The necessity to protect the (cleartext) seed QR is a pretty huge downside of this system. You can't even know if someone copied it, since you always carry it around in clear text.
While a quick picture of the QR gives the attacker full access, as well as the ability to stay unnoticed
That's what passphrases are for.
How do you enter the passphrase when it has just one button? Or is it scanned in through a second QR code? Of course this wouldn't be an acceptable solution either, since someone could take a photo of that (while you don't notice) or just steal it, as well.
I don't need to carry around my seed phrase backups, though. They are in safe locations.
You don't need to care physical seed phrase backup, but you are doing it in digital form inside secure element.
Exactly: Inside a secure element and not in clear text on an easy to scan QR code. Even if you have a good exploit against the specific secure element, it may take hours or days, as well as obviously lots of money and knowledge, execute it.
I agree with you that Krux is not very good as a portable device, but it's good enough as a part of multisig setup and to use it at home.
Sure! But at that point, it resembles more an airgapped computer than a hardware wallet, for me. Of course it will be hard to draw a line between the two definitions.
Meanwhile a hardware wallet with secure element can also be left in a less secure location where it is quickly and easily accessible.
That is fine until someone exploits that secure element, and we already saw that many secure elements are not secure anymore, including ATECC608A that is used in Passport, OneKey, Cypherock, ColdCard Mk3...
You are referring to this attack, right?
https://hackaday.com/2022/11/26/defeating-a-cryptoprocessor-with-laser-beams/Well,
not secure is a bit exaggerated. Have you seen what type of setup and knowledge is needed to attack it, the risks and challenges in that process? It's not comparable to just having the seed on a piece of paper in clear text. Even setting up a passphrase cracking rig will be easier and cheaper for most folks than performing a hardware attack on a secure element. There are also significant risks involved, such as breaking the device / chip while opening and decapsulating the secure element.
Basically, you can compare such measures to physical locks. None is 100% safe, but they are made to discourage an attacker and buy you as much time as possible in case they do decide to try bypassing it. Time for moving your coins / calling the police, respectively.
While a quick picture of the QR gives the attacker full access, as well as the ability to stay unnoticed, hacking a Passport (or similar) requires it to be gone for hours (to attempt an intensive hardware attack). You are much more likely to notice that.
Good passphrase and multisig solves this problem very easy, but it would be good to see Krux devs making some unique protection methods in future.
Do you know how passphrase entry is realized? I believe unless you have a nice keypad like Passport or ColdCard, most people will just avoid using (a sufficiently secure) one.
With that said: I could argue that you could also use a passphrase on your Passport with secure element. Twice as secure; first layer of defense: secure element, second layer of defense: passphrase. Meanwhile when stealing someone's Krux & QR code, there is only the second layer.