Topic: Is the hardware wallet really safe? - page 2. (Read 1496 times)

----------------------------
You have to deal with your safety yourself.
Are you sure that all vulnerabilities, all holes - will be unveiled right there. Hang on a noticeboard? What's the point?

The meaning is only to those who are on the white side. People on the black side will not tell you anything. Is it logical?

It’s not a matter of whether the fraudster is tracked or not. Even if they are tracked, even if they are found, this will be only a separate episode. This is not a solution to the problem.

The fraud system itself will not disappear with the capture of any number of these characters. The system itself, contributing to the spread of bitcoin theft, is based on the fact that you "have a safe key" in which the money is.

The key is your concern and your fraud problems.

For this reason, an alternative (my topic) to key technologies is proposed - keyless technologies. But, so far, few people perceive it, everyone is waiting for the "thunder to strike." Who is creative, see here:
https://bitcointalksearch.org/topic/keyless-encryption-and-passwordless-authentication-5204368

You hide the key. This works well when you do not need to use bitcoin.

Then, when you use bitcoin, you send the key hash - to some server. The fraudster does not need your key in its original form. He needs this particular key hash. Because the server does not know your key, it knows the key hash.
Further, the scammer makes a phishing attack, receives a key hash, and all your money is almost certainly lost.

Yes, a modern phishing attack provides the same encryption between the client and the phishing server as the original server. Therefore, if they managed to attack you, it means that you will exchange encryption keys with a phishing site, so you have established a “secure” communication channel, but with a phishing site, and pass the hash of your key on it.
It's all.
Woo a la.
And what was the point of storing it in a hardware wallet if it was stolen at the time of its use?

Not convincing? Here are the facts from today.

[10:27, 12/08/2019]
According to the annual Security Intelligence Report prepared by Microsoft, the number of phishing attacks in recent years has grown three and a half times.

What happened?
Are there more nonchalant people or are scammers working better?
Try to answer this question.

Customers of banks, payment systems and telecom operators are increasingly becoming victims of phishers. Internet fraudsters gain access to confidential user data (logins, passwords and plastic cards), directing potential victims to fake sites and services.
Check here:
 https://www.microsoft.com/securityinsights/

Obviously, if you have a key "from the safe where the money is", they will always hunt for this key.

This is a phenomenon. And you need to fight with the phenomenon, not with the fraudster. 2 new ones will always come to the local 1 caught fraudster.

Nothing is 100% safe and nobody is claiming that it is. But there are safer and less safer options. A hardware wallet is safer than a web and desktop wallet. I don't think this is something that needs arguing about. The vulnerabilities you mention require special hardware and in some cases physical access to the device. Also, the Ledger Blue has been discontinued and is no longer part of Ledger's products portfolio. 

------------------
Hardware wallets are also vulnerable. They are built from the same elements as the entire digital hardware world.

Everyone knows this information:

Cyber-experts from Wallet.fail discovered a number of vulnerabilities in the Trezor and Ledger hardware cryptocurrency wallets. As a result, they managed to carry out a series of successful wallet attacks during the Chaos Communication Congress in Leipzig.

And again, bad software, how could without it:

Experts said that vulnerabilities lie in software and hardware, firmware, software architecture and web interface.

During the demo attacks, the Wallet.fail team managed to extract the PIN and mnemonic core from RAM Trezor, remotely sign the transaction and crack the Ledger Nano S bootloader, and intercept the Ledger Blue PIN.

All that remains for skeptics is to verify this information on their own.

Really, you need to close your eyes to these facts, and continue to convince yourself of the absolute safety of "wallets" and key obsolete technologies?

Alternative here (my topic): https://bitcointalksearch.org/topic/keyless-encryption-and-passwordless-authentication-5204368

You are probably talking about cases where the hardware wallet arrives with an already pre-created seed and you simple continue using it that way, which you should never do. Things like that can happen if you buy your wallet from some third party and not from the official source or an official Amazon re-seller. You and only you should know the seed, not have one sent to you.

There is a clear instruction that says, once you have your hardware wallet, you should be the one to set up it. You won't use a hardware wallet that is already set up because basically it is already used by others in which they have the passphrase of it. If you want to secure your funds, it is not enough that you just have a hardware wallet, you need to understand how that hardware wallet is also working. You need to know its limitations even if it already provides the maximum security for your funds because no system is totally safe.

I honestly never heard of hardware wallet being hacked despite rumoured to have some kind of hardware problem that could lead to security breach but it's still too difficult for someone to hack it and will definitely take a lot time. The most possible scenario is probably if the owner somehow forced to send it and that's robbery which definintely have really low chance to happen because no one have clue regarding your crypto possession.

Hardware wallet can be controlled properly as you have the private key and you are the one who's facilitating the system. Unlike with exchange and
online wallets as it's own by the exchange or the site owners where it can be hacked and you don't have  any idea when or how things can be done,
the owner can declare bankruptcy or inside job can happened.

basically no wallet whatsoever is safe from hacking. but I think that now wallet hardware makes it possible to minimize losses. so even though there are wallet hardware owners who experience hacking it's not much in number

I using online wallet but most of my funds are in hardware wallet and it is ledger s nano. I bought my ledger nano in online and that there is a risks of hacking that's why I reset it. If you will buy hardware wallet make sure that you will reset it because you do not have guarantee that the hardware wallet is vulnerable to hackers. There is an issue before about buying hardware wallet in online so be sure that if you will buy hardware wallet make sure that the seller is legit.

Well, the most safety at the moment is still the hardware wallet despite the fact that nothing is perfect and whatever is made by man is subject to abuse but with extra precaution, you can mitigate this

My friend have recommendation for me to use hard ware wallet keep save my altcoin assets and they have told me very safety using hard ware wallet for saving our assets, I will buy hard ware wallet than have save my assets on myetherwallet, I think have good way if saving assets by using hardware wallet than keep with exchange wallet online because some one can hacked when we use wrong link for access to our wallet.

So, if you take a sober look at these dialogues, people are constantly preoccupied with their own safety, all their lives they must be careful! As if stole something. We were forced to choose a model of behavior when we are forced to hide our secrets "under a stone, in a cave."

So, in the 21st century, we come to the need to use paper to store digital information (!). We must protect our hardware wallets from our own means of communication.

It seems that modern means for our communication are specially made to have countless holes. Nobody is able to darn them.

Well, is it really possible to accidentally make such crap that people are forced to either remember in their head or write down information?

Look soberly, this is a disaster that we do not notice, we consider something quite normal, modern.
This is not the norm.

These are obvious flaws in our entire digital civilization that need to be corrected, but there is no one to review all the fundamental concepts of our digital systems.

right . there is no perfect on this world so hardware wallets can get failed to give a good security sometimes but they are beyond perfect and better to use than compare to online wallets  so i will still prefer and recomend them to you  . mew can be easily hackable yes thats true but i think depending on what method you use to acces you your mew  . some methods are more secure other than private keys but also depending on the users activity if he is exposing his private key to the public or not  .

Always remeber that no system is safe for hackers, so every crypto wallet that you create through online or in the internet, hackers will definitely find a way to steal all of your funds or your personal informations. Hardware wallet like ledger will definitely help you to solve this kind of problem of yours because it will be difficult for hackers to steal all of your funds if you are using an offline wallet.

I need proof of #1 because I could not find anything that supports it. As for Ledger Nano, I have mine at home, but I have not tried using it yet, and so far I am not very good at it, so I cannot answer your question. But I think that if it was that easy, it would not be so popular, so the answer is probably "no". I think that in general people get hacked when they are being too negligent, not because that tiniest chance of a hack when a person is doing everything right occurs. So if you use a reputable wallet, don't show around your private keys or set a strong random list of numbers and letters password to it, you'll most likely be fine. Other things are like "what if someone blows up my apartment" kind of cases: it might happen, but it's too unlikely to focus on that. At least, that's how I see it.

-----------------
Absolutely agree. The hardware wallet is the best. Paper is not a good option, but better than electronic wallets. It must be remembered that the key is not stolen in hardware or paper storage. It can be stolen at the time of use. Any key storage technology remains dangerous precisely because of the keys. This is how life shows. The future lies only in keyless technologies and passwordless authentication. There are simply no alternatives.

They are safe if used properly. even the creation of paper wallets unless done properly are not 100% and if the paper is destroyed or unable to be read the key is gone forever. further, When using a paper wallet you trust the environment you're using it on both when generating the keys and when spending. it's possible to be safe if you audit the key generation code carefully and maintain a perfect digital hygiene when spending. therefore, hardware wallets are typically as safe as isolated minimalist computers can be.

The wallet should work with only one computer, maskably clean, without additional programs.

You only need to connect to a very reliable access point to the Internet. How to check it?

Unfortunately, modern technology provides fake security.

Yesterday, once again, we received news about the dangers of a VPN connection.

Read:

[06.12.2019] University of New Mexico specialists released information on a vulnerability affecting Ubuntu, Fedora, Debian, FreeBSD, OpenBSD, macOS, iOS, Android, and other Unix-based operating systems. The problem allows you to listen and intercept VPN connections, as well as inject arbitrary data into IPv4 and IPv6 TCP streams.

The vulnerability that received the identifier CVE-2019-14899 is associated with the network stacks of Unix-based operating systems, in particular, with the way the OS react to unexpected network packets.

https://seclists.org/oss-sec/2019/q4/122

This news makes you wonder, is it possible to use the modern Internet safely?

That concluded nothing is safe, isn't it? The safety belongs to the users who take utter precautions in whatever they're doing. If you're a very tech-savvy person, you wouldn't even need any hardware wallet to secure your coins. Run an old Linux Distro on a spare laptop with the bare minimum applications and use it as an offline storage server for all your coins. That should be secure enough? If you keep your coins on exchanges, online wallets, and other such services that you don't have control over you are at a potential security risk.

The Hard wallet is secured and cannot be hacked by the hacker, Because it is not connected to the internet when you are not doing a transaction.

And I think all you have to pay attention to here is your Personal Computer because if it already has malware it's easy for hackers to copy important information to your PC.