforums here to see all the weird and wonderful ways that "the average joe on the street" finds to dig themselves into a hole when using Bitcoin (and cryptocurrency in general).

It's great that you feel confident enough to safely create and use paper wallets... I would be confident in saying that a vast majority of people on these forums are not. Undecided


Quote
So far I've learned that you blindly trust a hardware wallet manufacturer instead yourself to generate your own private keys. That's not a lesson in my books. That's a step backwards from being your own bank.
So you hand coded all the software necessary in the generation of your private keys? or did you check every single line of code of the software? or did you "blindly trust" the software developer(s) who developed the code you no doubt used to convert your "non-crappy" entropy into private keys?

Pretty much all bitcoin users, myself included, are blindly trusting something at some point... I doubt there are many that have the time nor inclincation to attempt a couple of manual SHA-256 rounds to convert entropy to a private key... (Not sure there are that many who would be keen on attempting a manual RIPEMD-160 either. Tongue )

Simply because one set of users is trusting a hardware wallet manufacturer and another set are trusting a software developer doesn't make one group more or less their own bank.

Are there shortcomings in Hardware wallets? Yes
Are there shortcomings in Paper wallets? Yes
Are there shortcomings in <insert any type of wallet>? Yes

There isn't a "perfect" wallet that covers all use-cases. Find what suits your use-case and figure out how to use it "properly".

█████████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████
█████████████████████████
.
BC.GAME
▄▄░░░▄▀▀▄████████
▄▄▄
██████████████
█████░░▄▄▄▄████████
▄▄▄▄▄▄▄▄▄██▄██████▄▄▄▄████
▄███▄█▄▄██████████▄████▄████
███████████████████████████▀███
▀████▄██▄██▄░░░░▄████████████
▀▀▀█████▄▄▄███████████▀██
███████████████████▀██
███████████████████▄██
▄███████████████████▄██
█████████████████████▀██
██████████████████████▄
.
..CASINO....SPORTS....RACING..
█░░░░░░█░░░░░░█
▀███▀░░▀███▀░░▀███▀
▀░▀░░░░▀░▀░░░░▀░▀
░░░░░░░░░░░░
▀██████████
░░░░░███░░░░
░░█░░░███▄█░░░
░░██▌░░███░▀░░██▌
░█░██░░███░░░█░██
░█▀▀▀█▌░███░░█▀▀▀█▌
▄█▄░░░██▄███▄█▄░░▄██▄
▄███▄
░░░░▀██▄▀


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
PrimeNumber7
Copper Member
Legendary
*
Offline Offline

Activity: 1666
Merit: 1901

Amazon Prime Member #7


View Profile
July 13, 2019, 07:06:57 AM
 #24


If you take a paper wallet out of your safe to spend some of your coin, someone could take a picture of your paper wallet to compromise the seed, minus your passphrase.

This should never ever ever be done. Sweep everything. Newbs do this and their change is sent to a change address that they don't have private keys to. Yet another way user error is going to screw you over if you don't know what you're doing.   
You are being ambiguous as to what you are specifically meaning when you refer to a "paper wallet", maybe intentionally for security purposes, but this makes it difficult to address the shortcommings of what you describe as a "paper wallet". Dito for the machine you will use to sign transactions and generate the private key.

In the above post, you strongly imply you will use each paper wallet for exactly one transaction that you spend.  In the same post, you also say your air gaped machine does not have any kind of HDD. In this post you say you have not used a printer for creating paper wallet for a year.

This creates a number of issues, some of which do not exist for HW wallets:

Change addresses:
Every time you spend a transaction, you will need to either generate a new paper wallet, or access a previously generated paper wallet. If you are doing the former, you are consistently not having backups of your paper wallet immediately after you spend each transaction, and if it is the later, you are at risk that I describe in what you quoted. If you are not using a printer, you will have to write down the address, and manually type the address when you create a transaction, both of which are very prone to error; there are checks in place to prevent you from sending coin to an incorrect address due to a typo, but you may find yourself unable to send coin to a change address. If you have change addresses stored with your paper wallet, you are also at risk that someone will tamper with the change address listed, tricking you into sending coin to the address of an attacker.

Getting the private keys on paper:
If you are not reusing a paper wallet, you are strongly implying you are generating a single private key verses a seed. If you are hand writing the private key onto paper, you are at risk of transposing digits, which would lead to a near certain loss of funds. It would be possible that you use a seed a single time, but this would be strange IMO. 

o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18746


View Profile
July 13, 2019, 09:26:03 AM
 #25

Is there anything else that I'm missing?
Have you reviewed every line of code in your live USB OS? Have you reviewed every line of code in the software which is converting your entropy to a private key? Have you reviewed the individual hardware components in your computer and USB stick? The microcontrollers? Hell, even BIOS malware exists. You are trusting third parties just as much as hardware wallet users are. Fair enough, your set up sounds like you aren't going to leak your keys after they have been created, but there are still several ways which an attacker could generate pre-determined keys for you.

As HCP says, your analogy is an argument against using a paper wallet. You are saying that there are so many things that could go wrong, only people with years of education and training should be attempting these procedures. If we want bitcoin adoption to spread, it has to be as easy as using a credit card for your average, non-technical, Joe. Paper wallets are not. I'm not arguing they can not be a good option for people like yourself who understand the inherent risks and have taken steps to prevent them, but they are not a good option for the majority of users.
bitmover
Legendary
*
Offline Offline

Activity: 2478
Merit: 6317


bitcoindata.science


View Profile WWW
July 13, 2019, 01:04:41 PM
 #26

This Chris guy is crazy.

1 - he bashes HW because they are "expensive" and we all wasted 90 usd in security. However he spent much more to secure his "airgapped" computer. A machine with a keyboard, monitor, cpu, hd, etc etc, which are far more expensive than 90 usd. We are all idiots to spend 90usd in an "unsafe" device which is trusted by whole cryptocommunity for years, while he is a genious to spend 300-400 usd in a machine he build by himself which is supposedly safer, but nobody but him ever tested or inspected to look for vulnerabilities.

2 - He says that HW are unsafe because someone can find your device and hack your private key, and a paper wallet would be safer because there is no device to be found. But yes, there is a big machine with a monitor, keyboard, etc, which could be physically hacked when found as well. And even a crazy guy like him would have the private keys backed up in a paper (which he would have typed by hand and prayed to be corrected). Can't get how this is safer.

3 - Ignore all spending issues such as change addresses, inconveniences of using each private key once, risks involved when doing all this hard work etc...

Are you using that live USD in an online computer and inserting it again in your airgapped? I hope you are not doing that....

I'm not arguing they can not be a good option for people like yourself who understand the inherent risks and have taken steps to prevent them, but they are not a good option for the majority of users.


Yes. Maybe some crazy people who has nothing to do and like to take risks and like to play with those technical stuff it may be a good option. But for everyone else it is not.
Unless if you are a very advanced user, professional, developer or whatever... And I consider most of the users in this topic very advanced, and nobody is defending paper wallet against hw.

Also, I would recommend not putting all your funds in your paper wallet. You could make a mistake some day, as there are far too complex procedures for simple tasks such as spending, or consolidating, etc

Chris! (OP)
Legendary
*
Offline Offline

Activity: 1382
Merit: 1123



View Profile
July 13, 2019, 03:37:40 PM
 #27

We are all idiots to spend 90usd in an "unsafe" device which is trusted by whole cryptocommunity for years

Thank you for that perfect summary.
ABCbits
Legendary
*
Offline Offline

Activity: 3052
Merit: 8074


Crypto Swap Exchange


View Profile
July 13, 2019, 07:37:44 PM
Merited by dbshck (4), Chris! (2), Coin-1 (1)
 #28

Covered already. Don't trust crappy sources of entropy. Again, not a paper wallet vulnerability.

Regular user don't even know about entropy or entropy sources while most geeks/nerds only know entropy source which known to be secure (such as /dev/urandom & lots of mouse movement), but only know high level overview of the entropy source.

Is there anything else that I'm missing?
--snip--

Don't forget :
1. Microcode & firmware which almost always closed-source which makes audit impossible
2. Manipulate k value of ECDSA (See https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1035&context=mcis2015 & https://github.com/tintinweb/ecdsa-private-key-recovery for reference)

This Chris guy is crazy.

No, i think his problem are :
1. He have high standard or expectation of what regular user can do (set-up air-gapped device, etc.)
2. He have high standard or expectation of what regular user knowledge (choosing good/trusted entropy, one-time address, etc.)
3. Strongly prefer paper wallet to the point where he refuse to admit both HW & paper have vulnerability

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
old fart
Member
**
Offline Offline

Activity: 308
Merit: 10

Bitcoin is the future


View Profile
July 29, 2019, 08:32:47 AM
 #29

Moving your paper wallet around, scanning it for payment purposes could put your funds at risk. No way should paper wallet be better than hardware wallets. You can't trust a newbie with paper wallet but you can with hardware wallet.

[ IQ ]           cash                           THE MASTERNODES CRYPTOCURRENCY
                           ⚫   t e l e g r a m   ⚫   f a c e b o o k   ⚫   t w i t t e r                         
[ LISTING ON : P2P [ P ] B2B ]  ◾  Discovering millionaires’ secret with IQ.cash
pereira4
Legendary
*
Offline Offline

Activity: 1610
Merit: 1183


View Profile
July 29, 2019, 01:22:47 PM
Merited by vapourminer (1)
 #30

Is there anything else that I'm missing?
Have you reviewed every line of code in your live USB OS? Have you reviewed every line of code in the software which is converting your entropy to a private key? Have you reviewed the individual hardware components in your computer and USB stick? The microcontrollers? Hell, even BIOS malware exists. You are trusting third parties just as much as hardware wallet users are. Fair enough, your set up sounds like you aren't going to leak your keys after they have been created, but there are still several ways which an attacker could generate pre-determined keys for you.

As HCP says, your analogy is an argument against using a paper wallet. You are saying that there are so many things that could go wrong, only people with years of education and training should be attempting these procedures. If we want bitcoin adoption to spread, it has to be as easy as using a credit card for your average, non-technical, Joe. Paper wallets are not. I'm not arguing they can not be a good option for people like yourself who understand the inherent risks and have taken steps to prevent them, but they are not a good option for the majority of users.

You can use a QR code reader (which im shocked so few people use) in order to completely bypass any printer exploits. You can use Coreboot or Libreboot in order to not use a propietary BIOS. You can have more control over RNG than in a hardware wallet. You can have FDE with a couple of passwords for plausible deniability and so on.

Air-gap setup when executed by an expert beats both HW and paper wallets which scream of "hit me with a $5 wrench to get a lot of Bitcoin, and in case there isn't much hit me harder because that wasn't the real password".

Memorizing passwords will always be a problem. I've myself lost access to HDDs with FDE, but that's life, take your vitamins and pray that you don't develop early alzheimer.
WhyFhy
Hero Member
*****
Offline Offline

Activity: 1434
Merit: 513


View Profile
July 29, 2019, 02:35:37 PM
Merited by The Sceptical Chymist (2)
 #31

Scenario, Paper wallet
.
Thief see's wallet your coin is gone. (Difficulty Level=Easy)



Scenario, Hardware wallet
.
Thief must have a very technical understanding to dump the prram.(Difficulty Level=Hard)

I dont know about you guys but the people in my life wouldnt even know what to do with the paper wallet.(people that would be in my house,or visiting)
And I dont really know anyone in crypto personally besides business associates ive met over the years. (not people that would be in my house)
I'm pretty certain this is just my paradigm.
The Sceptical Chymist
Legendary
*
Offline Offline

Activity: 3514
Merit: 6986


Top Crypto Casino


View Profile
July 29, 2019, 02:46:26 PM
 #32

I dont know about you guys but the people in my life wouldnt even know what to do with the paper wallet.(people that would be in my house,or visiting)
And I dont really know anyone in crypto personally besides business associates ive met over the years. (not people that would be in my house)
This is kind of how I relate to all of the things said here, and this is a very interesting debate BTW.  I'm pretty sure if I dropped dead today that at some point someone going through my belongings would figure out the significance of those words I have written down on paper, or the steel wallet I have, or what my Ledger is...but they'd have to know my password and such as well.

I may be naive, but I'm really not worried about getting robbed for my crypto (not that I have a whole lot anyway).  My best guess is that there may only be a handful of people in my entire town who own any bitcoin, and nobody around me knows I'm into it and thus they wouldn't know what they're looking for if they robbed my house.  I'm probably not paranoid enough.

███████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████

███████████████████████
.
BC.GAME
▄▄▀▀▀▀▀▀▀▄▄
▄▀▀░▄██▀░▀██▄░▀▀▄
▄▀░▐▀▄░▀░░▀░░▀░▄▀▌░▀▄
▄▀▄█▐░▀▄▀▀▀▀▀▄▀░▌█▄▀▄
▄▀░▀░░█░▄███████▄░█░░▀░▀▄
█░█░▀░█████████████░▀░█░█
█░██░▀█▀▀█▄▄█▀▀█▀░██░█
█░█▀██░█▀▀██▀▀█░██▀█░█
▀▄▀██░░░▀▀▄▌▐▄▀▀░░░██▀▄▀
▀▄▀██░░▄░▀▄█▄▀░▄░░██▀▄▀
▀▄░▀█░▄▄▄░▀░▄▄▄░█▀░▄▀
▀▄▄▀▀███▄███▀▀▄▄▀
██████▄▄▄▄▄▄▄██████
.
..CASINO....SPORTS....RACING..


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
AverageGlabella
Legendary
*
Offline Offline

Activity: 1232
Merit: 1080


View Profile
July 29, 2019, 03:44:40 PM
Merited by Welsh (5), Zedpastin (4), vapourminer (2), ABCbits (1)
 #33

This is kind of how I relate to all of the things said here, and this is a very interesting debate BTW.  I'm pretty sure if I dropped dead today that at some point someone going through my belongings would figure out the significance of those words I have written down on paper, or the steel wallet I have, or what my Ledger is...but they'd have to know my password and such as well.

I may be naive, but I'm really not worried about getting robbed for my crypto (not that I have a whole lot anyway).  My best guess is that there may only be a handful of people in my entire town who own any bitcoin, and nobody around me knows I'm into it and thus they wouldn't know what they're looking for if they robbed my house.  I'm probably not paranoid enough.
Unless you have a randomly generated password which is long enough to not brute force and short enough to remember without writing it down or storing it anywhere it will still be the weak point of the hard wallet. I have discussed many times what I think is the best solution to storing your private keys. I think that the seed of a wallet is the weakest point and memorizing the private key is the only solution which is truly safe from physical theft. Hardware wallets can be and have been stolen and could eventually be cracked using the weak passwords everyone uses. Many people think that using a program such as lastpass or keepass is a safe solution but they are often using a easy password to get into these password managers which effectively makes your more secure passwords moot.

Trust me people will be more interested in a device such as a hardware wallet which looks interesting than words scribbled down on a piece of paper. imagine if you abbreviated your private key into words so 1 = one and N = Nigel. What if you were to compose a story and get that story printed into a book using a printer that you own and can wipe the memory and/or destroy. You could write a story like " One day Nigel went down the road to fetch a pale of water" Something as stupid as that could potentially prevent anyone seeing it realizing what it is but a hard ware wallet is much easier to identify. I understand that this suggestion or hypothetical situation is completely absurd but I can guarantee people are doing this around the world. lets just say I have a more sophisticated way of securing my Bitcoin but this is one of the solutions to the problem. Without even investment you could pull this off and is just as safe as a hardware wallet. The convenience is what you pay for because if you are regularly accessing your Bitcoin then doing this each time would be crazy but if you are a long term holder of Bitcoin then this is a very good solution to the problem at hand. Then there is things such as memory loss which we just can't combat unfortunately we can't cover all angles and people have different risk levels that they are willing to take. I for one won't use a hard ware wallet.
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18746


View Profile
July 29, 2019, 04:27:39 PM
Merited by Welsh (3)
 #34

I think that the seed of a wallet is the weakest point and memorizing the private key is the only solution which is truly safe from physical theft.
You might be safe from physical theft, but you run a huge risk of losing access to your coins through brain failure. The brain is an incredibly delicate organ, and there are literally thousands of reasons for you to lose your memory. You could have an aneurysm which bursts with zero warning. You could get concussed from a relatively minor blow to the head. Even a bad infection elsewhere in your body, such as the flu or even food poisoning, can lead to delirium and long term memory problems. In a professional capacity I see patients - young and otherwise fit and healthy patients - who suffer from these kind of things every day. Relying on a brain as a single point of failure is a bad idea.

Hardware wallets can be and have been stolen and could eventually be cracked using the weak passwords everyone uses. Many people think that using a program such as lastpass or keepass is a safe solution but they are often using a easy password to get into these password managers which effectively makes your more secure passwords moot.
I'm not sure I follow what you mean here. A hardware wallet like Ledger or Trezor uses an 8 digit PIN to gain entry, and the device wipes itself after 3 failed attempts. That's 3 chances from 100 million possible combinations.

Imagine if you abbreviated your private key into words so 1 = one and N = Nigel. What if you were to compose a story and get that story printed into a book using a printer that you own and can wipe the memory and/or destroy. You could write a story like " One day Nigel went down the road to fetch a pale of water"
You are still relying on your memory to tell you what your story means and which words at the important ones to extract.

If you are concerned about hardware wallets, then I would encourage you to use an airgapped machine to store your coins rather than your brain.
fillippone
Legendary
*
Offline Offline

Activity: 2338
Merit: 16668


Fully fledged Merit Cycler - Golden Feather 22-23


View Profile WWW
July 29, 2019, 07:13:37 PM
 #35

I find this thread really interesting and I learnt a lot.

If I may add a consideration: both solution, paper wallet and hardware wallet have pro and cons, you outlined in great details on the thread.
My humble addition is that too often the weak link in the bitcoin storing process often is the user herself.

Something like that:


https://www.xkcd.com/538/

When storing bitcoin you should care about your own OPsec first:
Don’t disclose you own bitcoin
Don’t disclose how many bitcoins you have
Be low profile
Play it safe.

Just remember information you give out today might be considered diff entry when/if bitcoin appreciates 100x.
I think this simple consideration, you might think is a prerequisite, when discussing which storage is better, might not be so obvious to the average users.
I was very surprised to see a few of very experienced people here on bitcointalk post very precise details of their BTC balance (not going to give you directions): I think it is way more dangerous than holding your private key in plain text on the HD.



█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
AverageGlabella
Legendary
*
Offline Offline

Activity: 1232
Merit: 1080


View Profile
July 30, 2019, 08:52:03 AM
Merited by Welsh (3), Zedpastin (2), ABCbits (1)
 #36

Hardware wallets can be and have been stolen and could eventually be cracked using the weak passwords everyone uses. Many people think that using a program such as lastpass or keepass is a safe solution but they are often using a easy password to get into these password managers which effectively makes your more secure passwords moot.
I'm not sure I follow what you mean here. A hardware wallet like Ledger or Trezor uses an 8 digit PIN to gain entry, and the device wipes itself after 3 failed attempts. That's 3 chances from 100 million possible combinations.

Imagine if you abbreviated your private key into words so 1 = one and N = Nigel. What if you were to compose a story and get that story printed into a book using a printer that you own and can wipe the memory and/or destroy. You could write a story like " One day Nigel went down the road to fetch a pale of water"
You are still relying on your memory to tell you what your story means and which words at the important ones to extract.

If you are concerned about hardware wallets, then I would encourage you to use an airgapped machine to store your coins rather than your brain.
If you can't rely on your brain then you aren't going to remember your passphrase to get into the hardware wallet. Your brain in all of this is the only vital thing that if it goes wrong then you lost everything. There is no safe way of guarding against memory loss. However if you are talking about just forgetting the important words in the story then this could potentially be brute forced by yourself if you haven't lost your memory completely you are very likely to be able to fill in the gaps. Especially if you are very familiar with the story. Another solution would be misspelling the story on those words and maybe purposely putting a "1" instead of a "one" for digits which are in the private key. There are numerous ways to guard against it and making it look like a child has written the story and innocently misspelled the words and mixed up words by sometimes putting "one" and then other times putting "1". This is just an example and there is many other ways to make it stand out to someone who knows what this story is. If we are talking about total memory loss then this is also true to the hardware wallet.

Airgapped computers can be compromised and there are methods to getting into the coins. There was a interesting article a number of years ago where someone used radio waves on a raspberry pi to get into the wallet. However for that to happen the device has to be physically compromised but again if someone looks onto your computer and sees you have a wallet they will be very interested in that device. I understand that I'm talking about very technical stuff and the majority of people don't possess these skills but I like being paranoid when it comes to security.

Hardware wallets wipe themself after 3 attempts? That isn't a security feature at all. What if an attacker fails 3 times is your Bitcoin then wiped?
Rath_
aka BitCryptex
Legendary
*
Offline Offline

Activity: 1876
Merit: 3139



View Profile
July 30, 2019, 09:01:23 AM
 #37

Hardware wallets wipe themself after 3 attempts? That isn't a security feature at all. What if an attacker fails 3 times is your Bitcoin then wiped?

It varies a lot between hardware wallets. Ledger wipes itself after 3 attempts while Trezor enforces a delay before you can enter the PIN again. The delay constantly increases until 16th attempt. The device is wiped after 16 unsuccessful unlock attempts. As for the KeepKey, it doesn't wipe itself. It also introduces a growing delay after the third failed attempt. If a hardware wallet is wiped then a recovery seed is needed to restore the wallet.
Pmalek
Legendary
*
Offline Offline

Activity: 2940
Merit: 7550


Playgram - The Telegram Casino


View Profile
July 30, 2019, 09:15:48 AM
 #38

...and nobody around me knows I'm into it...
This is exactly how it should be! Nobody should know. Family and a few close friends you trust with anything are the only ones who should know. The people who would inherit your assets in case something happens to you and that's it.

A handful of friends know I have Bitcoin. Not a single one of them owns any on their own nor do they know how it works. My family knows I am kind of doing something online involving crypto but they don't care. I try to keep my online life and real life separate as much as possible. My real life acquaintances don't know Pmalek and yours shouldn't know The Pharmacist.

I have also never felt the need to discuss my assets in public, be it in bars, parks or anywhere else where a lot of people gather, nor do I do it over the phone or social media. 

▄▄███████▄▄███████
▄███████████████▄▄▄▄▄
▄████████████████████▀░
▄█████████████████████▄░
▄█████████▀▀████████████▄
██████████████▀▀█████████
████████████████████████
██████████████▄▄█████████
▀█████████▄▄████████████▀
▀█████████████████████▀░
▀████████████████████▄░
▀███████████████▀▀▀▀▀
▀▀███████▀▀███████

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
 
Playgram.io
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

▄▄▄░░
▀▄







▄▀
▀▀▀░░
▄▄▄███████▄▄▄
▄▄███████████████▄▄
▄███████████████████▄
▄██████████████▀▀█████▄
▄██████████▀▀█████▐████▄
██████▀▀████▄▄▀▀█████████
████▄▄███▄██▀█████▐██████
█████████▀██████████████
▀███████▌▐██████▐██████▀
▀███████▄▄███▄████████▀
▀███████████████████▀
▀▀███████████████▀▀
▀▀▀███████▀▀▀
██████▄▄███████▄▄████████
███▄███████████████▄░░▀█▀
███████████░█████████░░
░█████▀██▄▄░▄▄██▀█████░
█████▄░▄███▄███▄░▄█████
███████████████████████
███████████████████████
██░▄▄▄░██░▄▄▄░██░▄▄▄░██
██░░░░██░░░░██░░░░████
██░░░░██░░░░██░░░░████
██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████
███████████████████████
███████████████████████
 
PLAY NOW

on Telegram
[/
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18746


View Profile
July 30, 2019, 03:06:23 PM
Merited by Welsh (6), AverageGlabella (2), vapourminer (1), ABCbits (1)
 #39

If you can't rely on your brain then you aren't going to remember your passphrase to get into the hardware wallet.
Good practice is to have your passphrase physically backed up on paper (as you would do with your mnemonic phrase), but obviously on a different piece of paper and stored separately from your mnemonic seed and from your hardware wallet.

If we are talking about total memory loss then this is also true to the hardware wallet.
It's true of all wallets, from forgetting your log in to a web wallet to forgetting where you have hidden your paper wallet. The only ways to completely safeguard against it are the same ways you would use to ensure your crypto passes on to others if you were to suddenly die. Leaving instructions on how to access your crypto, potentially linked to a dead-man's switch, or telling someone else you trust how to access the crypto in the event of your memory loss or death.

Airgapped computers can be compromised and there are methods to getting into the coins.
There have been examples of malware using the flashing LEDs on the side of your computer casing to transmit morse code or binary, or some altering fan speed to produce different pitches of noise to encode data. There was even one I read about of malware using a connected scanner to display flashes of light which were picked up by attackers, and attackers directing flashes of a laser at the scanner to send instructions to the malware (https://www.bleepingcomputer.com/news/security/flatbed-scanners-used-as-relay-point-for-controlling-malware-in-air-gapped-systems/). Utterly ridiculous. It is impossible to protect against every vector of attack, but when you get as far as thinking about this, the commonly posted XKCD comic about the $5 wrench attack comes in to play.

Hardware wallets wipe themself after 3 attempts? That isn't a security feature at all. What if an attacker fails 3 times is your Bitcoin then wiped?
It is a security feature to prevent brute forcing. Your bitcoin is safe as long as you still have access to your backed up mnemonic phrase.
AverageGlabella
Legendary
*
Offline Offline

Activity: 1232
Merit: 1080


View Profile
July 30, 2019, 10:06:09 PM
Merited by Welsh (6), o_e_l_e_o (2), redsn0w (2), vapourminer (1), ABCbits (1)
 #40

Good practice is to have your passphrase physically backed up on paper (as you would do with your mnemonic phrase), but obviously on a different piece of paper and stored separately from your mnemonic seed and from your hardware wallet.
I'm talking about hypothetical here and I know that this is all far fetched and very very unlikely to happen. However I don't like mnemonic seeds just because its easy to identify what these words are for on a piece of paper. A quick search and there is a lot of information on restoring funds with these mnemonic phrases. I will say that they are convenient and another way to restore your data however I still think having this done as plain text on a piece of paper is a flaw in the security plan. If you were a burglar that got into your safe and found this piece of paper with whatever many words a hardware wallet uses for its mnemonic phrase you would be very interested in what they meant. They would probably jump to this being related to banking but if they were to gain access to your computer or wherever you store your wallet files then they could put two and two together. This is assuming that they don't already know about Bitcoin. If they know about Bitcoin then they will probably be able to identify a mnemonic seed. Hiding this in plain sight might be even better option because at least then it looks like true gibberish but again not something I would be willing to risk. If you were to incorporate a mnemonic seed into a childrens book then the burglar would probably think its sentimental value and thats why its in the safe rather than something that opens up a Bitcoin wallet.

It's true of all wallets, from forgetting your log in to a web wallet to forgetting where you have hidden your paper wallet. The only ways to completely safeguard against it are the same ways you would use to ensure your crypto passes on to others if you were to suddenly die. Leaving instructions on how to access your crypto, potentially linked to a dead-man's switch, or telling someone else you trust how to access the crypto in the event of your memory loss or death.
I have a sophisticated way of going about this. I haven't told anyone and if I were to suddenly die the Bitcoin community can consider it as a donation to the network that those coins have now been lost forever. In all seriousness this is something which is down to the persons discretion and could potentially become the biggest threat if they make a mistake in trusting others with this very sensitive information. I'm very paranoid by nature and haven't actually revealed to anyone close to me that I use Bitcoin.


There have been examples of malware using the flashing LEDs on the side of your computer casing to transmit morse code or binary, or some altering fan speed to produce different pitches of noise to encode data. There was even one I read about of malware using a connected scanner to display flashes of light which were picked up by attackers, and attackers directing flashes of a laser at the scanner to send instructions to the malware (https://www.bleepingcomputer.com/news/security/flatbed-scanners-used-as-relay-point-for-controlling-malware-in-air-gapped-systems/). Utterly ridiculous. It is impossible to protect against every vector of attack, but when you get as far as thinking about this, the commonly posted XKCD comic about the $5 wrench attack comes in to play.

We are coming to a bit of a stalemate here I will agree where I'm arguing that I can't safeguard about the brain failing and loss of memory considering dementia is incurable currently and we can only prevent to onset of the disease but even then any accident could lead to memory loss if the brain is damaged. I don't like introducing another thing which could go wrong and that is a airgapped computer. I think its ok to assume that the average Bitcoin user is slightly more technical than the average user of a computer and the elite of Bitcoin are some gifted people. IF and I will admit its a big if. IF the burglar had the technical capabilities of using the methods you have mentioned then that would be your coins gone. I guess what I'm trying to say is there are already known risks to air gapped computers but with my basic idea of creating a story that doesn't have any major risks other than the person catching on that this is an encrypted piece of text which could be made difficult depending on how much effort you put into it. I have given a very basis version of encrypting the private key in the story but you could make it a lot more sophisticated and I would encourage anyone using that method to do so.  
Pages: « 1 [2] 3 4 5 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!