/biz/ - Business & Finance

>>20670075
>Is holding crypto on an exchange dumb
Are you retarded? No, seriously, do you have brain damage?

>>20670094
>fag response
seriously its a question i saw people posting 100k ripple bags from coinbase on here.

>>20670075
If you have more than a couple grand in crpto you really should store it yourself. I use a Ledger but Trezor or a securely generated paper wallet is fine too.

>>20670075
if it's on an exchange, you don't own the keys
coinbase can more or less be trusted, up to a point, but once you start getting serious you should start taking ownership

>>20670075
Is the question something like,
If it takes shenanigans and magic to extort and exchange, whats to prevent this happening to your wallets? generally loaded with backdoors and owned by centralised systems, what to prevent the same hacks on exchanges happening to wallets?

Front doors have deadbolts but windows are still glass

>>20670075
if you have more than $5,000 get a ledger. From then on out I would use coinbase, kraken, and gemini in addition to two or three ledgers.

you can keep

20% of assets on trading exchanges - quick liquidity, plus some coins are hard to move off exchange.

15% coinbase

15% gemini or kraken

50% split between one or multiple ledgers

holding crypto on an exchange is dumb because you are more or less responsible if your account gets hacked due to weak password, phishing, not having 2fa enabled, etc. in this case you most likely won't get your crypto back.
It is likely that major exchanges will refund money lost from a hack if it's their fault but it's not a guarantee.

What about nash

>>20670306
It's easier to break 247 running cloud service than well-researched crypto algorithms.

>>20670306
>what to prevent the same hacks on exchanges happening to wallets?
Exchanges are much easier to exploit than wallets. If wallets can be easily hacked, then crypto in general would come crashing down. Exchanges have servers that can be hacked, people that can be hacked, passwords that can be hacked. There are many more vectors of attack on an exchange.

So to answer OP's questions, it is yes to both if you have more than a few hundred dollars in crypto

Coinbase is pretty safe. They have a cold storage vault in which can only be unlocked through two separate email accounts that are linked to the vault. It takes 48 hours for funds to be withdrawn too, so if you notice your funds are being withdrawn without your permission you can cancel it. If Coinbase is hacked, they are FDIC insured up to 250k, so you would be fine. If your account got hacked because it wasn't secured, you'd be fucked...but again Coinbase Vault is a pretty safe option if you don't want a ledger.

>>20670403
>>20670390
I understand the generally accepted notions that to brute force these things is practically impossible.

What about side-loads or different attack vectors? im a security noob, but what are the odds of crypto 0days?
Or as in the first analogy, normally the most obvious attack vectors are the most secure, but the most often effective methods are from angle that weren't expected.

The only real security problem is feeling secure. isnt it?

>>20670075
depends on the exchange, if it's some obscure exchange or even binance obviously not you'll get "hacked".

if you do, gemini and coinbase are the most secure. plenty of people get their personal wallets hacked though, there are many ways to do it and there is no real safe place for your crypto unless you do what many people consider paranoid steps like a newly wiped computer, create a fresh wallet, write down the seed phrase in 3 separate areas using a system where you only need two of the three (I forget the name of this method), and store those in different places. This is actually pretty basic compared to what some people do.

I considered this: since I have a hobby of painting hiding mine in plain sight as symbolism in a painting I make. hardware wallets I hear borrow stories about constantly whether its coins locked or malfunctions, they use the same seed phrase concept anyway except they have a physical form as well to be used for transactions

>>20670403
>Exchanges are much easier to exploit than wallets.
Well run exchanges keep the bulk in a cold wallet so only the hotside is exploitable.
People bit about KYC but those exchanges are less likely to be hit than bobs dodgy completely unaudited exchange.

>>20670075
No. Just keep it on Metamask anon. Keep your seed private. Buy FUND and stake it.

>>20670075
Don't listen to the neckbeards on here. There's nothing wrong with keeping your crypto in your exchange wallet, and that way you're not paying fees to send it back and forth from your wallet everytime you buy or sell.

>>20670520
what's so wrong with having neckbeards???

>>20670075
>Is holding crypto on an exchange dumb
Ironically it's safer for tech illiterate brainlets (i.e. /biz/) and boomers to just hold on exchange with 2FA, more likely they will get hacked than exchange operators.
For Windows power users (i.e. /v/) a ledger or some brand of hardware wallet is best, especially if you use your devices a daily driver or for gaymen.
For GNU/Linux power users (i.e. /g/) they can interject with an air gapped general computing device that is open hardware (At least IntelME disabled), like a libreboot thinkpad, a purism laptop or a POWER9 system, safe from even glow in the dark niggers.

>>20670614
>t. pic related

>>20670075

After some negative experiences with exchanges in the past (i.e funds gone), I now treat exchanges like public bathrooms. I don't stick around for a long time. I do my business and then get out.

>>20670651
Are app wallets fine? I'm using the crypto.com wallet

>>20670115
Retards posting on biz? I do not believe you

>>20670479
>crypto 0days
There is relatively small chance of that if you are holding something like ETH or BTC, but the possibility rises with smaller/newer coins that have not had exposure to a wider audience. The biggest attack vector is you. People are easy to exploit and sometimes give out their passwords inadvertently or download something that installs a keylogger or remote access trojan. I saw a guy in the Meridian tg that got hacked with presumably a R.A.T. yesterday and lost all of his crypto. I had the same thing happen a few months ago. Using Metamask or the like is probably on par with storing on an exchange. I would recommend a hardware wallet if you aren't actively trading your crypto every day. An exchange like coinbase is probably more secure than some of the lesser known exchanges though

>>20670667

I've never used their wallet. If you control the private key, which is usually generated by a seed phrase, usually 12 words or more, you're fine. If you only use a username and password to access the wallet, the chances are you don't own your coins. Crypto.com own them.

>>20670706
Yes, it generated a 12 word key, which I proceeded to email to myself.

Id get one for sure. Theyre like half the price of when I got mine few years ago

>>20670725

Ok, so that means they are your coins. I don't mean to nitpick, but you should never allow that seed phrase to be stored on a computer.

In your situation, it's basically impossible for someone to "crack" the seed-phrase, but it's far more likely that someone can reset the password to your email, by knowing basic information about you, and then using that to gain access to the seedphrase which you emailed to yourself.

As a rule of thumb, write the phrase down on paper, and store it somewhere safe.

This level of security might sound silly if you're playing with a couple hundred bucks, but as soon as your holdings are in the thousands, you should probably take security more seriously.

>>20670520
If you're going to store a decent size bag for more than a few days or a week or two dont be a poorfag.

>>20670075
Will ledger support my ampie rebase?

How secure is MetaMask?

>>20670686
I get that, and im on board.
But im paranoid, we can air-gap and still be hacked. You can 0-ring anyone with factory shit.
I can drive your car from here, i can stop your pacemaker and insulin pumps i can backfeed your glucose monitors

but crypto has no attack vectors outside of dumb?

i dont quite beleive you

>>20670163
dont you guys get paranoid storing money on that shit for periods of time? the amount of USB, SD cards, and SSD drives ive seen randomly die or get corrupted due to faulty flash memory makes me very skeptical.

>>20670629
Is there a security difference between more "casual" Linux OS's such as Ubuntu/Mint and more "hardcore" Linux OS's?

>>20670792
they were being facetious no biztard would do that, go back.

>>20670448

Crypto isn't FDIC insured

>>20670792
This. Assume that someone has access to your computer and email and act accordingly. That moment you see all your money is gone is a horrible feeling that you don't want to experience.

>>20670837
Yes. The wallet is on the blockchain still, but the seed phrase never leaves the device except on paper, and you need to physically hold the Ledger or the seed phrase to transfer funds from the wallet, so hackers can't get it even if the ledger is plugged into the computer when it gets hacked.

>>20670855
No know exploits, but if they get in your computer, you are fucked

>>20670857
I'm not saying it can't be hacked, but lots of people have been trying for a very long time with no luck, so if there is a vulnerability, it is very obscure and no one has found it

if I had anything over 10k I would buy a ledger
anything over 100k and I would buy multiple

>>20670916
"havnt told you" they found it, similar to 0-days

>>20670892
This. The FDIC insured part is only for USD's you keep in coinbase. Not the actual crypto.

>>20670921
wisdom

>>20670921
A Ledger is $45, if you have more than one or two grand, I would invest in one. You never have to wonder if your money will be there when you wake up.

>>20670858
No, because the wallet is still on the blockchain and you should have a paper or metal copy of the seed phrase in case the device gets lost/stolen/broken. Obviously the seed phrase should be kept very secure and not in your wallet or desk drawer

>>20670933
If they had found it, then why haven't billions of dollars in crypto been drained? Use your head.

>>20670858
That's why you backup your recovery phrases

>>20670986
timing.
use your head

Would you just hand a random weirdo your money to take care of it? No? Then Get a ledger or use a paper wallet if you dont really need access to it regularly.

>>20671018
Vulnerabilities Equities Process

timing, use your head

>>20671035
if theyre licenced and im insured against them then yes

>>20671018
I'm sorry but you are retarded. If you could hack bitcoin, you would do it immediately before someone else did. If you honestly believe what you are saying then you should not be investing in crypto and should stick to waging

>>20670916
>No know exploits, but if they get in your computer, you are fucked

Is this a good buy? https://www.amazon.com/FORTINET-FortiWifi-Security-Firewall-Appliance/dp/B01ARRQXJM/

>>20671063
wow thanks for the lecture.
Glad to see your colors.

>>20671063
Thats not how it works.
Thats not how any of this works.

>>20671109
So if you knew how to hack bitcoin you would sit on it until the MC was higher than 178 bn dollars to steal it?

>>20671084
I'm not the one being dumb and repeatedly doubling down on the assumption that someone is sitting on an exploit that would allow them to steal billions of dollars

Should I get a Ledger Nano S or Nano X?

>>20671188
i think the key differences are X has more space for more wallets + bluetooth capability

>>20671156
https://www.zdnet.com/article/is-it-still-a-good-idea-to-publish-proof-of-concept-code-for-zero-days/

Windows of vulnrability
Vulnerabilities Equities Process

>Doesnt beleive people sit on exploits until the time suits them

https://bitcoinmagazine.com/articles/security-researchers-reveal-wallet-vulnerabilities-stage-35c3
https://www.finder.com.au/keepkey-hardware-wallet-vulnerable-to-consumer-friendly-attack
https://www.coindesk.com/researcher-discovers-serious-vulnerability-in-paper-crypto-wallet-website
https://www.coindesk.com/researcher-discovers-serious-vulnerability-in-paper-crypto-wallet-website
>crypto and wallets are invulnerable.

>>20670306
Yeah good luck with that mate https://securityledger.com/2017/02/9-quintillion-tries-later-researchers-crack-sha-1/

>>20671253
already mentioned common vectors and brute force being impossible.
Thanks

>>20671209
Right. Personally I don't think I'll need all that extra space, and the bluetooth capability seems like another point of entry for someone to hack into it. All I want is to securely store my crypto and hide the hardware wallet somewhere. Based on this I think the Nano S would be a better option for me. Do you agree, or can you convince me otherwise?

>>20671250
sorry multi links, but the point is simple google yields alot of results for vectors

>>20671250
You are talking about vulnerabilities in wallets. That is completely different than vulnerabilities in the cryptos themselves which is what we are talking about. If you look earlier in the thread, you can see I listed several ways a wallet or exchange can be compromised, but the only known way of hacking a wallet that exists solely on the blockchain is by guessing the seed phrase, which would likely take hundreds of years or more.

>>20671293
Nope, I chose Nano S for those exact reasons.

similar question, how you approach this situation when trading? i dont feel like moving my shit back and forth every couple days so i just leave it on kraken. that said i have like 75% of my crypto on there too lol

>>20671293
>bluetooth
>secure
pick one.

>>20670484
How do personal wallets get hacked?

>store mnemonic physically
>same with private key
>on iPhone (generally very secure)

How can a hacker brute force into a wallet? Ive never heard of it happening. Always when its reported as ‘hacked’ its a phishing attack not an actual hack

How secure are other software wallets like brd, exodus etc?

>>20671315
nope. you are reading what you want to. just research instead of blindly taking for granted the tings you dont understand. dont just take someones word for it.

>>20671381
the only reason "brute force" is used as a term is because its an easy to understand pool of large numbers for the public to understand.
most security vulns is from interception

>>20671329
Cool, I'll do the same.

>>20671363
Right. Nano S it is.

hardware wallets are essential, never leave coins on an exchange. I have used both ledger & trezor, & imo trezor is better, not just cause it's open source. I find it more reliable and "solid". the ledger software isn't as good although it can wider variety of coins

>>20671415
Every link you posted has the word "vulnerable" (or some derivative of it) and "wallet" in the title, and you are trying to say that those are about hacking the blockchains themselves? I think you are just trolling at this point, but if not, I will reiterate: If you think crypto is vulnerable and has been successfully hacked, then why the fuck are you investing in it in the first place?

>>20671483
because i can diversify.
why cant you google?

Okay just give it to me straight goys

I have 100k in eth in my jaxx wallet. Private key and mnemonic is in a bank safe and encrypted with a word key known only to me

How can my jaxx wallet be hacked? I dont use public wifi or download dodgy apps on my iPhone.

>>20671451
Are you comparing Trezor to the Ledger Nano S, X, or both?

>>20671276
Just read the discussion my bad. You still shouldn't be worried since a majority of the top coins like Bitcoin use SHA-256 for encryption, and given the absurd length of time it took to crack SHA-1, the probability of copping a SHA-256 crack to decipher your private keys is too small to count; it absolutely won't happen in our lifetimes. The only flaws in holding a ledger are up to the person in charge of keeping it secure and accessible to themselves.

>>20671534
mmm, china could point the biggest supercomputer at it and come up short.

but a 51% attack with the same network size and compute power

or literally any other vector that seems perfectly secure as a given now, may not be.

Im not fudding, i beleive in crypto, but to me this is similar to the suppression of PMs (which will continue)

>>20671493
Because if there was a known exploit, crypto would approach zero in short order because the entire world would know about it within a few hours.

>>20671499
Did you ever type your seed phrase or private key on a computer? If not, it sounds pretty secure, with the only concern being Jaxx wallet itself since I don't know much about that specific wallet. I would think that the only attack vector would be through your phone, and if that is secure then you should be good to go

are there any schizos like me who plant decoy seed phrases?

Put liquid swing coins on exchanges, metamask if they’re uniswap swing coins.
Put rest of em in a ledger.

>>20670858
Bro if it gets corrupted you have a 24 word recovery phrase. Please just research more.

>>20671483
Fuck it, thanks for devils advocate here.
im curious if some big brains have any real thoughts

https://www.researchgate.net/publication/335759608_A_Taxonomy_of_Blockchain_Threats_and_Vulnerabilities/link/5de46038a6fdcc2837fd155a/download

https://www.researchgate.net/publication/334559010_Systematic_approach_to_analyzing_security_and_vulnerabilities_of_blockchain_systems

(not blockchain, but applications)
https://www.researchgate.net/publication/319293093_Security_assessment_of_blockchain-as-a-service_BaaS_platforms

(interesting ideas about how blockchain vulns arnt important as much as the policy and regulation around them. Also interesting points about oracles as vectors)
https://www2.deloitte.com/us/en/pages/advisory/articles/blockchain-risk-management.html

(small input, massive effect, EOS)
https://www.beyondtrust.com/blog/entry/blockchain-can-suffer-vulnerabilities-application

I could go forever. I have faith in crypto. Im curious what some sharper minds may think

>>20671646
thats simply not how exploits work most of the time.
name a single real-world instance where that was the case? you hold exploits as long as you can, unless you see it being patched

>>20671646
No i never did. I wrote it down, encrypted it and put it in a secure safe.

Jaxx wallet is just a wallet, its completely decentralized.

Though if anyone wants to make a convincing argument as to how someone can steal my ethers go ahead

>>20671642
>but a 51% attack with the same network size and compute power
Then you're tinfoiling yourself. A 51% attack on Bitcoin specifically would be too costly to even attempt without a guarantee of succeeding, and this event is even more unlikely as time passes/btc keeps rising due to the cryptography of mining algorithms that are way beyond me to explain. The point is a 51% attack is not worth attempting on Bitcoin, only on weaker and cheaper coins. Even if someone were to attempt it on Bitcoin from here on out, it would need to be very well coordinated to the point where you'd know about an attempt before it's ever successfully pulled off.

How much are the fees if I withdraw my Linkies from Binance now? I really didn’t want to give them entire Linkies as fees. I also would kill myself if I lost my stack because I lost some fucking ledger or fat fingered some address. It’s so stressful but I need to man up and figure something out. I have legit money on there now.

>>20671788
Put some on coinbase and some on a ledger

>>20671793
Coinbase over binance? CB has worse fees no?

How to do the thing where you store the seed phrase using 3 papers but only needing 2 of them?

>>20671793
I’m already set up with Gemini. They seem pretty serious with security. Is there a reason to use Coinbase instead?

>>20671775
im only talking general, not specifics. I do not know that there are massive holes for certain. but i do know every single other tech and product ever developed had gaping holes for years until someone decided to take advantage. its how every single hack ever has happened.

Seriously though I agree about never storing your seed phrase on a computer. Your shit will get hacked if Link hits some insane number. Write it down on paper and hide multiple instances in different places.

>>20670335
This seems like too many points of potential failure.

I just use my jaxx wallet so store crypto.


I thought the whole point of crypto is that its hack secure even if youre storing 50 dollars vs 50,000 dollars

>>20671909
especially since a lot of exchanges have had security issues. You are just multiplying the risk at that point.

>>20670884
Not really but "hardcore" linux may be more hardened by default. Stay away from Ubuntu if you want privacy.

would any of you recommend a paper wallet to store 1 BTC (so around 10k dollars)?
If I can safely keep it (I own a safe), is it a good solution? Why buy a Trezor or Ledger over a piece of paper?

>>20671960
Why the fuck wouldnt a normal wallet be secure?

Can someone fucking explain to me how a fully audited wallet like jaxx wouldnt be more secure than a bluetooth dongle that has to be installed to a computer????

>>20671500
trezor one vs nano s

>>20670075
I HAVE 100k AND IM NEVER EVER BUYING KIKE LEDGER

>>20671931
>delete image
lol

>>20672072
Dont hack me :O

>>20672093
Open the door, friend. I'm here.

>>20671975
I'm asking about paper wallet, not normal wallet. But I agree with you on normal wallets.

>>20670335
where do I buy my ampl with your retarded exchange choices?

>>20670094
>he doesnt know

To be fair, most popular exchanges are PROBABLY safe, but you will never have 100% certainty.
I keep a small pool on coinbase, but mot my funds are on my ledger.

>>20670075
holding crypto in an exchange is peak retardation , get al edger or trezor

One ledger per 10k usd is my rule to sleep well.

Thoughts on this autist saying hardware wallets can be easily hacked with one simple firmware update?

Is his Ubuntu+Metamask method really safer? Is this 'compromised hardware wallet update' thing really a possibility?

>>20670075
How much VRA can one of these things hold?

>>20670075
>Is holding crypto on an exchange dumb
>and is it worth investing in a ledger
Who's most likely to fuck this up? Coinbase vault or (you)?

>>20670075
>>20670858
Holding crypto on an exchange is not the smartest thing to do. Leaving a small amount isn't too risky but large amounts should definitely be withdrawn. If your ledger is ever lost, stolen or something else, you can buy a new one and recover your funds using your 24 words phrase. But if you aren't planning to hold large amounts like I do (since I'm a poorfag) I rather wished I just made a wallet on a USB drive and had invested the 70 euros (delivery costs, tax) in buying a few more tokens.
Anyway in short: Yes, if you can spare the few bucks it's definitely worth it.

ONE WARNING: Don't buy on Amazon or anywhere else. Make sure to buy it of the original site.

>>20674305
He's right, this kind of encryption is impossible to break, hardware wallets are a meme.

>>20670075
only store on exchanges what you intend to trade

>>20670075
I actually interested in how onew ould go about bypassing ID checks on goybase.

pretty happy with my ledger, only got it a couple of days ago.
had 25k sitting in an exchange. started making me very nervous knowing the bull run is coming and leaving my potential fortune in an exchange

>>20675537
Fuck, where do I get a gf like her?

>>20671975
Is coinomi wallet at same pair of security like jaxx?

>>20670265
Coinbase has permabanned accounts of right-wing figures in the US. Normies don't necessarily have to worry about this now, but as we move closer and closer to complete digital transactions and forego cash, the more control (((they))) will have over your accounts. Going forward, you're going to see a lot more regular people will lose their accounts because you voiced an unpopular opinion or said a no-no word and Mastercard, Visa, Stripe, etc. will be able to close your accounts for violating their terms of service. Having a wallet for your crypto is an absolute must!

Don't listen to these fags OP, just set up SMS 2FA and you're just as safe as any hw wallet

Also question, doesn't Ledger and the delivery service literally have the name and address of literally every singleLedger owner?

Or in other words the info of everyone who holds a more than decent amount of crypto? How is that safe?

>>20676194
No, the ledger does not hold your personal information, and there is no delivery service except the one on the device itself that creates the smart contract.

>>20676128
Don't listen to this guy, he clearly wasn't around for Mt. Gox

Ok can you niggers explain to me why a nornal wallet wouldnt be a secure as your retarded bluetooth dongles?????

Assuming youre not retarded about your private key or mnemomic

>>20676356
Because everytime you want to make a transaction you have to enter your entire key, while with a hardware wallet you just enter the pin on your device.

>>20676411
What????

What fucking wallet requires you to enter your entire private key for every transaction????

The mew phone wallet is pretty cool. Actually having a lot of fun with it.

>>20676356
With a hw wallet, your key is never on a device that could have been compromised and you have to physically enter a pin to do a transfer, so if a hacker is raping your pc, he still can't get your funds even if you left the hw wallet plugged in, metamask running, and metamask logged in.

>>20676503
Im on iOS which is pretty fucking secure. I dont use public wifi either

>>20676526
The usual culprit is someone gaining access through a virus or malware, but keyloggers are also used. If you have $1k in crypto, it wouldn't be a big deal to have it accessible on your computer, but if you have $10k, 100k, 500k, it gets harder to sleep at night without it safely on an airgapped secure device

>>20676664
Did u read what I wrote? I use an iOS wallet, and iOS is immune to malware shit like keyloggers

>>20670075
I fell for thememe and bought a Trezor. two years later it was no longer supported.

>>20676833
>iOS is immune to malware shit like keyloggers
lol ok keep telling yourself that

>>20676854
No longer supported where?

>>20676924
Ok fuckboy tell me how someones gonna install a keylogger on my iphone when

>i only download official apps
>i dont even visit porn sites on my phone
>dont have tiktok or any shit

Its a blank, fresh iPhone that I dont even connect fo public wifi. Explain how someones gonna install malware

>>20676984
Yeah, they are really secure, right up until they get compromised. Most people that have been hacked didn't think it would happen to them otherwise they would have taken more precaution. You don't have to take my advice, you can leave your seed phrase posted all over your local college campus for all I care, but don't cry if/when your money disappears someday. There are people who's sole mission in life is to take what you have. It is their career and they spend every waking moment thinking about how to accomplish it, while you might spend a few minutes a day or week thinking about how to prevent it.

>>20671293
Why would you hide the hardware lol.

I know a guy who secured his ledger in a safebox in a bank vault but keeps the 24 word seed at home lmao yes nucoiners are this retarded

>>20676924
No longer supported by the Trezor company. The solution was to buy a Trezor II. I didn't, I already sold my bitcoin. I just discovered it when I tried to log in.

So is buying a Ledger worth it?

>>20676194
>Also question, doesn't Ledger and the delivery service literally have the name and address of literally every singleLedger owner?
Correct. Information that can be sold to people who will hunt you down

>>20677325
Yes

>>20677356
Most retarded thing I have read today

>>20670075
You have to be an absolute fucking retard to use a hardware wallet. Probably made in China with a backdoor and if not that then they will die randomly. Why the fuck would you not store it in an open sourced wallet like meta mask or argent? If you get into crypto and store it on a centralized product you deserve to lose it all.

>>20677356
You can always say you lost the device, right?

>>20677421
And they can always torture you to test you a bit

>>20677399
Dumb ledger shiller

>>20677443
That doesn't make sense. They need your coins. If they kill you, it's over.

Would keeping software wallets and seed phrases on a SSD with offline installed ubuntu, hardware encryption, biometric, and a strong encryption passphrase; that has only ever been connected to a clean install airgapped pc be better or worse than a ledger?

>>20677482
Well, it is massively more expensive for one thing, and a pain in the ass for another, though it is probably just as secure

>>20677541
Thanks for answering. I'm in the process of upping my security so I'm still sorting all this out. Biggest drawback to a ledger IMO is if someone finds yours they then know they can torture you and there is a decent chance they'll get a payday. A SSD could just be your porn collection.

>>20677690
>Biggest drawback to a ledger IMO is if someone finds yours they then know they can torture you
This

>>20676833
you dope.

iOs has been heavily trending up in malware. Imagine you are a hacker, now ask yourself - what platform has the most tech illiterate people with money? Fucking iphone drones.

>>20677690
You can actually create a false pin that opens a different wallet than your main one, so you could put $100 in eth on there just for such circumstances. That is an unrealistic situation though unless you blab to every person you meet that you have 3 million dollars in crypto and that you have a ledger.

>>20670337
Why wouldn't you have 2FA enabled? All my exchanges to login I need my fingerprint and they text me to verify if it's a new device.

>>20677814
That's nice but the main problem still exists; only people with thousands of dollars or more in crypto own ledgers. Criminals know this. Maybe someday crypto use will be so widespread that normies with 40 bucks in eth will be using them, but not now.

>>20677896
Sim cloning defeats 2fa pretty easily. You'd have to maintain a separate device with no other software just for 2fa

>>20671381
they dont "brute force" it, they usually use phishing techniques like swapping the send adress or something that can gather screen shots, intercept what you type, or remote control of your pc, a fake website, etc

I travel around the world and work in total shitholes. Carrying a hardware wallet is non viable for me.

I keep a wallet in a bank safe deposit box with about 75% of the stuff I intend to "hold forever". The other 25% I keep on coonbase and jewmini.

>>20677814
I simply find all these torture thingy a low IQ reason not to buy a Ledger. I'd be more concerned about Ledger's software. Hacking into Ledger's software is more scalable and profitable than hiring niggers to mug every single Ledger owner across the globe.

In an idea world a ledger is safer but I'm not convinced anymore. I'm sure the big exchanges like coin base, gemini, binance, have very very strict security measures in place.
If you get a ledger all the onus is on you to properly secure it and keep your seed safe. There are a lot of lazy or dumb people who'd be better letting coin base do the heavy lifting

>>20678331
Ledger is probably backdoored since it was created. The day the shadow government decides to end crypto they will do it with a flip of a switch.

>>20678380
Yep, it's the software's integrity at the end of the day.

>>20670075
There is a 20% off sale off ledger right now. The company doesn't advertise it but it exists.

Only buy ledger from them directly. Never buy from thirdparty because they could have tampered with it and have the seed code.

I do recommend a ledger.

>>20670094
>mt gox
>quadrigacx
>coinsmarkets
>cryptopia
Anons can add any others to my list if they like

>>20675455
>>ONE WARNING: Don't buy on Amazon or anywhere else. Make sure to buy it of the original site.
Are you saying this because it basically marks you as someone who owns a HW wallet or what?

>>20670115
so a screaming yes basically to the gentleman’s initial question

>>20678159
Your average criminal wouldn't know what a ledger even was or how it works. Your hypothetical situation is the same whether you own a ledger or not. Why wouldn't that same criminal torture you for your metamask password or atm pin?

>>20678588
No, because there is a big chance they might tamper with it. I mean if you get it straight from the factory, there's also a chance to get marked by the delivery guy.
Here's an example of what might happen.
>Guy in vid orders a Ledger S on Amazon
>only gets the box
They probably forgot to put back the Ledger after tampering with it.
https://youtu.be/ILqA8NCvnJ8?t=15

>>20670075
I have interest in hacking and pentesting and I prefer to have my wallet with 2FA on an exchange with an insurance in case they get hacked.

For the physical wallets we talk about :
1. Your long phrase password is super easy to brute force. Since they are literally english words, any dictionary would crack it.
Also I've read stories of people receiving those kind of things with the long phrase password already being stolen before being sold.
2.What happens if you don't have a long phrase password (or any other way to recover) for security reason and your wallet physically break?

what if you break your hardware wallet? The nano ledger looks like a usb stick. I would probably fuck it up eventually. Can you get 2 or 3 duplicates or something and lock one away with all the funds or would you have to split the funds between them?

>>20679092
You have to write down the seed phrase before you can even use the wallet. If the Ledger is lost/stolen/broken you have the seed phrase and can restore the wallet on a new ledger or wallet. Writing down the seed phrase is probably the least secure part of the ledger, and you should put it in a safe or safety deposit box or hide it extremely well. Or if possible, use a new airgapped computer and put the seed phrase in a text doc, heavily encrypt it and then keep it on a USB. Obviously the more money you have, the more secure you need to be

>>20678331
>I simply find all these torture thingy a low IQ reason not to buy a Ledger
Based retard, you will be targeted for sure. You are already on a list. They will find you, and they will hurt you. If you don't talk, they will hurt your family.

>>20678785
>Your hypothetical situation is the same whether you own a ledger or not. Why wouldn't that same criminal torture you for your metamask password or atm pin?
Based retard. Instead of targeting a random guy you use the list of guys who bought a ledger, since in this case you are SURE he has considerable holdings. You torture him until he gives you the real seed and voila.

>>20679502
hand mi dat eferium white boi

>>20679502
Oh, a low IQ reply. Or maybe a seething Trezor employee?

What you guys fail to understand is that we aren't talking about the average Afro-American thug, we are talking about people expert in crypto who can hire expert killers to get the job done.
Again, YOU ARE ALL ALREADY IN A LIST. YOUR NAME AND ADDRESS ARE KNOWN.

>>20679557
Whatever makes you sleep at night, son. You still have a few years.

>>20679560
> Afro-American

Oh no wonder, a low IQ reddit fag.

>>20679595
>diverts the point to a meaningless detail
Clearly you finally realized I'm right

>>20671909

This is like saying having all your eggs in one basket reduces your points of failure therefore never spread your eggs out...

You spread your points of failure over multiple mediums... none of which are high risk so it’s even safer

>>20673381
>trading exchanges
? Are you dumb

>>20670075
yes /thread

>>20679578
> a few years

I am no longer here by then, fren. Jokes on them.

>>20679635
Or maybe you are a nigger? Now I know why you have low IQ.

>>20679663
They will come anyway and get whatever you cashed out for. You have been marked. It's already over. You should at the very least move to a different country.

>>20679690
Awwww, nignog.

>>20679690
Why don't you just lie on the floor and starve to death if you're too afraid to do anything?

>>20679686
Not a nigger, probably whiter than you. I'm Swiss.

>>20679713
Oh another larping Swiss. Enjoy Switzerland, nignog.

>>20679712
There are equally safe alternatives that don't put you in a list of potential targets, you fucking retard. Posted in this same thread.

Your question something is like,. If i lend my wife with a miniskirt and high heels to my friend for cooking in the weekend?

>>20679740
You are dumb and have no arguments. Probably an actual nigger.

>>20679741
you may be right on better alternatives, but my insult on your comical action-movie tier paranoia still stands

>>20679768
Fair enough, I accept it's borderline paranoid. But why the fuck taking the risk. Anyway I'm done, do whatever you want.

>>20679757
I really did hit a nerve right there, didn't I? Seriously, just put up a thread about Trezor so you can shill your product. Haven't bought anything yet as I am still considering other hardware wallets.

>>20679560
Your now on our list too.

>>20679789
When I realized that I am NOT the center of this world and there are millions of people just like me in similar dispositions, I sleep well at night. There are so many people with so many more coins that I would be on the bottom of this "hit list" if there was to be one.

Anyways I agree that it doesn't hurt to be more secure, and if I was more secure I wouldn't even need to think the comforting thoughts above. You're not wrong anon. Sometimes paranoia pays off.

>>20677411
Get rekt all you faggots not replying

>>20670921
Good advice anon, what are some good quality ledgers?

my ether wallet passphrase in physical notebook and never typed. there, saved you the trouble.

>>20670479
The attack vector to be worried about is that the chinks who make these things have built back doors into all of them. Every single one. There isn't even one without a backdoor leading directly to china.
Unless you can find one designed and built by White men, with chips designed and built by White men, don't even bother you'll get chinked as soon as you plug the thing into an internet connected USB port.

>>20679533
>the list of guys who bought a ledger
Where are you going to get a list of people with a Ledger? You think the company is going to give you a list of customers for a few grand which would tank their multi-million dollar security company? That is absolutely fucking moronic. The reputation of Ledger or Trezor is worth more than some random thug could afford. Not only that, but you are assuming that only people with hundreds of thousand or more in crypto own ledgers. I own a ledger, and I am a small fish compared to many.

ANYONE FUDDING HARDWARE WALLETS WANTS YOU TO BE AS VULNERABLE AS POSSIBLE

>>20679907
Not defending HW's but Trezor is made in Czech Republic and everything is open source and you can check everything yourself.

Every coin I own is on Binance. I'm sure its fine.

>>20680012
I don't know man, niggers must really like their action movie fantasies. I am actually more concerned about software integrity to be honest. I am not writing off the fact that Ledger or Trezor may have backdoor kill-switches that may "randomly" drain funds. But still, I'd like to try buying one just for the sake of buying one. A single Ledger Nano S is cheap as fuck. Wines are more expensive than this.

>>20671951
Do you recommend any distros? Ive tried a few but found ubuntu the most refined. Will be willing to try another if you have a good recommendation.

The level of paranoia in this thread must be stemming from something. Has anyone lost their funds on popular exchanges like coinbase or binance? Or less popular exchanges/decentralized exchanges? If so, how do you think it happened? Click a link on a sketchy email that installed a keylogger or what? What information does a bad actor actually need to do that?

>>20680169
>Ledger or Trezor may have backdoor kill-switches
No more likely than Metamask, Electrum, or any exchange having a backdoor. It comes back to the company valuing their reputation more than the money they would get by stealing some Eth from your wallet. Trezor is even open-source so you can inspect the software for vulnerabilities.

>>20680347
Exchanges have been hacked before, as well as other supposedly secure platforms, like twitter a few days ago. How many times have companies been hacked and had customer information stolen?

>>20674305
He’s just a schizo. Is he wrong? No. Is he crazy? Yes.

>>20680436
Yeah, I know it's possible and some time down the line it'll happen. But how? I.e. if I don't give out critical info that can be used to social engineer a way to get my email/account password such as DOB, last name, phone number, and address. Basically if the user just takes basic security measures, shouldn't they be ok?

Can this part be scratched off/erased?

I want my Ledger to look as generic as possible, not for someone to find it and with one google search to figure out what it is.

>>20680590
No, hackers find a way to break into the exchange, not just your account, but the whole thing. I don't know how they will do it, if I did, I would do it before they would.

>>20680610
You can remove the entire metal part pretty easily. You could also sand it off or paint it

>>20680667
Ah, I see. So if an exchange gets hacked, and the hacker takes all the crypto, you would just lose your funds that are not insured. That sucks.

>>20680840
It depends on the scenario. Some exchanges might not be insured, some might be completely insured, the hacker might only get a portion of the funds or they could get all of it. Look up Mt. Gox where 850,000 bitcoins were stolen over the span of a couple of years

>>20670972
>>20670990
>>20671708
>>20675455


These anons (and generally anyone dumb enough to buy a hardware wallet) are a perfect example of how stupid biz is.

>buy a nano ledger
>still haves to keep a paper wallet in case it fails


why even buy one of those overpriced flash drives? just keep a paper wallet ffs

>>20681133
>just keep a paper wallet ffs
And what do you have to do when you want to send or trade money? You have to type that phrase into a computer, right? A computer that could be compromised as many people have found out the hard way.

ANYONE TELLING YOU NOT TO BUY A HW WALLET WANTS YOU TO BE VULNERABLE. THE PEOPLE THAT WOULD STEAL YOUR CRYPTO ALSO BROWSE BIZ AND TRY VERY HARD TO MAKE SURE YOUR MONEY IS NOT SAFE.

>>20681133
>still haves to keep a paper wallet in case it fails
what? why would you need that?

>>20681230
In case the hw wallet is lost/stolen/damaged. You write down the seed phrase before you can add funds to the wallet and the phrase is never entered on a computer that could be compromised. You need to secure the backup as though it was the money itself (fireproof safe, safe deposit box, behind a picture frame at your moms house, etc.)

>>20681331
>In case the hw wallet is lost/stolen/damaged
you just get another
>as though it was the money itself
your crypto isn't in the actual physical hardware wallet you dumb fuck

>>20679000
You obviously have no idea how these things work, look it up

>>20681390
Ok, you are clearly retarded and/or naive.
The seed phrase IS your wallet. If you lose your ledger, and don't have the seed phrase, then your money is gone with no way to recover it. The seed phrase is attached to one specific device. You can restore a wallet to a new ledger, but only if you have a backup of the phrase.
Your second statement BTFO of your first.

You should ALWAYS have a backup copy of your seed phrase no matter what wallet you are using. If you are using Metamask and your computer gets zapped by lightning, how would you get your crypto back?

>>20681483
of course I need to have my seed phrase written down, what the fuck is your point
you must be baiting at this point

>>20681576
Was this not you?
>>20681230
What do you think a paper wallet is? It is just your seed phrase or private key sometimes in the form of a qr code

>>20679000
^ get a load of this faggot


>Your long phrase password is super easy to brute force

lmao, no. This is not the 90's. Physical wallets are stupid, yes, but you are not Neo or mr robot. You are more like jp from grandmas boy but without the money and game dev company. The amount of time it would take to brute force a 24 word passphrase far exceeds the return, and it scales with higher processing power. That is to say if you had a super ultra mega gigacomputer that could do it in a year, you'd have probably gotten a far better return on leasing it out for services or cloud computing/hosting rather than locked it up to get some poor faggots .5 btcs worth of ripple bags and bitbeans

just because you used a hex editor with your kali linux gayming pc doesnt make you a spec ops hacker spy

>>20681133
It's easy to use with DEXs or DAPPs and you don't have to input your fucking recovery seed every time you use it.

>>20681807
this is precisely how i know nano owners are a bunch of poorfaggots... if you say you own a nano ledger, I immediately know your net value is less than 100k and I also know to ask you whats in your folio so I can buy the exact opposite...

>>20681912
Or maybe some people don't put every dime of their net worth into crypto. Not sure I see where using a ledger to trade equates to not having money.

>>20670075
You can just generate pub\priv keys and store your coins on it.

Pic related.

>>20681912
what does any of what I said have to do with my net worth? you sound like you're projecting. By the way I own BTC/ETH/LINK along with a variety of other shitcoins so you might be better off avoiding crypto altogether.

>>20671698
Considering I tried sending ETH from Coinbase to Metamask two fucking hours ago and it's still "pending", I'm not so sure.

>>20670163
fag

>>20681998
>>20682072
>"hurr durr, why do u think I are so poor and dumb!?!?"
>using your primary wallet for dapps and shitcoin trades

>>20682134
I don't trade shitcoins, but it's always nice to have that option.

>>20682224
you know nothing about trading options, I can tell you that right now champ

>>20682262
If you're so rich and smart why are you behaving like a bitter negative cocksucker?

>>20682296
what you say lil bitch?

LEDGER IS NOT SECURE


I REPEAT LEDGER AND ALL HW WALLETS IS A SCAM THEY KNOW YOUR ADDRESS AND PUSH FIRMWARE UPDATES OTA


USE GPG AND UBUNTU
DO


NOT


BUY

HARDWARE

WALLETS

>>20682314
You need religion in your life anon. Please find inner peace someday

>>20682296
He has a small penis and/or is a manlet. Many such cases

>>20682328
6 years. Nothing happened. Fud harder

>>20682328
Proof or stfu

>>20682328
Schizo is back again -_-

You do know you can call your method safe without talking down on hardware wallets in a schizophrenic manner right?

>>20682345
catholic already

>>20682347
uh nice try genius, but im actually a girl

>>20670075
>Is holding crypto on an exchange dumb
yes
>is it worth investing in a ledger?
yes

>>20682396
See. Small penis and a manlet. I was right.

>>20682396
>catholic already
clearly not pious enough. I understand that these are stressful times and in-person masses are still banned in many parishes. I'll be praying for you.