Pages:
Author

Topic: Hardware wallets still aren't secure, and they never will be. Use paper wallets - page 5. (Read 1881 times)

HCP
legendary
Activity: 2086
Merit: 4363
It's a hell of a lot easier to hide something that an attacker is unaware of, than a laptop, a phone or a hardware wallet. A physical attack can only happen if you A. Know what you're looking for or B. Happen to stumble across something over smarter of hours or days tearing someone's house apart.
So you expect that a thief knows what a cryptocurrency hardwallet is, but doesn't know what a paper wallet is? Or that it's easier to "hide" a paper wallet than a "usb stick"? Huh


It's also free rather than $100 and you don't need to worry about all of the other countless vulnerabilities that constantly pop up with hardware wallets.
"Countless"? Stop being so dramatic. Sure, there have been some issues identified by several different parties of several hardware wallet devices. To my knowledge, all of the identified issues have either been patched and/or are able to be mitigated. And it's not like there have never been any issues with "paper wallets". I'm sure we're all aware of issues like this: https://blockonomi.com/security-vulnerabilities-walletgenerator/


I agree that a 37 character password suggestion is not going to be taken up by the vast majority of users, meaning hardware wallets just aren't as secure as truly offline generated private keys (not that they ever were). 
You don't need a 37 character password to make it "secure" per se... the 37 character BIP39 passphrase is suggested to make it as secure as having an "unknown" 12/24 word seed. Which, as we know, is generally measured in terms of "millions of millions of years" for brute-forcing. I can't find any firm numbers on the the time/effort required to bruteforce say an 8 or 16 character BIP39 passphrase. The PDF referenced by Ledger claims a 50% reduction in CPU intensive calculations, so does anyone have any references to calcs on how long a 16 char BIP39 passphrase would take to bruteforce? Huh

In any case, saying that a private key written/printed on paper is more secure that a hardware wallet, assuming someone has physical access to both is somewhat disingenuous.


I guess the key takeaway is that NOTHING is 100% secure. As long as you know the risks inherent in the system you are using and take steps to mitigate such risks, then hardware wallets are no better or worse overall than paper wallets.
legendary
Activity: 1382
Merit: 1122
If you don't have a hardware wallet, use an offline generated private key/seed (aka "paper wallet").
I might be misunderstanding you here, but how is this safer? If your concern is regarding a physical attack on your hardware wallet, then surely with a physical attack on a paper wallet it is completely trivial to steal your coins?

It's a hell of a lot easier to hide something that an attacker is unaware of, than a laptop, a phone or a hardware wallet. A physical attack can only happen if you A. Know what you're looking for or B. Happen to stumble across something over smarter of hours or days tearing someone's house apart. It's also free rather than $100 and you don't need to worry about all of the other countless vulnerabilities that constantly pop up with hardware wallets.

I agree that a 37 character password suggestion is not going to be taken up by the vast majority of users, meaning hardware wallets just aren't as secure as truly offline generated private keys (not that they ever were). 
legendary
Activity: 2268
Merit: 18771
Trezor team responded to these findings in March.
This is true, but their response in March was thus:
They have been aware of the attack since designing Trezor. Using a passphrase has always been recommended and it can protect anyone from any kind of physical attack*.
Everyone should be using a passphrase, but I'd wager few do. I'd wager barely anyone is using a passphrase of 37 random characters, and I'm sure many would view entering 37 random characters (presumably from paper since you shouldn't be relying on memory) every time you want to open your wallet is not an acceptable trade-off between security and ease of use.

If you don't have a hardware wallet, use an offline generated private key/seed (aka "paper wallet").
I might be misunderstanding you here, but how is this safer? If your concern is regarding a physical attack on your hardware wallet, then surely with a physical attack on a paper wallet it is completely trivial to steal your coins?
legendary
Activity: 1876
Merit: 3139
Trezor team responded to these findings in March. They have been aware of the attack since designing Trezor. Using a passphrase has always been recommended and it can protect anyone from any kind of physical attack*. Some of you might argue that recommending using a passphrase is not an appropriate solution. Convenience comes at a cost.

This being said, in combination with strong passphrases and at least the basic operational security principles, even the physical attacks presented by Ledger cannot affect Trezor users.

*except for $5 wrench attack
legendary
Activity: 1382
Merit: 1122
Quote
An attacker with a stolen device can extract the seed from the device. It takes less than 5 minutes and the necessary materials cost around 100$. This vulnerability affects Trezor One, Trezor T, Keepkey and all other Trezor clones. Unfortunately, this vulnerability cannot be patched and, for this reason, we decided not to give technical details about the attack to mitigate a possible exploitation in the field. However SatoshiLabs and Keepkey suggested users to either exclude physical attacks from their threat model, or to use a passphrase.

https://ledger-donjon.github.io/Unfixable-Key-Extraction-Attack-on-Trezor

Yet another hardware wallet issue folks, this time though, it's unpatchable. If you're using a hardware wallet, encrypt it. If you don't have a hardware wallet, use an offline generated private key/seed (aka "paper wallet"). Be your own bank. Stop trusting hardware wallet manufactures to protect your money.
Pages:
Jump to: