Trezor vs. Nano Ledger

hardware wallets only make sense if you so large amount of transactions and want to make purely cyber attacks nearly impossible. in every other use case they are retarded/unnecesary

So most of you like the Trezor? I can concur with that because it's opensource and you can also use the Model T for storing passwords and as a F2A authentication tool. On the other hand the Ledger stores the private keys encrypted on a second chip which is more secure, I guess. If that feature isn't that vital, I'd go for the Trezor, though.

>On the other hand the Ledger stores the private keys encrypted on a second chip which is more secure
not really
its a tamper proof chip hardened against side channel attacks but not cryptographically secured you can only do yhat woth a strong password not a fucking pin

>don't keep your digital assets on a secure device that can't be accessed remotely!

no keep it in a secure and highly redundant manner for free

>t. poorfag

"for china"

Attached: hmmmmmmm.jpg (657x527, 53K)

sorry for not wasting money on useless trinkets that are a physical attack vector if used incorrectly (ie as recommended by the vendor)

im looking for ways to encrypt my seedphrase so that i can get it engraved on a ring or something

any ideas?

tolkiens elvish alphabet and cesar lol

Trezor is open source.
Ledger is not.

get an encrypted seedphrase tattoo on the inside of your ass cheeks. You'd have to use mirrors to read it, so it'd discourage you from selling too soon.

is there a python script for that cause i don't feel like learning a new language

ok but what can i use to encrypt it with a passphrase

yes and trezor can be side channeled ledger not
makes both subpar in my eyes

the best thing would be that you can decode by hand
but probably there are ready tools even js you can use offline

they're just an interface to access your wallet. That means although the seed phrases are 'generated' from the ledger, you can still access your wallet through MEW via the generated seed without the need for ledger

Side channel vulnerabilities are patched or not explotable.

only the first 4 characters are significant, so you only need to write out 96. you'll have to kill the jeweler that makes it though, unless you engrave it yourself.

yeh i wanted to do something like this

seed + password = random string that i can write down then decrypt by typing it into terminal with my password

i try using GPG but the encrypted output can't be typed in manually you need to decrypt the whole file.

T_T

Inside of his ass cheeks is probably more often in public view than his face.

>Side channel vulnerabilities are patched or not explotable
of course i'm sure they said that...
the way i see this is simple, my way of storing my coins would bankrupt a galactic empire to crack and would take eons even then.
hardware wallets are giving you 3 hour to a 1 day security and cracking them is around a few grands in cost.

so there are 2 very important rules to hardware wallets if you want to use them as cold store
1) never write down the seed in plain text and store it together! ever! at least group the words or use shamirs!
2) don't keep the private keys on it reset the device and create a decoy/spend wallet this way your damage is mitigated in case of evil maid (ie jamal)!

that simple... if you insist on buying these and using them best if you learn good practice.

okay i am getting scared.
what is the best way to store my crypto (especially btc)?
it is just sitting on exchanges right now. and it seems people dislike the hardware wallets. what other choices are there?

learn more also read you can use hardware wallets just don't be a retard and don't use them as the manufacturer and brainlets recommend.

you also don't actually need to spend money on them most likely it all depends on how you use crypto.

store btc and eth until next bullrun while having about 20 eth on idex to trade.

encrypted paper wallet, multiple copies at multiple locations (also electronic copies) cheap reliably securely redundant.

pic related if you can't post your private key on Jow Forums it's not secure.
and no nobody swiped it i sent it to coinbase then bitmex and now shorting btc with it

Attached: w.jpg (1125x606, 231K)

I have my keystore file inside a Veracrypt container or an encrypted USB stick and have several copies in different locations.

Meanwhile Trezor and Ledger fags have their literal seed phrase written down on a piece of paper inside their home waiting for the first nig to break in for KFC funds or CIA vanning squad to take his entire stack. Pathetic.

>of course i'm sure they said that...
>the way i see this is simple, my way of storing my coins would bankrupt a galactic empire to crack and would take eons even then.
It doesn't matter what they say. The software and hardware is open source, so you judge for yourself by looking at the code.
>hardware wallets are giving you 3 hour to a 1 day security and cracking them is around a few grands in cost.
Not sure what you mean by this. How can you brute force a 24 word seed in a day at a few grands cost?

You think a home burglar is going to know what a Bitcoin private key even is?

yeah that's not bad my only objection would be money cost + electronics decay as a possible losing a backup source also not taking advantage of scrypt key derivation. but yeah that's the idea.

you can have much better security at little to no cost. hence even tho they seem ancient even primitive and unwieldy i still recommend bip38 paper wallets at least as backup.

you can also store your pks in a password safe like keepass2 that uses argon2

wtf is that pic related? is there a tutorial?

Attached: you maniacs.webm (432x524, 1.13M)

>How can you brute force a 24 word seed in a day at a few grands cost?
no it's an attacks cost on the secure (or any) chip that bypasses any soft protection like pins and erasing.

>bip38 paper wallets
where are the btc send ? like wouldnt they need to be somewhere on an address? like metamask

idiot

there is... bitaddress.org/

Yeah but a USB stick's lifespan is determined by how many times its written. I literally bought fresh USBs and wrote only once - the initial veracrypt containers. Once a year I will probably wipe one and add a fresh one to the batch to keep it fresh even though you could easily get 10 years out of a heavily used USB stick anyway.

i have several usbs that i use anyhow as backups too of course. still i kinda like the inert nature of paper wallets. i even dipped them in wax to protect from silverfish or rot or getting wet. they feel more like plastic now than paper.

The software on these is shocking. Just use VeraCrypt to make a file holding your phrase and wallet file. Copy paste a few times in different locations. Burn to a £5 archive quality bluray. You're sorted. You really don't need anything more than a few backups to keep wallets safe. These things can fail - my first experience of a Ledger was having to recover a customer's seed because his main was fucked itself and showed all balances as zero, and was unable to update.

So say i get trezor, i set it up,
I want to verify my seed works, because im paranoid and try to be chad spmetimes
To verify my seed i have to go online with it
But i dont ever want my trezor seed to see internet..rinse and repeat forever?
Get what im saying?

Attached: wojak in front of computer.png (268x188, 11K)

>wouldnt they need to be somewhere on an address?
yeah the address is also on the paper wallet
which is a privacy concern if you want to store your pks in cloud storage or publish them.

U seem to be smart , please refer to

Attached: 3FF82357-3143-4916-9961-F615A09204E4.jpg (200x213, 8K)

your seed is just the entropy for standard hierarchic deterministic wallet generation.
it will never leave the device in the computers direction (assuming there is no exploit and everything works as claimed)

>To verify my seed i have to go online with it
what makes you think that?

but where are the 0101 stored ??? are the btc just deleted from existence until you enter your code somewhere and they pop into existence again

Attached: 1554335831081.gif (400x320, 464K)

Im not smart
Can u spell it in crayola for an user

Attached: favorite music.jpg (640x424, 28K)

Trezor because of the price lock feature..

1 create wallet with electrum or whatever on your pc
2 download electrum or whatever to usb
3 install on an offline computer with a fresh OS
4 click restore wallet and put the seed you got from the first wallet

the programs compute addresses with your special words and the power of MATHS to give you your address you dont need to connect to the blockchain or the internet

Nothing is completely 100% safe. If you store your private keys in an encrypted file or drive, if the computer you are using is compromised then so are your private keys. Even if you use an airgapped computer you could use a cold boot attack against veracrypt. Hardware wallets have a good balance between security and usability.

Ok, so where's the proof of this?

I bought trezor 1 so its clear..
So i can verify the seed on the device itself, while powering it from computers usb or walljack id guess?

the btc is always on the blockchain (if anywhere)

just try those steps i said if you dont already understand
you'll wrap your head around it

1 - download electrum or whatever to usb
2 - install on an offline computer
3 - click restore wallet and put the seed from your trezor

you will need to connect to internet to update the balance but you will see a list of addresses, xpubkey, etc etc that you can use on your online pc to verify

break-ic.com/topics/crack-ic.asp
read this to get a feel for what it takes to get ripped off if you don't follow my 2 simple rules that don't cost you anything!

here is how it's gonna go, you lose the device or get a break-in. in the near future if these will be adopted: jamal knows the fence gives him $100 for these things (may also toss the place for seeds), the fence knows just the guy that has the equipment for this kind of job the dude invested a few grand into his private lab has all the gear to crack thousands of these for a cut.

if you get home, had a backup they didn't found and just in time spend your btc they go nothing, but do you want to risk that? what if you notice it too late? all your fortune all your savings gone...

just do as i said: if you want to track your btc (because it gives you pleasure to see the value grow) use a watch only wallet that only has the addresses.

Nice story, but there are literally no instances of this ever happening. Your private keys are encrypted on a Trezor, so how exactly is Jamal's friend going to crack it? If you try to brute force it, it will wipe itself.

an other good practice is the following: use hardware wallets as multisig with traditional software wallet. software wallets cryptographically secure the wallet file (use strong password or a passphrase of at least 5-8 words) which means a simple break-in can not possibly compromise your crypto.

there is of course still the fact that you have to make sure backups are available.

>there are literally no instances of this ever happening.
it can easily happen as demonstrated we got the tech we got the motivation all it requires is opportunity.

what's not on the device can not be compromised. think billions trillions quadrillion years not a few hours!

>Your private keys are encrypted on a Trezor
you can only encrypt anything with strong enough password that is not stored on the device. these things are unlocked with pins. which means at best a few hours to crack it, at worst it's a soft protection.

>these things are unlocked with pins. which means at best a few hours to crack it
oh geez you haven't even bothered doing any research and are clearly just talking out of your ass

Think my head is wrapped for the most part. Thanks user, hope u make it.

Gonna go pick my trezor up today

Attached: 1516770177855.jpg (600x600, 43K)

you are telling me you enter a 20+ character password to unlock your hardware wallet? last i checked 4-6 digit pins.

Attached: 1407832958309.jpg (301x267, 31K)

Yes you're right, eventually all encryption will be cracked. But by the same logic, there's no point buying Bitcoin today either because it too will be cracked in a few thousand/million years.
Again, you can't brute force the PIN.

yandex.com/search/?text=what is bip39&lr=10145&clid=1836587

>making shit up

you can use passwords w/ trezor and every password is its own hidden wallet, read their wiki i'm being lazy with my explanation

however, it is true and trezor even tells you this on their very own wiki if you look at their history of vulnerabilities that if someone steals your device it is possible (although still ridiculously unlikely given the needed skills/equipment) for your funds to be stolen.

a few hundred quintillion years more likely as it stands. but i would assume anyone sane would be glad with a few hundred years of security for his wealth. rest is just insurance against unpredictable technological leaps.
>Again, you can't brute force the PIN.
sure you can. that's the point of the physical attack. that is why i'm saying that anything aside from real hard cryptographic security is snake oil security.

Explain how to brute force a Trezor PIN. In detail.

not to mention they would have to do that faster than you realizing your trezor is gone and restoring your wallet and moving funds

also, you cant brute force the pin easily ; after 10 attempts or so it wipes the device. obviously, you can still break in but it is more technical than simply spamming the pin with all possible combinations

Attached: skelly.jpg (1811x2714, 430K)

not for the pin the extra word is for decoy wallet scheme.
> if you look at their history of vulnerabilities that if someone steals your device it is possible (although still ridiculously unlikely given the needed skills/equipment) for your funds to be stolen
not so hard as they make it out to be imo. nobody bothers yet but when there will be thousands of these with millions on them... (of which we are all hoping for)

as opposed to ruining a galactic empire and taking longer than how long the universe existed for FREE and also you can have unlimited copies for FREE as backup against theft and catastrophe.

have redundancy! secure redundancy! that's very important.

and this is mainly why i get real annoyed when people say hardware wallets are good for cold storage. no they are horrible. you can use them sure, but why? the security will not depend on the device if you are doing it right.

dude... read the fucking article! there is no soft protection if they dismantle the device and read the content of the memory. forget it! snake oil security. protects against your kids and grandma maybe.

thanks

Attached: petnoa.webm (790x656, 171K)

break-ic.com/topics/crack-ic.asp
read the fucking article brainlets!

>nobody bothers yet but when there will be thousands of these with millions on them...

just to be clear I don't disagree with you in the slightest ; eventually people will learn these skills because the potential reward is extremely high. the more likely outcome is jamal is going to break your legs if you don't give him your bytecorns NUGGA

>there is no soft protection if they dismantle the device and read the content of the memory.

I understand this and think you're overestimating the number of people that understand how to do this
see

that is why you should always have a decoy wallet on them preferably one that you use (otherwise why the fuck do you have an expensive gadget that can fail you)

the extra word can be 98321welkjfhdsv0329u8df and be your real wallet and is not stored on the device

please stop it hurts

read it's hard and if there is money in it... do you know the technical expertise and cost of equipment for high.end car thieves? you only need fractions of that.

i recommend you strongly to see your enemy not as a clueless nigger but as someone that controls all resources on planet earth.

to take my btc from a paper wallet like would take so much longer than how long the universe exists that it would break your mind trying to imagine it with the entire computing power available in the future of mankind.

for the record im not saying they're impossible to hack, infact there is plenty of evidence that they are. just not in the ways you claim because unlike you i have researched about hardware wallets before purchasing one and understand its limits

This is the uninformed cope of someone trying to justify to themselves why they haven't spent money on a hardware wallet yet.

Hardware wallets use the same cryptography as software wallets, and with the 25th seed being of unlimited size there is no upper bound on encryption strength.

A software wallet, no matter how well encrypted, is only as strong as its weakest link, which is the hardware you use to access it. A seven hundred sextillion bit key doesn't mean jack shit if your computer keylogs you or swaps out a malicious send address when you go to sign a transaction.

The only way to truly secure a key is to give it a strong private key AND spend it in a secure manner that minimizes attack surface. Properly used, hardware wallets give you both of these. Software wallets only give you the first one, you need to use an air gapped signing computer to ensure the second. And if you use an air gap second comp--congratulations, you just built yourself a makeshift hardware wallet.

dude... your seed and the password that protects the pks is 2 different things.

Attached: 1560807038268.jpg (208x249, 6K)

true and i agree but jamal is probably still going to break your legs because hes a savage ape with a genetic predisposition to violent behavior

full disclosure i have a hardware wallet and its well hidden, i only expect it (or hope it will, part of me thinks these things are a magnet for attempted theft) to keep my funds safe from online attack and i more or less think that in the case of a physical break in/attack/robbery/whatever you're more or less fucked no matter what. you can do things that are good practice against physical threats and do things that are stupid, in the end just own a gun.

how is the pk any use if you haven't told it the last word?

jesus christ you are mixing some shit up nicely.
your 25th word for seed is basically a password that protects your seed phrase as you don't write it down. it does not add to the security off the device, it allows you easy use of decoy wallet (the one with only the seeds).

That doesn't explain anything.

just fucking read about deterministic hierarchic wallet generation... maybe you won't mix everything up so bad.