[GUIDE] How to buy a Hardware Wallet the right way

[dkbit98]

After several Legder hardware wallet fiascos and database leaks, I think we all need to have a Guide with suggestions and advices for buying a hardware wallet.

We obviously need to be a little paranoid if we want to avoid receiving phishing SMS messages and emails, and exposing our real name and home address to hackers.

Suggestions:

 - Buy hardware wallet only from official website or reseller store.
 - Use Tor or VPN when registering to website and install ad blocking extension like uBlock.
 - Use alternative or disposable e-mail address and new random password for registration.
 - Use alternative prepaid phone number and not your real phone number for registration.
 - Use crypto for payment, not connected with your real ID, or pay with cash in your local authorized reseller.
 - Use alternative or fake name for registration.
 - Use PO boxes or alternative address for delivery.
 - Do your own research


You can also ask yourself, do you really need a Hardware wallet at all?
They are not perfect and there are alternative ways for storing your crypto, including offline computer or smartphone with installed wallet and only used for this purpose.


*This list is work in progress and any suggestions are appreciated

[1713433414]

1713433414

[o_e_l_e_o]

- Use Tor or VPN when registering to website and install ad blocking extension like uBlock.

If you won't use Tor (you should), then at least use a clean install of a new browser with a fresh VPN exit node so as to minimize being tracked by tracking cookies from Facebook, Google, etc.

The extension you want is uBlock Origin, not uBlock. The two are different, and the latter allows through "approved" ads and trackers.

- Use PO boxes or alternative address for delivery.

This is probably the hardest step, and also very dependent on what country you live in. Generally speaking, PO Boxes or similar have to be registered in your own name, and you need to provide ID to be allowed to open them or sometimes to access them. Even so, this is still a good step, as it breaks the link between your real name and the retailer, and an attacker would have to be very determined to go about de-anonymizing your PO Box (provided you aren't careless and don't advertise it elsewhere). Other options include general delivery or poste restante, delivering to a work address (but then it either has your real name, or you need to have a receptionist who will look out for a package with the fake name on it), or sometimes you can arrange delivery to a store or similar drop off location which won't require ID to pick up.

[Coin-Keeper]

It is also easy to have the hardware wallet shipped to an extended family member (the actual device is paid for by crypto).  I select a receiver that doesn't even own a computer or have any technical abilities at all.  At least they serve as a proxy of sorts and since they don't even know what BTC is they can be watched all day long without consequence.  Not perfect, but it feels better than jumping through hoops trying to lie about a PO Box.  Messing around with a Federal mail box can get dicey where I live.  Big crime if nabbed!

[o_e_l_e_o]

Seems a bit unfair on that family member. If you are looking to unlink your identity from the purchase of a hardware wallet, then obviously you are considering or are concerned about $5 wrench attacks. By shipping to a family member, all you are doing is moving the risk on to them, and they truly will have no coins to give up to prevent or end such an attack. If they don't even know what BTC is, then they won't even understand the risk you have placed on them.

That all seems far more unethical to me than simply receiving mail under a pseudonym.

[suchmoon]

The PO Box helps very little if your name is not John Smith. And you shouldn't use a fake name for shipping - if the package requires a signature or just doesn't fit in the box you'll need an ID to retrieve it. Even shipping to your home address with a fake name could be a problem if the delivery person wants to be a pain in the ass.

I'm really pissed at Ledger right now. Getting not only phishing e-mails but actual fucking phone calls from a "Ledger" caller ID to my phone number, which I only gave them because they supposedly need it for shipping. I don't have a feasible way of giving out a disposable phone number with each online order.

It's about time for FedEx and UPS to start working on hashing delivery addresses so that you would give just a one-time hash to a retailer. That way even if FedEx is hacked you can at least hope they don't know if you bought a hardware wallet or a dildo.

[TopTort777]

You suggestions have only one disadvantage: you can forget about warranty with all that “being anonymous” paranoja In case you have any troubles with your hardware wallet - you will face lots of troubles or inconveniences.

[The Sceptical Chymist]

You can also ask yourself, do you really need a Hardware wallet at all?

You certainly could ask that question, a legitimate one, and I bet you most people don't own enough altcoins such that it would be a pain in the ass to keep track of all the private keys.  Not to mention if your goal isn't long-term storage or if you plan on making some trades or whatnot.

Excellent points of advice, OP.  I followed exactly zero of them when I bought my Ledgers (and that damn Keepkey), but since I don't actually have much of value on them, I'm not terribly worried about getting phished, hacked, keylogged, or whatever else it is that thieves are doing these days.  Lately I've been more of a by-standing cheerleader for bitcoin than someone who's got his foot in the market.  Oh well.

Oh, and if long-term cold storage of bitcoin is your primary goal, I'd say you definitely do not need a hardware wallet....but they're so neat, I probably wouldn't even follow my own advice if I had bitcoin I wanted to keep in cold storage.  I'd probably end up buying a Ledger all over again.  Lol

fucking phone calls from a "Ledger" caller ID to my phone number

Holy shit, really?  That's messed up.

[suchmoon]

Holy shit, really?  That's messed up.

Yeah. I don't even know why it's showing as "Ledger" - different phone number each time and I don't have them in my contacts. Must be screwing with Google somehow, or whatever malware dialer the carrier might have installed on my phone.

They're also sending text messages and addressing me by full first/last name and asking me to click some sketchy link.

[o_e_l_e_o]

Not to mention if your goal isn't long-term storage or if you plan on making some trades or whatnot.

I would agree with your point further down that if you goal is long-term storage, then airgapped, encrypted, cold storage is better than a hardware wallet. I like my hardware wallets because they are a good balance of security, portability, and ease of transacting without having to dig out and boot up my cold storage, but for coins I am very rarely transacting with, then cold storage wins.

I followed exactly zero of them when I bought my Ledgers (and that damn Keepkey), but since I don't actually have much of value on them, I'm not terribly worried about getting phished, hacked, keylogged, or whatever else it is that thieves are doing these days.  Lately I've been more of a by-standing cheerleader for bitcoin than someone who's got his foot in the market.  Oh well.

The concern that a lot of people have is not these phishing emails and messages - they are annoying, sure, but they are easy to spot and easy to ignore. What is concerning most people about this Ledger hack is that an unknown number of physical addresses have been released as well, opening the possibility of $5 wrench attacks. Even if you have nothing or very little stored on your Ledger, good luck convincing an attacker of that.

Yeah. I don't even know why it's showing as "Ledger" - different phone number each time and I don't have them in my contacts. Must be screwing with Google somehow, or whatever malware dialer the carrier might have installed on my phone.

Various phone carriers have this feature. Essentially they register their phone number under the name "Ledger" with their carrier, and then the carrier pushes that to your device whenever you receive a call or text from them.

[dkbit98]

You suggestions have only one disadvantage: you can forget about warranty with all that “being anonymous” paranoja In case you have any troubles with your hardware wallet - you will face lots of troubles or inconveniences.

I don't know what 'paranoja' is, but exposing your name, address and phone number to hackers sounds a lot more like 'lots of troubles or inconveniences'.

I'm really pissed at Ledger right now. Getting not only phishing e-mails but actual fucking phone calls from a "Ledger" caller ID to my phone number, which I only gave them because they supposedly need it for shipping. I don't have a feasible way of giving out a disposable phone number with each online order.

Fake Ledger tech support now started calling people  
You can try to block their number, and in future you can buy reserve prepaid number used only for registrations and ordering stuff.

...

I like the idea for PO boxes, but they are not available in all countries and cities, and they are not perfect solution.
Best option for me is to buy something in your local authorized reseller shop and pay with cash or crypto if possible.

 

[hugeblack]

The most difficult part is the stage of hiding the address, and the matter varies from country to country, but even shipping to an intermediary and then re-shipping to you requires some trust.
Also, I think that these companies will do some encryption of the personal data, especially the address, and the problem will remain that the data can be traced by the government and the court.

I still believe that in the future it will be easy for you to make your own hardware wallets so we may not hear about hardware wallets (Ledger,...etc) soon.

[LTU_btc]

It's good suggestions if you want to protect your data from phishing attacks, but not everything will work.
Using fake name can cause problems when you will have to take your wallet if it's delivered by courier or you take it from post office. Probably only way to stay anonymous - if your hardware wallet is delivered on parcel machine (don't know how exactly it's called in English). Your name isn't needed there, phone number or email is enough. You'll get PIN code through SMS or email and this code is needed to open doors of that parcel machine.
And if you're using PO boxes, it's impossible to stay anonymous.
One option - buy it from official reseller. But usually resellers have higher price than buying directly from Ledger.

[dkbit98]

One option - buy it from official reseller. But usually resellers have higher price than buying directly from Ledger.

You pay much higher price if you expose all your information, address and phone number to scammers.
I also checked some prices resellers offer and there is no big difference with prices manufacturers are showing on official website.
To be more precise I compared the prices from official Ledger website with official reseller in Croatia and prices are exactly the same, but I would never buy Ledger again or recommend it to anyone.
 

[Pmalek]

Holy shit, really?  That's messed up.

They're also sending text messages and addressing me by full first/last name and asking me to click some sketchy link.

Were you one of the allegedly only 9.500 users who had their full personal details leaked? Did you receive an email from Ledger informing you that you had all your details leaked?
I received only two emails so far, at the beginning of the phishing campaign. They both contain only the first name, not the last name. And there haven't been any calls or SMS messages. Which means they are either using different ways to approach the users, or not everyone has had everything leaked. A third option is that they haven't had time to call yet, due to the share number of other users above me on the list.   

Various phone carriers have this feature. Essentially they register their phone number under the name "Ledger" with their carrier, and then the carrier pushes that to your device whenever you receive a call or text from them.

Unless the hackers used fake IDs when registering the phone numbers (which they probably did), the carriers could help in identifying the users behind those numbers. To the police or government agencies, of course, not to the general public. 

[bob123]

- Use Tor or VPN when registering to website and install ad blocking extension like uBlock.

Using Tor or a VPN isn't really necessary. It wouldn't have protected you from a database leak at all.
Regardless of whether it is ledger or any other website.

All the information they potentially can get from that is your geo location in a 100km radius. Given they really store your IP address used.


Using an ad blocker and additionally a javascript blocker (e.g. NoScript) should always be done. Not only when ordering a hardware wallet..

- Use alternative or disposable e-mail address and new random password for registration.

This should also be always done.

- Use alternative prepaid phone number and not your real phone number for registration.

I have a 2nd mobile number here just for that purpose. Using for registering when necessary.
IMO the best way to not get any spam messages/calls.

I still somehow didn't get any call, sms and/or phishing mail from ledger.

[o_e_l_e_o]

Probably only way to stay anonymous - if your hardware wallet is delivered on parcel machine (don't know how exactly it's called in English). Your name isn't needed there, phone number or email is enough. You'll get PIN code through SMS or email and this code is needed to open doors of that parcel machine.

Amazon run Amazon Lockers in a number of cities, and you only need a code which they will email you to pick up a package. A new account not linked to your real name or address and a throw-away email address could be a possibility, although knowing Amazon, they will lock your account at the first sign of any shenanigans.

Unless the hackers used fake IDs when registering the phone numbers (which they probably did), the carriers could help in identifying the users behind those numbers.

I'm no expert on the matter, but it used to be that simply phoning your carrier and saying that it is business phone and you would like it to be registered under the name of your business (in this case "Ledger") would be sufficient. It's even easier if they are using a VoIP service, with many letting you simply fill in the field yourself. No ID required.

[suchmoon]

You can try to block their number, and in future you can buy reserve prepaid number used only for registrations and ordering stuff.

I blocked a few different numbers Ledger numbers already... not sure if having a burner phone that I would never answer would be much different than just giving a fake phone number, which is what I'm leaning towards.

Various phone carriers have this feature. Essentially they register their phone number under the name "Ledger" with their carrier, and then the carrier pushes that to your device whenever you receive a call or text from them.

I found this - I think it applies to Android with default settings:

Caller ID by Google shows the names of companies and services with a Google My Business listing.

"Google My Business" listings are free AFAIK. Not sure what, if any, verification is done. Probably none judging by complaints like this:

Google Phone app caller ID and Spam protection feature shows competing local business name when placing calls to or receiving calls from our business land line.

Were you one of the allegedly only 9.500 users who had their full personal details leaked? Did you receive an email from Ledger informing you that you had all your details leaked?

I may have received an e-mail from them or maybe it wasn't them LOL. At this point I wouldn't trust them even if they sent me a new device for free and definitely don't trust any e-mails from "Ledger".

Edit - I checked my spam folder and there are 6 e-mails from "Ledger", all sketchy AF. All failed DKIM. Some mention 86000 hacked accounts and tell me to download new software. All came to a disposable address used for Ledger orders only. Some use my real name. So yeah, I must be the lucky 1-of-9500 but I seriously doubt that number.

[o_e_l_e_o]

not sure if having a burner phone that I would never answer would be much different than just giving a fake phone number, which is what I'm leaning towards.

Depends on whether or not Ledger or any other company would every actually need to "contact you about your order". I think most people give out their phone number far more often than they realize. For the sake of $5 for a prepaid SIM which I change every 6 months or so, a disposable phone number I don't care about and can hand out freely is great. I maintains my privacy, I know I'll never get phished or scammed via my real phone, and completely eliminates my concern regarding database breaches like this. Just think how many other databases somewhere your phone number is sitting in.

Probably none judging by complaints like this

Like all things Google, there will be zero effort put in to protecting their end users. It is the same trick that telemarketers and scammers use to hide their phone numbers. It is illegal, but it is easy to do and difficult to trace, so the vast majority get away with it.

[suchmoon]

Depends on whether or not Ledger or any other company would every actually need to "contact you about your order". I think most people give out their phone number far more often than they realize. For the sake of $5 for a prepaid SIM which I change every 6 months or so, a disposable phone number I don't care about and can hand out freely is great. I maintains my privacy, I know I'll never get phished or scammed via my real phone, and completely eliminates my concern regarding database breaches like this.

I've never had a legitimate contact via phone regarding an order except a few times someone left a message saying "you'll need to sign for a package tomorrow", which may or may not have been legitimate, and a couple of times shady sites tried to upsell me because they magically ran out of that awesome deal that was too good to be true to begin with. I think I would be fine with the order cancelled if there is a genuine problem and they can't reach me.

Now if I have a disposable phone that I'll never pick up and won't carry with me and probably won't even keep it charged, what's the point? And I wouldn't be so bold to claim that I'd never get scammed on my real number. If I give it to kid's school or doctor's office - legitimate places to give my real number to, right? - and they get hacked I'd be in the same position as with Ledger now, just perhaps with more false sense of security.

Even a friend or a relative losing their phone with my number in their contacts is a risk - impersonation scams are rampant.

[o_e_l_e_o]

I was meaning more about being phished for crypto via my main phone. If my doctor's office leaks their database, it's highly unlikely that someone will target it with Ledger phishing texts or similar. Still, I use my disposable phone not infrequently to communicate with other people while trading peer to peer in my local area, and I suppose people signing up to centralized exchanges or other crypto services could benefit from a disposable number as well. Even signing up to something like Telegram if that's your thing I would only do from a disposable number.