Pages:
Author

Topic: Which best for long term investment? Hardware wallet or Software wallet . - page 2. (Read 913 times)

legendary
Activity: 2534
Merit: 1233
Software wallet are also not bad to serve as long-term storage as long as we can use them properly.
There is something we need to take good care of and that is seed phrases.
IMO, both are vulnerable to risk whether that's a hardware wallet or a software wallet, as long as you're connected to the internet, you're prone to cyber attack.  Just like using Electrum, how many reports have been a victim of malware attacks even if they're knowledgeable enough about this wallet?  However, both software wallets and hardware wallets have their advantages and disadvantages, and the best choice depends on our individual needs and preferences.

But if you're going to ask me for storing Bitcoin or other cryptos in the long term, I prefer to choose a hardware wallet and spend a little amount on it.  These hardware wallets typically come with advanced security features like two-factor authentication and PIN codes and didn't leave any footprint on the device where you're connected at.  If you're storing a large amount of crypto in long-term investment and prioritize security, a hardware wallet may be the better choice.
sr. member
Activity: 1078
Merit: 342
Sinbad Mixer: Mix Your BTC Quickly
Nowadays, we don't need to bother about individual private keys. With HD wallets, all we care about are the seed phrases. Private keys are accessed in the background during transaction signing but it's not something you as a user need to worry about. You are supposed to make seed backups with both software and hardware wallets. The dangers of phishing and social engineering scams are threats to both. A hardware wallet can't protect you from making mistakes and revealing your seed or entering it in a phishing site.
The risk remains whether you are using a hardware or software wallet. It all depends on the user's behavior and how wise they are when dealing with their wallet. The seed phrase is the most important thing and should be everyone's top priority. It should be stored offline and in a safe place. As you mentioned private keys are generated in the background of the wallet during transactions, so we don't need to worry much about them. However, what matters is the safe environment when you're trying to use your bitcoin.

Regarding the OP's topic, the best long-term investment is undoubtedly a hardware wallet, as it offers a higher level of security compared to a hot wallet. However if a HW is not affordable, you can still use Electrum wallet as a cold wallet on an air-gapped device. This method can be as secure as using a HW as far as I know.
hero member
Activity: 1316
Merit: 787
Rollbit - The #1 Solana Casino
...
-snip-

but right now I don't have any money to buy hardware. So I suggest using a software wallet.  However, I have no idea which wallet to use will provide the most security. So tell me a bit about what is a strong and security complete wallet?
Software wallet are also not bad to serve as long-term storage as long as we can use them properly.
There is something we need to take good care of and that is seed phrases.
For software wallets, use one that can connect to a hardware wallet like Electrum.
If you are not interested in using Electrum, there are still several types of software wallet that can be used that have proven their use so far in storing assets.

Hardware wallet are also quite good if used as long term storage wallet. The price for one hardware wallet is not expensive and still affordable.
Two months set aside a little money, already got one piece of hardware.
legendary
Activity: 2730
Merit: 7065
I would also vote hardware wallets as the best one. Whenever it comes to the software wallet there are many human errors are possible. You could end up losing your private keys to pass phrases over phishing and anonymously you could compromise the wallet right on spot.
Nowadays, we don't need to bother about individual private keys. With HD wallets, all we care about are the seed phrases. Private keys are accessed in the background during transaction signing but it's not something you as a user need to worry about. You are supposed to make seed backups with both software and hardware wallets. The dangers of phishing and social engineering scams are threats to both. A hardware wallet can't protect you from making mistakes and revealing your seed or entering it in a phishing site.
full member
Activity: 1092
Merit: 227
I mean, think about it — why would people spend money on a hardware wallet if a software wallet is more secure? Obviously hardware wallets are better for 99% of people.

But don't take the word from me, go do some reading and learn for yourself.

https://cryptosec.info/wallets
https://bitcointalksearch.org/topic/general-bitcoin-wallets-which-what-why-1631151

Both wallets are safe but its about "which is safer". I would also vote hardware wallets as the best one. Whenever it comes to the software wallet there are many human errors are possible. You could end up losing your private keys to pass phrases over phishing and anonymously you could compromise the wallet right on spot.

Ideally speaking when you access the hardware wallet it is the best known fact that you select the words by operating with physical keys, and all the data is stored on the chip inside. You are basically extra layer away from the internet environment since you are not really surfing the web directly.

In case of hardware wallet: (for long term investment)
You could initiate cold storage
You could save the passwords, passkey, mnemonic phrases somewhere safe and forget about them.
You can safely keep your hardware wallet locked up waiting for the time to open
You won't access the bitcoin immediately and could increase your chances of saving the bitcoins for longer than expected.

In case of software wallet, I am really scared. I can end up losing the wallet to obvious hacks for sure.
hero member
Activity: 714
Merit: 1298
As a new investor I am very curious to know in which wallet my bitcoins will be safe.

For long term I would stay on Foundation Passport hardware wallet.

It is open sourced in both way - software and hardware.

Besides it is airgapped in both way by using QRcode  and/or industrial grade  microSD card.

And last but not least  under its hood are the  hardware components of the highest quality.

Passport is a bit expensive compared with other HW wallet but you know what you pay for.
legendary
Activity: 2744
Merit: 1878
Rollbit.com | #1 Solana Casino
Hardware wallet, it gives unparalleled peace of mind compared to software wallets. But then again, it will take away 1 part of your holding if you were to buy it right now. So stick to software wallet like muun for time being, once savings are grown enough, purchase HW.
That's for sure, but it's also important to keep your Hardware wallet safe. Hardware wallets are safe from some hacks but not from careless use.
Keep the phrase seed in a place that only you know and make sure it stays safe.

And for Software wallets such as the muun wallet you are referring to, it is only one of the choices of several Bitcoin wallets.
There are several widely used Bitcoin wallet recommendations such as Electrum and Bluewallet.
and for now, I use 1 Hardware wallet and Electrum for use on Desktop and Android.
hero member
Activity: 2520
Merit: 952
Hardware wallet, it gives unparalleled peace of mind compared to software wallets. But then again, it will take away 1 part of your holding if you were to buy it right now. So stick to software wallet like muun for time being, once savings are grown enough, purchase HW.
hero member
Activity: 1540
Merit: 772
Updating your wallet sofware regularly is good, but that is not only where the vulnerabilities exists, as long as the device that holds your funds is connected to the internet, there are malwares, keyloggers and other forms of attack vectors waiting to steal your funds.
Every update that we are asked to do by dev must have something new that is good for us as users. Not all software wallets ask for updates if there is nothing important. But yes, every software that is connected to the internet is vulnerable to things that can harm us even though it is not wanted by the dev as the owner of the device.

In the context of security, storing large amounts of assets in software is something we always avoid, especially me.
legendary
Activity: 2744
Merit: 1878
Rollbit.com | #1 Solana Casino
Additionally note, if you want to use a hardware wallet for long-term investment needs, I recommend not using a hardware wallet that has a battery feature (which is generally not easy to remove). Example Ledger Nano X:\
Thanks for the additional note. Using a hardware wallet with a battery is indeed quite risky to be damaged and is designed for only 5 years of use, as you have an example of the Nano X or as I also have the Safepal S1.

Indeed quite vulnerable, Hardware wallets using batteries that are not turned on for a long time will result in battery life. A real example on the Safepal S1 that I have. When not turned on in a few months the battery turns out to be increasingly wasteful and even when it is Off the battery still decreases. this indicates that the battery has started to be bad. If there is indeed a problem and it becomes hardware that is still in use, you must replace the battery with the same battery model.

As in the safepal discussion thread, I looked for some suitable alternative backup batteries
and then I searched the marketplace for many available batteries of the same size. this makes it possible to replace the safepal battery with another battery of the same type. this would be better than waiting for a refund (for new users) which of course would take quite a long time.


https://id.aliexpress.com/i/32861524014.html?gatewayAdapt=glo2idn

However, if you look at the OP in the initial post, he does not have a hardware wallet yet.
Another alternative may be to use the Electrum installed on Tails OS, which is made portable on a flash disk. Of course, the storage location of the seed phrase/private key from the wallet is necessary to pay attention to.
Making electrum installed in a Flasdisk with Tail OS is a good idea. It can be a Bootable Electrum USB Tail OS that is only used when needed, quite compact only uses flash disk media. This is an option for those who can't afford a hardware wallet.
legendary
Activity: 2296
Merit: 2892
#SWGT CERTIK Audited
-snip-
All security is still quite vulnerable, both hardware wallets and wallet applications.
But the use of the Hardware wallet is still quite recommended as the main storage wallet.
Additionally note, if you want to use a hardware wallet for long-term investment needs, I recommend not using a hardware wallet that has a battery feature (which is generally not easy to remove). Example Ledger Nano X:

The battery is designed to last 5 years. Ledger does not provide a battery replacement program. If battery capacity has degraded beyond being practically usable, the device can be used by connecting it to a power source using the USB cable.

However, if you look at the OP in the initial post, he does not have a hardware wallet yet.
Another alternative may be to use the Electrum installed on Tails OS, which is made portable on a flash disk. Of course, the storage location of the seed phrase/private key from the wallet is necessary to pay attention to.
legendary
Activity: 2744
Merit: 1878
Rollbit.com | #1 Solana Casino
Although, I also believe that it is good to use the hardware wallet as others say here that it is really recommendable. And as for the software wallet, electrum is also recommended here in my opinion and experience here as long as you update it if it says something that should be updated.
Updating your wallet sofware regularly is good, but that is not only where the vulnerabilities exists, as long as the device that holds your funds is connected to the internet, there are malwares, keyloggers and other forms of attack vectors waiting to steal your funds.
The internet is the source of everything and it depends on how you use it. The use of Wallet on devices connected to the internet is very vulnerable to being infiltrated by malware. But not without prevention, there are many ways that can be done to keep the device safe from any malware.
The main prevention lies with the users themselves, how they use it and what they access.

Nowadays even malware is getting more sophisticated and unstoppable. Some of the latest malware cases such as Xenomorph are able to steal any information, be it crypto wallets and some bank user information. and Malware is injected into applications that we often use and are hidden, so that they can enter the Play Store. It can even penetrate security with SMS or 2-factor authentication. Malware is now quite powerful and there needs to be prevention from various security.

https://bitcointalksearch.org/topic/m.61893757

https://www.bleepingcomputer.com/news/security/new-xenomorph-android-malware-targets-customers-of-56-banks/

All security is still quite vulnerable, both hardware wallets and wallet applications.
But the use of the Hardware wallet is still quite recommended as the main storage wallet.
legendary
Activity: 994
Merit: 1089
From what I've experienced here in cryptocurrency for several years, I haven't faced any issues using Electrum since 2018 until now. Since you're like op I can't focus on spending money to buy a hardware wallet.
Electrum is a very good wallet and highly recommended, but it is a hot wallet, and even if the wallet is open source and we are very sure of the code, what about you and your device, is your device free from malwares, do you watch porn on your device, do you click links without giving it a second thought, Electrum is a good software wallet, but if used in an online device, the funds in the wallet are not safe, except it is just a small amount for your daily spending. But for long term and with huge funds, use electrum on one device as a cold storage, generate the seed offline and make sure that device is never connected to the internet, with Wifi disabled and airplane mode turned on, that's where you would sign transactions, then on a second device which is the online one, you use electrum on it for watching only and broadcasting transactions to the network, that is the safest way to use a software wallet if you can't afford a hardware wallet.
Although, I also believe that it is good to use the hardware wallet as others say here that it is really recommendable. And as for the software wallet, electrum is also recommended here in my opinion and experience here as long as you update it if it says something that should be updated.
Updating your wallet sofware regularly is good, but that is not only where the vulnerabilities exists, as long as the device that holds your funds is connected to the internet, there are malwares, keyloggers and other forms of attack vectors waiting to steal your funds.
sr. member
Activity: 1498
Merit: 271
DGbet.fun - Crypto Sportsbook
From what I've experienced here in cryptocurrency for several years, I haven't faced any issues using Electrum since 2018 until now. Since you're like op I can't focus on spending money to buy a hardware wallet.

      Although, I also believe that it is good to use the hardware wallet as others say here that it is really recommendable. And as for the software wallet, electrum is also recommended here in my opinion and experience here as long as you update it if it says something that should be updated.
newbie
Activity: 8
Merit: 14
Not your key not your coins.

Get all coins off exchange. Take self custody.

Get a Ledger or Trezor hardware wallet (This way you can access them anytime). There are a bunch of youtube videos on how they work.

Then make 3 seed backups in steel washers (or titanium). And ideally encrypt them with a simple cipher (or use a passphrase and store that separately)

Low cost, affordable, easily scalable, indestructible, fireproof 1400°C (a house fire is around 1100°C), waterproof, corrosion proof, shock proof, earthquake proof, offline cold wallet, seed or passphrase backup.

https://i.etsystatic.com/41503409/r/il/689efd/4813988559/il_1588xN.4813988559_fcds.jpg
Picture taken from here: https://www.etsy.com/listing/1434977816


More information on that topic here:

https://jlopp.github.io/metal-bitcoin-storage-reviews/
https://incoherency.co.uk/blog/stories/diy-cryptosteel-capsule.html
http://bulletproofbitcoin.com/
https://blog.lopp.net/a-treatise-on-bitcoin-seed-backup-device-design/
https://www.econoalchemist.com/post/backup
https://blockmit.com/english/guides/diy/make-cold-wallet-washers/
https://bitcointalksearch.org/topic/securing-your-seed-phrase-with-washers-5389446

Smiley
legendary
Activity: 2730
Merit: 7065
That cold card is not open source may be right, but it is completely irrelevant for the OP. What the OP wants, is to store his bitcoins safely and not a fight about close and open source. For the OP the public code is as good as the open source code of others. The public code may be bad for the industry however, but thats not the topic here.
I think the same way, and I called it politics a few months ago in a similar discussion that popped up concerning ColdCard. If I want to verify the code of a hardware wallet, ColdCard makes that possible. Whose code they used and why they now operate under a different license is not something I should have to concern myself with. They would be open-source in a perfect world because much of their code came from such clients, but nothing in this world is perfect.
hero member
Activity: 1050
Merit: 642
Magic
Hardware wallets are always better for long term storage, since computers are way less safe.


That article you shared makes a mistake toward the end though, when they discuss open-source alternatives. One of the brands they name is ColdCard. ColdCard does not use an open-source license. Their code is public and verifiable, but it's their properly, and you are not allowed to use it for your own products. That's completely different from open-source wallets like Trezor, where you can (if you know how) use the entre codebase and build a brand new product.

That cold card is not open source may be right, but it is completely irrelevant for the OP. What the OP wants, is to store his bitcoins safely and not a fight about close and open source. For the OP the public code is as good as the open source code of others. The public code may be bad for the industry however, but thats not the topic here.
legendary
Activity: 2730
Merit: 7065
Usually the firmware, that is to say the software embedded into the hardware device is not open source, or only partially at most. It's the most critical part since it holds the seed and the private keys, though.
https://cyberscrilla.com/are-ledger-wallets-open-source/
I understand what you are saying, but you are using the example of a hardware wallet brand that we know isn't open-source. Ledger uses closed-source firmware and hardware, which includes the secure element. I didn't see anything in that article which wasn't known before. We also know that the individual crypto apps on Ledger and the native software itself are open-source. Any developer can build open-source code for an asset and submit it to Ledger as part of their development program.

I never gave much thought to the bootloader question. But that part is apparently also open-source in selected HWs.

That article you shared makes a mistake toward the end though, when they discuss open-source alternatives. One of the brands they name is ColdCard. ColdCard does not use an open-source license. Their code is public and verifiable, but it's their properly, and you are not allowed to use it for your own products. That's completely different from open-source wallets like Trezor, where you can (if you know how) use the entre codebase and build a brand new product.
legendary
Activity: 2604
Merit: 2353
Moreover they are not open source, so you'll never know if there are backdoors or latent vulnerabilities into them, that will be discovered and used by someone one day.
What part of them are not open-source? There are many open-source hardware wallets on the software side. There aren't many on the hardware level, though. I think Foundation's Passport is the only one with open-source hardware, except the secure element. Someone correct me if I am wrong. I am not sure how far Trezor has gone with the development of their almost fully open-source SE. But if the openness of hardware is a problem, we shouldn't use laptops, PCs, or phones for anything related to personal or financial data, but we still do.
Usually the firmware, that is to say the software embedded into the hardware device is not open source, or only partially at most. It's the most critical part since it holds the seed and the private keys, though.
https://cyberscrilla.com/are-ledger-wallets-open-source/
In addition if you can't flash the device with code compiled by yourself, you will never know if the code running into it is the same as the one shown elsewhere, or is another one.  
Bitcoin allows to not have to trust the hardware and software you are using when you create a transaction thanks to the cold storage feature. If you don't connect your air gapped device before sending funds belonging to it elsewhere, you're safe no matter if your set up has been infected or not. So you can use any laptops, PCs, or phones with Bitcoin as long as they are disconnected before creating your seed and remain so until you no longer need the seed.

I would add that even if a manufacturer is reputed, there is no guarantee it will always stay honest (look the Coldkey case for example)
But that was a case of trusting an individual and believing they were honest, which they weren't. Plus, the Coldkey isn't a hardware wallet. It's a card-like paper wallet where someone else generated the keys for you and kept backups of them.
It's rather similar since the manufacturer can leave backdoors into its devices.
legendary
Activity: 2730
Merit: 7065
Moreover they are not open source, so you'll never know if there are backdoors or latent vulnerabilities into them, that will be discovered and used by someone one day.
What part of them are not open-source? There are many open-source hardware wallets on the software side. There aren't many on the hardware level, though. I think Foundation's Passport is the only one with open-source hardware, except the secure element. Someone correct me if I am wrong. I am not sure how far Trezor has gone with the development of their almost fully open-source SE. But if the openness of hardware is a problem, we shouldn't use laptops, PCs, or phones for anything related to personal or financial data, but we still do.   

I would add that even if a manufacturer is reputed, there is no guarantee it will always stay honest (look the Coldkey case for example)
But that was a case of trusting an individual and believing they were honest, which they weren't. Plus, the Coldkey isn't a hardware wallet. It's a card-like paper wallet where someone else generated the keys for you and kept backups of them.
Pages:
Jump to: