[ 3 / biz / cgl / ck / diy / fa / ic / jp / lit / sci / vr / vt ] [ index / top / reports ] [ become a patron ] [ status ]
2023-11: Warosu is now out of extended maintenance.

/biz/ - Business & Finance

View post   
File: 1.80 MB, 1100x1286, 1557270433759.png [View same] [iqdb] [saucenao] [google]
14059500 No.14059500 [Reply] [Original]

I thought I was being trolled with all the absolute BRAINLET tier responses in this HW thread: >>14051323

I'm bullish now, but let me spell it out for you assholes who actually might want saving:

>it's a glorified USB key
Wrong. A hardware wallet is a specialized piece of tech that contains a secure chip and acts like the banker example here >>14056293 your private keys are GENERATED ON and never leave the secure chip, with transactions signed in the SE.

>the plastic POS is gonna break/software doesn't work
I could smash my wallets with a hammer right now and still be spending within a few minutes. You obviously don't understand how cryptocurrency works, and the seed phrases themselves can be used on different devices and wallet platforms.

>Ledger/Trezor will exit scam
Wrong. Their devices have faced extensive security review and the only legitimate avenues of attack are completely out of the skillset of the average criminal and require physical access to the device and specialized instruments. Ledger and Trezor CANT exit scam because they don't ship the devices preconfigured, and there's no telemetry for them to extract private keys from the SE itself.

>> No.14059590

>storing your coins on a glorified usb drive

>> No.14059697

>>14059500
There are a couple brainlets on here that can’t afford the $40 for a hardware wallet and cope by fudding hardware wallet threads. They then shill their James Bond 007 paper wallets with seed word lists spread across the globe. And their air gapped Linux live boot distros that they have to spend from in their basement.

>> No.14059839

>>14059500
OP of the banker example here.
I'm glad my 5:30am typo-ridden rant was seen by at least someone with two brain cells to rub together. Thanks.

>> No.14059945
File: 196 KB, 1359x352, Screenshot_20190608-190225_Samsung Internet.jpg [View same] [iqdb] [saucenao] [google]
14059945

The absolute state of newbies. Hardware wallets of any sort are an absolute meme. If you're ultra-paranoid just download an Ubuntu ISO onto a usb stick and boot into the installer, air gap the machine, and generate your keys. You can save the private key on a veracrypt volume and then just put a few copies of that wherever. Just make sure you never forget any of your passwords, and that they're long enough to be uncrackable.

Just look at this Ledger bug that went unnoticed FOR YEARS. Everyone could have changed the change adress and send your BTC whereever they like and you could not do anything:

https://mobile.twitter.com/SomsenRuben/status/1100843124169990144

and check pic related WAS ANOTHER BUG THAT LEAD TO LOST FUNDS

>> No.14059982

>>14059945
The Ledger can be fooled into sending away ALL funds from ALL your accounts, with NO warning from the device... This is how it can be exploited:

a. The user initiates a payment on malicious software
b. ALL coins get used as inputs
c. The Ledger gets fooled into accepting a malicious change address (this fault behavior is caused by simply leaving the derivation path empty) ...
d. The user confirms the normal looking transaction on the Ledger
e. ALL coins (minus the payment) get sent to the malicious change address

More information: https://sergeylappo.github.io/ledger-hack/

>> No.14060109

>>14059945
>>14059982
Which is why I keep saying to use trezor wallets, as they're open source. Additional ability to verify transactions after they've been signed but prior to sending is a necessary lacking feature.

Any flaws in a hardware wallet is still orders of magnitude better than decrypting/using a wallet.bat in the user's environment. you'd have to be insane if you don't see why that's worse.

>> No.14060141

>>14060109
I actually keep my funds on Binance #SAFU

HARDWARE WALLETS ARE A MEME

>> No.14060157

some anon said that ledgers are unhackable as long as you don't let anyone get hold of your device physically, is this true?

>> No.14060228

>>14060157
Nothing is unhackable

>> No.14060426

>>14059500
>the only legitimate avenues of attack are completely out of the skillset of the average criminal and require physical access to the device and specialized instruments.
No specialized instruments will let someone hack AES under a strong password. 4-8 digits aren't strong passwords.
laptop + encryption > hardware wallet