Topic: Thoughts about Passport hardware wallet - page 5. (Read 2279 times)

Yeah, that is really what I don't get. I wonder if they have the camera always running or something. In theory it does not matter since how long are you REALLY running it for. But it makes you wonder where the power is going. As I said I have a remote door monitor with a 6" color screen that runs for easily a day if I forget to turn it off when I leave. Yes it's 4 AA and not 2 AAA but it's also is powering a RF receiver and a much bigger screen.


Nah, that's just marketing from them. It's been a while but you used to see 9V and 4AA and a whole bunch of other adapters to 5V USB chargers in airport shops. They were not rare and no idea if they still exist, but they were there and common a few years ago. I probably still have a few from the mid 200x years buried someplace. Since phones have become such power hogs it's not like you can actually get any charge from that stuff anymore.
Edit to add: https://www.ebay.com/itm/265402692187 and https://www.ebay.com/itm/393455399062
For the people who want to go fully offgrid: https://www.ebay.com/itm/193570338681

-Dave

It reminds me on smartphones, it is bigger than other wallets and I can criticize all hardware wallets, they all have some flaws including Keystone and Passport, but I think they are both good devices.
After checking the size of Keystone 112mm x 65mm x 18mm I see that it's almost the same size as old Nokia phone 3310 with 112mm x 65mm x 18mm.
You can see size comparison with other hardware wallets here:
https://comparesizes.com/comparison/Nano-S-vs-Trezor-One-vs-Nano-X-vs-Passport-vs-Nokia-3310/15960538824512262

I agree; $200 is maybe 'a bit high' but not too high in my opinion. $300 was too high though, but I'm still happy with the device
I'll talk about pricing and battery issues in my review (sry for postponing it all the times - busy around here). I use AAA's from the discounter and they indeed only hold for like 3h with screen on full brightness (it's not very bright). It seems weird that it pulls so much power, but I've not owned other battery-powered hardware wallets so far. From an electrical engineering standpoint though, I don't understand where all that power is going. It's not like it was doing super-heavy computations; I was just stamping my seed backup directly from the words on the screen since I'm paranoid that if I write them on paper and use the paper to do the backup I have a) 1 extra step where something can be copied wrongly and b) the paper may be reassembled and stuff, so I'd have to burn it and I didn't feel like doing that either
Around 2h of stamping the backup and another hour of playing around with it and it was pretty much empty (ballpark numbers).

What I don't like about Keystone is that it's so large to be honest, so that's purely subjective. I don't really mind if Passport was made in China as long as it was flashed after being shipped to the US and it has the build verification procedure during setup. Also that it's probably running a full OS like Android (or is it not? it looks like it visually..) poses a larger attack surface than something with a lighter firmware.

Open source has nothing to do with reproducibility and I can find you a bunch of open source and wallets files that can't be reproduced, even some well known OS wallets can't be reproduced.
Definition is clear, you can find it on Open Source Initiative website and CC aka Common Clause that is NOT open source license:
Please read this sources:
https://opensource.org/osd and https://commonsclause.com/

Dude let me tell you something, most batteries starting from AA to ones you can find in electric cars are Lithium based.
And that 9V hack thing you are doing with Coldcard wallet is only possible with Coldpower adapter that you need to buy from them for $25  

Yeah Keystone has a nice big screen and it's expected to be little cheaper when it's 100% made in China, compared to Passport that is manufacture in United States.
If you like stuff made in China, go for it, and with current inflation and money printing in US, $200 already worth much less than last year and it will probably be much worse in near future.

You keep saying that Coldcard is not open source, it is; it's just not FREE open source. They have a github and it can be reproduced.
You can change it to whatever you like, you just can't sell it. I can download it and see what it does, I can compile it and see it's the same as what they are giving as a bin file and I can change what I want and give it to whomever I want. I just can't sell it.

And it's not just the energizer thing for the power it's the entire way they are doing it. The entire "designed to work with lithium AAA" is just bad power configuration. And "If using rechargeable, constant voltage lithium AAAs, Passport's battery indicator may not be accurate." So they can't figure out battery management in the most basic way? My cheap ass $39 discount store wireless door monitor could do that. 

For less money Keystone come with a rechargeable battery and a fingerprint sensor and a big screen for us older people :-). For even less money you can get the base model that does not have the rechargeable battery / fingerprint sensor.

I'm not at all saying that Passport is a bad product. Just that asking $200 for it seems a bit high.

-Dave

Let's compare Passport current $199 preorder price with other popular hardware wallets.
Trezor Model T is around $200 depending on your location, they announced possible shortage of devices soon, and it doesn't have secure element chip.
Ledger devices are around $70 and $135 plus shipping, but I would never buy this closed source titanic hardware wallet.
Coldcard Mk3 is still around $130 but it's not open source anymore, and it will be deprecated soon and stop production because Mk4 is coming out soon, and I am sure it will be more expensive.
Cobo is now rebranded to Keystone and price is around $170 and Bitbox02 wallet is around $135, so I think that Passport price is decent and nobody is forcing you to use Energizer batteries.

I still think it's too high a price point. But that's just me. I know I'm cheap. And don't get me wrong I Will never say a business should not make as much money as they can for as long as they can. But that does not mean they are going to get my money.

I also don't like the power requirements, and don't get the entire power draw thing, from https://support.foundationdevices.com/user-manual/batteries:


I can run a cold card and others that require power with a 9V to USB adapter for almost as long and it's uses any old 9V.
The $170 edition of the Kobo comes with the rechargeable batter pack.
And so on. Sounds like they are either pimping for Enegizer or messed up the power requirements.

-Dave

jerry007 is one of the members of my personal ignore list club

Yeah I know, I was joking about that and I saw size comparison picture with other hardware wallets last year.
Paradox is that today smartphones are usually bigger than early mobile phones, and they track your every move much better.

Exactly! Also, who would have thought that they'd release a new version shortly after selling a mere 1000 units of version one. However, innovation and improvements are also always good to see. And I like that they give that 21% discount. I wouldn't get v2 for 200, but for ~170 I might get it, e.g. to store somewhere else for multisig and stuff like that.

Who's jerry007?

It came without such foil though Nokia case actually sounds like a good idea, but keep in mind the Passport is way smaller than it always looks. It's really tiny; many people criticizing it being large and bulky clearly haven't seen it besides other items or even tried it in person. So it might be too loose in such a phone case.

Oh no, I don't like that felling when I see a good discount for something I (just) purchased in full price  

Same here, I also have a few devices ready for some testing and reviews, but I need time and some extra motivational push for writing something with meaning.
I don't want to turn into secret agent jerry007

Top secret advice to avoid scratches, never take of protective foil from devices, or you could just buy those old nokia phone protective cases.
Maybe even write some feedback to Passport developers to make improvements for next version.

Damn, I guess that's what happens to early adopters Paid the full price, eh, at least this way I didn't have to wait
Review will come when I find more time. Still need to try some aspects like multisig.

To be honest, 21% discount on 200 bucks would put a second Passport extremely closely to a BitBox'es price. I might for real get a second one, but it depends on what has been improved and what not. I would e.g. like to carry the Passport around daily but the screen will probably scratch too fast (it already has a few ones - more about this in my future review).

Passport wallet sold all their foundation edition devices, but they now have special discount if preordering now for $199, and you should receive your device around February 2022.
This is a nice $100 discount and good chance for anyone who planned to buy this wallet, offer is limited for only 2500 devices and they plan to introduce some improvements and firmware updates:
https://foundationdevices.com/2021/11/passport-founders-edition-is-sold-out/

I didn’t know about that, but that’s exactly what I would find so great if we could have different hardware wallets from different brands helping each other to create the best, most secure firmware! Like the Linux kernel that various distros are based on.

I must say, sure, looks shouldn’t be too much up the priority list for a hw wallet, but one thing I value a lot is build quality. I do like the BitBox02 for example but damn, that screen scratches super fast. There are vastly different types of plastic and they clearly chose a very soft one. If I can pay more and get a more durable device I say it’s worth it, but I have yet to see something about build quality of the Passport screen. However the inside is out of metal fwiw.

I’m very tempted to get one to test out as well. They have distributors in various countries and I might trust those especially with the supply chain validation process done during setup.
The price is not such a big issue for me. If I’ll get it, I’ll make sure to post an honest extensive review here.

Regarding collecting; I do have some important old devices myself, it’s cool to even hold an iPhone 4 in your hand again after a few years. With that said, I agree that most modern phones are way too large and heavy. Really do go ahead and compare your smartphone with an older mobile, they’re much more portable. Since Android is getting more and more Google shitshow by the day, and Apple is all closed off (no way to install foss directly from GitHub for example), I’m tempted to go back to a dumb phone and use computers / laptops for internet related things.
Sometimes I think it’s actually healthier not to have internet access when out of office / home in general, but thay’s another topic. (Do we have such a topic here? Would be happy to talk more about it.)

This is obviously the case of developers ego being hurt and they saw a threat of someone making potentially better product that would hurt their business model.
Imagine if Satoshi changed the Bitcoin license when first forks appeared...oh wait that is why we have Craig Faketoshi Wright for changing btc whitepaper licenses.
I think that passport devs even found some bug in coldcard code and reported it, that is perfectly normal in open source space.
Coldcard looks like a cheap plastic calculator and nobody can tell me that it looks better than passport device, but than again you should not buy hardware wallets for their looks.

I would personally not give $300 + shipping from America for passport wallet, but I would like to play with it (not actual games) and test it how it works.

Don't get me talking about my other ''revolutionary'' devices I never use, like electric lemon juicers and food blenders  
I have collection of old mobile phones and I still think that most new smartphones are big ugly bricks and surveillance tracking devices, and that is not just my opinion.

Lol, me too, and right now I have a habit of buying thumb drives I don't really need, since I have everything I'll ever need backed up on one single USB drive.  I just think they're cool, and so are HW wallets.  I'd probably start collecting them if I had money to spare.  As it is, I don't splurge on thumb drives all that often, but each one is something I don't really need.  I've also kept every cell phone I've ever had (and posted a pic of one of them earlier in this thread), and they're kind of neat to look at once in a while.

I've had the coinkite website bookmarked for a long time and have been meaning to buy a ColdCard wallet, and I'd even be interested in a Passport, too if I had the money and it was priced right.  I still think it's ugly, but so is that cellphone I have from 2001.

Note: I missed your post and am only replying to it now since I saw your link back to this thread in your recent post in the ColdCard thread.

So, I just read through this thread since I find the Foundation Passport very interesting.
I will state my thoughts and opinions as requested per the topic's title and am happy to discuss!

First of all, big elephant in the room: design. It's polarizing, I get it. I do like the design and all devices I have used / tested so far had some bigger or smaller drawbacks. I like that it's larger, that it has a larger screen and easy input method and normal batteries, which also increase the size. It's also not as large as it seems from pictures, when you see it in a video in someone's hand.

I do agree that this is not the best thing to carry around every day!
If that's your use case, feel free to use something slimmer.
I'd also like to add to the 'portability debate' that a person can have more than 1 hardware wallet.
Like a Trezor Model T on the go in their pocket, a BitBox02 in a safe and a Passport in the desk drawer.

Debate vs ColdCard: when publishing hardware and software with a license that allows to reuse it commercially, don't bitch around when someone actually does it. If you put it all out open source to allow for white-box audits, but don't want to allow people to use it, use the right license. I also think the whole community can benefit from multiple devices using a similar codebase: analysis results of one device help to find bugs on all devices using the same / similar code and both teams can work together at ironing out bugs and security flaws. That's kind of the spirit of open source, but the CC guys don't seem to get it.

Extra bloat code: I would really like to see the option to get this device without the games. I still think a wallet with multi-coin support is less secure than a Bitcoin-only device with a little game. It will be harder to induce bugs that somehow lead to a practical vuln which puts funds as risk through a game rather than through the implementations of tons of shitty coins' software. For example, the game will most probably never do any calls to the secure element and stuff like that. But at the end of the day, I don't want a device storing part of my wealth to play games, have tons of code for hundreds of insecure shitcoins that I will never touch and act as a 2FA device. Who would want to plugin their wallet daily, be potentially hacked via USB, to log into websites? Use a dedicated device or a 2FA app.

Security: Since ColdCard has been around for a while and lots of code is taken from it (as I explained earlier) this brings the nice benefit of giving some confidence about the reused code, that that 'should be fine'. Of course, it remains to be seen if the new components and alterations to CC codebase are all good and secure. It's nice that it uses the (imo) best security chip out there, that also the other big competitors use.

Materials: It seems much better built than the ~100-200€ stuff I tested so far (various Trezors, Ledgers, both BitBoxes). I am not sure how the screen holds up, but for example BitBox02 scratches up like there's no tomorrow. And I handle mine like a baby (or better).

Price: 300$ is a lot of money, but competitors like BitBox02 cost 120€, Trezor Model T 160€ - without camera, with small screen, no metal parts. I'm sure there is a market for the Passport, despite the price. People buy a piece of steel for 65€ from ShiftCrypto to backup their seed phrase, and even much more for the same thing in a 'premium package' (which I think is what Foundation Devices are going for as well) when getting a backup kit from CryptoTag. The Passport literally costs less than the highest-end CryptoTag, fwiw. Yes, you can accomplish the same thing with a 10$ hardware store run.

In conclusion, yes, it's expensive and the game bloat is a disappointment. I'm looking for alternatives though that offer:
* All open source hardware + software but with a good security chip
* Airgapped operation (ColdCard has no camera..)
* Preferably battery operated
* Bitcoin only

However, even if the security portion of the discussion is removed, it's still an issue because every time you install something / add something there is another chance for something to go wrong.

There may be no security issues with the snake game. But what about an edge case where if you play for longer then 'x' time or have some stupid high score then there is a memory storage issue that can cause data corruption.

-Dave

If you choose an OS which is filled with bloatware and start installing games on your airgapped computer, then yes, it is much less secure.

Yes, smartphones are far less secure, which is why they are classed as hot wallets. A smartphone is poor benchmark for comparing a hardware wallet to, though.

If you want a wallet which can play games, store arbitrary data, display pictures, whatever, then that's absolutely your choice. There are plenty of devices on the market to choose from. But you can't possibly argue that putting games on a hardware wallet is a good use of time nor that doing so is 100% risk free.

That is not exactly one purpose mixing private keys with password manager and logging on websites, and airgapped computers are by your definition even less secure because they all have games and other ''bloatware'' installed, and smartphone is even less secure so you should never use it again.
Anyone can find much more bugs in airgapped linux OS full of all kinds of software, yet people use it all the time with Electrum wallet, and they can play a game if the want.
Hardware wallets are just mini computers not some miracle devices with one strict use case.

Might also help to get the price down a but if they weren't paying devs to code, test, and implement games.

Which falls under their one purpose of securely storing and allowing you to safely interact with private keys, passwords, or codes. Not for playing games.

I don't disagree that adding altcoin support is risky too. Every new piece of code you put on the device poses a security risk. But altcoin code at least serves a purpose (even if it is a purpose I don't care for), and even better if it is entirely optional to install it in the first place. Pre-installed games are risky bloatware.