Pages:
Author

Topic: OVERVIEW: BITCOIN HARDWARE WALLETS █████████████████ Secure your Coins - page 23. (Read 122423 times)

hero member
Activity: 623
Merit: 500
CTO, Ledger
But why don't you pick both and leave your customers a choice to decide what they'll trust most?

We'll do that in due time - our next product will have both a secure element and a regular microcontroller. In the meantime we decided to focus on the best (security and cost wise) solution first.
legendary
Activity: 3431
Merit: 1233
I can pick 2 chips.

One is a smartcard. Its specifications are only available through an NDA with the vendor. It has been used in several industries to hold critical secrets since the early 1980s. Considering we haven't seen major repeated breaches of credit cards, pay TV, passports and others I think we can safely assume that their protections hold.

The other one is a generic purpose chip. It's fully documented, nobody ever used it to store valuable secrets. It has not been designed to withstand physical attacks in the first place, so we can also safely assume that it won't.

Both can be backdoored, as I have no way to check that.

Which one do I pick to protect Bitcoin private keys ?

I'd pick the second one for a number of reasons.

But why don't you pick both and leave your customers a choice to decide what they'll trust most?
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
I'm perfectly aware of the values of Open Source (and doing my best to contribute whenever it's possible), but in the end pragmatism rules.
Open source is the pragmatism! Bitcoin won't settle for anything less. You'll see it when 100% open hardware hits market for hardware wallets. If a chip manufacturer doesn't want to change any of their practices just pick another one that will.

Bitmain would have lost in the long run if that is true.

I can pick 2 chips.

One is a smartcard. Its specifications are only available through an NDA with the vendor. It has been used in several industries to hold critical secrets since the early 1980s. Considering we haven't seen major repeated breaches of credit cards, pay TV, passports and others I think we can safely assume that their protections hold.

The other one is a generic purpose chip. It's fully documented, nobody ever used it to store valuable secrets. It has not been designed to withstand physical attacks in the first place, so we can also safely assume that it won't.

Both can be backdoored, as I have no way to check that.

Which one do I pick to protect Bitcoin private keys ?

First.
hero member
Activity: 623
Merit: 500
CTO, Ledger
I can pick 2 chips.

One is a smartcard. Its specifications are only available through an NDA with the vendor. It has been used in several industries to hold critical secrets since the early 1980s. Considering we haven't seen major repeated breaches of credit cards, pay TV, passports and others I think we can safely assume that their protections hold.

The other one is a generic purpose chip. It's fully documented, nobody ever used it to store valuable secrets. It has not been designed to withstand physical attacks in the first place, so we can also safely assume that it won't.

Both can be backdoored, as I have no way to check that.

Which one do I pick to protect Bitcoin private keys ?
legendary
Activity: 3431
Merit: 1233
I'm perfectly aware of the values of Open Source (and doing my best to contribute whenever it's possible), but in the end pragmatism rules.
Open source is the pragmatism! Bitcoin won't settle for anything less. You'll see it when 100% open hardware hits market for hardware wallets. If a chip manufacturer doesn't want to change any of their practices just pick another one that will.
hero member
Activity: 623
Merit: 500
CTO, Ledger
It doesn't prove you that you're using what you see. You don't get to see the microcode running into your chip either.

I'm perfectly aware of the values of Open Source (and doing my best to contribute whenever it's possible), but in the end pragmatism rules.
legendary
Activity: 3431
Merit: 1233
Open source hardware doesn't solve it either. As soon as you use hardware that you didn't build yourself (and obviously nobody can do that at the chip level) you're trusting someone.
Having the CAD files gives me the choice to pick up a trustworthy party and increases competition between chip manufacturers to win this trust.
hero member
Activity: 623
Merit: 500
CTO, Ledger
Open source hardware doesn't solve it either. As soon as you use hardware that you didn't build yourself (and obviously nobody can do that at the chip level) you're trusting someone.
legendary
Activity: 3431
Merit: 1233
exactly the same way that you can't audit the silicium of another chip available without NDA  Grin - i.e. they don't.
If they don't what is the point of seeking alternative to banks? Which is better option for your money? Trust a bank that is specifically regulated to guarantee your savings or trust a chip manufacturer that is not regulated and doesn't guarantee anything? Hardware wallets with closed source hardware kind of defeat the entire concept of trust-less money.

hero member
Activity: 623
Merit: 500
CTO, Ledger
Open source hardware is essential for all hardware wallets.

Not really. It's a design choice. Using this chip allows us to be cheaper and more secure than with any other chip available today in the industry. We plan to open source as many things as possible always, and will do so for the next versions.

If it is a closed source how will your chip manufacturer guarantee that there is no secret registry built in the chip to extract data from through unlisted API function?

exactly the same way that you can't audit the silicium of another chip available without NDA  Grin - i.e. they don't.
legendary
Activity: 3431
Merit: 1233
The HW.1 sales page will soon be closed to offer it (for the same price) on the Ledger website, so that should clear things up. It'll be an alternative option for people that don't care about packaging or the form factor and don't mind printing stuff themselves.
Thanks for this. Will be useful.

On HW1 page I'm reading this and same applies to Ledger :

Quote
It is unfortunately not possible to release HW-1 with a useful open source firmware due to NDA restrictions with our chip manufacturer, however you can verify with the specification that all commands do what they are supposed to do, and that clients are only sending documented commands.

Open source hardware is essential for all hardware wallets. If it is a closed source how will your chip manufacturer guarantee that there is no secret registry built in the chip to extract data from through unlisted API function?
legendary
Activity: 1120
Merit: 1002

"Only 1,000 Case wallets will be available for pre-order, with each entry in the initial batch bearing a unique identifier" Impressive, but quite expensive.


this is a joke. preorders? really? XD
NEVER EVER preorders for me ...  Wink
legendary
Activity: 1260
Merit: 1002

"Only 1,000 Case wallets will be available for pre-order, with each entry in the initial batch bearing a unique identifier" Impressive, but quite expensive.


this is a joke. preorders? really? XD
newbie
Activity: 42
Merit: 0

"Only 1,000 Case wallets will be available for pre-order, with each entry in the initial batch bearing a unique identifier" Impressive, but quite expensive.
sr. member
Activity: 360
Merit: 250
CEO, Ledger
Ledger is proud to announce the immediate availability of a low cost version of its Ledger Nano hardware wallet: the Ledger HW1. It is fully compatible and interchangeable with the Ledger Nano, but with a cheaper (and less elegant) plastic form factor.

Cost is 15 EUR, including free worldwide shipping.
(+ VAT for European countries)

https://www.ledgerwallet.com/shop

When you receive a Ledger HW1, this is what you get:
* the Ledger HW1 USB key, on a plastic form factor
* a security card
* instructions
* a recovery sheet

You will *NOT* get the following:
* the white box packaging
* the metal key engraved with "vires in numeris" and Ledger logo
* the leather pouch of the security card
* the lanyard and rings for the key

The key form factor is the main difference between the two products. It is very strong and reliable, but it definitely looks "cheaper" than the Ledger Nano metal counterpart. Also, you'll get the HW1 brand, the plastic key doesn't have any mention of the Ledger brand.

Image gallery: http://imgur.com/a/pa2r0
legendary
Activity: 1596
Merit: 1010
Still on the fence about the case wallet. I do want one but not sure if I can justify the price compared to how often I'd use it
hero member
Activity: 700
Merit: 500
added: ewallet.
You should probably mention what kind of a reputation black arrow has...
https://bitcointalksearch.org/topic/guide-dogies-comprehensive-manufacturer-trustworthiness-guide-1st-feb-2016-456691

And it's not open source. It claims it is, but I don't see a link to the source anywhere.

+1

This company is run by known scammers that reportedly ran a credit card skimming op, and before that ran from Romania to avoid a bust for a credit card fraud operation.

https://bitcointalksearch.org/topic/m.8093443

Their last project, which was miners, was a total bust.  they made a series of promises to get people's money and subsequently broke pretty much all of them.

Bottom line, their ethics are nonexistent from anything I can tell.  Trusting them with a device that stores your BTC and interfaces with your computer is bordering on insane, IMO.  They've stolen before, screwed countless people, and I don't see any reason to think they wouldn't do it again.
newbie
Activity: 2
Merit: 0

Actually, GSM modems and phones are very easy to attack with cheap open-source techniques (like OpenBTS), and from there it is direct path to the crypto controller and stealing our money.

It is essentially another cloud wallet, that stores all data needed to spend the money  (and private biometric identifiers) on servers. They ask us to trust multiple third parties to say they can be trusted. The hardware is just another mobile phone from 20 years ago reinvented: modem+small screen+keyboard+sensors. It is only a front for the cloud access. Much cheaper to buy an old nokia and dial-up to their servers with the same kind of security.

Pages:
Jump to: