/biz/ - Business & Finance

>>25879874
How's that paper wallet working out for you?

>>25879984
>not using a dedicated machine running a non-cucked OS for your crypto

>>25880049
if you are autistic enough to do this and have a suitable machine lying around, go for it. otherwise just get the trezor model one

I bought this this week. Cool thing doesn't cost that much, what's the problem to add extra security for fucking $50 or whatever

>>25880049
>dedicated machine
You realise a hardware wallet is still cheaper and significantly safer than running a dedicated machine...

>>25880097
you can literally get a used laptop from a thrift store and load linux on it for next to nothing

>>25880107
no, it isn't
even paper wallets are better options than 'hardware wallets'
which is a misnomer because they are software

>>25879984
I have dozens of paper wallets, keylogger won't do shit to them, even if I were retarded enough to do something that got me a keylogger.

If I felt like it, I could pick up a $20 circa 2005 laptop from goodwill, reformat it, install an old linux or windows version, never connect it to the internet and generate as many paper wallets as I wanted from it. $25 for unlimited wallets which have no chips that go south.

>>25879874
OH LOOK THIS THREAD AGAIN

>>25880107
this, kek. hardware wallet is basically a tiny dedicated machine for holding private keys

I get nervous owning paper wallets. I get less nervous owning hardware wallets. I'm always nervous. I can plug my hardware wallet into a virus ridden Windows PC and I don't sweat. Thats nice.

>>25880427
>I can plug my hardware wallet into a virus ridden Windows PC and I don't sweat. Thats nice.
kek

>>25880260
>I have dozens of pieces of extremely sensitive data that I type onto my keyboard with my hands, what's the issue? It's offline bro it says so right there in the system tray

Yeah keep doing that lmao

anyone bitching about the cost of a hardware wallet clearly has never had 6 figures worth of crypto

>>25879874
>Chinese
>RoHS compliant
Good one

>>25880482
Why would I type anything on a routine basis? This is cold storage. The only time I've ever moved anything out of a paper wallet I've used an iphone which can't have malware.

>>25880494
Not the cost. It's the fact that these hardware wallets will almost certainly stop working in a few years, whereas my laser printed paper wallets on acid free paper will not begin to fade in my lifetime.

>>25880599
you always have a paper wallet backup of the hardware wallet private key, doofus. the wallet is there for security and convenience when you do transactions.

>>25880732
>you always have a paper wallet backup of the hardware wallet private key
Then what's the point of the fancy digital stick you can wow all your friends on reddit with if you have it all on a paper wallet anyway?

>>25880937
It's about being able to operate with crypto on your computer without your private keys touching that computer. A hardware wallet is comparable to an airgapped computer you use as a cold wallet, where you have to send transactions to it without using the internet, sign it and retrieve the signed transaction back to your online computer, except that it streamlines that process.

>>25880494
I don't care about the price of a hardware wallet. My issue is with security. I don't like the idea of placing my trust in a 3rd party. Not to mention the recent security breaches and leaks.

>>25879874
Should I pull out my internet connection when setting up a hardware wallet? I'm almost schizo at this point

>>25881297
No need. The chinese harware makers already subtly hacked the kernel on the device so the wallet generates predictable keys. Don't worry, they'll wait a few years before they do the trillion dollar rugpull, so nobody involved can be hunted down.

>>25881416
Lmao whatever you say. So what if I generate a phrase through a different party and then input it into Trezor, sirs?

>>25881416
the keys are generated in the device? That's probably a very bad idea, I would prefer having my keys generated in a software open source well tested wallet and move them into the hardware wallet instead of relying on a black box to do everything for me and expect it to not do anything weird.

>>25881602
He is shitposting, but the software that you're dealing with is responsible for generating the key. Trezor is open sourc, and if there was something fishy about the code, peak schizos would have made a big deal out of it by now

>>25880260
Hey thanks for the idea.
>buy old cheap shit laptops
>install backdoors
>toss in donations boxes or donate to thrift shops all over the place
>wait

>>25881652
>cry when backdoor is destroyed when non brainlet buyer of laptop wipes the drive and installs a fresh os

>>25881700
digits checked. volume would be the key. if you don't think that from 100 laptops/computers one wouldn't fall into the hands of some retard who would instantly start doing all of their banking with it/tipping camgirls with their credit card then you're a naive faggot

My biggest concern with these "wallets" is that the internal flash memory could fail like a hard drive could fail. Then what? You lose your money? No thanks.

>>25879874
there is no extra security these things are a waste of time and have a few potential flaws, ultimately the backup is your passphrase and that is paper again

>>25880599
>iphone
>can't have malware
kek these are the retards shilling you shitcoins

>>25879984

I sign my transactions on an offline machine bitch

>>25881949
Retard IOS is a closed circuit OS , you're broke bitch little pleb ass wouldn't know because you can't afford a decent phone. Stick to your crapdroid malware simpleton and seethe !

>>25880937
paper vs hardware really makes no difference when you are using a mnemonic seed, you can receive to them both just fine without exposing your keys. when you want to actually send crypto though, the hardware wallet is way better because you do it without exposing your private keys to a computer on the internet. by definition you can't do shit without a paper wallet because it's paper, you actually need software to spend from it which is the risk. sure you can set up your linux box offline and sign a transaction and put the signed transaction on an sd card and then broadcast from a different online computer, but at that point might as well just use a hardware wallet that keeps your keys offline in the first place

now if your paper wallet is just a bare pub/priv key and not a mnemonic seed then that's different completely and the only thing you should be doing with it is sweeping it to a new paper wallet with mnemonic seed, whether you have that seed instantiated on a hardware device or not is irrelevant

>>25881919
dude you back up the mnemonic seed, which literally is just a paper wallet. the hardware just allows you to easily spend from it without exposing your keys by typing them into software on an online computer. have any of you fags actually USED crypto before or are you just all larping?

>>25880239
Good luck removing all the attack vectors, you have no idea how many things you got to remove, and its more than the microphone, wifi-card,webcam, etc.

>>25882434
>you have no idea how many things you got to remove, and its more than the microphone, wifi-card,webcam, etc.
How are these things going to phone home without an internet connection?

>>25882238
this, with a paper wallet when you eventually want to transfer the funds, you need to restore it on a PC or phone, which exposes your private key to the device. With a hardware wallet, you can keep it in cold storage like a paper wallet, but when you do want to transfer the funds, the key does not need to be exposed to an external device

>>25880097
I think using tails live usb is a best practice, if you only connect your hardware wallet to tails then you've covered most of your bases at that point

>>25880239
>used laptop from thrift store

ngmi

https://glacierprotocol.org/assets/design-doc-v0.1-alpha.pdf
pic related

https://github.com/LedgerHQ/ledger-live-desktop/issues/1713
>danuker commented on 11 Jan 2019 •
>Indeed, the procedure does require an internet connection. A bit too "live" for my taste as well.

>I dug through the internal workings, and found that Ledger Live forwards Smart Card APDUs ("application protocol data units") from the Ledger API server to install or uninstall wallet apps.

>I am slowly working on modifying Ledger Live to disable this, and instead hopefully finding a way of generating my own APDUs based on the open-source implementations of the apps (and I am curious if they match the ones from the "official" channel).

>I would love it if Ledger gave us a way of doing this in a truly distributed/offline fashion - currently, if Ledger were to be forced by some [inter]government entity to distribute somehow-compromised apps, we would all get those apps.

>Until I can get offline updates, I won't put my money on my newly-bought Ledger Nano S. If I am unable to do this, I will return it.

>Edit: In addition, it's a pain to wait 10 seconds for the server.

You can run Trezor One + trezor bridge + electrum on an airgapped computer without an internet connection.
If you want to use Ledger (or Trezor with ETH) on an airgapped laptop, you have to learn the command line. There's no GUI for it.

>>25882434
Don't forget to remove the speakers and operate the airgapped laptop inside of a faraday tent too.
After the operation, the hardware should be stored in a secure safe or blowtorched.

You should also be generating your own entropy or seed using coins/dice.
Buy dice from different manufacturers from random brick-and-mortar stores to make sure they're not defective/comprimised.

Test the entropy/seed to keys/addresses derivation using different hardware stacks, hardware supply chains, software stacks, and internet connections (to download the software). If the derivation produces the same results every time, you know you didn't get hit by comprimised hardware, software, or internet connection.

>>25882757
already made it

>>25882757
>You need to be able to play the latest Call of Duty on your paper wallet generating laptop

>>25879874
Why buy a simple secure device when you could reformat a laptop, air gap a Ubuntu installation with VMware running an older Ubuntu and keep it in a safe in your basement? Kek

>>25879874
You get the security of a cold wallet and the convince of a hot wallet.
You don't need one, but it will save you time.

Guys can I use the Ledger-generated seed on Trezor and vice versa? I own multiple hardware wallets.

Also wallet recovery is held on your vendors encrypted servers right, if they get compromised then actually no better off than a regular exchange also if their servers go down your BTC are gone if you need to restore from backup

Anyone tried using yubikey?
https://www.youtube.com/watch?v=-v3tqu8BD7E

Check out ngrave ur welcome fren