gogxmagog
Legendary
Offline
Activity: 1456
Merit: 1010
Ad maiora!
|
|
January 29, 2015, 06:58:46 PM |
|
I use a ledger, but looked at trezor first. Tbh I chose ledger because price, both seemed to be very secure. Today on reddit I am seeing trezor running into some problems. They put their software on github; open source, and now some manufacturers in Asia are creating very cheap knock offs. Trezor wants to change their license now. Boy am I glad I chose ledger. The very fact that trezor put their stuff out there as open source then turns around and complains that someone else is using it, this alone ruins any good will I might have had. If they didn't expect this to happen, what else are they not expecting?
|
|
|
|
hdbuck
Legendary
Offline
Activity: 1260
Merit: 1002
|
|
January 29, 2015, 08:55:02 PM Last edit: January 29, 2015, 11:56:29 PM by hdbuck |
|
I use a ledger, but looked at trezor first. Tbh I chose ledger because price, both seemed to be very secure. Today on reddit I am seeing trezor running into some problems. They put their software on github; open source, and now some manufacturers in Asia are creating very cheap knock offs. Trezor wants to change their license now. Boy am I glad I chose ledger. The very fact that trezor put their stuff out there as open source then turns around and complains that someone else is using it, this alone ruins any good will I might have had. If they didn't expect this to happen, what else are they not expecting?
its actually getting pretty nasty over reddit: http://www.reddit.com/r/Bitcoin/comments/2u1wea/trezor_code_no_longer_lgplv3_but_now_more/First, my point is they tried to do it retro active by removing their newest code changes and added a license change to a previous tagged version. Looks a little shady. Second, this is a bait an switch. I bought my Trezor under the impression I could modify the firmware and then run my modified version on my device. That is no longer the case under new license. RIP Trezor
|
|
|
|
gogxmagog
Legendary
Offline
Activity: 1456
Merit: 1010
Ad maiora!
|
|
January 30, 2015, 04:14:11 AM |
|
And whats wrong with ledger exactly? I dont leave it lying around or take it out in public even. I use all the precautions I use for my trusted home computer. I just consider it 2fauth for my wallet. pretty much what it is, isn't it?
they dont get enough press, since "search" is disabled here, I have trouble finding their threads.
can someone tell me a "worst case scenario" "what could possibly go wrong?" sort of critique of their product? I've heard very confusing technical explanations as to why there are vulnerabilities with it, but can someone ELI5?
security is important to me, should I be worried about my BTC in my ledger?
|
|
|
|
btchip
|
|
January 30, 2015, 09:30:11 AM |
|
And whats wrong with ledger exactly? I dont leave it lying around or take it out in public even. I use all the precautions I use for my trusted home computer. I just consider it 2fauth for my wallet. pretty much what it is, isn't it?
it's more than 2fa as it allows you to check what is signed and actually does the signature they dont get enough press, since "search" is disabled here, I have trouble finding their threads.
we're pretty active IRL, through conferences, partnerships, and so on can someone tell me a "worst case scenario" "what could possibly go wrong?" sort of critique of their product? I've heard very confusing technical explanations as to why there are vulnerabilities with it, but can someone ELI5?
worst case scenario today is some specifically designed malware that would sniff enough data of the security card to be able to rebuild it after several transactions are done, and bypass this security. This issue will be closed by the new second factor method used in the upcoming firmware, using your smartphone as a secure screen and making the full transaction experience smoother, or if you don't have a smartphone or don't wish to use it, by being able to print multiple security cards. security is important to me, should I be worried about my BTC in my ledger?
no concerns so far.
|
|
|
|
Madness
|
|
January 30, 2015, 09:36:33 AM |
|
Damn, when I saw this thread bumping , I thought they most of those Hardware wallets which are under developement are finished . Both wallets that I want to buy badly Mycelium Bitcoin card & CryptoLabs "Case" didn't finish from the develpement , wondering how much it would take more , anyone have any ideas please ?
~ Madness.
|
|
|
|
hdbuck
Legendary
Offline
Activity: 1260
Merit: 1002
|
|
January 30, 2015, 05:41:14 PM Last edit: January 30, 2015, 06:30:18 PM by hdbuck |
|
im done reading all that has happened on Reddit on the matter. mymy i dont mean to accuse anyone or being indiscrete, but it seems to me that ledger team did a heluva job burning down to hashes Trezor's credibility and product. alt accounts et al. classic internet warfare. sharks all around. ^^ anyhow i feel trezor had it coming, since they ripped off a lot of people from the beginning, with preorders and late delivery, taking advantage of being the only HwW manufacturer back then.. i got one ledger and plan on getting the new one as soon as it get released. imho they found the perfect balance between safety, consumer experience, and price. kudos to btchip!
|
|
|
|
hdbuck
Legendary
Offline
Activity: 1260
Merit: 1002
|
|
January 30, 2015, 06:27:00 PM Last edit: January 30, 2015, 06:37:19 PM by hdbuck |
|
What are the differences between the HW1 and the Ledger? They seem to both be made by the same company but one is half the price.
true, HW1 was kind of a ledger spin off. http://btchip.com/
|
|
|
|
btchip
|
|
January 30, 2015, 09:50:07 PM |
|
im done reading all that has happened on Reddit on the matter. mymy i dont mean to accuse anyone or being indiscrete, but it seems to me that ledger team did a heluva job burning down to hashes Trezor's credibility and product. alt accounts et al. classic internet warfare. sharks all around. ^^
wat ? we have no alts, and I was the first to point out the clones shortcoming. So, no. I know people like a good war but that's not the way we work HW1 was the first product before we merged to create Ledger. Both have the same firmware, Ledger packaging is better, and ships using DHL.
|
|
|
|
hdbuck
Legendary
Offline
Activity: 1260
Merit: 1002
|
|
January 30, 2015, 10:32:11 PM |
|
im done reading all that has happened on Reddit on the matter. mymy i dont mean to accuse anyone or being indiscrete, but it seems to me that ledger team did a heluva job burning down to hashes Trezor's credibility and product. alt accounts et al. classic internet warfare. sharks all around. ^^
wat ? we have no alts, and I was the first to point out the clones shortcoming. So, no. I know people like a good war but that's not the way we work HW1 was the first product before we merged to create Ledger. Both have the same firmware, Ledger packaging is better, and ships using DHL. Cool cool, did not meant to offense, i found it just odd that 2 or 3 accounts (according to their history) were just created to especially corner Trezor's dev in his BS. Anyway, that was a fun read. Ledger roxx!
|
|
|
|
gogxmagog
Legendary
Offline
Activity: 1456
Merit: 1010
Ad maiora!
|
|
January 31, 2015, 12:38:33 AM |
|
And whats wrong with ledger exactly? I dont leave it lying around or take it out in public even. I use all the precautions I use for my trusted home computer. I just consider it 2fauth for my wallet. pretty much what it is, isn't it?
it's more than 2fa as it allows you to check what is signed and actually does the signature they dont get enough press, since "search" is disabled here, I have trouble finding their threads.
we're pretty active IRL, through conferences, partnerships, and so on can someone tell me a "worst case scenario" "what could possibly go wrong?" sort of critique of their product? I've heard very confusing technical explanations as to why there are vulnerabilities with it, but can someone ELI5?
worst case scenario today is some specifically designed malware that would sniff enough data of the security card to be able to rebuild it after several transactions are done, and bypass this security. This issue will be closed by the new second factor method used in the upcoming firmware, using your smartphone as a secure screen and making the full transaction experience smoother, or if you don't have a smartphone or don't wish to use it, by being able to print multiple security cards. security is important to me, should I be worried about my BTC in my ledger?
no concerns so far. great, thanks! especially "worst case" because I rarely plug it in, I just send coins to its receiving address. I'm really happy with my ledger! At first I thought the case was a little off, but it was just sticky and now it folds out smooth, no worries. That was the extent of my complaints! At 1/4 the price of a trezor, and no "moving parts" meaning, it doesn't have a led screen etc, there's nothing to break down. And with this new trezor license baloney I am doubly pleased. This Hardware wallet is everything I need (yes I am singing your praises, youre welcome ) Still, everyone else seems to be in love with the trezor, until recently at least. lol. So, to all you out there looking at hardware wallets. forget trezor (over-priced, overly-complicated hardware, sketchy devs) and pay less for more with ledger! caveat - I am in no way affiliated with the good people at ledger, just a happy customer.
|
|
|
|
fearlesscat10
|
|
January 31, 2015, 01:36:57 PM |
|
im done reading all that has happened on Reddit on the matter. mymy i dont mean to accuse anyone or being indiscrete, but it seems to me that ledger team did a heluva job burning down to hashes Trezor's credibility and product. alt accounts et al. classic internet warfare. sharks all around. ^^ anyhow i feel trezor had it coming, since they ripped off a lot of people from the beginning, with preorders and late delivery, taking advantage of being the only HwW manufacturer back then.. i got one ledger and plan on getting the new one as soon as it get released. imho they found the perfect balance between safety, consumer experience, and price. kudos to btchip! Really glad I waited before I bought a hardware wallet, Trezor used to be my first choice. Now I'm waiting for the new Ledger as well.
|
|
|
|
|
kkurtmann
|
|
February 02, 2015, 07:18:34 AM |
|
Not a lot of info in that link.
|
|
|
|
x0Jakeyboy0x
|
|
February 03, 2015, 04:09:41 AM |
|
I'm thus far voting on the CoolWallet overall. "Case" looked good but then I read about them using multi-sig and keeping 2/3 keys in their FAQ. I personally don't want the ability for them to "recover" my wallet although I suppose it's better for the everyday consumer. Case is extremely secure because it is built on top of a multi-signature, multi-factor architecture with no single point of failure. Your bitcoin wallet has three keys and two of them are needed to complete a transaction. One key is embedded on the device so it is secured by the possession factor. No one can gain access to this key without having possession of the device. However, this key isn’t enough to complete a transaction. A second key is stored on our servers and transactions are only signed by the server key if the fingerprint scan is a match so this key is secured by a biometric factor. That means even if your device is lost or our servers are compromised, your bitcoins are safe. A third key sits in an offline vault and is only used if you ever lose your Case to help your recover your bitcoins.
|
|
|
|
kkurtmann
|
|
February 03, 2015, 08:54:20 AM |
|
I'm thus far voting on the CoolWallet overall. "Case" looked good but then I read about them using multi-sig and keeping 2/3 keys in their FAQ. I personally don't want the ability for them to "recover" my wallet although I suppose it's better for the everyday consumer. Case is extremely secure because it is built on top of a multi-signature, multi-factor architecture with no single point of failure. Your bitcoin wallet has three keys and two of them are needed to complete a transaction. One key is embedded on the device so it is secured by the possession factor. No one can gain access to this key without having possession of the device. However, this key isn’t enough to complete a transaction. A second key is stored on our servers and transactions are only signed by the server key if the fingerprint scan is a match so this key is secured by a biometric factor. That means even if your device is lost or our servers are compromised, your bitcoins are safe. A third key sits in an offline vault and is only used if you ever lose your Case to help your recover your bitcoins. So, if Case goes tits up? You're shit out of luck?
|
|
|
|
|
x0Jakeyboy0x
|
|
February 03, 2015, 05:31:18 PM |
|
...
So, if Case goes tits up? You're shit out of luck? If I understand things right, you are correct.
|
|
|
|
kkurtmann
|
|
February 04, 2015, 07:38:47 AM |
|
You might want to review the text on your faq page and blog page for inconsistencies. One place says each of the 5 accounts can have almost unlimited priv/pub key pairs and another spot says only 232 key pairs per account. Wtf? If it truly is BIP32 hd wallet then account would have unlimited key pairs. There are other inconsistencies also but that one seemed extra weird. These kinds of things makes the project look scammy to me. Also if someone were to get your card and paired device could they not easily empty your wallet with the tap tap? Other than that, I think it's a cool wallet that I would use.
|
|
|
|
AussieHash
|
|
February 04, 2015, 01:34:25 PM |
|
Well I have an HW-1 on the way and should be ordering a trezor soon as well. It would be a nice surprise if the Ledger team implemented a OTG solution for Android or made a micro usb version.
You're aware HW-1 works with Greenadress and Greenbits via OTG?
|
|
|
|
LOBSTER
|
|
February 04, 2015, 02:37:12 PM |
|
Has anyone ordered a CoolWallet @ Indiegogo yet?
|
|
|
|
|