Topic: Wallet online for Bitcoin - page 2. (Read 722 times)
After buying BTC or ETH, then how to keep safe, avoid the scams of hackers are always stalking to steal your money. Use an electronic wallet to store your money safely. Use a convenient and convenient online wallet.
You may to using it for buying or selling cryptocoins, invest them to ICO, playing on gambling sites, use them for payments in signature camps and etc..
So far, I keep everything in ETH. The BTC exchange time is coming. Which wallet to choose online? What is the safest? Please help me:).
I now use www.myetherwallet.com + MetaMask.
I now use www.myetherwallet.com + MetaMask.
Why do you want use online wallet? This is not safety.
I don't think that this is good for big amount.. risk.
It's possible for bugs to exist everywhere. However, for a product like Ledger, security should be their top priority. With the recent case, a researcher has disclosed the vulnerability to them responsibly. The vulnerability is serious in the sense that the device could be compromised and tampered if any entity wants to do it or if the seller wants to. They dismissed the claim and gave everyone a false impression that a device that has been proven to be insecure is still secure.
Saying they "dismissed the claim" is not quite true... They weren't claiming that the vulnerability didn't exist, what they were arguing was that the vulnerability was not an "end of the world" scenario... and it required some very specific things for an attacker to pull it all off. The guy who disclosed the vulnerability wasn't happy with the way Ledger were handling the situation and went quite public about it all. After reading the technical documents, I'd have to side with Ledger on this one. Granted the exploit was very clever... but it did require physical access to the device... and would be completely eliminated if the device was updated with a new firmware.
Additionally, there were claims made that this vulnerability could allow an attacker to "extract the seed/private keys"... which was in my opinion quite sensationalistic and pretty much false. Sure, the attacker could know what the seed generated by the exploit was going to be and then use that to generate private keys... but that was because the attacker would already what the seed generated by the exploit would be! After all, they put it there
There was still no way to install the exploit and then extract an existing seed/keys from a device.
I personally wouldn't purchase anything from a company that advertises their product as having "robust safety features" while not being serious about the security of the wallet.
If they weren't serious, they wouldn't have bothered releasing any updates for that or the other vulnerabilities that were fixed... or for providing the bug bounties to encourage people to try and "break" their device.
It's possible for bugs to exist everywhere. However, for a product like Ledger, security should be their top priority. With the recent case, a researcher has disclosed the vulnerability to them responsibly. The vulnerability is serious in the sense that the device could be compromised and tampered if any entity wants to do it or if the seller wants to. They dismissed the claim and gave everyone a false impression that a device that has been proven to be insecure is still secure.
Saying they "dismissed the claim" is not quite true... They weren't claiming that the vulnerability didn't exist, what they were arguing was that the vulnerability was not an "end of the world" scenario... and it required some very specific things for an attacker to pull it all off. The guy who disclosed the vulnerability wasn't happy with the way Ledger were handling the situation and went quite public about it all. After reading the technical documents, I'd have to side with Ledger on this one. Granted the exploit was very clever... but it did require physical access to the device... and would be completely eliminated if the device was updated with a new firmware.
Additionally, there were claims made that this vulnerability could allow an attacker to "extract the seed/private keys"... which was in my opinion quite sensationalistic and pretty much false. Sure, the attacker could know what the seed generated by the exploit was going to be and then use that to generate private keys... but that was because the attacker would already what the seed generated by the exploit would be! After all, they put it there
There was still no way to install the exploit and then extract an existing seed/keys from a device.
I personally wouldn't purchase anything from a company that advertises their product as having "robust safety features" while not being serious about the security of the wallet.
If they weren't serious, they wouldn't have bothered releasing any updates for that or the other vulnerabilities that were fixed... or for providing the bug bounties to encourage people to try and "break" their device. The Nano s from ledger does not have any bugs.
The previously found 'vulnerabilities' did not lead to any theft.
Each software has bugs. It is just a question wether they have been found yet.
If you think trezor is 100% secure i have to disappoint you. You can't have 100% security.
The goal should be to minimize the risk as much as possible through appropriate measurements and common sense.
I'm not sure if I've said it on this thread but yes I do agree with your point. However, the main point is, are they going to downplay the severity of the attack and say that Ledger is still safe to use? Even if none of the coins were stolen, it doesn't mean that the device wasn't secure at some point and the proof of concept doesn't work.The previously found 'vulnerabilities' did not lead to any theft.
Each software has bugs. It is just a question wether they have been found yet.
If you think trezor is 100% secure i have to disappoint you. You can't have 100% security.
The goal should be to minimize the risk as much as possible through appropriate measurements and common sense.
I personally wouldn't purchase anything from a company that advertises their product as having "robust safety features" while not being serious about the security of the wallet.
The truth is that everything will be safer than online wallet. I do not have an offline comp. TREZOR must be enough for me. Tomorrow, I should have him in place.
The Nano s from ledger does not have any bugs.
The previously found 'vulnerabilities' did not lead to any theft.
Each software has bugs. It is just a question wether they have been found yet.
If you think trezor is 100% secure i have to disappoint you. You can't have 100% security.
The goal should be to minimize the risk as much as possible through appropriate measurements and common sense.
I'm not sure if I've said it on this thread but yes I do agree with your point. However, the main point is, are they going to downplay the severity of the attack and say that Ledger is still safe to use? Even if none of the coins were stolen, it doesn't mean that the device wasn't secure at some point and the proof of concept doesn't work.The previously found 'vulnerabilities' did not lead to any theft.
Each software has bugs. It is just a question wether they have been found yet.
If you think trezor is 100% secure i have to disappoint you. You can't have 100% security.
The goal should be to minimize the risk as much as possible through appropriate measurements and common sense.
I personally wouldn't purchase anything from a company that advertises their product as having "robust safety features" while not being serious about the security of the wallet.
Trezor has the big advantage of confirming the trolls by clicking the mechanical button.
Each hardware wallet needs mechanical confirmation (pressing buttons).
If it didn't have one it wouldn't be a second factor authentication at all.
Trezor and Ledger do not differ much in this point.
Currently you can condider both (ledger and trezor) wallets as secured. It is personal preference which one wants to choose.
I agree but it is definitely safer than wallets online or the application. Trezor has the big advantage of confirming the trolls by clicking the mechanical button.
I still stand by generating private keys on a offline computer running a live cd/usb version of Linux. But, hardware wallets have proven to be enough for the general user when they need to access the funds regularly. Although, this doesn't mean you shouldn't keep things tight when it comes to security. Ok, I will not actually risk ta advice and I ordered TREZOR. I understand that it is not complicated to use? I will not risk for LEDGER. The price is the same and it has bugs.
The Nano s from ledger does not have any bugs.
The previously found 'vulnerabilities' did not lead to any theft.
Each software has bugs. It is just a question wether they have been found yet.
If you think trezor is 100% secure i have to disappoint you. You can't have 100% security.
The goal should be to minimize the risk as much as possible through appropriate measurements and common sense.
I can recommend our online wallet https://octobit.io
11 cryptocurrencies, minimal fees and works from any device
11 cryptocurrencies, minimal fees and works from any device
Ok, I will not actually risk ta advice and I ordered TREZOR. I understand that it is not complicated to use? I will not risk for LEDGER. The price is the same and it has bugs.
The Nano s from ledger does not have any bugs.
The previously found 'vulnerabilities' did not lead to any theft.
Each software has bugs. It is just a question wether they have been found yet.
If you think trezor is 100% secure i have to disappoint you. You can't have 100% security.
The goal should be to minimize the risk as much as possible through appropriate measurements and common sense.
Quote
3 BTC is a lot of money. Why did not you protect yourself? I wrote down this topic to ask for security. I actually used Electrum for a small transaction. A nice application, but definitely not 100% sure.
i didnt know but i cant do anything right nowsearch on this forum for electrum its very useful software and better than any software and web wallets
Ok, I will not actually risk ta advice and I ordered TREZOR. I understand that it is not complicated to use? I will not risk for LEDGER. The price is the same and it has bugs.
Should not be too complicated to setup and use, as the seed for the wallet will be safely generated on the trezor screen.
However like said before, every software and code has bugs so this is not only a ledger wallet problem.
Ok, I will not actually risk ta advice and I ordered TREZOR. I understand that it is not complicated to use? I will not risk for LEDGER. The price is the same and it has bugs.
Online wallet is not a good option to keep your crypto funds but if you really need a solution currently blockchain.info is nearly the best solution. You can keep your private keys so in any case, you can transfer your addresses to another wallet. Any other solutions which doesn't give you the private keys is not secure! Definitely stay away from these kind of wallets / services...
Yeah,online wallets are not meant for storing our crypto currencies,if you do then you are risking the valuable assets.Never ever store more than 0.01BTC in any online wallets because it is easily hackable,if you have 2 factor authentication then you can save your funds from a hacker but still it is not safe as storing them in a hardware wallets or desktop wallet. 
Online wallet is not a good option to keep your crypto funds but if you really need a solution currently blockchain.info is nearly the best solution. You can keep your private keys so in any case, you can transfer your addresses to another wallet. Any other solutions which doesn't give you the private keys is not secure! Definitely stay away from these kind of wallets / services...
Many online wallets have for bitcoin. Coinbase,Blockchain are some of them. You can register these wallets and collect bitcoins.
I personally would not. I was just making a point that the source is open source (however the server software is not) so if you get "hacked", you cannot blame some provider which you agreed to use, and accepted their ToS. You should not blame other people for your mistakes.
Also he said that Coinbase is safe, and right after saying that he got hacked on blockchain.info, which i find to be rather ironic.
I would never advise using a wallet that is so called " Web wallet".
Yeah in terms of being hacked it's almost always the users fault for poor security practice rather than the software being at fault. Unless, it's their fault because their database got hacked then you can't really complain. Although, they would likely be responsible if they a hack did occur. Also he said that Coinbase is safe, and right after saying that he got hacked on blockchain.info, which i find to be rather ironic.
I would never advise using a wallet that is so called " Web wallet".
Why would you use blockchain.info locally though? There's better options out there. Blockchain isn't a very well coded wallet and what often happens is people send the wrong fees because of their automatic system which estimates the fees to send. Of course, it can be double checked by the user, but unfortunately with an automated system like that people just assume it's correct.
I personally would not. I was just making a point that the source is open source (however the server software is not) so if you get "hacked", you cannot blame some provider which you agreed to use, and accepted their ToS. You should not blame other people for your mistakes.
Also he said that Coinbase is safe, and right after saying that he got hacked on blockchain.info, which i find to be rather ironic.
I would never advise using a wallet that is so called " Web wallet".
Jump to: