Topic: Choosing my first hardware wallet, have some questions. (Read 248 times)

You did create a whole lot of threads in this hardware wallet sub-board relatively quickly. That made him suspicious. I wouldn't go as far as calling you a liar, but both scenarios are equally possible at this point.

A) You actually purchased a BitBox, and now you are looking to learn as much as possible. Which means dkbit98 is wrong.
B) You didn't buy anything and you are in fact trying to fish for merits by posting what you think others might like to read. Which means dkbit98 is right.

Why don't you make a post in my Show off your hardware wallet thread and take some real pictures of your BitBox. After that, you get to call dkbit98 a liar if you want.

---

On a different note, merits are meant to circulate and be sent to posts you find to be deserving of some. There is no point in hoarding them. That's something I noticed after a quick look at your profile. 

Thank you jerry0.

I think the main negative thing with dkbit98 is that he tries to dominate.
 Why must  users obey him and why must users feel guilty and prove to him they are innocent?
Is he a king, or a dictator? May be a cop or a judge?
An authority from governement?
Has he any right to control other users?
He is a user like everyone else on this forum.
I don't see any reason to obey him.

I experienced so much unfreedom in my life that I literally was surviving in unfreedom,  and now I feel sick (literally physically sick) every time when someone tries to dominate, to "own" or to control me.

It is up to every user to decide how to behave when such a person like dkbit98 tries to control you, but I see no one single reason to obey such a person.

Ignore poster dkbit98



This poster apparently likes to make stupid posts.  I saw he made a post about me in another subforum here.  I post to ask questions and this poster mentions my posts has to do with increase my post count with signature campaign.  I read this has to do with getting paid for post.  That is something I never even heard of.  I did notice however lot of posters here seem to have the same avatar so I figure that is what is meant by that.  I don't even have an avatar here.  The only other account I had here was that viking account that I no longer have access to and I already told the mods about it a while back.  Also it had some avatar on it etc.  



He continues to think of other posters as suspicious.  If anything, why are you asking other poster for proof of stuff?   What do they have to prove to you?  Also I seen your posts and you are also a bit suspicious and paranoid as well with your nano ledger posts etc.  Don't even waste your time with that poster dkbit98.  If someone ask dkbit98 to prove something, you think he would do it?  Nope.

dkbit98,

It turns to be an emotional (not rational) conversation.

"You are the one who is avoiding to answer, and I asked you a question first."

You didn't ask any questions, you asked me to do some action.
Is it correct that if someone asks you to do something, then you will do whatever you are  asked to do, and it doesn't matter what you were asked to do, and it doesn't matter who asked you? And you will not ask "why", you will just obey? Is that correct? It is exactly what you want from me. If you would not do so, why should I? If you would do so, why should I do just like you?


"Your ''benefit'' is that you are writing bunch of posts and topics about this topic, probably wanting to get some merits and increase post count."

Do you have any other ideas about reasons  why people may write posts and topics?


"BULLSHIT!  No need for any account's and it take few seconds to upload image on imgur or imgbb, "

I never did this before. So I need to learn first, go to their website, understand how it works... All that takes time and efforts. For what?

"but you can't upload something you don't have."

That's true. For example I have no selfie with Scarlett Johansson, so I cannot upload it.

"I am putting you on ignore,"

It is your right. You are free to do so.

"and I consider you are a liar until you prove otherwise."

You are offering me 2 bad options:

Option 1. Someone on the internet is considering I am a lier.
Option 2. I obey someone on the internet and do what he wants, I get provoked by childish manipulations, I make efforts and spend time in order to prove that someone is wrong, and I admit that I am guilty until proved innocent.

Which option would you choose for yourself if you were me?

"Not going to reply to you anymore until I see some proof."

Honestly, it is a pity that you are not going to reply anymore. Because I really appreciated  your replies, answers and that you were sharing your knowledge and experience.

You are the one who is avoiding to answer, and I asked you a question first.
Your ''benefit'' is that you are writing bunch of posts and topics about this topic, probably wanting to get some merits and increase post count.

BULLSHIT!  No need for any account's and it take few seconds to upload image on imgur or imgbb, but you can't upload something you don't have.
I am putting you on ignore, and I consider you are a liar until you prove otherwise.
Not going to reply to you anymore until I see some proof.

dkbit98,

1. You didn't answer: What profit/benefits am I supposed to get from lie about having purchased BitBox02? Why would someone lie about that?

2. It's not that easy to post an image here, one needs to upload it on 3-d party hosting, and register there before doing this. And all those efforts just to prove you wrong.
What profit/benefits will I get from proving you wrong?

Let's say that I have a hunch, and I learned to be very suspicious in forum.
I honestly suspect you didn't purchase BitBox hardware wallet, but you could easily prove me wrong with a simple picture like I suggested.
You could even make a small review and impressions about your alleged hardware wallet, so this can even be beneficial for you in the end.

dkbit98,

Thank you very much for your replies.

Why do you need a proof that I purchased BitBox?
Do you suspect that it is not true?
But what profit can I get from lie about this?

Oh really, so you are telling me that you purchased Bitbox hardware wallet?
Would you be so kind of taking a picture with this device next to the paper with today date and your username written?
You don't have to reveal any other personal information, images or wallet address, just device + paper with date/username, and tell us your impressions.
Thank you.

If you are using shitcoins you obviously won't install Bitcoin-only firmware, but that makes code much bigger and with much more potential bugs and exploits.
I didn't hear a single case of someone losing coins for installing multi-coin firmware, but it's always possible to happen in future.
Smaller compact code = less potential bugs and exploits.

Like o_e_l_e_o said, by running less code, there is just less room for bugs and security holes.
As to whether it realistically makes a difference, I don't know. The risk of getting your hardware wallet attacked in the first place is pretty low.

The very fact that you have your keys on such a device and not just on your hard drive, easily accessible by any virus, already significantly reduced your attack surface and eliminated probably 99% of hacking attempts.
If you don't use altcoins anyway, I say go for it. If you do hold alts, don't install the Bitcoin-only firmware, of course! You don't want to keep those on your HDD either, right.

Ultimately, the decision is yours.

Whenever a hardware wallet wants to support coins other than bitcoin, then it has to introduce new code to do so. Any new piece of code poses a risk, as it is impossible for the developers to discover every possible way in which that code can be used or interacted with. For example, there was a (now fixed) vulnerability a few years ago with Ledger devices, in which an attacker could trick you in to signing a bitcoin transaction, even though the hardware wallet showed that you were signing a transaction on an altcoin. If the Ledger device did not support altcoins at all, then such an attack would not be possible.

The less code of any type on a device, the more secure it will be. Whether or not having bitcoin only firmware actually prevents any future attacks, though, is obviously unknown.

The choice is up to you. There are plenty of people out there who are only interested in holding bitcoin, but there are also plenty of people who want to buy dozens of altcoins. I would, however, point out that >99% of altcoins are either vaporware/useless/pointless or outright scams.

Mine is Multi Edition.
n0nce, could you tell please,

Why is it good to convert it into Bitcoin-only?
The link says it is more secure because there is "less" software involved.
Is it really that much more secure that it is worth refusing possibility to hold other coins?

Ledger is not open source! But good choice with the BitBox02; keep good care of it and you will enjoy it for a long time.
If you plan on only holding BTC, consider 'converting' it to Bitcoin-only: https://shiftcrypto.ch/bitbox02/bitcoin-only/

Thank you very much guys for your replies and explanations.

I have purchased open source hardware wallet BitBox02.
There were 2 different open source hardware wallet in the local shop: BitBox02 and Ledger.
I chose BitBox02.

You touch on a very important aspect that high sales are not an indicator of the superiority of the hardware devices over others. This is just an indicator of the success of the marketing department. Ledger in produces good workable devices, but they have some problems with defective produces. The support service tries to help with these problems as much as possible and replaces defective devices. So marriages are not critical and debugging production will minimize this. In general, these hardware wallet can be used, but the risks of another loss of user data must be taken into account.

it is certainly much less sold than Ledger or Trezor, therefore, fewer customers, which produces fewer complaints about problems. I hope you understand what I want to point out. I certainly don't want to give bad feedback for Bitbox here, because I have never used it and have no experience with it.

Ledger is much more active in marketing and advertising than Trezor and they have sold more devices, but that doesn't mean their HWs are better. You can see Bud Light advertisements all over the place and they have a strong market share, but a proud European beer drinker would never take that over a proper German beer.    

I am a Ledger user for many years already. They are a closed-source wallet with closed-source chips and firmware.
Does the wallet do what it's main goal is - to protect your private keys and digital assets? Yes it does.
Have they started using bad/cheap quality materials? Yes, they have.
Have they (together with a 3rd-party) leaked millions of private data of their customers? Yes, they have.
Am I satisfied with my purchase? If it wasn't for the partial data leak of my private info, I would be fully satisfied. But now, the overall feeling is mediocre.   

As you can see, a strong market presence doesn't mean everything.   
Since you aren't considering closed-source wallets, don't look at Ledger. If I was on the hunt for a new hardware wallet, I would consider either a Trezor or a Passport Foundation Batch 2. Keep checking the hardware wallet sub because we are anticipating n0nce's review of the Batch 2 after it gets shipped to him. 

Most crypto normies don't care at all about source code and they buy any hardware wallet than is trending or spending bunch of money for advertisement.
If you don't care about open source software and hardware, than you don't really support anyone else other than manufacturer of closed source devices.
Closed source simply means that you can't verify what exactly is in devices firmware, no need to overthink it, they can literally put anything inside (including spying stuff) and you would never know about it.

No, there isn't any switch to turn of bluetooth for hardware wallets I know.
Only option is to open device and conduct oparation for specific part removal, but that would probably make device unusable and void waranty.

PS
Asking gazillion questions in one post or topic won't help you much and you won't earn any merits for that.  

Yes, it looks like Bitbox is a reliable thing.
According to users feedbacks, the device almost never have issues and support is very quick and helpful.

Here's a list of open source hardware wallets: https://bitcointalksearch.org/topic/m.55583288

Out of the ones listed (excluding Ledger and Trezor). I think that Bitbox and KeepKey are the most popular ones.

Thank you guys.
I have done more of research about open source hardware wallets (there are a lot of brands and models)  and found out that most of open source hardware wallets manufacturers don't have a well established business.
There are some who are about just to start  sales (like this month).
There are some whose website looks like their business is about to die.
There are some who are re-organizing or splitting business between owners who didn't agree with each other (I have read articles about it).
Like this. Though there are a lot of beautifully designed, having interesting features, sounding convenient and secure (according to descriptions) hardware wallets.

When manufacturers business is not well established you never know what you purchase and how long it will work, and how it will work (as there are too few users, too few feed back and too little experience), and whether you are going to get support or not.

The ones who are most reliable (as businesses) are Trezor and Ledger (though Ledger products are not reliable, but its business is).

And there are also some manufacturers about whose business I cannot say anything because I don't know how long they are in business and how many devices they sold.

Could you guys please tell what manufacturers you know who is strong enough on the market. Besides Ledger and Trezor.
Open source hardware wallets.

Judging by the article, it's not that easy to verify the QR code after all. Every hardware wallet has its pros and cons. Is it safer? I'm not sure.


https://shiftcrypto.ch/blog/does-airgap-make-bitcoin-hardware-wallets-more-secure/

This is also very interesting. It might help you to purchase/order a Trezor somewhere else.

https://blog.trezor.io/is-banking-grade-security-good-enough-for-your-bitcoins-284065561e9b#.vc68zeeqp

Open source wallets can have malware included too. But only open source wallets are recommendable. Because a wallet is open source does not mean it is not vulnerable to attack, but the ones that have been tested and seen good to the community are recommended. Example are Electrum and Trezor.

Close source wallets are not recommendable at all, you do not know anything about the code used to build the wallet, the public do not know it, only the developers know it. Storing your coins on such wallet is dangerous and does not comply to how crypto should generate keys and addresses if talking about trust less and freedom. You must know everything about your wallet including the code used to build it. If you do not know how to, at least you can ask on forum like this.

Bluetooth is not recommendable. Better to get a USB hardware wallet, but not still that recommendable, the best is to just make use of QR code while making transaction which is better. Have you seen a device that its bluetooth will always be on? I haven't seen such a device before.

1. It's a lot of things but mainly because when the wallet is closed source, you don't know what's happening behind the scenes. There's no guarantee that the developers/manufacturer hasn't put in malicious code. See this discussion[1]. Ledger's software is open source (ledger live)[2], by the way, it's the firmware and hardware that aren't:

2. It's possible to turn it off with Ledger as explained here[3]. I'm not aware of any other wallets that use Bluetooth, but it should be possible, I don't see why would they not allow the user to turn it off.
 
As for buying the wallet, you should make sure that you're buying from an official reseller if you're planning to buy them from a local shop. Is there any reason why you don't want to order it directly from Trezor's official website?

[1] https://bitcointalk.org/index.php?topic=5414995.0;topicseen
[2] https://github.com/LedgerHQ/ledger-live
[3] https://support.ledger.com/hc/en-us/articles/360019138694-Set-up-Bluetooth-connection?docs=true

Hi,

I am choosing my first hardware wallet, going to purchase one from a local shop. I would prefer Trezor (from what I know about hardware wallets, it would be best choice for me), but unfortunately they have no Trezor in stock.

They have Ledger in stock though, 3 models. As much as I understand, Ledger is considered to be the 2-d best choice for hardware wallets. But after I have read this forum for several hours I discovered that if you buy Ledger you probably buy a lot problems. For example
 about 50% of topics are dedicated to problems with Ledger.  Unfortunately, it looks like Ledger is not for me.
I would prefer a "smooth ride" with my hardware wallet.

Could you please answer my questions and help me to understand more about hardware wallets.

1. Why are closed source wallets considered as unacceptable choice by many users?
Yes, I know their software may have vulnerabilities which cannot be checked by independent checkers.
But what are consequences that may happen?
Is  it risk of malware with an update?
Is it possibility for hackers to hack it easily when they have physical access to wallet?
Or that manufacturer employees may have possibility to steal funds?

I am asking this because there are a lot of closed source wallets which looks to be convenient, beautifully designed, easy to use and good functioning devices.
And I try to find out why exactly I should not buy them.
And what may happen if I buy and use such hardware wallet.  In order to understand what I am doing and why.
When I choose one of them or when I reject all of them.

2. Hardware wallets with bluetooth.
Is it possible to switch it off or is it always active?

Thank you!