/biz/ - Business & Finance

It's not the same thing, brainlet.

>>7256707
Because when you have your private key on your computer and your a retard then its easier for someone to get your private keys. with the ledger nano s the private key is always on it and never leaves it as you sign transactions using it, thus making it safer.

Because with the nano s your private keys are never exposed to the internet.

Because people don’t realize they’re the same thing
>muh never exposed private key
>muh I trust this random ass company that definitely won’t mass exit scam

>>7256737
Yeah, this meme nano shit is worse
>>7256707
Just use a paper walleettttttttr

>>7256707
Damn op you cracked the code. Ledger on suicide watch.

>>7256707
....because a flash drive is just another drive on your computer, it's as vunerable to malware as any other drive.

The ledger is a small computer that stores your private keys on a secure chip.

>>7256737
Explain how it isn't

>>7256767
Explain how you know the ledger doesn't have vulnerabilities.

>>7256754
Jesus christ you retards have no fucking clue how businesses operate. Muh fucking exit scams jesus christ. Go suck on an exhaust pipe faggot.

>>7256767
yeah but i'm talking about a usb flash drive that's unplugged from my pc most of the time (unless I'm trading, and I'm not trading much)

>>7256801
>businesses can't exit scam
nice just bought 100k in enron stock

>>7256801
Keep coping. You sound nervous. How do you know it’s secure? Is Nano open source? How do you know they aren’t waiting for a few of you to accumulate only to expose a vulnerability for a few random customers and take your crypto?

>>7256803
Ohhh shit.

Unplugged most of the time. I didn't think of that

the nano has a built in backdoor, buddy is going to post details to bugtraq later this month

>>7256864
big if true

use a paper wallet, laminate it and put the fucker in a fire proof safe.
What happens if your ledger malfunctions?

>>7256707

because its cool and i feel like a villain when i use the screen to log in

Skycoin are bringing out a hardware wallet & it'll cost 20$ reducing later to 10$, you could just wait for that

>>7256794
He can't i unironically think a normal usb drive is safer. Put your keys in a jpeg and save it malware will not be able to read it. Specially if you have a small portofolio.

>>7256925
>What happens if your ledger malfunctions?
You just type your seed phrase into any other wallet.

everyone vouching for buying a 120$ hardware wallet is an idiot
https://wiki.archlinux.org/index.php/Installing_Arch_Linux_on_a_USB_key

>>7256794
I don't know for sure because I haven't studied it in depth, but as far as I'm aware the secure element requires the pin to access its contents at a hardware level, meaning no matter if you discovered a vulnerability in the ledger firmware you'd still need the pin to ever expose your private keys.

>>7256707
>mfw I bought a ledger nano s at $70 to sleep well at night, and now see that they've since jacked the price up due to normie buy-in.

>>7257142
Most of us who have $100k+ in crypto don't give a shit about saving $120 to store it.

>>7257186
jokes on you, I bought mine secondhand

If you use ANY kind of hardware/software wallet you deserve everything you get

The only way is never-network private key generation.

Anything else - you are not worth helping

>>7257197
my point is functionality/security wise a usb stick is just as good if you know what you're doing

Its not the same thing. The key never leaves your ledger or is readable by the computer. There is no known way to get the key from the ledger. Transactions are send to the ledger and the ledger signs them within the ledger and sends them back to the computer. This is why its more secure than a USB or any type of storage drive even if you encrypt it.

Storing your keys encrypted, or on a paper wallet only keeps your keys secure offline. Any time you need to reenter that key in a computer to sign transactions is when a ledger is more secure. It allows you to sign transactions without having to expose your key.

Yes, its a risk that the ledger company may have stored the keys. Its also a risk whatever software you used to generate your own key is compromised or has a bug. Unless you write the key generation software yourself you can't know for sure. So if you have a massive amount of wealth in crypto. You probably want to use many different addresses from many different sources including hardware wallets and cold storage to diversify your risk.

For anyone with under 10mm in crypto a couple hardware wallets from different vendors is probably good enough.

>>7257338
Okay so what? If they're equivalent like you say, then I rather just buy a dedicated hardware wallet because I'm not a poor fag

>>7257338

No its not. A USB drive is just storing the key. Another computer has to use that key to sign transactions, and that is the security vulnerability. Once you load the key from USB into a computer it can sign an unlimited number of transactions.

A ledger is completely separate, isolated chip that signs transactions. The computer sends transactions to the ledger, the user pushes a physical button on the ledger which signs it and sends it back to the computer. The computer has no ability to sign additional transactions without the ledger.

A hardware wallet is comparable to a completely separate computer you keep isolated off line. If you generated a key and stored in on a computer that was never connected to the internet, and then anytime you wanted to sign a transaction you would download the transaction to a USB and transfer it to the isolated computer, have the isolated computer sign it, then transfer it back to the untrusted computer to transmit. That would be comparable to a hardware wallet.

>>7257543
well you would have the USB run arch linux, on a disconnected computer sign a transaction save it somewhere persistent, unplug said USB after shutting down, and then broadcast the transaction from the computers memory after reboot into another OS

>>7257332
kys retarded tripfag

>>7256767
what if you encrypt your flash drive?

>>7257621

Any time the key is exposed is an opportunity for malware to access it. Then its game over. Once the key is readable an unlimited amount of transactions can be signed. A ledger makes it so the key is never exposed.

Rethinking my example, the isolated computer is still vulnerable if malware is introduced through the transfer mechanism. A hardware wallet can not similarly be compromised because it is a simple hardware chip where the functionality cannot be easily altered or hacked. So a hardware wallet is more secure than even an isolated computer.

Storing you keys on a USB, then loading that into a potentially compromised environment is not much safer than a hot wallet.

>>7257142

The spectre/meltdown ordeal showed that if there's ever a point in your process where you see your private key and type it in, you're vulnerable. These trezor/ledger things were the only things safe from it that I saw.

The spectre/meltdown thing is what finally pushed me to get a trezor.

>>7256707
the biggest advantages of using a ledger nano s
>convenient/fast
>requires physical button-press to confirm transactions, which makes your transactions tamper-proof. You could plug a ledger nano into a public PC with 50 trojans/rootkits and still use it freely with no risk.

Some people advocate just using an old junk laptop that never connects to the internet and then saving your transaction file and transferring it over to a networked computer and pushing the transaction through - this is actually probably safer than even a ledger nano realistically, but it would take more time especially if you make many transactions

>>7257723

Still not as secure because you have to decrypt it to use it.

>>7257730
you're not possibly loading anything into a compromised environment, the USB is acting as the HDD of the environment

>>7256925
you get a new one. since you don't do know this and since you don't know what to do with the new one you are a confitmed mongloid

>>7257798

Sure, you could conceivably set up a similar system to a hardware wallet, its just extremely cumbersome and time intensive to maintain than a hardware wallet.

In your example the other OS could conceivably alter the firmware of the computer which could compromise your key. No its not likely, but there are tons of potential ways for your key to be compromised on computers.

A hardware wallet is about as secure as you can get with very little effort. The only risk is trusting the manufacture which can be mitigated by using devices from multiple vendors.

>>7256707
why waste $15 dollars for a usb when you can memorize all your private keys in ur head fuck off normie

I'd like to buy one of these but I don't want to pay £150 for one (nearly twice the RRP). Anyone know somehere to buy in the UK/EU that's in stock and isn't overpriced as fuck?

>>7256925
when you first buy a hardware wallet it generates a "seed phrase" that you save and keep safe. Then if you ever lose your hardware wallet or it malfunctions, you can buy a new one and use the seed phrase to restore your original wallets.

>>7257621
I think the $120 for a leger is worth not having to essentially transfer transactions on and off an airgapped machine every time you want to send crypto.

>>7257236
underpated roast

>>7257936
Kek this

Just use a paper wallet generated on an airgapped device

>>7257933
If it's disconnected from the net it shouldn't matter if the firmware is altered to show some semblance of a key if it's wiped when you boot into something else.

I really don't know though, as for convenience hardware wallets are better, you are still trusting the manufacturer though

>>7257976
>risks losing hundreds of thousands because he isn't willing to pay $120 to keep his private key private

>>7257965
And where do you keep your seed phrase? It's the circle jerk of death. You buy a hardware wallet so that you don't have to keep a *dangerous* paper wallet around. But then you have to take note of your seed phrase somewhere.

It's all pointless.

>>7256794
you fucking retard, explain how any software is full proof.

I got a cheap $80 android tablet and keep my wallets on there. enjinwallet, monerujo, and toastwallet. And I keep seed backups and stuff in an encrypted disk image synced with dropbox and google drive.

>>7258038

That's fine, until you actually want to make any transactions.

>>7258087

Sure, my point is there are often obscure ways keys can be compromised. If you are careful enough you could probably build a secure system. A hardware wallet is just a lot easier and cheaper.

Yeah, you have to trust the manufacturer, but similarly you have to trust whatever software you use to generate the key. It doesn't even have to be malicious. Faulty software than doesn't generate a key that is random enough could lead you your key being compromised even if you generated offline with non malicious software.

I think the most secure way is having hardware wallets from multiple vendors. If you have massive wealth you will want to have a large amount of addresses from different sources, with pieces stored in different secure locations, including safe deposit boxes in multiple countries.

>>7258127

The hardware wallet is for safely signing transactions. A paper wallet is just as secure, as the recovery phrase, for storing your key, but you can't actually safely use that key.

>>7257338

you cant be this dumb, how do you operate simple everyday machines. does a cell phone scare you?

>>7256767
Le buzzwords

>>7257621
yeah, this whole operation would take like 30 minutes and wont be as secure as a 30 second operation on the ledger or trezor.

>>7256979
Which is ironically a paper wallet

>>7258087
of course, same as you trust the manufacturer of you computer, your usb drive, your OS, your encryption software etc.

>>7256707
You can lock the price in on a Ledger Nano S, but not on a USB stick.

For instance, I locked in my BTC at about $15k a while back. I'm planning on selling it soon a make a HUGE profit.

>>7258316

Yes, the recovery phrase is just a paper wallet. Good for STORING your key but not using it.

A hardware wallet allows you to USE your key without exposing it, and its backed up by a paper wallet.

This is why if you lose your hardware wallet, you have to import your backup into a hot wallet to transfer to your new hardware wallet.

>>7256794
>>7256971
I don't know if you're just pretending to be retarded, but I'm assuming you really are.

Say you have some malware specifically designed to look for BTC wallets or MEW private keys. The moment you connect the USB to your computer, it's compromised.

With a ledger, the private key remains hidden and requires hardware authentication, which means in order to confirm a transaction, you need to physically be in the room to push a button on the ledger.

But by all means, store your private keys in a folder on your desktop if you want. It's your money to lose.

>not having a dedicated trading machine and airgapped wallet device that can support whatever bullshit you want

I'll never understand why you fags trust to put your money in the hands of a high profile device and software that's the target of hackers worldwide.

>buy a $30 Raspberry Pi
>load whatever distro you want on it
>set it up for local VNC and SSH
>put any and every wallet you could ever want on there
>keep it off and locked up until you're ready to transfer
>turn on, remote in, create transfer, turn off

>>7258566
is there like a step by step on this process for fucking brainlets like me

>>7258636
buy a nano or dyor normie

>>7258566

Hardware provides ease of use, as with browser plugins you can sign smart contracts from websites like ether delta that would be difficult with your system.

>>7258566
>arm
>supporting anything

Might sound cool and technical for retards but on 4chan you're the retard

>>7258566
>dedicated trading machine
>for browsing 4chan

>>7258647
>using etherdelta

lol just buy chadcoins on real exchanges

>>7258566

Additionally you're essentially relying on security by obscurity. If that was a windows x86 machine it would not be very secure. A hardware wallet is more secure and easier to use.

>>7258636
If you can't set up a raspberry pi you can't computer. shit is the easiest thing in the world

>>7258566
clean your desk, pig

>>7258727
lol but like what is vnc and ssh.

>being so cheap that you're willing to even slightly risk potentially millions just so you can feel superior about being able to install linux

you greasy autists are the kind of people that throw their usb in the trash accidentally

>>7256707
how do you lock-in prices @ 20K without a hardware wallet idiot?

>>7258127
You can add an extra password to the end of the seed phrase which you keep in your head.

>>7258636
This one is okay: https://steemit.com/bitcoin/@florianghe/diy-bitcoin-and-litecoin-cold-storage-wallet-with-raspberry-pi-and-electrum

You'll have to search a bit more for learning to do remote stuff. Wired works just fine though.

>>7258809

Its just what you use to access the computer. The only reason that seems secure because its running an obscure OS and architecture. A hardware wallet is more secure and much easier to use.

Hes makes a point about having to trust hardware wallet manufactures but similarly you have to trust any software you use to generate your own key. The most secure way is using multiple hardware wallets from different vendors.

What happens if the nano breaks?
Who has a private key backup?

Are exchange wallets safe?

Is Binance safe?

>>7256739
This is the simplest answer.

Just make sure you write down your secret words with no webcams or phone cams around.

inb4 muh spacing

>>7256738
the file would be in an encrypted folder.

>>7258647
It's all of five minutes to power on, remote in, and approve transactions.

I sure hope you don't use that device to sign in to do day-to-day transactions.

>>7258919

When you set up the ledger it gives you a list of words to write down. That is the recovery phrase. Its a paper wallet.

If you lose your ledger you have the paper wallet as a backup. Like all paper wallets you are at risk when you import it into a software wallet to use it. So you want to wait until you set up your new hardware wallet, then import the back up wallet and immediately transfer the funds.

>>7258975

Yes I use my hardware wallets in day to day transactions that is the purpose of them.

>>7256767
>small computer
>computer
>cant be hacked goy

>>7256707
brain wallets best wallets

>>7258666
>not keeping a whitelist for basic research and shitposting

>>7258799
Sorry, my cat gets shit everywhere.

Thoughts on keeping paper wallets in an encrypted disk image backed up to the cloud? Yes my password is strong with 109 bits of entropy

>>7258284
Download a linux distro onto a USB to make it a live USB, and now you can boot up using the live USB onto any computer which takes a couple of minutes with a fresh.
No malware since it is a fresh install and you can use the USB stick with your private key to get access to your wallet.

>>7257621
you are literally fucking retarded.

>>7256707
Are they $120 now? Got mine for bout 70 yuros including shipping in November.

>>7259007
>trusting your brain

Metal is nice too.

>>7259141
I've long wanted to make a metal wallet just for the punk aesthetic

>>7259092

You still have to trust whatever computer you plug the USB into. And that is still way more effort than a hardware wallets.

>>7259141
Can you make one for me? How much would you charge to make me one with my keys on it? 6 wallet addresses on one credit card shaped metal?

>>7259180
No my friend, when you boot up your pc you get the option to press F5/F12 and it will say to boot up from the USB, this is all done from your BIOS and is irrelevant to the OS installed and whatever malware is present.
Alternatively you can have linux and windows 10 dual boot and everytime you boot up it will give you the option to choose which OS to boot up from.

>>7259180
Maybe if you're worried about keyloggers.

The rpi is an independent device though.

private keys / password stored in KeePass on USB stick ?

>not making an embroidered wallet with a cross stitched qr code

>>7259300
Giving anyone your mailing address and your wallet info is a terrible idea.

Those three items are like $50 on Amazon though, be a man, hammer your own fireproof/waterproof wallets.

>>7259424
lel

>>7257236
kek

>>7259424
>habby balentines gay
bet you took that from reddit

>>7258937
exchanges have gone down in the past.
mt. gox took down all funds, bitfinex paid everyone back after like 8 months (but for 8 months people had no access to their BTC funds after they were hacked for 120,000 bitcoins)

so no exchanges aren't as safe

>>7258937
they're generally safe against hackers, but the big risk with exchange wallets is that exchanges themselves have been known to close down or run with money, or claim to be hacked (although in most cases people usually assume these claims are actually just inside jobs).

It's generally a bad idea to leave large amounts of your portfolio on any exchange. If you're an active daytrader then sure, leave what you need on there to do your thing, but if you're holding long-term it's a pretty terrible idea to leave it on exchanges.

>>7256767
>>7256794
>>7256864
>>7257401
>>7257730


ledger compromised by malware
https://www.docdroid.net/Jug5LX3/ledger-receive-address-attack.pdf

>>7258276
le poorfag

>>7258948
Wow, you mental fucking retards really are paranoid. No one fucking wants your 1.3 BTC okay? No one cares about you.

>>7259424
nice, just stole 100k

whats something good i can use to scan my computer in the meantime for keyloggers and such?
use malwarebytes once in awhile but uninstalled it because virus scans are a meme

>>7256862
This

>>7259614
What a terrible argument.

>>7256707
>Bidet are expensive, better use cheap toilet paper
>Why would you buy toilet paper when you can just use newspaper?
>News paper cost too, better use those $3 cloths and keep rewashing them.
>Eh fuck it, better shit outside under the trees, clean your anal area with surrounding sticks and leaves.
Got it OP? Buy $3 cloths

>>7258566
issue with this is that not every wallet is supported by Linux

>>7257743
This is what I asked about doing in another thread. I would keep the majority of my long holds in the dedicated offline notebook and trading funds (I don’t trade much tho) in a nano.

>>7259965
That's a pretty good point.

>>7259357

My point is it is very difficult to built a system as secure as a hardware wallet. And that system would be a lot more cumbersome and expensive.

The original question here is why not just use a USB, and that's already been answered. Yeah, you could build an isolated computer from the ground up, or design your own chip and fabricate it. But it won't be more secure than a hardware wallet you can buy for like $100.

If $100 is a lot to you, then you probably don't have nearly enough to even justify such security to begin with.

>>7259999
quads of truth