Pages:
Author

Topic: Helping (usually new) People Choose Their Wallet(s) - page 3. (Read 1077 times)

jr. member
Activity: 147
Merit: 6
I agree that "the most secure" harware wallets aren't suitable for all due to its relatively high price and being not easy in use. That's why I usually recommend newbies non-custodial wallets with beautiful UI like BlueWallet and OWNR. Maybe these wallets aren't the best ones, but they'll be good as your first wallets to begin with.
legendary
Activity: 3472
Merit: 1724
The issue is that hardware wallets are not the panacea that they are marketed as. They are marketed as this perfect balance between security and ease of use, as being as secure or even more secure than airgapped cold storage, and certainly as being far easier to use, especially for newbies. While I'll admit they are easier to use, in many cases their security is vastly inferior. Trezor devices have an unfixable vulnerability which allows the seed phrase to be extracted. Ledger leaked a database of full names and addresses of 270,000 customers. We can not (and should not) rely on these third party wallet manufacturers for our security.

The remaining options are unsatisfactory for newbies, however. Software wallets are easy to use, but not very secure. Airgapped cold storage and paper wallets are very secure, but not easy to use.

Perfect is the enemy of good.

Even for those who use Trezor and Trezor-like wallets without a passphrase, they're still better off than the vast majority of users for whom air-gapped cold storage is too difficult or cumbersome to use causing them to settle on software wallets, or even to use exchanges as their wallet. I can't find a single case of someone losing their money because they had their Trezor stolen by a sophisticated and dedicated thief. Most of the time it's things like getting hacked, exchange they used as a wallet getting hacked or exit scamming, inexperience dealing with private keys or paper wallets, etc. that cause them to lose money.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Personally I tried and failed to re-start a paper wallet in a box project.
They also make micro sized inkjet printers.
As cool as a "one click and it prints a wallet" device would be (and I'd love to have one for that matter!), I don't think it solves any problem. It doesn't help "others", as they'd still need to trust the creator of the device. So it's only useful for yourself, and if that's the case, you don't even need it. Just print a bunch of pages with paper wallets at once, and keep them on a pile for when you need them. Use a cheap dumb laser printer and a cheap laminator and it'll last a very long time.

I know people who just store a paper wallet for long-term holding, and that's all they've ever done with Bitcoin. If they want to actually use it, most wallets will do for small amounts. From my own experience I would recommend either Mycelium or Coinomi for Android, or Electrum for a desktop. I've tried many different wallets and can only recommend to try more than one to see what works best for you.
If someone wants to store a larger amount, I think they'd first have to learn a bit about what they're doing. Just like you don't just create an account at a broker and start buying stocks without doing some research, right? Right? Or maybe that is what's happening when a small car manufacturer has a P/E of 1400. Many people will get burned, just like they got burned on ICOs.

Choose your wallet is a pretty good start.



In my mobile I use Coinomi. It is the best wallet for my needs.
This is me responding after a year: I'm switching more to LN for small payments. Some hosting companies accept it directly, but usually it has to go through coupons. I'm okay with Bitcoin transaction fees most of the time, but this way I can evade the additional fee charged by payment processors for using Bitcoin.
legendary
Activity: 2268
Merit: 18771
Hardware wallets get recommended so often because they're less of a hassle for an average person. Without them having to have an extra computer for offline transaction signing (to get comparable level of security) I'd say it gets even more confusing for a newbie.
The issue is that hardware wallets are not the panacea that they are marketed as. They are marketed as this perfect balance between security and ease of use, as being as secure or even more secure than airgapped cold storage, and certainly as being far easier to use, especially for newbies. While I'll admit they are easier to use, in many cases their security is vastly inferior. Trezor devices have an unfixable vulnerability which allows the seed phrase to be extracted. Ledger leaked a database of full names and addresses of 270,000 customers. We can not (and should not) rely on these third party wallet manufacturers for our security.

The remaining options are unsatisfactory for newbies, however. Software wallets are easy to use, but not very secure. Airgapped cold storage and paper wallets are very secure, but not easy to use.
legendary
Activity: 1624
Merit: 2481
But I've resorted to using old android phones permanently offline running Electrum as a pseudo-hardware wallet.

You can use two phones, one has a watching wallet, and the other one is permanently offline. They use QR codes to transfer data. You sign the tx on the offline wallet.

If you implement some encryption method (e.g. using android encryption which is activated by default since android 6.0 i believe), you already got a proper air-gapped wallet setup running.
This is definitely more secure than a hardware wallet but comes with less convenience.

If you are fine with the extra steps it takes to send transactions, there is no good reason to switch to a hardware wallet besides mobility and/or faster access.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
After the Ledger database leaks, well, I'm not buying from Ledger. Still thinking about trezor. But I've resorted to using old android phones permanently offline running Electrum as a pseudo-hardware wallet.

You can use two phones, one has a watching wallet, and the other one is permanently offline. They use QR codes to transfer data. You sign the tx on the offline wallet.
legendary
Activity: 3472
Merit: 1724
Hardware wallets get recommended so often because they're less of a hassle for an average person. Without them having to have an extra computer for offline transaction signing (to get comparable level of security) I'd say it gets even more confusing for a newbie. I'll grant that the screens on most hardware wallets are definitely too small for people with poor vision, better have a magnifying glass at hand then.

I can apply for a credit card online at citibank, get approved, get an instant virtual number, buy something, have Citibank link my checking account and pay for what I just bought in less time.

If any secure way of handling bitcoins is too confusing for a user, then perhaps they're better off just using any modern working wallet app on their phone or computer and that's it to keep it simple. Buy <$1k BTC and play with it until they're more confident and proficient in using the software. After a while they can move on to hardware wallets, offline transaction signing, btcarmory, glacier, etc. or whatever appeals to them the most to learn how to safely handle bigger amounts.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
a paper wallet in a box project. But something like that is still needed. A RPi or similar, bolted to a small thermal printer. Push a button and a secure paper wallet prints out.
I wouldn't use/trust thermal paper for long term storage. It fades over time.

They make 20 year: https://www.amazon.com/Brother-LB3787-Premium-Thermal-Archive/dp/B01LYORNNX
And 25 year: https://buy.advantech.com/TSC-Archival-Receipt-Paper-TSCMR-300130-A-03/XDPM-MR300130-A-03/model-XDPM-MR300130-A-03.htm
Thermal paper can last a while, but yes I do see your point.
They also make micro sized inkjet printers.

But the point still remains, as I throw all of us under the bus together.
What are we doing as a group to help?

Yeah, it's great that we all hang out here and talk. And we do help others. But if *I* someone who spends his days working on servers and networks and knows crypto quite well. And my friend a somewhat knowledgeable computer user need more then a hour to print out a paper wallet we are not where we need to be for mainstream adoption.

I can apply for a credit card online at citibank, get approved, get an instant virtual number, buy something, have Citibank link my checking account and pay for what I just bought in less time.
*cough* might have done that Dec 24th for a last minute gift, but lets not talk about that......

-Dave
hero member
Activity: 1659
Merit: 687
LoyceV on the road. Or couch.
a paper wallet in a box project. But something like that is still needed. A RPi or similar, bolted to a small thermal printer. Push a button and a secure paper wallet prints out.
I wouldn't use/trust thermal paper for long term storage. It fades over time.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
I had another conversation the other day about hardware wallets vs other secure ways of doing stuff.
Since it's close to a year since this topic was last posted to, and since we are hovering at ATH, and the Ledger leak / hack, Aad in some interesting thoughts like this one: https://bitcointalksearch.org/topic/i-hate-hardware-wallet-being-made-eye-catching-5303368  I figure it's time for a necro bump

The below are whit I think I see here on bitcointalk and other places:
*I* still think we as a group rely too much on telling people use hardware wallets without digging into why or how or where people are going to be needing it.
We also tend to push paper wallets for secure offline / cold storage.

Both are good but have their flaws, they require that the user really does have at least a little bit of tech knowledge.
I actually tried to have a friend who is not an idiot and a somewhat knowledgeable computer user generate and print an paper wallet. And...it took 90 minutes.
Guess what there are a bunch of new HP & Epson home printers that are Wi-Fi only no USB, it saves a buck I guess. And when he went to use the other printer in his house his laptop did not have drivers for it. So shutdown the process, connect back to Wi-Fi, download the proper driver and verify, disconnect from Wi-Fi and start again. Even better if they have a new Mac and a few other ultra portables that don't have the venerable USB A ports on them how many people have a USB C to B cable around?

I think we as a group need a nice flowchart about what can and should be done and how to go about educating people.

Personally I tried and failed to re-start a paper wallet in a box project. But something like that is still needed. A RPi or similar, bolted to a small thermal printer. Push a button and a secure paper wallet prints out. With tech where is it a small oled display is also not out of the question.

Just kicking around some thoughts and putting this back out there.

-Dave

legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
I think most people resort back to the "buy a hardware wallet" option, because it is a safe bet when it comes to security, but it is not the cheapest option, when you look at the millions of people that are living in countries with a weak currency. So you have to judge every situation, based on the merit of the situation.

A person living in a 3rd world country, might not be able to afford a hardware wallet and the amount of bitcoin being stored on a wallet does not justify the expense to buy one. These people want a good "free" wallet with better than average security. In cases like this, I prefer to recommend a wallet like Electrum, even if it has lower security than a hardware wallet.

So having a rigid rule that hardware wallets must be the default option, is not entirely true for all situations.  Tongue
legendary
Activity: 3472
Merit: 10611
My "hardware wallet" is an old laptop or an old phone. I keep seeing the prices of hardware wallets drop, but I could never get myself to buy one. The closest thing I would consider getting would be either a trezor or a ledger. The Elipal Titan also looks interesting.

that is also my views. no matter how cheap hardware wallets get, i still can't justify paying for a "wallet" for cold storage that i can create myself. i have already installed a Linux OS on a USB stick with encryption and a bunch of other tweaks which i use for storage and the only cost was the USB stick itself which isn't that high.
not to mention for cold storage, a paper wallet costs nearly nothing.
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
The closest thing I would consider getting would be either a trezor or a ledger.
That's all you need really. The majority of hardware wallet users have either a Trezor or a Ledger. Wait until Christmas or the New Year and both Ledger and Trezor will probably have another 30-50% discount. That is the perfect opportunity to buy one if you are interested.   

Certainly that's the best time, and black Friday as well.

However, if someone holds a significant amount in crypto, I wouldn't wait a few months or weeks (risking my coins) to save 20 bucks.
legendary
Activity: 2730
Merit: 7065
The closest thing I would consider getting would be either a trezor or a ledger.
That's all you need really. The majority of hardware wallet users have either a Trezor or a Ledger. Wait until Christmas or the New Year and both Ledger and Trezor will probably have another 30-50% discount. That is the perfect opportunity to buy one if you are interested.   
legendary
Activity: 2268
Merit: 18771
The Elipal Titan also looks interesting.
I had a look at the Ellipal a while back - correct me if I'm wrong, but as far as I could tell it is essentially no different to using an old phone in airplane mode. There's no actual secure element, and your private keys are simply encrypted with the user password, which allows them to be extracted with a simple bruteforce attack without too much difficulty: https://donjon.ledger.com/Ellipal-Security/
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
My "hardware wallet" is an old laptop or an old phone. I keep seeing the prices of hardware wallets drop, but I could never get myself to buy one. The closest thing I would consider getting would be either a trezor or a ledger. The Elipal Titan also looks interesting.
legendary
Activity: 2730
Merit: 7065
A very good post.

I am one of the users who would recommend using hardware wallets over any other solution. But I would never condemn someone for not using one. I understand that some people can't afford them or want one in the first place. $10 can be a lot of money in some parts of the world. Why would I suggest a $50-100 hardware wallet to that person?

I use both software and hardware wallets and they all work fine. The biggest concern is that people lack basic knowledge about computer security. They also lack common sense which results in them being phished and hacked. Knowing the basics of what to do and what not to do online is the best prevention.
I will even go as far as saying that a hardware wallet isn't even needed if you are cautious enough. I still use one though.     
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
I agree with you both.

I gave this example a few times already. If it safe to use a physical wallet with some fiat cash in it? Well, you shouldn't put all your life savings in it ofc, as you can be robbed, you can forget your wallet somewhere, etc, and you may lose some money. But you can, and you should, carry some bucks with you all the time, so you don't miss opportunities.

The same with bitcoin and other cryptocurrencies.

I have with me, in my mobile, about $50-100 all the time. Some in eth, some in btc. I like to have it. Sometimes I talk to someone who is curious about bitcoin and I show them, or if I have some opportunity I will spend it in goodies. In my mobile I use Coinomi. It is the best wallet for my needs.

But my savings, well, that is cold storage ofc.

We are exposed to many different situations in life, and certainly we need different products to cover all our needs.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
So yesterday HCP replied to something I had posted with this:

So, as I said above I know what *I* am getting myself into and the risks of each. We should be helping others learn that too.
This is probably one of the best attitudes I have seen on this forum in a long time... To often, in too many parts of this forum, people dig their heels in and start arguing about fairly irrelevant stuff. I've even probably been guilty of this on some occasions!

It's a bit like ProgrammingLanguageA vs. ProgrammingLanguageB... there isn't a "one size fits all" approach to this stuff. For some people... blockchain.com or Exodus or Coinomi or Coinbase or Binance wallets make the best fit...

For others, nothing short of a paper wallet crafted using dice and a 486 laptop running a Linux live OS in a Faraday cage will suffice... and then everything else in between.

The first step, is to identify what your needs/goals and use cases are and then find the solution that best matches those, while making sure that you understand the risks of your chosen solution and how to mitigate them. Even hardware wallets and paper wallets can be "useless" if you do something dumb like putting your seed words or private keys in an email draft folder protected by SIM based 2FA Roll Eyes Roll Eyes

I think people should spend more time "playing" on TestNet... get a feel for how things work, experiment and learn... play with paper wallets... try manually creating transactions and learn how it all works. Personally, I think it's fun and you're not going to lose anything of value except a little bit of your time. Wink

And I do think we need a separate thread here to discuss it. So here it is the separate thread.
As a rule he is correct in that we as a group do tend to dig in when we feel our position is threatened and our favorite wallet is under attack or a wallet that we think is evil is being recommended without ever getting a full picture of what the person who is asking really needs or has the ability to do.

Hardware wallets are great, and you know what I use them. Now I'm going to pick on my accountant. He is older, his eyesight is going, and has arthritis. Hardware wallets are just about useless for him. The screens are too small, he cant easily get the microUSB plug into them and outside of one or 2 of them he cant put in the pin. But, if he asks we are going to tell him use a hardware wallet. When he says he can't we as a group dig in and explain to him why he must. However, he will never admit on a public forum that he just can't do it. We all know people like that, for whatever reason they will never show weakness [Even if it's to a bunch of people who they will never meet, on an anonymous forum]

You know what, for him we should probably put our heads together and come up with solutions, possibly multiple ones to solve his problem. Yeah, it's going to be a pain but staring a reply with "You really really really should use a hardware wallet, but if you can't then....."  is better then "Fine, if you don't want to be secure then install electrum but it's not as secure." Because people see the "not as secure" and start to wonder. Because we could have said "You will loose some security having funds not secured by a hardware wallet, but electrum will do this thing called multisig let me show you how it works. This was even if your PC gets hacked so long as your laptop is still secure then your funds are safe. And, you can have some small funds on a 2nd electrum wallet on your PC that if it get's hacked no big deal."

I know I have not, up until recently I was in the "what are you being such an ass about, just use a hardware wallet"

I saw it again with people slamming the bitpay wallet and BIP70. Like it / don't like it does not matter. If we didn't stop to find out that all this person is doing is paying merchants that are only generating BIP70 invoices then getting into the argument of BIP70 evil, BitPay evil, really does not help people. Pointing out that BIP70 is going away from core and might not be supported long term is fine, but telling people not to use it or directing someone who might not be that tech savvy to one of the invoice decoders is just wasting time and generating frustration. Giving them the pros and cons of the bitpay wallet vs electrum vs Mycelium is what we should be doing.

Thus ends my rant for today.

-Dave
Pages:
Jump to: