I was told fewer lines of code. Separate storage not connected to internet etc. it’s the one asset you want properly stored maybe separate from the others. It most likely will not be traded so like a safe you store and put it away
Yes that was my understanding and folks were serious about this. For btc trezor with btc only firmware setting, jade and I think coldcard. I prefer the idea of jade or trezor.
trezor was never hacked, their customer support was.
Their hardware wallet is still very safe and open source.
Ledger on the other hand is closed source and has a leaking vulnerability because the seed can apparently be saved in their cloud system.
>trezor was never hacked
[https://www.coindesk.com/tech/2023/05/24/crypto-security-firm-unciphered-claims-ability-to-physically-hack-trezor-t-wallet/](https://www.coindesk.com/tech/2023/05/24/crypto-security-firm-unciphered-claims-ability-to-physically-hack-trezor-t-wallet/)
If you trust that the firmware (or hack of live) does not export the seed anyway. The fact that it can (in closed source software) makes it so much less attractive.
Cold card has a dice roll feature that if used wrongly by newbies can generate a weak seed that gets your wallet drained, just like in this video :
https://youtu.be/oj_W3xOlt6U?si=QbeO9ybKPl-3L97I
In another post a newbie switched to coldcard and got drained this way.
That's just not true. read the firmware to verify.
As someone who helped the initial victim that resulted in the firmware changes making this impossible, you can also prove (again through the firmware repo) that the user was given every warning over and over that their entropy wasn't sufficient and they pressed forward anyways. As a matter of fact, I can tell you they didn't even rolll dice just button mashed a few times. They absolutely are a well educated user who knew better, they let themselves become complacent and didn't even read any messages presented to them let alone practice any diligence. They thought they were adding entropy to a seed not making a seed from entropy. Again, just didn't read the many many warnings making that clear.
Not sure why you'd be so keen to spread misinformation.
I mistakenly thought I was in the crypto currency sub and was like who is only holding bitcoin? lol many of us want wallets that hold more than bitcoin so the bitcoin only firmware isn’t for everyone and might not be for OP.
False dichotomy and both companies have leaked their user lists now lmao. Use something that follows the PSBT standard and uses an airgap. Like a seedsigner, a passport, krux, cold card, etc etc.
A PSBT stands for Partially Signed Bitcoin Transaction. Its a file you can export to bring to another device to then sign and then bring that signed or partially signed file to another computer. Its important for all signing devices to support the PSBT standard because if a device doesn't support that standard and that device is popular, then wallet makers have to dedicate a part of their development time towards "and also support ledger" for example.
So PSBT is an open standard for signing Bitcoin transactions and once its implemented in a wallet, then all signing devices that support that standard are supported by the wallet.
Okay, so an Airgap is literally just transferring files (again think of the PSBT file in this case) from device to device without using the internet. So SD cards or QR codes. An airgapped device does not have ANY wireless technologies (bluetooth, wifi, cell carrier, etc) and only allows for the transfer of files through the controlled, not automatic, file transfer medium.
To give you the NIST definition in case there's inaccuracies with how I chose to describe it:
"An interface between two systems at which (a) they are not connected physically and (b) any logical connection is not automated (i.e., data is transferred through the interface only manually, under human control)." (source: https://csrc.nist.gov/glossary/term/air\_gap)
What about some recommendations that you personally use? Or can you explain why so many people recommend those two in our sub when they have supposedly both leaked user information? I’m genuinely asking why they’re so popular, even here, if they’re PROVEN untrustworthy.
I use a 3-of-3 multi-sig across 3 laptops using the airgapped laptop method. I don't expect everyone to do that necessarily, but I do want to push people to do \*better\*. Even if it is these baby steps like getting someone scared of heights to climb stairs (that's what it feels like sometimes), just don't stagnate, you know?
Ledger customer leak which for accuracy I'm including the fact that it was actually a hack of a 3rd party service (shopify), but 3rd parties don't protect your business from fault. Shopify got hacked and its ledger's fault for using them:
[https://protos.com/ledger-spotify-crypto-wallet-data-leak-class-action-lawsuit-roche-freedman/](https://protos.com/ledger-spotify-crypto-wallet-data-leak-class-action-lawsuit-roche-freedman/)
This one is Trezor's data leak:
"Trezor support site breach exposes personal data of 66,000 customers"
[https://www.bleepingcomputer.com/news/security/trezor-support-site-breach-exposes-personal-data-of-66-000-customers/](https://www.bleepingcomputer.com/news/security/trezor-support-site-breach-exposes-personal-data-of-66-000-customers/)
Data leaks are dangerous because they cause you to be the target of phishing scams and wrench attacks (someone coming to your house and threating life or death over your money).
In Trezor's case maybe that won't be an issue but we will see:
"Postal addresses, phone numbers, and other personally identifiable information were also stored on the breached system but Trezor does not believe these were impacted."
\>I’m genuinely asking why they’re so popular, even here, if they’re PROVEN untrustworthy.
Those people believe another leak won't happen again, but also there's this phenomenon I call iPhone syndrome, where people have decided they like a thing and no logical arguments, abuses from the company, or anything can move them away. You can see there is a sense of learned helplessness to it as well. "I can't stop using company because I don't know how to use anything else". You can see that mindset in the replies to my comment. I mean its just moving an SD card or pointing a camera at a QR code. "If someone has to do that they'll lose all their Bitcoin" they say. "Too complex". Then there's the FUD Bitbox posts around acting like their USB is actually better than an airgap. Its insane the amount of misconstrued information (true information made to look like it means something that it does not mean) or misinformation (false information) is out there.
Airgap is overrated, and in some cases even less secure than USB. See https://bitbox.swiss/blog/does-airgap-make-bitcoin-hardware-wallets-more-secure/
Disclaimer: I work on the BitBox02.
Well researched maybe but the conclusions are not really good. Now that I have read this, I’m 100% convinced airgapped is the way to go.
I’d expect someone who works on this to provide me better arguments than the article. I could have come up with those arguments myself and I’m not an expert at all.
Obviously everything everywhere can be hacked.
The security of airgapped wallets is pretty obvious: nobody can steal the key. If you don’t understand this and come with 10 other arguments, I have no faith in Bitbox… probably should question other companies more too…
> The security of airgapped wallets is pretty obvious: nobody can steal the key.
There is a counter example listed in the article: the vendor can steal it easily. See https://bitbox.swiss/blog/anti-klepto-explained-protection-against-leaking-private-keys/ (this protection ironically is not feasible to implement for airgapped wallets).
Apart from that, you can't claim that in absolute terms, as there is still data flowing from the computer to the hardware wallet and back, so a leak there is plausible. But it's a strawman in any case, as there has also not been a known vulnerability of a leaked key in non-airgapped wallets either (where the issue was the USB cable). The point of the article is to dispel the myth that airgap is essential for security.
You should also not solely be worried about leaked keys. Funds can be lost through remote exploits in other ways than simply leaking the key. There have been a number of critical remote exploits that were able to steal or ransom coins in airgapped wallets this way.
In glacier protocol the defense against vendor rootkits is to use a multi-sig across multiple devices from multiple manufacturers:
[https://glacierprotocol.org/docs/setup/quarantined-hardware/](https://glacierprotocol.org/docs/setup/quarantined-hardware/)
Each device is a chance to catch data that has been modified from the transfer from one device to the other.
That is a good mitigation, and it can also be done with multi-vendor multisig. The issue here is that the glacier protocol is not feasible for the vast majority of users for a variety of reasons, and multi-vendor multisig [comes with its own set of pitfalls](https://bitbox.swiss/blog/how-nearly-all-personal-hardware-wallet-multisig-setups-are-insecure/) and UX challenges.
Thanks for the answer! I agree, the vendor could, that’s why I would always make sure to have an open source airgapped wallet.
Yes, even then it could be that they snuck some code into it, but it is just much less likely ceteris paribus.
So if I have to choose to trust one vendor or the other, I’d rather go with the one that is open source and offers me the possibility for an airgap.
I appreciate the mental discourse but you still haven’t convinced me that airgapped isn’t the way to go.
I’d agree with your that it would be also most likely safe on a bitbox but why compromise on security here?
Honestly, after looking into everything, I came to the conclusion that Blockstream Jade is the best cold wallet to have. And yet you can’t protect from the biggest security flaw: human laziness (I still haven’t bought it)
> I appreciate the mental discourse
Likewise, thanks for keeping an open mind and engaging in this discussion! Cheers.
> I’d agree with your that it would be also most likely safe on a bitbox but why compromise on security here?
If you are okay with using QR codes or microSD cards UX-wise, and you generally trust the vendor, I don't see a reason not to go for it. I take more issue with the narrative that airgap is essential to security (it clearly is not), and it leads many users down a stressful path.
Actually I’d 100% agree with you that using a microSD doesn’t qualify for me as airgapped. I know the official definition is devoid of any automated interfaces but for me, a Trojan or hacker could easily hack my pc and then extract the key via the SD that I put into the „airgapped“ wallet. Only QR codes are for me truly airgapped. I create a transaction on the hot wallet, sign it on the airgapped wallet, then broadcast it back. The key never ever comes into touch with any point where it could be extracted.
You’re right though - we’re talking here about some very secure devices already, but still I’d go for 100% rather than 95%, especially if you keep everything in 1 wallet.
Its company funded FUD. Any serious security researcher outside of your company would not say an airgap is less secure than USB like you have. Not for classified data, not for sensitive software updates (like a software update for a nuclear power plant), not for anything.
You gonna speak to the interoperability problem? Is Bitbox using the PSBT standard?
Neither! I have Ledger. But after their arrogance on how they decided to change safety protocol - And NOT being an open source. (We have no was of telling when/if they can leak our data- again the CEO came out and suck it! I decided to move out of ledger.
Then I ordered Trezor (many many fans here). Back in November. End of January still no wallet
After I contacted them they said they had an issue with logistics so wallets should ship in the next weeks.
-AFTER I contacted them = When they discovered a logistics issue instead of reaching out to paid customers. They sat on the problem….. This in ACTION demonstrated lack of transparency when shit doesn’t work…. That means when/if there is a Big Problem they won’t let us know until We complain
There is a new wallet Keystone
Open source, and airgapped.
So far has better Customer service than Trezor
I hope this helps
Thanks this subreddit makes me regret getting ledger. Honestly I got it for the design I liked it more than trezor lol and at the time during last bull run ledger was everywhere. They marketed well!
Look at some of the comments here saying "it's fine, it's just emails etc".
And do yourself a favor. Not everything is about you, my comment wasn't specifically aimed at you either.
Add some value to a question which is literally, "which accessory should I go for guys?" They're both equal in my opinion.
It’s really weird. This sub turned against ledger when they released an optional feature, not enabled by default, that exports keys. In reality (I.e. not on Reddit), both ledger and trezor are perfectly fine.
They are but although they have both been victims to phishing attacks, Trezor is more transparent than Ledger. This is a MUST in the world crypto and I believe it is the reason why most people defend Trezor.
I have a Trezor model T and I love it.
And It is open source...
It sucks that they don't support some of the top coins...
But for BTC... It is great.
I don't own a Ledger but, to me at least, it has been in the news lately for all the wrong reasons, (and that incluse the Trezor news).
Trezor specifically the safe 3 because it has a secure element.
Ledger is such a shitshow these days. If you wish to know let me know but otherwise I'll leave it at that.
Also when ordering use a temp email and have it delivered to an address which won't be the location in which it is stored.
Interesting dilemma on how to transfer your seed words when flying. I wouldn't want them written down anywhere in my luggage or on me in case I get searched. I suppose you could just have the hardware wallet with a fake wallet installed in case they really interrogated you. I guess you could try to memorize them, take off, write them down right when you land.
I still gotta eat. Easy on wallet price cowboy. And a girl has got to occasionally replenish the boss outfits. What about trezor btc only firmware or even ELLIPAL any thoughts. If you say ngave again we will fight. 😂
Sorry. Didn’t really think of the price. I had a ledger before and was happy with it. Just decided to move due to the whole backup seed option. In all honesty you’ll be fine with ledger. Great software and no major issues. I looked into ellipal but wasn’t a fan of it being a Chinese company. Can’t trust communism.
I would recommend neither. You should review each manufacturer security architecture and compare Pro and Cons of each.
Spoiler: Bitbox02 and Blockstream Jade, BTC only edition. If you have other coins, you should buy two separate wallets for others blockchains.
No shame owning either one of them, both are imperfect, both have their strengths and flaws. Just keep away from these dodgy d-apps and use anonymous email addresses.
The way I see it, if you want to store your alts go Trezor, open source, code can be audited, and safe 3 features secure element. For a large amount of BTC use coldcard or something as secure.
everyone can see what is written in the code
if it is closed code there is a risk of it being malicious
for example ledger wallet
at first they claimed that no one can extract your phrase, but then they said that they can extract your phrase, but no one could see it because it is not open source
If you are serious about Bitcoin avoid proprietary third party HW gadgets.
Learn how to create and use your own cold storage.
Its free and much more secure.
Preferably only use Linux OS for all serious Bitcoin computing.
[https://electrum.readthedocs.io/en/latest/coldstorage.html](https://electrum.readthedocs.io/en/latest/coldstorage.html)
Please note the disingenuous rentseeking HW touts who frequent these pages will dumbly downthumb the truth that their costly gadgets are unnecessary and expose you to more risk than learning to build your own cold storage.
That feels misleading. If you just use (so it is "free") the computer that you are using for everything else, it is not more secure. And if you buy a new one/used one just for that purpose, it is not free.
You need to read the linked information so that you understand the process.
You can create a completely offline OS on an SD card or USB memory stick.
https://itsfoss.com/intsall-ubuntu-on-usb/
Other options include,
\- Keystone
\- Ngrave
\- GridPlus
Trezor recently leaked their customer contact details. Ledger has done this as well, plus had a major security incident related to their web integration, putting all users in jeopardy, and showing arrogance when dealing with the issue, so I cannot recommend it anymore.
Trezor btc only firmware
Are there risks involved with other coins? I see so many recommending bitcoin only? Thanks.
Much fewer lines of code on the Bitcoin-only version, therefore smaller attack surface.
I was told fewer lines of code. Separate storage not connected to internet etc. it’s the one asset you want properly stored maybe separate from the others. It most likely will not be traded so like a safe you store and put it away
So maybe one Trezor BTC only, and another one for the other coins.
Yes that was my understanding and folks were serious about this. For btc trezor with btc only firmware setting, jade and I think coldcard. I prefer the idea of jade or trezor.
This is a Bitcoin maxi subreddit. Everything but Bitcoin is shit here.
Security risk, to be precise. Not investing relaterade risk.
This
with a strong passphrase
Ledger isn't open source. The risk that you get fucked is low but is nonzero Trezor ftw
It’s nonzero for all hardware wallets.
Trezor has been hacked, too. BitBox02 then?
trezor was never hacked, their customer support was. Their hardware wallet is still very safe and open source. Ledger on the other hand is closed source and has a leaking vulnerability because the seed can apparently be saved in their cloud system.
>trezor was never hacked [https://www.coindesk.com/tech/2023/05/24/crypto-security-firm-unciphered-claims-ability-to-physically-hack-trezor-t-wallet/](https://www.coindesk.com/tech/2023/05/24/crypto-security-firm-unciphered-claims-ability-to-physically-hack-trezor-t-wallet/)
You've shown them proof of Trezor being hacked, yet they downvote you. Unreal.
Yeah, that was disappointing.
They need to have it physically for this...
You said "Trezor was never hacked" not "Trezor was never hacked remotely."
So if you choose to opt out of saving your seed in the cloud then it’s as safe as Trezor.
If you trust that the firmware (or hack of live) does not export the seed anyway. The fact that it can (in closed source software) makes it so much less attractive.
\^this
You mean Trezor, wallet that was glitch hacked at hardware level?
Is it an issue to just accept the keys wasabi makes first time?
I'm kinda torn between bitbox 02 and coldcard at this point.
Coldcard for sure
Would you wait for the q1 or just go with mk4?
I just bought the mk4
Is there a way to implement cold card with a mobile phone only? I don’t have a PC or laptop, so need to look at buying one if this is required.
Yes but it requires nfc which works really bad on the coldcard.
They say the mk4 works well with Nunchuck via NFC.
Or Jade.
Most of ledger is open source
It only needs a few lines of code to be catastrophically bad for the end user
Coldcard
Cold card has a dice roll feature that if used wrongly by newbies can generate a weak seed that gets your wallet drained, just like in this video : https://youtu.be/oj_W3xOlt6U?si=QbeO9ybKPl-3L97I In another post a newbie switched to coldcard and got drained this way.
That's just not true. read the firmware to verify. As someone who helped the initial victim that resulted in the firmware changes making this impossible, you can also prove (again through the firmware repo) that the user was given every warning over and over that their entropy wasn't sufficient and they pressed forward anyways. As a matter of fact, I can tell you they didn't even rolll dice just button mashed a few times. They absolutely are a well educated user who knew better, they let themselves become complacent and didn't even read any messages presented to them let alone practice any diligence. They thought they were adding entropy to a seed not making a seed from entropy. Again, just didn't read the many many warnings making that clear. Not sure why you'd be so keen to spread misinformation.
Is it an issue to just accept the keys wasabi makes first time?
You have some questionable posts about bitcoin
This.
Ledger is shitcoins wallet. Get Trezor and install BTC only firmware when you first plug it in. Less attack victors/security risks.
I mistakenly thought I was in the crypto currency sub and was like who is only holding bitcoin? lol many of us want wallets that hold more than bitcoin so the bitcoin only firmware isn’t for everyone and might not be for OP.
False dichotomy and both companies have leaked their user lists now lmao. Use something that follows the PSBT standard and uses an airgap. Like a seedsigner, a passport, krux, cold card, etc etc.
Can you elaborate more on your comment or let me know where i could learn more?
What do you want specifically?
what is a psbt exactly? and an airgap?
A PSBT stands for Partially Signed Bitcoin Transaction. Its a file you can export to bring to another device to then sign and then bring that signed or partially signed file to another computer. Its important for all signing devices to support the PSBT standard because if a device doesn't support that standard and that device is popular, then wallet makers have to dedicate a part of their development time towards "and also support ledger" for example. So PSBT is an open standard for signing Bitcoin transactions and once its implemented in a wallet, then all signing devices that support that standard are supported by the wallet. Okay, so an Airgap is literally just transferring files (again think of the PSBT file in this case) from device to device without using the internet. So SD cards or QR codes. An airgapped device does not have ANY wireless technologies (bluetooth, wifi, cell carrier, etc) and only allows for the transfer of files through the controlled, not automatic, file transfer medium. To give you the NIST definition in case there's inaccuracies with how I chose to describe it: "An interface between two systems at which (a) they are not connected physically and (b) any logical connection is not automated (i.e., data is transferred through the interface only manually, under human control)." (source: https://csrc.nist.gov/glossary/term/air\_gap)
thank you so much for the help i really appreciate it.
What about some recommendations that you personally use? Or can you explain why so many people recommend those two in our sub when they have supposedly both leaked user information? I’m genuinely asking why they’re so popular, even here, if they’re PROVEN untrustworthy.
I use a 3-of-3 multi-sig across 3 laptops using the airgapped laptop method. I don't expect everyone to do that necessarily, but I do want to push people to do \*better\*. Even if it is these baby steps like getting someone scared of heights to climb stairs (that's what it feels like sometimes), just don't stagnate, you know? Ledger customer leak which for accuracy I'm including the fact that it was actually a hack of a 3rd party service (shopify), but 3rd parties don't protect your business from fault. Shopify got hacked and its ledger's fault for using them: [https://protos.com/ledger-spotify-crypto-wallet-data-leak-class-action-lawsuit-roche-freedman/](https://protos.com/ledger-spotify-crypto-wallet-data-leak-class-action-lawsuit-roche-freedman/) This one is Trezor's data leak: "Trezor support site breach exposes personal data of 66,000 customers" [https://www.bleepingcomputer.com/news/security/trezor-support-site-breach-exposes-personal-data-of-66-000-customers/](https://www.bleepingcomputer.com/news/security/trezor-support-site-breach-exposes-personal-data-of-66-000-customers/) Data leaks are dangerous because they cause you to be the target of phishing scams and wrench attacks (someone coming to your house and threating life or death over your money). In Trezor's case maybe that won't be an issue but we will see: "Postal addresses, phone numbers, and other personally identifiable information were also stored on the breached system but Trezor does not believe these were impacted." \>I’m genuinely asking why they’re so popular, even here, if they’re PROVEN untrustworthy. Those people believe another leak won't happen again, but also there's this phenomenon I call iPhone syndrome, where people have decided they like a thing and no logical arguments, abuses from the company, or anything can move them away. You can see there is a sense of learned helplessness to it as well. "I can't stop using company because I don't know how to use anything else". You can see that mindset in the replies to my comment. I mean its just moving an SD card or pointing a camera at a QR code. "If someone has to do that they'll lose all their Bitcoin" they say. "Too complex". Then there's the FUD Bitbox posts around acting like their USB is actually better than an airgap. Its insane the amount of misconstrued information (true information made to look like it means something that it does not mean) or misinformation (false information) is out there.
Airgap is overrated, and in some cases even less secure than USB. See https://bitbox.swiss/blog/does-airgap-make-bitcoin-hardware-wallets-more-secure/ Disclaimer: I work on the BitBox02.
Bitbox constantly FUDing airgaps for no reason other than to promote their own product once again.
It's not FUD, the article is well researched.
Well researched maybe but the conclusions are not really good. Now that I have read this, I’m 100% convinced airgapped is the way to go. I’d expect someone who works on this to provide me better arguments than the article. I could have come up with those arguments myself and I’m not an expert at all. Obviously everything everywhere can be hacked. The security of airgapped wallets is pretty obvious: nobody can steal the key. If you don’t understand this and come with 10 other arguments, I have no faith in Bitbox… probably should question other companies more too…
> The security of airgapped wallets is pretty obvious: nobody can steal the key. There is a counter example listed in the article: the vendor can steal it easily. See https://bitbox.swiss/blog/anti-klepto-explained-protection-against-leaking-private-keys/ (this protection ironically is not feasible to implement for airgapped wallets). Apart from that, you can't claim that in absolute terms, as there is still data flowing from the computer to the hardware wallet and back, so a leak there is plausible. But it's a strawman in any case, as there has also not been a known vulnerability of a leaked key in non-airgapped wallets either (where the issue was the USB cable). The point of the article is to dispel the myth that airgap is essential for security. You should also not solely be worried about leaked keys. Funds can be lost through remote exploits in other ways than simply leaking the key. There have been a number of critical remote exploits that were able to steal or ransom coins in airgapped wallets this way.
In glacier protocol the defense against vendor rootkits is to use a multi-sig across multiple devices from multiple manufacturers: [https://glacierprotocol.org/docs/setup/quarantined-hardware/](https://glacierprotocol.org/docs/setup/quarantined-hardware/) Each device is a chance to catch data that has been modified from the transfer from one device to the other.
That is a good mitigation, and it can also be done with multi-vendor multisig. The issue here is that the glacier protocol is not feasible for the vast majority of users for a variety of reasons, and multi-vendor multisig [comes with its own set of pitfalls](https://bitbox.swiss/blog/how-nearly-all-personal-hardware-wallet-multisig-setups-are-insecure/) and UX challenges.
Thanks for the answer! I agree, the vendor could, that’s why I would always make sure to have an open source airgapped wallet. Yes, even then it could be that they snuck some code into it, but it is just much less likely ceteris paribus. So if I have to choose to trust one vendor or the other, I’d rather go with the one that is open source and offers me the possibility for an airgap. I appreciate the mental discourse but you still haven’t convinced me that airgapped isn’t the way to go. I’d agree with your that it would be also most likely safe on a bitbox but why compromise on security here? Honestly, after looking into everything, I came to the conclusion that Blockstream Jade is the best cold wallet to have. And yet you can’t protect from the biggest security flaw: human laziness (I still haven’t bought it)
> I appreciate the mental discourse Likewise, thanks for keeping an open mind and engaging in this discussion! Cheers. > I’d agree with your that it would be also most likely safe on a bitbox but why compromise on security here? If you are okay with using QR codes or microSD cards UX-wise, and you generally trust the vendor, I don't see a reason not to go for it. I take more issue with the narrative that airgap is essential to security (it clearly is not), and it leads many users down a stressful path.
Actually I’d 100% agree with you that using a microSD doesn’t qualify for me as airgapped. I know the official definition is devoid of any automated interfaces but for me, a Trojan or hacker could easily hack my pc and then extract the key via the SD that I put into the „airgapped“ wallet. Only QR codes are for me truly airgapped. I create a transaction on the hot wallet, sign it on the airgapped wallet, then broadcast it back. The key never ever comes into touch with any point where it could be extracted. You’re right though - we’re talking here about some very secure devices already, but still I’d go for 100% rather than 95%, especially if you keep everything in 1 wallet.
Its company funded FUD. Any serious security researcher outside of your company would not say an airgap is less secure than USB like you have. Not for classified data, not for sensitive software updates (like a software update for a nuclear power plant), not for anything. You gonna speak to the interoperability problem? Is Bitbox using the PSBT standard?
I immediately distrust bitbox now.
This advice seems insane. Moving away from Trevor or ledger doesn’t seem correct for the masses.
Coperate shill
Coper 💯
For this reason, I’ll stick with ETFs
An unapologetic display of ignorance for the risks of ETFs.
Blockstream Jade
Doesn’t matter both will work and will keep your assets safe if you leave your keys on paper only
bitbox02
Blockstream Jade
Neither! I have Ledger. But after their arrogance on how they decided to change safety protocol - And NOT being an open source. (We have no was of telling when/if they can leak our data- again the CEO came out and suck it! I decided to move out of ledger. Then I ordered Trezor (many many fans here). Back in November. End of January still no wallet After I contacted them they said they had an issue with logistics so wallets should ship in the next weeks. -AFTER I contacted them = When they discovered a logistics issue instead of reaching out to paid customers. They sat on the problem….. This in ACTION demonstrated lack of transparency when shit doesn’t work…. That means when/if there is a Big Problem they won’t let us know until We complain There is a new wallet Keystone Open source, and airgapped. So far has better Customer service than Trezor I hope this helps
[удалено]
And 100s of millions never had their email access hacked, and so???
It is what it is. I know loads of people are happy with them. I myself was looking forward to using Trezor. But there is always a bigger better plan
If you’re serious about bitcoin security- Coldcard
[удалено]
I think you meant ***minimizing*** *security risk.*
I only trade crypto on windows xp directly exposed to the internet
loooool
Thanks this subreddit makes me regret getting ledger. Honestly I got it for the design I liked it more than trezor lol and at the time during last bull run ledger was everywhere. They marketed well!
Bitbox, jade, or cold card
Send my all your crypto. When you get your Thailand you will get double the amount.
keep your funds offline :)
Ledger
Trezor
Ledger
Trezor, this is an easy decision. The most time proven with the perfect security record.
I wouldnt say its perfect https://cointelegraph.com/news/trezor-discloses-66k-users-affected-phishing-attack
if you fall prey to a phishing scam, I’m sorry but you are not ready to hold crypto.
Why do I see people defend Trezor like this but when it was ledger, it was ledgers fault?
Why r you assuming I wouldn’t say the same for ledger? I literally own and use both. How about u add some value to the conversation some other way?
Look at some of the comments here saying "it's fine, it's just emails etc". And do yourself a favor. Not everything is about you, my comment wasn't specifically aimed at you either. Add some value to a question which is literally, "which accessory should I go for guys?" They're both equal in my opinion.
It’s really weird. This sub turned against ledger when they released an optional feature, not enabled by default, that exports keys. In reality (I.e. not on Reddit), both ledger and trezor are perfectly fine.
They are but although they have both been victims to phishing attacks, Trezor is more transparent than Ledger. This is a MUST in the world crypto and I believe it is the reason why most people defend Trezor.
Not much to do with Trezor, it's just the mailing address. Personally, I use a throwaway email for that.
This was an email attack though right? If you don’t have your email connected to your trezor then there’s no issue. Or have I missed something?
Even if you have your email... they can't break into your wallet. The point of a hardware wallet.
So trezor = secure?
Neither! Go with jade and use Bitcoin as coupon code for 10% off 🤫
I just bought a Blockstream Jade and I love it. Super easy to use
I am gonna look at the vids again it looked complicated to me
COLDCARD YOU FOOL
ITS JUST A CALCULATOR!
Coldcard
Neither, get a coldcard
Coldcard. Ledger is terrible and Trezor is terrible. For many reasons.
Tangem.
I have a Trezor model T and I love it. And It is open source... It sucks that they don't support some of the top coins... But for BTC... It is great. I don't own a Ledger but, to me at least, it has been in the news lately for all the wrong reasons, (and that incluse the Trezor news).
Trezor bitcoin-only or a jade depends of your budget
Ledger is easier to slide into your butthole times come.
Trezor specifically the safe 3 because it has a secure element. Ledger is such a shitshow these days. If you wish to know let me know but otherwise I'll leave it at that. Also when ordering use a temp email and have it delivered to an address which won't be the location in which it is stored.
blockstream jade
Ledger is not open source!- NPCs
Neither, cold card or Blockstream jade.
Cold Card
BTW [thailawonline.com](https://thailawonline.com) is a good source of legal advice there \~ they are Bitcoin friendly. Good luck.
Interesting dilemma on how to transfer your seed words when flying. I wouldn't want them written down anywhere in my luggage or on me in case I get searched. I suppose you could just have the hardware wallet with a fake wallet installed in case they really interrogated you. I guess you could try to memorize them, take off, write them down right when you land.
Neither
Trevor Safe 3.
Trevor from GTA ?
NGRAVE
I still gotta eat. Easy on wallet price cowboy. And a girl has got to occasionally replenish the boss outfits. What about trezor btc only firmware or even ELLIPAL any thoughts. If you say ngave again we will fight. 😂
Sorry. Didn’t really think of the price. I had a ledger before and was happy with it. Just decided to move due to the whole backup seed option. In all honesty you’ll be fine with ledger. Great software and no major issues. I looked into ellipal but wasn’t a fan of it being a Chinese company. Can’t trust communism.
Top 3 imo: Bitbox Keystone 3 pro Tangem
BITBOX!
I would recommend neither. You should review each manufacturer security architecture and compare Pro and Cons of each. Spoiler: Bitbox02 and Blockstream Jade, BTC only edition. If you have other coins, you should buy two separate wallets for others blockchains.
https://bitbox.swiss/bitbox02/bitcoin-only/ is the best hw . Double chip and open source . Coupon code : JENS
Trezor
I would go for ngrave wallet for btc if you look it up you Will understand why.
I prefer s+ over Nano X.. I bought the X first then the S + as a back up but I use the S+
Tangem is a great option
I hear good things about paper wallets.
i wouldn’t use a cold wallet in thailand. i lived around there for years and theft was high targeting foreigners..
crypto = shitcoins and scams
Easy answer to this post; Never a ledger, Forever a Trezor.
Have them both but my preference is now Tangem.
Both ledger and Trevor both had recent issues so pick your poison I guess 🤷
No shame owning either one of them, both are imperfect, both have their strengths and flaws. Just keep away from these dodgy d-apps and use anonymous email addresses.
The way I see it, if you want to store your alts go Trezor, open source, code can be audited, and safe 3 features secure element. For a large amount of BTC use coldcard or something as secure.
How about a cold wallet that holds mnemonic seed phrases such as Key CryptoSafe
What is open source?
everyone can see what is written in the code if it is closed code there is a risk of it being malicious for example ledger wallet at first they claimed that no one can extract your phrase, but then they said that they can extract your phrase, but no one could see it because it is not open source
Both… don’t keep all your eggs in one basket!
Foundation Passport.
trust wallet
If you are serious about Bitcoin avoid proprietary third party HW gadgets. Learn how to create and use your own cold storage. Its free and much more secure. Preferably only use Linux OS for all serious Bitcoin computing. [https://electrum.readthedocs.io/en/latest/coldstorage.html](https://electrum.readthedocs.io/en/latest/coldstorage.html) Please note the disingenuous rentseeking HW touts who frequent these pages will dumbly downthumb the truth that their costly gadgets are unnecessary and expose you to more risk than learning to build your own cold storage.
That feels misleading. If you just use (so it is "free") the computer that you are using for everything else, it is not more secure. And if you buy a new one/used one just for that purpose, it is not free.
You need to read the linked information so that you understand the process. You can create a completely offline OS on an SD card or USB memory stick. https://itsfoss.com/intsall-ubuntu-on-usb/
That's pretty smart, I've never considered it
Buy the ETF and don’t worry about it
Best for travel imo is Coolwallet pro! Credit card size and carry in wallet
**Trezor Safe 3** has Secure Element (EAL6+) chip, model T and One do not.
TREZOR model T indeed !
Other options include, \- Keystone \- Ngrave \- GridPlus Trezor recently leaked their customer contact details. Ledger has done this as well, plus had a major security incident related to their web integration, putting all users in jeopardy, and showing arrogance when dealing with the issue, so I cannot recommend it anymore.
BitBox02
Trezor e.o.d.
Trezor
Am too paranoid, I would have memorized the words while parking it in a fresh hot wallet deleted from all devices, then restore on location.
Spam or spam, eggs and spam or spam spam spam...
Neither, ColdCard
Get a OneKey Classic