/biz/ - Business & Finance

>>55015220
What makes you think Trezor doesn't have the exact same problem?

>>55016002
It’s open source retard.

>>55015220
yeah i think i want off the ledger train. Think I need to buy a trezor and be done with it

You guys realise that every hardware wallet is the same, right? They all access the pk so they can upgrade to new blockchains and standards.
Moving from one HW to another doesn't change anything, if you want to increase your security you need to set up a multi-sig, probably with Gnosis Safe.

>>55015220
I have a feeling they were always glowies.

If crypto is to replace fiat, the powers that be would’ve had a contingency plan in place to rug pull crypto and say “see cbdc is safer”.

They usually tell you what they’re going to do before they do it to avoid karmic debt. This is it. They’re telling you they have a way to rug pull a hood 25% to 50% of crypto holders.

I expect this rug pull to happen right prior to CBDCs going live in the US, the most ardent opponent of CBDCs.

>>55016437
Trezor is open source though, and you can install custom firmware

>>55016446
Thought the same thing today anon. It's a brilliant vector for attack, go after the hardware wallets and erode faith in Crypto like that. It's not like the rug being pulled out, it's the whole floor.
I am glad I went with trezor to begin with.

>>55016456
it can still access your pk though, they all can.

>>55016365
>Open source software is software with source code that anyone can inspect, modify, and enhance

What the FUCK???? How would open source be safer you massive idiot anyone can inspect modify and enhance your trezhoe wallet

>>55016467
Well yeah since they're stored on the device. However you can inspect the code yourself and see if it's programmed to do anything with them, which it is not.

>>55016456
You have no way of confirming the open source code is actually the code on your wallet. Could be a front.

I’m moving everything to a laptop wallet that is air gapped this weekend.

They’ve fucked my contingency plans.

>>55016472
It means you can modify the code and make your own firmware you smoothbrain, it doesn't mean other people can force custom firmware on you

>>55016483
I could copy the code myself and reload it into my trezor and it wouldn't be any different. Also firmware is cryptographically signed so you know it came from the official developer. It's all on github anon, I don't blame you for being paranoid about the ledger thing but people shouldn't have gone with closed-source software hardware wallets in the first place.

>>55016472
Are you stupid? Lmao

>>55016483
>You have no way of confirming the open source code is actually the code on your wallet
It's called compiling it yourself, you can also confirm the official binaries are a match to the self compiled one by comparing their hashes to see if they are distributing something that is different from what the source would build.

>>55016446
>They usually tell you what they’re going to do before they do it to avoid karmic debt.
Here's where your post went full schizo.

>>55016483
I’m a brainlet. So you’re basically creating a fresh wallet on a laptop? What wallet would you be using?

>>55015220
Trezor is the same. Open-source does not matter unless you are actually compiling from source every time and loading that. Every time you update firmware that way, your trezor will be completely wiped too, so you'll have to re-enter the seed

By the way, if you don't trust Ledger's firmware, why would you have trusted their hardware in the first place? And the same can be asked of Trezor's hardware. You have no way of knowing whether the microchips under the hood are following the spec or not. Only trustless way is to build the hardware AND software by yourself, which is doable, Raspberry Pi.

Or to go full paranoid, no hardware wallet. Access your private keys only on an air-gapped linux box to create transaction header sigs. Then take that tx sig and broadcast it from your connected PC.

>>55017157
Electrum or bitcoin core.

>>55017273
who tf is gonna build a raspberry pi?

>>55015220
Just use a software wallet tards. Works fine

>>55015220
Trezor is no more or less at risk.

SO WTF SO I USE THEN???

>>55017957
trezor.

Ledger's design was to better protect against physical extraction of the key, so they used this proprietary security module to encrypt everything on the device. But for some reason they can't release the source code. And if w/e secret ledger uses gets leaked, then ledgers aren't secure from physical access anyway.

Trezor is completely open source, but its just designed to be secure from the perspective protecting against the computer its attached to. It doesn't care about 100% safety from physical access, which is fine because you can protect against that in other ways like a passphrase.

>>55017273
Its really easy to verify software. You're right about the hardware. But its a lot harder to make and distribute fake hardware than it is the write malware. At the end of the day use an offline wallet for the most security and hardware wallets just for funds you use frequently.