Open source isn't everything, for some it's just a selling factor

[Somegory]

You are ready to buy Your next favourite Bitcoin wallet and the finally reason why you are choosing this wallet is because it's open source? You might be wrong, I know that many members have said you should go for a open source wallet but it doesn't and shouldn't end there, as there is more to why it could be a wrong idea.


Not all open source crypto hardware wallet are reliable.
The first thing you have to do before finally buying that favourite hardware wallet is to

Check if code has been reviewed by qualified sources and people.
The wallet must have faced and passed strong security testing, e.g third-party audits and certifications.

Reputable hardware wallets have all undergo systematic inspections by security firms to make sure that following has no vulnerability
Physical Vulnerability, firmware, software, reliability, integrity, security, hardware, covering architectural.
The presence of EAL ( Evaluation Assurance Level) is another key indicator which shows the degree of security assessment the device have went through.

I bring this up because some people don't like the popular hardware wallets like Trezor, they have their eye on new hardware wallets coming up this days simply because they have better screen and good looks compared to the normal reputable hardware wallet that we know, if you are this type I still believe that reputation is everything but if you want to go with hardware wallets from new companies you need to make sure you are doing it right.

[Charles-Tim]

I bring this up because some people don't like the popular hardware wallets like Trezor, they have their eye on new hardware wallets coming up this days simply because they have better screen and good looks compared to the normal reputable hardware wallet that we know, if you are this type I still believe that reputation is everything but if you want to go with hardware wallets from new companies you need to make sure you are doing it right.

The reason I prefer few other hardware wallets is that they are airgapped, in a way that you do not need to to connect the hardware wallet with the software wallet with the use of USB before transferring PSBTs and signed transactions. But Trezor still remain one of the reputed hardware wallet on this forum that people are recommending.

[coinrifft]

I don't think though that there will be a perfect system. With that, as far as vulnerabilities goes, several flaws has been identified already. And it's worth nothing that a Ledger security team has exposed a vulnerability in Trezor, or security firm Unciphered.



https://x.com/P3b7_/status/1899863743036874795

Or Crypto Security Firm Unciphered Claims Ability to Physically Hack Trezor T Wallet

Unciphered, a company of cybersecurity professionals who recover lost cryptocurrency, says it found a way to physically hack into the Trezor T hardware wallet. Trezor says it acknowledged a similar-sounding attack vector a few years ago.

https://www.coindesk.com/tech/2023/05/24/crypto-security-firm-unciphered-claims-ability-to-physically-hack-trezor-t-wallet

Or them demonstrating a hack on OneKey.

Cybersecurity startup Unciphered demonstrated a hack of a notable hardware crypto wallet manufactured by OneKey, a Hong Kong-based firm that raised $20 million last year.

https://www.unciphered.com/security-firm-unciphered-hacked-into-popular-hardware-wallet-onekey/

Nothing is unbreakable in the context of security. And if a vulnerability is found, a fix should be applied and verified.

[Cryptohygenic]

I bring this up because some people don't like the popular hardware wallets like Trezor, they have their eye on new hardware wallets coming up this days simply because they have better screen and good looks compared to the normal reputable hardware wallet that we know, if you are this type I still believe that reputation is everything but if you want to go with hardware wallets from new companies you need to make sure you are doing it right.

It seems you don't understand the aspirations of technology evolution is based on amenities being considered in other to profer efficient services to users in reference to future and modern occurrences.
IMO, opens source wallet is prefered because it gives availability for new and advanced features or probably for an upgrading of the technologies softwares because, it can be auditable to code in enhanced features.
Closed source wallet may though be good too in terms of malwares and attacks but with how malicious malwares is being sophisticated these days, if a wallet securities and peripherals are limited and not having the capacity to beat the malwares, of course it becomes vulnerable to future threats and then nothing you can do about it since the source is closed.
So when you are talking about wallet reputations in the meantime, also consider consequences against new developments in the future.

[Dunamisx]

You are ready to buy Your next favourite Bitcoin wallet and the finally reason why you are choosing this wallet is because it's open source? You might be wrong, I know that many members have said you should go for a open source wallet but it doesn't and shouldn't end there, as there is more to why it could be a wrong idea.

Interestingly, we are not expected to only focus on open source wallet alone as criterial before choosing our wallet to use, however, we must never neglect that this open source criterial is also important in making the selection of our choice of wallet, the purchasing source is also important, the brand and all other checks to verify the authenticity of the wallet and uses, which we also have to maintain a good management of the same wallet in handling it properly, especially the hardware wallets.

[Ambatman]

Not all platforms or wallets that states they are open sourced are really open sourced
Take for example Trustwallet
If it wasn't for Bitcointalk I would have believed what google stated that they were open sourced.

bring this up because some people don't like the popular hardware wallets like Trezor

Popularity doesn't guarantee they would be great
Ledger wallets are popular
I'm still surprised that despite their flaws and all many are still using it.
Which most times sums to the fact they are not well informed.

[Cookdata]

.
I bring this up because some people don't like the popular hardware wallets like Trezor, they have their eye on new hardware wallets coming up this days simply because they have better screen and good looks compared to the normal reputable hardware wallet that we know, if you are this type I still believe that reputation is everything but if you want to go with hardware wallets from new companies you need to make sure you are doing it right.

What wallet do you now consider as been reputable, you have only condemn but didn't provide solutions.

Open source wallet gives room to alot of things, security architecture measures and development, free access for people to modify and improve or make suggestions if there is any bug or recommendations, all these you can see it on a Trezor wallet but it doesn't make Trezor the best.

It's not like if you use Trezor wallet you can't have good security, you can actually have one of the best wallet to store your keys from the internet but the fact that you need to be connect to a functioning laptop, possibly connected to the internet makes it vulnerable. If not for the recent launched Safe 7 model of Trezor, you can't power on any of the previous models without usb cable but even with the recent relaase, you still need Bluetooth to be able to use the new model which breaks the purpose of airgap.

If you are going to use a cold wallet, if it has all the fancy features and it doesn't work like an airgap wallet, then there is tendency of it been vulnerable in one way or the other.

[Apocollapse]

How do we know if the hardware wallet has been audited by third party and certified? how do we know if the audits and certifications aren't fake? we can't just trust what the hardware wallet claim if they're audited or certified.

I would suggest you to show us how to check those qualifications before we want to choose a hardware wallet, so we can know and able to avoid from picking vulnerable wallet.

[promise444c5]

I never fancy hardware wallet that much but if I have to choose an HW wallet , I will never go for a close sourced HW wallet no matter  how they try  to explain them self

I don't think though that there will be a perfect system. With that, as far as vulnerabilities goes, several flaws has been identified already. And it's worth nothing that a Ledger security team has exposed a vulnerability in Trezor, or security firm Unciphered.

So they worked with them just to uncover and expose a vulnerabilit to the public . Interesting..

How about them explaining why they keep claiming self custody while at the same time encouraging custodians through Ledger Recover.

[Somegory]

How do we know if the hardware wallet has been audited by third party and certified? how do we know if the audits and certifications aren't fake? we can't just trust what the hardware wallet claim if they're audited or certified.

I would suggest you to show us how to check those qualifications before we want to choose a hardware wallet, so we can know and able to avoid from picking vulnerable wallet.

There are companies that are specifically existing to perform such tests on hardware wallets like Census Labs for example.

BitBox02 firmware was audited by Census Labs, and the company also consults with multiple third-party security firms, encouraging ongoing independent research through a bug-bounty program.
 Similarly, Cypherock undergoes audits by Keylabs and is scrutinized by WalletScrutiny, which evaluates the reproducibility of firmware builds

You are not just looking the right places.