Pages:
Author

Topic: How can we be sure that our private keys have been generated safely? - page 2. (Read 406 times)

hero member
Activity: 504
Merit: 1065
Crypto Swap Exchange

That's why it's important to always verify with the PGP signatures when downloading wallets. This gives you peace of mind afterwards.


You always have great tips that seem insurmountable to me.  Undecided

It's not very difficult and it is always very good for your security to be familiar with PGP!

If you are interested by verifying your Electrum, here is an excellent topic from DireWolfM14 about it :    
[GUIDE] How to Safely Download and Verify Electrum
and here is a Youtube video I found on bitcointalk some time ago, which is cool too if you prefer video tutorials

hero member
Activity: 1820
Merit: 775

That's why it's important to always verify with the PGP signatures when downloading wallets. This gives you peace of mind afterwards.


You always have great tips that seem insurmountable to me.  Undecided
hero member
Activity: 504
Merit: 1065
Crypto Swap Exchange
I use only the Electrum wallet for many years and I have no idea how the private keys are generated but because I trust this wallet and I use the right site, I'd feel safe and no worries. And if you think and doubted that your private keys are not safe, then never use them but look for another. It was you to keep what makes you comfortable but if you are using the right site, I'm very certain that those keys are safe and just only for you as the owner of the wallet. Hacks happened when you share your keys with another person or someone got into your computer and found your keys there. Better stored it separately for more security.


That's why it's important to always verify with the PGP signatures when downloading wallets. This gives you peace of mind afterwards.


Atomic wasn't open-source ?

Why is Atomic Wallet not open source?
hero member
Activity: 1820
Merit: 775
Use open source wallets like Electrum, Bluewallet or Passport hardware wallet for bitcoin, or Unstoppable or Trezor hardware wallet for altcoins. Open source code are available for the public to verify.

Trustwallet, close source
Atomic wallet, close source
Ledger Nano, close source.

Atomic wasn't open-source ?
sr. member
Activity: 2828
Merit: 344
win lambo...
I use only the Electrum wallet for many years and I have no idea how the private keys are generated but because I trust this wallet and I use the right site, I'd feel safe and no worries. And if you think and doubted that your private keys are not safe, then never use them but look for another. It was you to keep what makes you comfortable but if you are using the right site, I'm very certain that those keys are safe and just only for you as the owner of the wallet. Hacks happened when you share your keys with another person or someone got into your computer and found your keys there. Better stored it separately for more security.
hero member
Activity: 1022
Merit: 744
Hello,

I understood that Trustwallet is closed source, so it's not great. Atomic wallet has just been hacked. Ledger offers a recovery service that raises questions.
Thank you
All of the wallets you mentioned are closed-source wallets; they appear weak and can be easily hacked because the developers can be the source of the hack because the public did not verify the codes given to us as private keys; thus, if the developers do anything to compromise them, we will not know, and our wallets may be hacked, just like the Atomic wallet was hacked with no known reason for information about the hackers.

Quote
How can we be sure that our private keys have been generated securely?
The best option is to switch to open-source wallets because you can verify your private keys and be sure they are safely generated.
hero member
Activity: 504
Merit: 1065
Crypto Swap Exchange
An open source application is easier to hack than a closed source application.

I totally disagree with you on this. On the contrary, for me the whole point of open source, is that dozens - if not hundreds - of developers have access to the code and can test it. And this on an ongoing basis, not just a series of tests to validate a project which is then no longer studied (as happens in some companies).
It's the same for OSes, and I sincerely believe that it has been proven many times over that open source is much safer than closed source. Compare Debian and Windows, Electrum and Atomic, etc..etc.. When it comes to security, for me, open source is king.

As hosseinimr93 said, Electrum is open source and is probably one of the safest wallet imaginable.
hero member
Activity: 938
Merit: 605
Leading Crypto Sports Betting & Casino Platform
That's why verification is necessary as a way to be sure you're on a secure source about whatever you're doing. And that's why open source wallet is one of such gateway to avoid issues of insecure address cause there's a provided avenue for you to verify and be sure of your security.
legendary
Activity: 2380
Merit: 5213
An open source application is easier to hack than a closed source application.
Are you saying hacking electrum is easier than hacking Atmoic wallet, trust wallet, Exodus, etc?
If so, you are completely wrong. Electrum is open-source. The code has been reviewed by many people and no vulnerability has been found.
When it comes to a close source wallet like trust wallet, it's possible that there's a vulnerability which makes the attack easier for hackers.
sr. member
Activity: 1288
Merit: 231
Hire Bitcointalk Camp. Manager @ r7promotions.com
Hello,

I understood that Trustwallet is closed source, so it's not great. Atomic wallet has just been hacked. Ledger offers a recovery service that raises questions.

How can we be sure that our private keys have been generated securely?

Thank you
An open source application is easier to hack than a closed source application.

It's easier to hack but it's a little less risky for users because they will be aware of what they are about to go in before they could eventually go into it. That's to say, using an open source wallet means you already know if the wallet data is back up into any online cloud or not.
Won't it be completely useless for for hackers to penetrate an open source wallet which they won't fine any data stored inside. Or will they re-write the code for newly generated wallet data to be transfer to their data base ?
legendary
Activity: 2184
Merit: 1302
Playbet.io - Crypto Casino and Sportsbook
How can we be sure that our private keys have been generated securely?
Do not trust; verify. That's the only way to be sure of how your private keys have been generated, in closed source wallets you have to trust, because there is no way to verify, thus choose open source wallets that give you the opportunity to verify their codes yourself and be certain that there is nothing malicious in them.

Many Atomic wallet users were hacked for over two weeks now, but because it is closed source nobody can tell what caused it, only Atomic wallet developers can tell what happened, if it were to be open source, the cause would have been known and those who are affected/unaffected would know what went wrong and what to do next.
legendary
Activity: 1708
Merit: 1615
Payment Gateway Allows Recurring Payments
Hello,

I understood that Trustwallet is closed source, so it's not great. Atomic wallet has just been hacked. Ledger offers a recovery service that raises questions.

How can we be sure that our private keys have been generated securely?

Thank you
It is impossible to make the necessary knowledge and checks in a security company.
Specialists connect wallets to their servers to check the data sent and the entropy of the seed phrase.
An open source application is easier to hack than a closed source application.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
I doubt there is a way for one to know how secured a close source wallet key generation is. Since you don't know what's behind the wallet and no developer could be able to check through the code. So no way to know, they might actually have a backup of all users generated keys and phrase. It's only when we have news of hack that we will eventually know.
Exactly, but beyond doubts because you will definitely not know what is included in the code which can be vulnerabilities like spyware or pre-generated seed phrase. Like Ledger Nano, Trustwallet and other close source wallets, nobody knows how the seed phrase is generated. A reason not to use such wallets.
sr. member
Activity: 1288
Merit: 231
Hire Bitcointalk Camp. Manager @ r7promotions.com
How can we be sure that our private keys have been generated securely?

Thank you

I doubt there is a way for one to know how secured a close source wallet key generation is. Since you don't know what's behind the wallet and no developer could be able to check through the code. So no way to know, they might actually have a backup of all users generated keys and phrase. It's only when we have news of hack that we will eventually know.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
Use open source wallets like Electrum, Bluewallet or Passport hardware wallet for bitcoin, or Unstoppable or Trezor hardware wallet for altcoins. Open source code are available for the public to verify.

Trustwallet, close source
Atomic wallet, close source
Ledger Nano, close source.
hero member
Activity: 1820
Merit: 775
Hello,

I understood that Trustwallet is closed source, so it's not great. Atomic wallet has just been hacked. Ledger offers a recovery service that raises questions.

How can we be sure that our private keys have been generated securely?

Thank you
Pages:
Jump to: