Not clear on the use of a hardware wallet.. ??

[Vertex]

I know very little to nothing about the security behind the different types of wallets, but it seems that like all things tech related the security is transient.

How one guy hacked his Trezor. Long story but the good stuff is near the bottom. From the article:
I asked Saleem to explain how his hack worked. He told me that when the Trezor is powered on, its firmware (basically, the Trezor’s operating system) copies its PIN and 24 seed words into the Trezor’s SRAM (static RAM, memory that the Trezor uses to store information) in an unencrypted form. If you do what is called a “soft reset” on the device—accomplished by delicately shorting two pins on its printed circuit board—you can then install the exploit firmware without wiping the SRAM’s memory. This allows you to see your PIN and seed numbers.

No doubt, new firmware fixes the unencrypted ram deal. Until the next 15 year old decides to learn how the device is programmed

Not that software wallets are any better. Parity seems to keep finding ways to screw up. I dont know if this allows someone to take possession or just wipe the wallet or both? Maybe just the previous exploit allowed someone to actually take possession.

If cryptos actually become mainstream, can you imagine what would happen with the announcement of each new exploit/hack/vulnerability! As fringe as they are now, Ethereum took a little hit with the new Parity vulnerability. If peoples life savings where in these things there would be digital age bank runs (blockchain runs? hash runs?).

 

[truetype]

A chance to learn about cryptos from an ET legend -- https://app.livestorm.co/acceleforce/global-online-firesidechat-nov-8

 

[JackRab]

You keep that paper Seed in a very safe fire-free place!.

Like a bank?

 

[Hoi]

Like a bank?

No, as those in Cyprus and Greece have learned the hard way: In times of a bankrun, they blocked not only the ATM's but also the "private" bank-safes.
And if for some reason your bank-account is seized by authorities, your bank-safe isn't yours anymore.

 

[just21]

Not that software wallets are any better.

You could have a laptop that you only connect to the internet when you want to transfer or receive bitcoin from an exchange.

 

[henry76]

The Cyprus situation is a good reason for cryptos , you could even leave the country and obviously take your money with you,I can see they have no inherent value , but they can be extremely usefull , maybe even the only practical way of doing some things.

 

[johnarb]

Just don't treat any exchange as a wallet. If you have to store some cryptos at an exchange because of trading, take them out as soon as you're able to and make sure you're comfortable with losing the whole thing.

I had to leave over 500 OTN's at livecoin.net for 3 days because I did not know the rules that if if you make a security change on your profile, you cannot make a withdrawal. I was a new user and it was the most liquid exchange for it. I got them out as soon as I was able to

I personally run a full node wallet for most of my cryptos and never on Windows, only Linux.

https://www.reddit.com/r/path%3D%252Fr%252FBitcoin%252Fcomments%252F7bvbsa%252F

(And re: the Trezor hack article, it was a local attack that needed physical access and a massive amount of effort. If you were going to lose the Trezor and didn't have a backup of the keys, you deserve to lose the funds. Re: Parity, Ethereum-based cryptos with the blockchain 2.0 is different than Bitcoin. I own only 1 Ethereum-based coin as I'm not a fan of it.).

 

[Hoi]

(And re: the Trezor hack article, it was a local attack that needed physical access and a massive amount of effort. If you were going to lose the Trezor and didn't have a backup of the keys, you deserve to lose the funds.

Also, if (and you should do that) you use a passphrase (or 25th word) for your Trezor, there is no way a physical-access-attack can get your coins. Even if they unlock your seed (24 words) then still no harm done!
Always use that 25th word (which you keep in your head only).

 

[just21]

That's nonsense. Trezor doesn't transfer the seed to their servers. Where do you have that from?

Both hardware wallets: Ledger and Trezor are great and safe products, but I like Trezor more. They are very professional and on top of all current developments (had the first tools to Split BTC into BCH, and also offer Litecoin, Dash, Ethereum wallets). And what is very important to me: Trezor offers phaseprass (25th word) Seeds.

But if you do not trust the Mywallet website from Trezor, then simply use Electrum software and connect your Trezor to Electrum.

Bitcoin has rallied so much that I better get a hardware wallet. I have mixed my coins, some I got the Bitcoin cash for some I did not. Will the trezor sort this out and get me the forks? It will pay for itself if it does. thanks for your help.

 

[Overnight]

...
If cryptos actually become mainstream, can you imagine what would happen with the announcement of each new exploit/hack/vulnerability! As fringe as they are now, Ethereum took a little hit with the new Parity vulnerability. If peoples life savings where in these things there would be digital age bank runs (blockchain runs? hash runs?).

Go on, dump life savings into Cryptos. They are better than fiat, because they are not centralized banking. I weep for the future.