Topic: Who can you trust these days with cold storage hardware wallets? (Read 213 times)

I speak generally in the context of trust in a company that behaves irresponsibly and thus endangers the security of its customers and their data. Unfortunately, we can not forget "recovery" because it is the key part that shows that their devices may have been able to "share information" all the time, but only now they have decided to admit it and charge for it.

Let's think for a moment what else is valuable in the Ledger database, say our IP addresses with all the logs and total amounts that we keep on these devices - because when you use their HW and Ledger Live you actually connect to their servers and share everything with them. I'm sure there are those who would find this information very interesting.

You are surely referring to the private keys and seeds in the part of your post that I bolded. Here is the difference. The personal information you submit to them when you buy Ledger hardware wallet is stored online on their servers. That's why it can be hacked and obtained. Your private keys and seeds are stored locally on the device you hold in your hand (let's forget about Ledger Recover for a moment). Thus, there is nothing to hack from Ledger's database. Ledger Recover introduces that window of opportunity through Ledger and the other companies that are supposed to hold the shards. That's why it should never have happened.

Of course, database hacking happens almost every day and this is not at all controversial, but such things should not happen to a company that should be an example of security for everyone else with regard to their products. By showing that they are not capable of protecting even their clients' data, they have more than obviously shown that we should have all suspected that they were not and would not be able to protect another type of data for which we eventually paid when we bought their devices.

In the thread about their recovery service there is a video in which you can watch Ledger CEO Pascal talk about it as something that most did not even notice, let alone felt any consequences. Such relativization of a problem that is really serious is for me then and today quite a sufficient sign that in this company the safety and well-being of clients are not in the first place, but that it is exclusively profit.

I look at the data hacking incidents as dents to the surface area. The Ledger Recover scandal is a completely different thing though. What a clusterfuck. A perfect example of how not to run a company.

Back to the data leak. Whether we agree on it or not, such hacking incidents happen. Companies from all industries have suffered minor and major hacking incidents. The forum we today write on was hacked in the past. No one questions Bitcointalk today or considers theymos and the admins incompetent for what happened. Obviously, the forum's main business model was never to protect sensitive data, Ledger's is. But Ledger is neither the first nor the last business handling sensitive information to be hacked. There is always one or more weak links in a chain. 

I don't find it at all strange that these two companies were not at that conference, given that they are EU companies, one of which has much more serious problems than participating in conferences. Besides what's the logic in looking for a link between those companies and FTX which was a crypto exchange?


The reputation you're talking about disappeared after the data leak, although Ledger then and today described the situation as harmless and overly stressed, because according to them, in fact, nothing terrible happened. They also claim that anyone who talks negatively about their new achievement in a negative way is actually just spreading FUD, because what they do is actually desirable and good, that is, it is demanded by their loyal users (especially their mothers and grandmothers).


I don't think anyone can give an objective answer to that question, especially if that question relates to hardware wallets - because after all, the question arises whether it all comes down to trust or the fact that something is open source?

I think that taught by the experiences of the past we should be extremely careful in giving opinions about which HW is the best, because even the seemingly best things can turn out to be quite the opposite.

If you use Taproot then you can make multi-sig transactions without any increase in fees.

For the vast majority of altcoins, you are exponentially more likely to lose your money due to them being useless, scams, rugpulls, Ponzis, completely centralized, and so on. If you are concerned enough with the safety of your money to be thinking about hardware wallets or cold storage, you should be concerned enough to swap all your shitcoins back to bitcoin.

The only caveat with combining multi-sig and an airgapped machine is that you can completely negate the safety that airgapping brings. If, for example, I set up a 2-of-3 between phone, daily computer, and airgapped computer, the airgapped computer adds absolutely nothing since the compromise of two hot wallets (phone and daily computer) is sufficient to steal my coins.

You need to ensure you cannot reach your threshold number of keys without at least one airgapped wallet. Your 2-of-2 example works. Another example with some redundancy would be a 2-of-3 between daily computer, airgapped computer, and the third seed phrase only on paper as an emergency back up.

Here are the basics:

Using hardware wallets has always meant that you have some level of trust in the manufacturer. Which, in the case of some of them, turned out to be unjustified. To trust or not to trust, after the incident with Ledger (several incidents)? The question is somewhat rhetorical. The unreliability of one company is not a reason to distrust all others. But still, questions arise: can you trust wallet manufacturers at all? In my opinion, none of them can be trusted 100%. Therefore, the storage of bitcoin on the wallet of only one manufacturer in real life is considered unacceptable.

Probably one of the acceptable solutions is multi-signature wallets that include 2-3 devices from different manufacturers (it doesn’t matter if it’s airapped or not. I wouldn’t trust 100% even the vaunted passport from foundation) + electrum (you should not use native apps from HW device manufacturers).

In matters of the safety and security of your assets, it is not superfluous to be a little paranoid. It is better to play it safe a few times than to sob over the lost money later.

One thing I love about the passport is how much it looks like an old cellphone brick. I haven't really done much research on them yet but I have had a chance to hold one in hand at the conference and really liked how it worked. I have yet to check the Coldcard too, and same with me on the multisig solutions. Can someone please point me in the direction of a good air gapped wallet strategy?

No reason to choose one or the other, both can be used in unison for a very secure and private set up.  One signer wallet on an online machine with the other on an air-gapped machine can be a practical set up.  It's not so much different than having an encrypted watch only wallet on the online machine, but chain analysis freaks out when it sees a 2 of 2 multisig transaction, especially if there are multiple inputs.  And I like fucking with chain analysis.


Agreed, I own and recommend both.

I cannot stress this point enough.

airgapped computer, with proper backup.

I am constantly amazed at the number of discussions that have popped up about people using an AG PC and not having the seed secured someplace else.
Buy a hardware wallet, backup the seed securely.
Setup a hot wallet with a small amount on your phone or PC, backup the seed securely.
Do an airgapped PC and "Oh, I'll just write the seed on this piece of paper here and stick it in a book"

Seriously, WTF. Seen that a couple of times now on reddit and other discussion places.
Because it's just an offline PC sitting there, what can go wrong.....

-Dave

I have never been interested in crypto conferences, so I wouldn't know if this is a surprise or not. Have Ledger and Trezor regularly been participants in these and similar conferences in the past?

They have stopped the production and sale of this particular brand. They have stated that vulnerabilities and bugs will still be fixed if discovered. But the old Nano S won't be in their focus of attention for new features compared to their other devices. All of that + the memory limitations could be reasons why (hopefully) it won't support the Recover vulnerability.   

I have never paid much attention to multisig solutions, maybe I should. But if I had to pick between multisig and an airgapped computer, I would go for the latter. Regarding hardware wallets, I agree with those recommending Passport. It's quite expensive, but they are doing many things right. I would also not rule out the Coldcard Mk4.

If you do not setup Multisig wallet/s well you may end up paying more fees without enhancing the security, and you may reach a scenario where you are more likely to lose your money like 5-of-5. and again Multisig is not about cold storage.

This is an excellent solution for Bitcoin, but you will not have multiple options if you intend to store some altcoins, it is true that you can say not to invest in them, but hardware wallets manage them reasonably and without technical knowledge.

tread93 use airgapped system and/or multisig wallet with HW (2-of-3) for bitcoin and check this list for good HW wallet https://wallets.thebitcoinhole.com/

DROY, ask here if you find a HW and want more information about it.

If you believe what Ledger say. I certainly don't.

Aside from the hacking, they have a very anti-privacy and pro-surveillance stance and actively fund blockchain analysis. So no, very much not credible.

If you really want to use a hardware wallet, the only one I would even consider right now is Passport. The best solution is to set up your own cold storage using Electrum, Linux, and a permanently airgapped device.

You do not have to trust, go for wallet on an airgapped device. Make sure you setup the wallet on an airgapped device which the Bluetooth and WiFi card have been removed.

https://electrum.readthedocs.io/en/latest/coldstorage.html

For bitcoin hardware wallet. You can go for Passport.

I will still recommend Trezor if you want to store altcoins along with bitcoin on the same hardware wallet. Coinjoin that is recently on Trezor is with the help of Wasabi. Wasabi and chain analytic company are censoring coinjoin transactions which some people do not like and see it as privacy invasion.

Multisig Wallets is one of the most secured layer to keep your funds safe which we call as cold storage however make sure that the source code is open source. Coinkite is one of the hardware wallet manufacturers and their coldcard is one of the most popular product among others cause it's truly airgapped and never have to connect to any device for signing in. So it can be preferred for our crypto assets however the security also depends on how we keep the keys safe with us.

I found it very odd that neither Trezor or Ledger were at B23 conference in Miami this year, especially after the FTX collapse. I've read many posts about the negative consumer sentiment on the ledger hardware wallets third party seed recovery service they have released over the past few months, they have trashed their hard earned reputation as the leading trusted hardware wallet and its despicable. Especially after their data dump a few years back on proprietary customer information including addresses, emails, and phone numbers, you would think they would try to keep their customers at bay instead of pulling this kind of ridiculous stunt. Apparently the Nano S is their ONLY device right now not exposed to this new update for the foreseeable future (Simply because of its lack of memory on the device) leaving any ledger wallet user in a difficult place. Trezor on the other hand has also been hacked a few times in the past, although I don't know much about the Trezor and if they're even still credible hardware wallets. What are Bitcoin users to do in terms of cold storage hardware wallet storage for their coins to secure them? I know multisig wallets are obviously the best case scenario, but don't have any experience with these wallets to date. Eletrum i've heard is great, i've also heard of CoinKite, and a few others. What is the best way right now to secure your coins?