/biz/ - Business & Finance

Go back

>>54984636
my bad, I'm sure you'll like this better

>>54984604
>trustless because big corporations are always control freak psychopaths
>just trust the wallet makers!
So people in crypto didn't see the problem this whole time?

>>54984604
Wait what? It's now possible to get the seed phrase out of my ledger? Where am i gonna store my linkies now?

>>54984604
>Ledger: added functionality to extract keys from your wallet
Eh not really, shards of the encrypted seed more precisely.
All in all any turboautist is on a separate airgrapped laptop with a Tails OS usb.

>>54984765
I'd say Trezor is still secure and open source, would never use Ledger

>>54984604
AirGap Vault & Wallet

>>54984768
>All in all any turboautist is on a separate airgrapped laptop with a Tails OS usb.
seems excessive but even if not the average 100 iq person isn't going to be able to get something like that working

generate key with dice
offline tx signing on laptop without network card and tails usb boot
don't know what's supposed to be so hard about this for supposedly mildly tech-savvy people

Trevor chads….we won

The fact that apparently the firmware can be modified such that the key can be extracted means that this attack vector has ALWAYS been there. Just because we're only finding out now doesn't mean it was ever safe. Many people have been presenting HW wallets as if it's (almost) as secure as using an airgapped pc with offline signing, however the air gap is simply not there. At any point in time anyone could've built a malicious firmware update.

>>54984604
Citadel Wallet + HashPack deadly combo

>>54984604
Would this be a safe option:
Since ICPs NNS can now hold native btc would it be safe to store everything on the NNS and then just use a yubikey for recovery?
Would that be more secure than any of the retail providers?
I mean the nns will eventually be able to store native eth and possibly other coins in the future so that could be alternative to these other wallets is just a Internet Identity that can be recovered through yubikey, seed phrase, and/or another method?

>>54985074
everyone with a brain knew this was the case, but gave them the benefit of the doubt
after they got hacked and lost everyones personal info all that benefit disappeared except for the normie crowd who kept using it for the past 3 years

>>54985145
The fact that they had a data breach has nothing to do with the security of their physical devices. It makes no sense to give them "benefit of the doubt" about poorly designed electronics on the basis of being a trustworthy company. Even if they stored everyone's personal data in fort knox on the moon it wouldn't change a thing.

>>54984990
You can't use defi with that approach.

If you're able to do this to begin with, it means Ledger already has your seed phrase in some capacity - no? Like if I had to manually send this information to third parties it would just be a gross option, but now they're basically saying they're COMPed?

>>54985214
the data breach showed their institutional incompetence for those who were not yet privy. it set the stage for their downfall as securing hardware devices running custom software is a lot harder than running a webshop, which they completely failed to do.

>>54984604
what do you think of bitbox? seems like a good altnerative to ledger and trezor

>>54985230
Well sure, for defi you can just use a software wallet and manage that risk appropriately. Saves a bunch of hassle since apparently a ledger had equivalent security to a software wallet after all.
btw indeed I've always found it a bit sad that there's no support for offline signing in most defi UIs. I've looked into it one time but then it was only possible by interacting with the chain directly without UI.

>>54985329
Yeah, I was so surprised to find out that there is no open standard or something like that for hardware wallets. You're just supposed to use whatever integration Metamask extension has implemented.

>>54985258
if you need alts it seems like the only other big choice. maybe keystone but it's not as popular so riskier.

So if my LINK staking wallet is my Ledger one, then I can't just transfer that to a Trezor, right?
Fucking French cunts, bought their piece of shit 2 months before the data leak.
Should have switched there and then

>>54985652
>So if my LINK staking wallet is my Ledger one, then I can't just transfer that to a Trezor, right?
why wouldn't you be able to transfer it? retard.

>>54984604

tangem

>>54984711
Well, most didn't. Some ofc did.

>>54985652
>LINK

no need to do anything you re already fucked. nobody will bother for a dead token

>>54986205
I swear the chainlink fudding is automated in some way.

>>54984711
All my shit is open source.
(no ledger)
Never been scammed.
Never been rugged.
Never been hacked.

>>54984768
>Eh not really, shards of the encrypted seed more precisely.
Same thing with an extra step.
This company already leaked the entire customer database btw. Including information they claimed they deleted.

>>54984796
this
trezor is breddy gud

>>54984604
Probably a dumb question but WHY do all these devices constantly need firmware updates?

>>54986147
How will I transfer it
Staking is tied to a wallet and I want to make a new Trezor one instead of recovering the possibly compromised Ledger one

>>54986340
to keep you safe my son

>>54986162
Shhhhhh....
Let the normans hit the floor

TREZOR USERS RISE UP
IVE SAID IT FOR YEARS THE ONLY ADVANTAGE TO THE LEDGER IS IT FITS IN YOUR BUTT

>>54986362
>How will I transfer it
what the fuck do you mean 'how will I transfer it'?
how in the fuck did you put the LINK on your ledger wallet to begin with?
OK, so do the same thing you did before, but with trezor.

>>54984998
Who's Trevor?

there are people on Twitter who have been warning about hardware wallets for ages. I still use one but the arguments they make have made me increasingly nervous about doing so. There's absolutely no way to know with these things whether or not the keys they generate or actually random, or whether they have a way to compute your private key from transaction signatures (Exfil). Or whether the black box secure element on these devices is actually secure. there's a whole lot of trust involved with these things.

An old laptop or smartphone used exclusively for crypto & running an open source wallet like BlueWallet or Electrum is likely more secure than one of these hardware wallets. More eyes on the source code, you install it yourself, can build from source if you want to make sure you're running the actual published code, no hardware black boxes, not likely to be targeted for supply chain attacks. If you're not running open source software that you installed yourself on generic hardware, you're taking a huge risk. maybe it's about time I follow my own advice and ditch the hw wallet

>>54986362
>possibly compromised Ledger one
If you didn't update the firmware, its not compromised.

>>54986520
Trezor is completely open. The software, the hardware, and they even have the 3D files to print your own case on the website.

>>54986661
can you build one entirely from off the shelf components?

>>54986661
(contd)
You can build your own trezor out of a Raspberry pi:
https://www.pitrezor.com/2018/02/pitrezor-homemade-trezor-bitcoin-wallet.html

>>54986677
Yes. See: >>54986681 for an example.
I've seen people build them with cheaper components. The firmware is really not that demanding.

>>54986626
Usually this makes all the apps not work as u need to update the apps as the blockchains update and then u need latest firmware for latest app. Checkmate cryptards

>>54986520
lol this,
i will be moving off ledger (to trezor) im already 50/50 between the two
but all this tech discussion sounds like fun things to try.
thanks for the reccomendations on BlueWallet or Electrum

>>54986681
interesting. I know Blockstream Jade has guides for building your own from parts. I've never used Jade but from what I understand it works a bit differently in that you need some kind of external server to validate the PIN and decrypt the keys (you can use theirs or run your own). basically built-in two factor.

Was considering that option, but really an old laptop running Linux + the most popular open source wallet might be the most trustworthy choice. The more popular an open source project the more likely bugs or security flaws will be caught. Niche projects like Trezor might be open source but how many devs are working on it versus, say, Bitcoin Core or Electrum?

in any case Ledger is probably the least trustworthy out of the popular hardware wallets. Closed source firmware, black box hardware. if you use one you had better at least generate your own keys and not let the pre-installed software do it

>>54986423
Link staking is locked in

Time to buy a Trezor then. Goodbye Ledger.

JW Weatherman is likely the most vocal anti-HW wallet person on Twitter. He created a solution for Bitcoin that involves using Bitcoin Core with 3 of 7 multi-sig and backing up the seven private keys to seven CD-Rs. Sounds crazy, but CD-Rs are actually the most reliable storage media & least likely to fail or break compared to, say, USB flash drives or SSDs, since they have no parts other than the disc itself. Three of Seven means you can lose more than half the CDs and still be able to recover. The problem then becomes though where do you store seven CDs such that an attacker couldn't get their hands on three of them?

>>54986702
>>54986681
>>54986661
I have a trezor and knew the company is legit, open source, lots of security on packaging, no firmware comes installed etc.

Didnt know they also promoted building your own

Trezor chads win Again , usbstick ledger btfo

Coldcard master race

>>54987259
not open source (meaning not free open source software. The code is viewable but remains proprietary). black box hardware (secure element). Not much better than Ledger, really

>>54986626
but what if the ability for them to access your seed was already in the older firmware updates? i haven't updated my ledger in months but fuck this i'm just getting a trezor

This shit is so fucking funny

How can a company fuck up so badly? It's so plainly greedy too, chasing the subscription dollar, like fuck off on 5 different fronts

>>54985145
where can I buy a Trezor wallet?

>>54986400

Even then, Do Kwon still chose to put a trezor up his ass

passport looks like the best alternative imo, since its airgapped this bullshit isnt possible

>>54984662
Someone cap me now. It's going to be epic. Next person post that cap to twitter.

>>54987562
Ebay.com

>>54986520
>he's starting to believe

>>54987141
don't listen to that guy though, he's certifiable.
his "software" (poorly written python scripts) is less secure than a ledger and he considers turning your wifi off a viable solution.

>>54987141
No the problem is what device do you load the CDs into when you actually want to USE your fucking coins. CDs can't run code

>>54988121
This. Used ones are cheaper

>>54987562
official website only. if anywhere sells them physically it's worth going and getting one that way.

>>54988596
you can buy a USB CD-R drive on Amazon for $10

>>54988589
what makes it less secure exactly? At least with his stuff it's entirely open source with the most widely used and trusted software, and running on commodity hardware not proprietary black boxes.

just your gov't playing games you wont do anything from now on without them knowing what youre doing...ever! but it's for your good, it's because he loves you.

>>54988670
it's obviously written by an amateur and doesn't need to be even 10% as complicated
red flags all over the place

>>54984604
this seems so insane on a number of levels. if they're actually backdoored and they exit scammed people the entire company would all end up dead more likely than not. think about it for like 5 seconds. tons of criminal organizations use fake internet money now.

>>54988733
on the other hand, consider this:
they're french

>>54988733
it's not about whether or not your coins will be stolen, it's about the fact that it was supposed to be impossible for them to be stolen and now it's being revealed that it's possible. what else could they be lying about?

>>54988725
any suggestions on a better way to set up multi-sig bitcoin wallet that's secure and trustworthy (i.e. 100% open source on commodity hardware), with reliable backups?

>>54988757
>they're french
this is the most compelling and succinct argument possible for why they might have actually done something this suicidal.

are there any ways to use eth with a multisig yet?

>>54984604
All of the super wallet projects that were coming up are going to end up dying eventually by 2024.
It's just the natural course of things. Have people forgotten about the post 2019 era?
All the shit projects (coldstack, marlin, etc) all died up, every single one.
Meanwhile what's still around? Memecoins, the dna of the sould. Buckle up PEEPO and PEPE boys, we have a long ways to go

>>54988815
i see your point, but i was setting all that aside and just assuming the worst case of its always been backdoored.

>>54985329
explain to me like im a person of enriched melanin how u can offline sign stuffs
dont u need to plug in a usb to your airgapped computer that you after plug into your grypto trading pc?

>>54988829
the best way is to find out what bitcoin core commands those scripts are making and do it manually so you know exactly what youre doing

there's also apparently something much older and better tested but potentially obsolete called glacier that it was based of.

either way if youre that paranoid and not controlling the entire process yourself it doesn't make any sense. why trust anybody especially with very niche and untested custom software?

>>54988845
eth doesnt support multisig or native scripts, everything is a contract
consensus seems the best multisig today is gnosis/safe

>>54988733
they didnt put a backdoor TO exit scam

They put a backdoor so now it's POSSIBLE for people to hack you.

The door they put in is meant to be a fire escape for normies who lose their wallets, but people are mad because the company didn't foresee how this exposes their wallet to potential future hacking

brainlet

>>54988906
well when you put it that way... wish it was easier to set up mutlisig in Core but after a decade it's still a pain in the ass.

in any case I just don't feel safe with hardware wallets. too many attack vectors & things that could go wrong. Not saying that they will definitely rug but, like, why take any chances at all?

You can thank that fat Argentinian for that

>>54988974
that's a sane position to have but if you then turn around and rely on one man's hobby scripts you're taking more risk.

if you dont understand every aspect of what you're doing and why you're better off with a sane hw wallet like passport/coldcard/bitbox/trezor or a multisig of 2-3 of them.

the perk of ledger is that you can hold a lot of different cryptos with one single keys. How are you supposed to handle stuff if you have like 30 different cryptos who require different private keys?
By the way you're a bunch of niggers. Since they can update the software, they could just create a malicious update any time.
So basically this is a big nothingburger. Just don't allow the said capacity.
And don't overlook the complexity required and difficulty of keeping a bunch of 24 words private keys for 10 years, in order to avoid sharing said keys and losing them

>>54986340
this lmao, every time i need to use it, I'm like 5 or 10 updates behind, fucking update this update that, if it worked why change it? fucking bs we can never catch a break crypto bros, everyone is after us and the fucking prices aren't even any good I'm so tired of this shit should've dumped everything in 2021 and never work again but here we are

>>54989401
> I'm like 5 or 10 updates behind, fucking update this update that, if it worked why change it

To better extract your keys anon. That is why kek.
Or all new hyped functionnalities

Ledger Nano S incompatible. Poorfag chads, we escaped the threat

I started off with BTC and paper wallets.
Looks like I'm coming full circle.

>>54989828
how do you even use a paper wallet with bitcoin? don't you basicly have to create a new one every time you make a transaction/transfer? there is also like multiple addresses embedded into one I don't really get it to this day, ethereum is simple, one address that you can use all the time for deposits/withdrawals

>>54989906
isn't it just your private or public key printed on paper with a qr code maybe?

there's a reason bitcoin uses utxos instead of accounts. for example gives you discreet "denominations" of bitcoin you can select which one you want to spend from while keeping it all in the same wallet, like selecting which dollar bills from your wallet you want to pay with at 7-11. It doesn't mix it all together into a single account balance. that can give you better privacy because on-chain analysis can only show transactions related to that "unit" of bitcoin, and can't necessarily relate it back to every transaction your wallet has ever made.

The answer is qredo
Literally safer than a cold wallet

>>54984662
Made me lmao

>>54990011
>printed on paper
Do not do this.

>>54990011
sending your seeds to your printer is one of the fastest ways to lose it all, printers are a security shitshow

>>54990066
>>54990100
i never would. i've heard about how stuff printed stays in your printers memory and whatnot. I was just trying to answer the question about what a paper wallet is

>>54990100
they are also a scam
they put limits on how much ink you use per cartridge up to 15% is inaccessable
many corruption in printing industru

>>54988878
using cameras and qr codes or an sd card

I just switch paper wallets once or twice a year, kek I always knew hardware wallets were for fags

>>54990119
there isn't a single printer on the market that isn't a fucking scam. i thought i bought one once because it had refillable ink tanks but the achilles heal was in the waste tank, which wasn't a tank it was a sponge. and once the sponge fills with waste ink your printer is fucked. you can buy an overpriced sponge replacement that is overpriced because there some dumb antipiracy chip inside it so people dont pirate the sponges or something. but then the sponges deeper in the machine which can also clog with ink you cant access easily or replace so you have to take it apart, which there are no official instructions for and it violates the warranty, to install grey market sponges. and then hack the firmware using a code you have to buy online from some hacker or something. all it needed was a tank, just a waste tank. there are people online who i saw have actually modded their printers to have the waste tank it should have started with. long rambling but i already typed it so im hitting post

so i hate to blame boomers but my mind keeps thinking "boomer scams" as in every company run by oversocialized boomer normies is going to be loaded to the tits with scams because they just feel so fucking clever when they're running a scam on people, thats what constitutes professionalism for them. they have no ideals and don't understand their customers do, they think they can just pretend to have those ideals while fucking us behind our backs like we wont notice. but the internet exists, we notice and share information now.

these idiots will risk their entire reputation and company for the sake of whatever small profits they can get running a little scam on the side. its pathetic

>>54990192
god damn sponges

>>54989372
Finally someone gets it

>>54986340
>>54989401
My setup has never required an update.
Sure, I still use 1xxxx type addresses, and have to pay 200 sats/B in the current mempool state with Ordinals.
But I know it works and it will always work, and if it doesn't, something terrible has happened to the Bitcoin network.

My setup involves no proprietary devices or software, just good old OSS on an airgapped device, broadcast using QR codes to communicate with an online device.

>>54989372
or.....they have been backing up users private keys behind the scenes, before they rug they need to create a scapegoat feature to blame it on.....rug incoming

>>54990479
this sounds far more likely

>>54989688
I have a ledger nano s, it’s like 5 years old. So just to confirm, am safe from being hacked?

>>54986455
Hi

>>54989372
WTF DO YOU MEAN NIGGER
>Just don't allow the said capacity.
You're making sense but I'm a nervous non geek. So basically just say no when they offer this storage shit until I get a trezor and I won't get hacked?

>>54990664
>So basically just say no when they offer this storage shit until I get a trezor and I won't get hacked?

well they revealed today that they have a very questionable way of how the communicate to their users, and what they actually stand for
people recommend if you chose to quit ledger as a whole you are better off changing your seed phrase too, as the very negligible chance exists the way they generate keys are compromised

World police/globalhomo coming after them. EU looking to shut down unhosted wallets entirely so daddy state can keep tabs on you and your money. They're never going to allow a totally autonomous system of self-storage to exist.

>>54990557
they have stated before that their design does not allow for the chip thats actually handles signing of txs and such cant be communicated with in a way that it allows for attack surfaces

given they are planning to ship the revealed new product of today, this cant be the case anymore
as sloppy as they are they will probably ship the same software on the ledger nano s and just bury and deactivate it in a sloppy manner

Just buy a shitty laptop and airgap it and keep your codes there.

>>54990804
Ledger Nanos have a short lifespan. I've gone through four of them since 2014 or so. Only one that broke has been an S, the older chip-only versions were obsoleted, I think.

>>54989688
Look at this, "they" say your nano x will duplicate the recovery, which could explain why recover isn't offered for our old ass nano s. I don't trust this shit but maybe just maybe our phrases aren't fucking sitting in some jeet cloud

>>54990898
>chip-only versions
??

>>54985258
>what do you think of bitbox
It's nice
I like that it uses encryption and password protection to protect user's funds.
Sylo wallet is another safe wallet that works as e2e messaging app as well as crypto and NFT storage tool

>>54990956
No screen, the original Nano and the HW.1. That was way back in the early days of crypto: 1994

>>54990723
Sure. Just ordered a trezor to start with fresh keys. Won't even update the nano until I can transfer

>>54984604
Trezor uses Tor network you fucking tard.

so fucking wierd this comes out as soon as eth fags start talking about abstraction layer. what a coincidence

>>54986520
Can't you input your own keys you generate with dice or some secure method?

>>54991089
yeah they very privately report your inputs directly to chainal

>>54987141
CD lifespans can vary pretty widely but will inevitably degrade over time, but for normal disks it’s probably around 10-20 years. Gold based disks last longer, but M-DISC would be ideal

>>54984662
Next ask metamask

>>54989906
>download core
>let it sync
>create wallet
>encrypt wallet
>backup .dat file

If you want the private key(if you have the dat you don’t need this) so the following:
In Bitcoin-Qt click Window -> Console.
If your wallet is encrypted, use this command to decrypt it for 5 minutes (300 seconds):
walletpassphrase your-wallet-passphrase 300
Use the dumpprivkey command to get the private key. Repeat for as many bitcoin addresses as have money in them.
dumpprivkey <your bitcoin address>

>>54984604
>Trezor: uses and funds chain surveillance via Wasabi coinjoin, no next gen device
Explain this one to my retard self. You are saying they are bad for supporting wasabi coinjoin?

>>54986626
the firmware just adds the option, the architecture that provided this functionality was always there

>>54990557
>>54990947
Yes I think the old Nano S is hardware too dumb to perform this seed phrase exportation or they would have forced this update onto it too, or would have announced plans to do so.
In fact it looks like the Nano S is fully discontinued so that's a good sign lol

>>54990947
>>54990557
>>54992960
from their website:
>Soft launch exclusively for Nano X.

in case you don't know what "soft launch" means:
>A soft launch, also known as a soft opening, is a preview release of a product or service to a limited audience prior to the general public

so nano X is the soft launch platform, with nano X users having priority to this "early access" so to speak
there is 0 indication to believe that S does not/will not possess this feature
get out if you can

Kek, saw this shit coming a mile away. MUH HARDWARE WALLET IS IMPERVIOUS TO ALL. BAHAHAHAHAHAAHAHAHA Hardware wallets have always been and will always be a meme. You're trusting a third party to secure your funds, defeating the purpose of crypto altogether. One of these 3rd parties has already leaked user data in the past.

>>54993016
>>54989688

>>54992707
yes, wasabi directly coordinates with governments and chain surveillance firms to reject/censor inputs to their mixes, and in this process would be showing chain surveillance firms all the inputa and outputs of every mix

>>54993102
>"isn't"
>not "won't"
get out if you can

>>54990785
> Court orders Ledger to retrieve and turn over anons private key
> Ledger complies
> Funds seized
This is their end game isn't it?

Nice future of currency you have there.

>>54986266
no you see , you just a gay jew who simps for WEF

This is going to be great for crypto adoption. You can't even trust the over-priced, inconvenient shit that's supposed to keep your crypto safe.

Is crypto trying to compete with real estate to see which can be the most fucking annoying asset to own?

>>54988757
Precisely. Who is more paranoid? Czechs or French? It has to be the difference of an order of magnitude or more.

>>54989688
My ledger nano S died on me. UGGGGHHHHH

>>54993146
So, what methods have glowniggers not already co-opted? Lol

>>54984604
>French Company
>Cucks out to the govt

Damn who could have predicted this?
Also, I hate europeans so god damn much

just buy a cheap laptop, run linux, encrypt that shit yourself, make sure to revoke any privs you give out on your metamask etc. only open it when you want to trade, never visit any other websites or browse. use exclusively tor and its built in blockers. after use upload an encrypted backup to some random cloud or mega.

SO WHAT DO I DO NOW? BUY A TREZOR?

>>54993675
Prepare for the end times

>>54993422
whirlpool coinjoin, samourai and sparrow clients

>>54993675
passport, bitbox, jade

>>54993770
arent those bitcoin only?

>>54984604
Huge buy signal

>>54984604
Good thing my money is still safe in Celsius

>>54993790
exactly why they are so great
nobody will even want to steal it before too long

>>54989688
ledger nano s black market incoming

>>54993912
but what about my shitcoins sir

Is it confirmed they can extract our key? Or do you need to enter it to sign up for this service?

>>54987007
Well I would but they don't support half of modern coins like Solana, Polka Dot, Ripple, even on the latest Model T

https://twitter.com/el33th4xor/status/1658610027223998466
based gun advice

>>54984604
of course the hardware has the ability to spit out the private key if instructed to do so. what the fuck do you think it's protected by a magic spell or something? you are protecting against a certain class of threat actor here such as your computer being compromised by malware and recording your screen. you aren't hiding from government actors kiddo lmao. good news is nobody gives a fuck about your $300 tax evasion.

>>54995079
you just don't get the point. One of the big ideas of a hardware wallet is that the computer you connect the thing to doesn't know the key. You also don't know the key, which is not perfect but also provides a modicum of protection from your shitty comic's wrench attack. Or just being dumb and forgetting your key.

>>54990664
it's mostly gay fud. Did you dl the last update? don't dl any update for 2 weeks.
But yeah if you have big sums maybe use a dedicated laptop and shit. Not pratical at all.
Their hearth was in the right place, bringing more normies to the space and getting their sweet bucks

>>54995106
lol you do know the key. You can print it on your ledger screen.
Stop being midwits.
So the real questions is can the keys be exported from a hardware wallet? sure they can with the right update. Always has been. Do like me if you're paranoid never dl update unless you have to and they are more than 2 weeks old

>>54995138
This. That place just turned into Reddit it's sad. Isn't /biz/ supposed to be at least a little bit contrarian, or is it just zoomers now?

>>54987335
If it's viewable/verifiable, I don't see the problem. Coldcard just doesn't want Foundation stealing their product anymore.

>>54995138
>dedicated laptop
with swiss cheese operating system? ishygddt

>>54995079
>>54995149
Nigger you just don't understand the point of secure enclaves. If they were competent they would've made it so that the enclave supports only a limited set of operations, such as signing stuff with the pk and printing the pk on the screen, and THIS SET OF OPERATIONS CANT BE CHANGED BY A FIRMWARE UPDATE OVER USB. That's the WHOLE point. If you can get it to spit out the key OVER USB then it is NOT in principle any more secure than a software hot wallet.
They could even just have it support a number of cryptographic primitives (ecsda, sha256, rsa etc) with which to support other chains in the future as long as they don't use a too-obscure cryptography algorithm.
This is technology that exists even if you personally don't understand how it would work. Here's a wikipedia article about it:
>https://en.wikipedia.org/wiki/Hardware_security_module
As a toy example think of a CPU with Harvard architecture (that is, executable code is stored in a different memory than data) where the code memory is read-only. Wallah, it is now impossible to make the secure processor do things it wasn't supposed to do without physical access to the hardware.

>>54995106
yeah, it was the "idea", but this was never implemented in practice because
1) it is very very hard to implement something like this, like you underestimate it by orders of magnitude
2 ) even if theoretically you know how to do it, you won't be allowed to actually do it. you are not able to buy random chemicals on amazon and start mass producing drugs and explosives (try it if you don't believe me lol). likewise, you are also unable to mass produce non-backdoored chips

>>54984990
>generate key with dice

Can’t breathe

>>54995149
>>54995235
https://twitter.com/EthosVentures/status/1658536133482127361
twitter user says private key extraction was always possible with a custom os, now the problem is the official os has the private key extraction built in

>>54995230
yeah i get your point. I was under the illusion too that it was working like this because i didn't ever really give a thought about it. I wasn't worried basically, i don't have very big amounts invested.
Yes there is an element of trust in those things. And it's not very good. Then again do you realize some popular free wallets have been used maliciously by their employees to steal some poor dudes funds?
The alternative is indeed a secured device, with all your crypted keys for all your different cryptos written in encrypted files with long passwords.
And everytime you need to send something, well i guess just use this laptop.
Pretty complicated overall, and all your keys are on electronic components unless you write all of them on paper and put it in some bank safe (where they could be read by some malicious employee who could steal your shit without proofs, theft have already happened inside banks). If i had millions i wouldn't use ledger, but i don't. Realize if they ever steal someone it's going to be a very few individuals with very large amounts so it goes unnoticed not thousands of dudes

>>54995249
do you realize how hard it would be for a hacker to exploit this.
The only thing that could happen is one of the employees at ledger doing a malicious update and exploiting it on a few targets, in the hope he never get caught. this has happened with free to use softwares wallet that are used by millions of people

>>54995249
of course it was always possible, this is not new information and yet everyone is up in arms about it. wait until you hear how your vpn or your password manager are working internally, you'd be horrified

>>54987141
Well look here my friend I recently wanted to look at some backups from my youth I made on CD-R and at least one of the like 7 cds had simply become unreadable.
Anyway I do agree with the anti hw wallet sentiment though.
>>54988121
>>54988608
If theres ONE fucking way to get all your shit stolen it's buying a 2nd hand one where the seller could easily have tampered with it.
>>54988878
Yeah normally you'd use a (different) usb to transfer the tx to your airgapped pc and transfer the signed tx back again. That introduces the possibility that there's a worm that steals your key via the usb but I don't worry about that desu. Maybe you can just manually type in the transaction on your airgapped pc and transfer the signed one back with a QR, as >>54990122 says.
>https://steemit.com/cryptocurrency/@tomshwom/tomshwom-s-advanced-crypto-security-guide-part-3-creating-a-secure-wallet
This guide is ok though personally I would change it a bit (no keepass shit, generate key with dice, always boot tails on a physically different computer)

>>54985652
>So if my LINK staking wallet is my Ledger one, then I can't just transfer that to a Trezor, right?
Just buy a Trezor and use your ledger seed to retrieve your accounts. Both platforms support the same consensus standards.

>>54995240
What's wrong are you too dumb to roll some dice?

>>54984796
>>54986330
trezor can be hacked if a hacker has access to your device

>>54995316
'ello retard

>>54995296
Why would only a ledger employee be able to do it?
>>54995249
>The Secure Enclave keeps info from leaking but does what it’s told. It doesn’t have a magical understanding of key management theory.
Another retard who has no idea how cryptographic hardware security is supposed to work.

>>54995349
because the software isn't public
Because how could a hacker access your encrypted device? Unless you download a fake update on the fly? that sounds like really advanced hacking....
the real risk is an employee putting a very hidden exploit and managing to steal a few keys without anyone noticing and poof your wallet is empty one morning. Since you're the only one to which this happened nobody believes you or care.
You all have weird assumptions about what hackers can do.

>>54995303
>of course it was always possible, this is not new information and yet everyone is up in arms about it.
Here's a screenshot from their marketing materials about Nano X. Ledger claims that even if your computer is fully compromised the secure element will not sign a transaction without physical actions from you on the ledger. But this is simply not true, cuz if your computer is compromised, it can be used to install a malicious update that will emit your private key. So they lied about the security model of their device, and that's why everyone is "up in arms about it".

>>54995404
Firmware must be signed by Ledger keys to update the HW

Fuck this.
Alright, how do I sign transactions with an airgapped laptop?

>>54995381
>because the software isn't public
Security through obscurity, that's not true cryptographic security.
>Because how could a hacker access your encrypted device? Unless you download a fake update on the fly? that sounds like really advanced hacking....
>You all have weird assumptions about what hackers can do.
lmao

>>54995404
maybe the update thing is much harder to do than you seem to think. especially on ledger.
Also if you use a laptop with all your private keys on it, even if it is a secured laptop, what happens if a thief comes in your house and take the laptop? Did you take the appropriate security measures?

>>54995429
k, do it then faggot. Make a malicious update that extracts key on ledger rofl. Then gain access to someone devices and install it succesfully, then extract the keys and receive them

>>54995240
What's the problem?
Literally the best way to generate keys.
Have you not heard of Diceware?
The key generation isn't the tricky part. It's the complex transactions that are required for defi and such.

>>54995296
Hackers are less of an issue than coercion by governments.
It happened to MakerDAO/DAI/Oasis in the UK where they were compelled to hack a hacker.
This is all actually way bigger of a deal than people think.
All of this shit completely defeats the purpose.
The implication was all of this was physically impossible due to hardware design.
Clearly it is not. If this can be done with software then its over for Ledger.

>>54995415
Oh well that's something I guess. Luckily we know they are very good at safeguarding secret information.
>>54995436
so you base your entire security model only on things you can personally imagine doing? you don't accept that there are people out there with more knowledge and experience about anything?

>>54995458
>>54995436
For example look at this page
>https://jochen-hoenicke.de/crypto/trezor-power-analysis/
The guy is extracting the private key from a trezor by hooking up a fucking oscilloscope and deducing from the number of peaks in the pattern of power consumption what code is being run. Bet you thought that was not possible, and certainly I wouldn't personally be able to do it if you told me "do it then fgt". But here someone did it anyway.

>>54995415
>hardware wallet is really just a software wallet that could have at anytime been compromised by a master key
This is fucked up.
Would be surprised if the government wasn't ballsdeep on this already. I mean if they weren't a couple of days ago, given the recent war on crypto you ca bet your ass that every glowing individual who has 'crypto' somewhere in their list of job activities is just fucking laughing it up after learning about this 'one weird trick'.
Honestly blown away that people aren't freaking out more.
This is like a FTX level event is terms of seriousness and danger.
Probably 12 figures on ledgers...

>>54995458
>>54995453
you already have fully usable backdoors built in your cpus that can be used by glowies. these things can't be detected or removed in any way.

Could this be theorically possible?
Maybe. (although i think the update signature encryption security system is unbreakable)
What individuals are able to pull this off? a very few limited numbers. Most hackers are retards.

Then could a meteor fall on your head? yes. Posible too. i'm more worried about getting attacked by a mob of brown people personally

>>54995336
You say it as if any moron off the street could do this. Reality is it’s never happened in a legitimate theft. One guy “hacked” his own device, which Trezor has since patched, and the other instances again involved white hats, and they only succeeded because the passphrase wasn’t enabled.

>>54995419
i would like to know this too

Honestly I don't even use ledgers and I'm fucking LIVID that we're potentially facing an extinction level event because of the sheer greed and incompetence of these retards.
And honesty the fact that this whole shit relies on so many people, with such a large amount of money, trusting these fucks just kills me.

>>54995481
Nice, one of the only people with a functioning brain in this thread

>>54995453
you can't win agaisnt a tyrannical government. They can do whatever the fuck they want. Crypto isn't going to let you win over tyrannical governments. Banning crypto and punishing its ownership would end crypto.
>>54995453
no it's not a perfect solution by any means. For the use i have of it i find it satisfying and i do believe i'm much more secure using a ledger than using some usb stick or some isolated device that wouldn't be isolated most of the times and could be stolen. Security is always a headache. The more security the more you're at risk of losing your keys or having troubles using them.

>leaks all my personal details
>"oh yeh we can also access your keys"
Ok wtf. What do I swap to? 20 metamasks?

>>54995419
>>54995486
>>54995314
>>https://steemit.com/cryptocurrency/@tomshwom/tomshwom-s-advanced-crypto-security-guide-part-3-creating-a-secure-wallet
>This guide is ok though personally I would change it a bit (no keepass shit, generate key with dice, always boot tails on a physically different computer)
A small problem is that it uses the old version of myetherwallet for offline signing and they seem to have obliterated any traces of it online. No idea what offline signing software people use these days desu.

>>54995481
Yes, that's why the only safe thing to do is generate keys and sign transactions on a fully airgapped computer.
It's that simple, and it's always been that simple.
The key generation is particularly easy and safe. It's only the transaction part that gets a bit tricky.
But a virgin cold wallet with a properly generated key is and will always be safe barring the cryptography itself being exploited.
The point of the hardware wallets were to emulate such a setup where the keys are not accessible in anyway from any device interacting with them.
Personally I don't trust hardware wallets. But in theory I could trust them with the right open design.

>>54995303
well, the ledger is advertised as if the specialized chip does not expose the private key
pic reference: https://twitter.com/cory_eth/status/1658638981914066945/photo/1

>>54995482
thanks for effortposting my fears away, im gonna order a trezor

>>54995536
make sure to get the model t if you want any coins like cosmos or polka dot lol

>>54995481
>>54995509
You are just rationalizing. First you tried to argue that Ledger is very secure, now that you got completely btfo you change your tune to "it's insecure but it doesn't really matter because other things are also insecure and anyway you can never be really secure"

>>54995532
>the Secure Element chip, which has never been hacked
Guess they should change that now that it's been hacked by themselves lmao

>>54995509
Device is not hard to isolate really. No wifi,it's super easy to take it out. And no need to to keep the key on the device.
All of this is the same security assumptions as using a ledger. Your need to keep the seed safe and that's it.
The airgapped device just loads an OS into RAM and when it's off it's gone barring some movie-level shit where they bust in and dip it in liquid nitrogen or something to get at the memory.
Use a ledger if you want. I don't really care of about things at an individual level. I'm worried about how big of an attack vector this is for crypto overall. It's annoying that this is even possible. Because it's not even in their best interests to be put in such a position. I would never want to be the buy in between a government and this much money. It's fucked up what could happen to them and their family.

>>54995553
ledger moment

>>54995536
Be sure to get a second hand one from Amazon for the special discount

makes it kind of funnier the fact there have been many stories of people keeping their seed safe etc and then going online asking how their shit got stolen, always coming to the conclusion that it was probably somebody close to them
imagine how many were actually cases of backdoor exploitation
kek

Ffs, is a waterproof, fireproof safe with the seed on paper the only way?
Then I have to worry about fucking key loggers etc.
How is anyone supposed the adopt this shit?

>>54995548
ok go ahead, build your own secure device to manage your crypto. You don't seem really skilled in hacking or cybesecurity anyway.
Ledger is quite secure, the only scenario i could see happening and that would be easily feasible is a malicious employee, a malicious programmer, building unnoticed exploit that only he could use on a specific update to steal funds from a very small numbers of wallets.

there is always a security risk that's what you don't understand.
No matter the option. Unless you're a cyber security enigneer building your own crypto apps on your dedicated device.

when i bought my ledger years ago, i made a choice to trust the postman. The device was in its box with plastic around but what prevented the postman or someone else from tempering my device and making a false brand new case? nothing. that choice worked out fine so far.
What prevents the next dollar bill you receive from being a perfect fake? do you test every dollar bill you receive with all available fraud detection

Tell us how you're going to hold and use your cryptos from now on. What fully secure software will you use? how will you use them?

>>54995503
thanks fren

>>54995584
great idea, thank you

>>54995584
are you trolling or are you legitimately just a seller of compromised trezors on amazon?

>>54995599
stockholm syndrome in full swing

>>54995602
Did somebody kill him yet? I hate this smug face so much

>>54995628
sure
So what's the plan for your cryptos? are you going to buy a trezor? kek
Also why are you fudding in perfect synchronicity with reddit midwits who only discovered basic working of hw? what will you fud about next?

>>54990045
I guess that's why metamask is partnered with them

>>54995404
you're shifting goalposts with "computer compromised -> can change the firmware". this is not necessarily the case, i have no idea whether it is or it isn't, regardless, your gripe was initially with the hardware, not the firmware.

>>54995642
this thread is full of advice on how to actually securely manage your crypto
>Also why are you fudding in perfect synchronicity with reddit midwits who only discovered basic working of hw?
??
people are talking about how ledger fucked up at this time because they literally did it in the past 48 hours

>>54995661
>your gripe was initially with the hardware, not the firmware.
The gripe is that the HARDWARE allows you to change the FIRMWARE and that the HARDWARE allows the FIRMWARE to extract the keys.

>>54995665
literally nothing happened.
They added a function to extract your keys and send it to several parts, which i personally wouldn't use but would recommend to midwits who lose their keys after a few years, like probably most of people who bought bitcoins early.
Nothing has changed. the possibilities of "hack" has always been there.

>>54995687
>Nothing has changed. the possibilities of "hack" has always been there.
Yes that's literally the exact thing that people are mad about, you thick fucking mongoloid

what is the best trezor to get, model T or model 1 (the older one)

>>54995701
the audacity of calling a mongoloid, while you can't even copy paste an answer on how you're going to store your crypto.
kys midwit retard. buy a trezor and smash your ledger with a hammer lmao

Tangem generates a private key from its chip but what about the seed words used to generate the private keys for each chip? Does tangem control that?

>>54995707
t

>>54993486
wtf did i just watch

>>54995814
why t and not 1
is the 1 bad? i have one left from before i used ledger

I have my links staked with the Keys stored in a ledger. So I guess I can use the same 24 Word recovery in a trezor? If so, is there a chance that the 24 Word recovery is compromised by ledger in the future?

>>54996295
I will create a new key on th trezor to be sure.

>>54986520
using a hw for cold storage was always a brainlet move anyway
hw are useful if you're a frequent dapp user. nobody wants to juggle between an offline laptop and an online device if they're signing 30+ transactions every day
that being said there's better solutions these days. ie safes where one of the signers is on your phone and one on your desktop

>>54996388
what are these solutions called?

>>54990222
unironically 100% right
they could have launched this as a separate product+service
but their greedy boomer minds thought "wow we could get x% of our millions userbase to get a $10 per month sub"
never, ever trust normalfaggots

>>54996402
"safe" is the literal name, previously gnosis safe
you could also use airgap vault wallet
keycard
gridplus lattice
probably a bunch i don't know

>>54996412
no, i dont think this is the case

they would have made even more money if they released a new device for crypto noobs and priced it higher than the nano

they probably did this because the EU pressured them into it, coincidentally (lol) the EU adopted the MiCA regulations yesterday which calls for a name to be attributed to every transaction on the blockchain

hmm isnt it weird that ledger released this service (that is KYC'ed) on the same day?

>>54996431
thank you

>>54990947
> Ledger Nano X duplicates your secrete recovery phrase and encrypts the duplicate

its over

>>54984604
Ledger bros...
We lost.

>>54996684
you lost in 2020 when everyone realized they couldn't even keep an email/address list safe
anyone that bought anything from then after that didnt do their research

So if did not update my ledger nano x since February I’m ok for now? I really don’t know which direction to go now Trevor but no iOS mobile what do the anons recommend to use with iPhone?

>>54995589
Even using a Ledger is a high hurdle for most people.

>>54996434
>to every transaction on the blockchain
wrong. it's just from/to a cex

>>54984604
remember the time that Ledger had the address and emails of buyers hacked? I FUCKING REMEMBER

>>54996867
the reality is that nothing will happen even for those who update. that recover functionality will probably help a lot of normietards. ledger has always been closed source and 0 hack in their hardware.

>>54996980
> In other words, service providers will have to pass on counterparty details on every transaction, no matter how small.

Ledger is a service provider

https://www.ledgerinsights.com/mica-crypto-regulations-approved-eu/

>>54984604
Safepal S1?

>>54997222
>Ledger is a service provider
no. otherwise it means they'll have to kyc all their customers, which wont happen.

>>54995721
You're an abuse victim who can't imagine a better future

>>54997324
"ledger recovery" is a service you will have to subscribe to and pay.

you really belive its only a coincidence they released this on the same day that MiCA passed?

They are literally showing you which way they are going, its starts with ledger recovery to get the noobs.

>>54997395
no. the govs wont be able to force it and if they try there will be backlashes with lawsuits etc. in case of mass adoption it's good that normies can have access to those services. the risk of losing your seed is greater than some government overreach trying to steal people's cryptos.
the travel rule already exists in singapore and switz, it's not really a big deal. trezor implemented it in their wallet to make it easier, then there was a backlash
https://www.coindesk.com/tech/2022/01/27/trezor-adopts-swiss-travel-rule-protocol-for-private-crypto-wallets/
https://www.coindesk.com/business/2022/01/28/trezor-backtracks-on-travel-rule-app-for-self-hosted-crypto-wallets-amid-uproar/

>>54984604
>where do we go from here?
Pic related
I switched from ledger to this in 2021

>>54997285

what about safepal anon? Isn't it closed source as well?

>>54997510
what pic?

>>54997489
MiCA and swiss travel rule is not the same thing

Its no secret that the EU will do everything in their power to KYC every cryptofag and to put a name to every transaction

If you really believe its only a coincidence that Ledger starts a KYC'ed service on the same day the regulation passed then you cant be helped.

>>54997553
>Isn't it closed source as well?
Yeah, I think so, and the build quality isn't that great, but on the other hand it's pretty cheap and its airgapped, you scan QR codes to sign transactions instead of connecting it via USB.

>>54995054
The fact that you can upgrade the firmware to access your (encrypted) seed is the problem. It should never have been possible. Ledger isn't safe now.

>>54998286
https://twitter.com/hosseeb/status/1658740433361702913

>>54996295
I'm going to use my same 24 word recovery when I get a trezor. Given the attack vector, there could be a chance that if you were to verify your 24 word seed phrase, a malicious actor could update the firmware to track your verification to log your seed phrase if you use that seed phrase verification app on the ledger.

>>54997963
then why doesnt trezor do anything since they're based in EU

>>54998424
>they're based

>>54984604
bitcoin nerds pretend like kyc is a dealbreaker. if you want to enter the boomer markets you gotta use it. as if they are smart enough to hide their bitcoin purchases up to this point from the irs, a crime

>>54998354
doesn't address the point.

>>54998354
imagine trusting a nigger, he literally only says "oh x is how i thought HWs work but i was wrong, but its not that bad lol"
this is a paid shill if i ever saw one, he literally doesnt explain why it isnt bad what ledger did, he just goes on a tangential rant
>>54998424
open source vs closed source, the software that runs on trezor isnt owned by the company managing it, they only produce the hardware.

>>54985652
Chainlink LSTs solve this problem

>>54984604
Hardware wallets were always a pants on head retarded idea and only retards use them. Yeah let me just use this software on this piece of hardware to store my seed because it's safer that way than a piece of paper in my drawer. What in the fuck??

>>54998587
Its for people interacting with dapps on the blockchain retard

>>54998587
HW are perfectly fine for 99% of people and more secure than your piece of paper solution if you actually use your cryptos

>>54996867
the functionality to extract your keys is there (has always been) in the hardware
the firmware update will allow people to utilize it

so the vulnerability exists whether you update or not

>>54984604
It's funny, because four- five days ago I made a thread about noticing how the company Ledger consists of mainly jews.
Sadly I noticed after ordering it.
My Nano S came yesterday and today I see this news.
Pretty much everyone on here was telling me i'm just being paranoid and there's no way for the jews at Ledger to get my keys.
Kek

>picrel
Marked everyone who looks like a jew with a pink dot.
With jews you lose.

>>54993285
Noticing that the fudding is endless and incessant in a way that gives it an appearance of automation isn't "simping" for or endorsing anything.

>>54996434
i wish you were right, in a "better have them be malicious than incompetent" sort of way
but t b h as a frog myself i can spot french hubris with ease
the ledger guys ooze it from every pore of their body

>>54999098
m8 most of your "jews" are arabs (moroccans/algerians/tunisians)
you ARE aware modern france is 30% nafri, right?

>>54999328
>(moroccans/algerians/tunisians)
Those dudes look much closer to, for example Yuval Harari, or the typical Mossad face, than they do to Arabs, or Nafris.

>>54985373
Meta mask is inherently worse as you store your seed phrase on it.

>>54984662
Kek

>>54984937
>excessive
do you use windows by any chance faggot?
true alpha chads use a myriad of compartmentalized IDs and VMs to keep everything safe
I ofc have some airgapped devices with multi layer encryption holding my assets. also my paper and pen seeds are encrypted, just like any serious person interested in CRYPTOfuckingGRAPHY would do

>>54986266
schizo faggot globohomo

>>55000473
vms don't keep anything safe these days, nice try larp

>>54984604
I've got silver and bitch be shiny af.

>>54984604
>>54984662
That customer data leak from Ledger few years ago and Ledger's awful response to it was not enough to convince people to move on already?

>>54990467
>using a legacy no-privacy protocol like Bitcoin
adapt or perish like 99.99% of life before you my brother

>>54999098
What's worse is look at this many people and none of them raised a red flag about offering this service.

Mansur = legend

>>54984998
Johnnybros...

>>54998587
Using a piece of paper when doing trades or anything else is fucking retarded. Its only good for long term storage

>>54998354
>>54998512
he mentions that he uses onekey hardware wallet
https://shop.onekey.so/products/onekey-mini-hardware-wallet

>>54984796
>>54984796
>>54984998
>>54986661
>>54987007
>>54987562
how fucking retarded can you seriously be? Anything remotely touching shitcoins is glowcentral. BTC was created by DARPA. Monero was made by the NSA. All cold wallets glorified usb keys have glowniggers' backdoors.

You learned NOTHING from all the """encrypted""" apps fiasco and the subsequent admission by the FBI they ALL had glowies' backdoors? NO FUCKING EXCEPTION.
Cryptos are nothing but a giant honeypot and a way for rogue glow agencies to make slush funds and launder cash.

>>54999098
based nooticer
And how many of them were part of Unit 8200 is yet to determine.

>>55003801
>glowniggers' backdoors.
we know. that's not the problem

>>54999328
>m8 most of your "jews" are arabs (moroccans/algerians/tunisians)
Retard alert. Sandniggers' highest achievable job status is being an uber driver. Only jews are in tech positions in France. Proof is all the big french tech companies are ruled over by kikes.

>>54999098
what are yellow dots?

>>54998354
>consumers chose that
No, Ledger has been lyikg about how their tech works since day one.

>>55003954
those are the ones anon wants to bang

>>54989401
The saddest part is the truly secure, no counterparty risk, unhackable, no device required, impossible to rugpull, indestructible, no electricity required, untraceable, 100% fungible, impossible to forge, with intrisic value, 0 update in 4.6 billions years was already availible to you all this time.
All your ancestors for the past 4000 years minus the past few (((decades))) used them with great success.

Maybe it's time for you to see the light fren.

>>54984604
>Scammer gets hold of my ledger seed
>All my linkies are staked and cannot be unstaked for a decade
Link stake bros we can't stop winning

>>55004154

roosevelt didnt need a backdoor when he confiscated everyone's gold in 1934

The same people that called me a retard for keeping my seed phrases and private keys in a password encrypted zip folder on Google Drive, Dropbox, and OneDrive or only just now realizing theyve been keeping their coins on compromised hardware flash drives? My oh my, how embarrassing.

>>54996366
Is this possible? Isn't the staked link stuck in the wallet with an unchangeable seed. If you get a new seed isn't it a new wallet which you cannot move staked link into?

>>55004268
>everyone's
lol, press big X

>>55004309
Kek...this is just the beginning. We are yet ti face the threats posed by the fucking quantum computers.
Fuck I'll migrate to an EVM comptabile quantum resistant blockchain this year.

>>54984604
been saying it for years. hardware wallets are for fucking mouthbreathers. Imagine trusting chinese not to backdoor your shit, and thats only the tip of the shitberg.

>>55004309
kek you are fucking retarded

>>54987335
Yes but you can airgap it unlike Ledger.

>>54984604
>where do we go from here?
Railway wallet, never had an issue with this. Dyor

>>54986303
Take no chances, Privacy is still your best security. Encryption is based.

>>54985236
imagine being this fucking braindead

>>54995701
holy fucking brainlet
the thing people are mad about is this idea that you can extract the private keys.
but, you can't. an encrypted and sharded form of a seed is not the same thing as the fucking seed.

it should also always have been a basic ass assumption that the potential for a hack exists, as with any fucking program that has ever existed.

how can you possibly be this fucking retarded?

Hey soooo I still have my shit on Armory and meant to upgrade to a Ledger ages ago but glad I didn't lolollo

I know my shit is so out of date but it is cold storage am I still good?

>>55006375
Privacy and security are different things altogether. Projects based on PQC algorithm ensures security. DYOR oldfag

>>55006433
>>55006451
anybody that bought a ledger after they got hacked in 2020 deserves what they're getting now
nobody smart would be caught dead using anything from a company that incompetent, and everyone knew this for 3 years.

>>55007392
Retards are always slow to learn but how sure are we that Trezor and Safepal are better options at this point?

>>55008002
i wouldn't go near safepal

trezor is only valuable because it's fully open source, and the original hardware wallet

>>55008002
Crypto has always been risky, either you sulk it up and get onboard or you stay poor for life stop being a bitch.

>>54999098
They're not jews..its worse..they're french

>>54984711
People from crypto space often tout it being unregulated as something good. Well, they can enjoy all of the "benefits" of it being unregulated now

>>55008057
I prefer Trezor as well for my long term hold and then for Crypto I look to spend from time to time i have that on CryptMi cause of it's card.

Is using safe with ledger, Trezor, and two extension wallets a good alternative?

>>55008208
Your safe is basically exposed to house fire or robbery, this is the extreme case I guess.
I have a decent sized fireproof gunsafe that i keep my keys in along with other docs(will, deed for house, shit like that).
I think a safe deposit box as a backup location for a copy of the key is appropriate, you just need to know that a) you can only get to that box when the bank is open and b) in practice and theory, someone from the bank *could* open that box without your knowledge. so whatever is in there needs to have some level of encryption as well. This is why i was thinking a multi-sig and more than one safe deposit box.