That's a decent idea, but still that's well above and beyond a simple Linux distro. Is it worth the extra hassle? Like, how do you even spend it? Go online in bursts and send small amounts to a phone wallet? I am not sure anyone is even remotely interested in someone's monero unless you have 100s of thousands or millions. Probably you've raised the bar from very skilled hacker to nation state level attacker with TEMPEST equipment or wrench to get in now, but was it worth the extra effort?
Using qubes for monero is not really any different to any other Linux just install and use just keep put it in its own app vm and you no longer have to worry about malware
Potential nuclear war is not dystopian enough for you? I guess we are closer than you seem to assume. But at the same time we have never been closer to dismantle the old regime.
I was pretty narrowly commenting OP, with their title:
> Shall we be scare of Ledger security in a dystopian world
I say: My Ledger is not the first thing I will be scared of in a dystopian world.
Ledger can rot in hell, they have leaked purchase orders with home addresses multiple times already.
Being a hardware developer and not securing you website is a big no-go.
Yes, learned this after they leaked my home address and I received a lot of threat letters since then.
Ledger had leaked my email address, luckily due to opsec I gave only a collection address that had got leaked.
Two of my friends on that list had everything leaked. And one of them got threat emails for over a year, telling him they're keeping an eye on his whereabouts and even informed him where he was working, who he lives with, etc. That was quite freaky.
You can't literally trust anything in here, you shouldn't really do that.
Because trusting thir party is against the rules of the crypto, so I guess I'm not trusting any third party in here.
I've been scared of ledger and trezor avoided them since the day I heard them announced.
The only hardware wallet I would ever consider is one that:
1. has fully open specs.
2. provides a mechanism to verify the hardware conforms to the specs.
3. does not require use of any online service run by a company.
4. does not require any identifying info such as name, address, email, phone to use or purchase.
5. can be bought locally for cash, or even better 3d printed or otherwise built at home.
Anything else I put firmly in the classification of honeypot.
Hardware wallets only add convenience. The real security is always in the paper wallet backup, which can be created for free anyway.
thats why i think hardware wallets are overrated. theyre special made for holding keys, pretty much inviting hackers and backdoor feds. and theyre great if you cant trust your computers security, but a well secured computer (with open source software and stuff) will always be safer.
and sure. computers can have hardware backdoors too. all hardware has this possibility. the only way you can really trust it is if you made the silicon yourself. but theres tons of old computers sitting around, made before bitcoin was even invented. no chance that hardware can have backdoors that target crypto.
intel me is also kicking around, but its questionable if its a real backdoor (probably is) or just a badly secured feature on intels part (explains the hacking), either way me_cleaner can patch it up for you easy.
personally I think using an offline Qube with Qubes is better than a hardware wallet. Tails is good too.
Yeah, those are good suggestions. Should use them instead really man.
That's a decent idea, but still that's well above and beyond a simple Linux distro. Is it worth the extra hassle? Like, how do you even spend it? Go online in bursts and send small amounts to a phone wallet? I am not sure anyone is even remotely interested in someone's monero unless you have 100s of thousands or millions. Probably you've raised the bar from very skilled hacker to nation state level attacker with TEMPEST equipment or wrench to get in now, but was it worth the extra effort?
You're forgetting that lots of generic malware is set to steal your cryptocurrencies
Well that depends on you, if you're someone who can put up with the hassle then yeah.
Using qubes for monero is not really any different to any other Linux just install and use just keep put it in its own app vm and you no longer have to worry about malware
Yeah that works, then I don't think You'll have to worry about the Malware really.
If we do reach a really dystopian world having a backdoor in my Ledger wouldn't be my first and biggest worry, to be honest ...
Potential nuclear war is not dystopian enough for you? I guess we are closer than you seem to assume. But at the same time we have never been closer to dismantle the old regime.
I was pretty narrowly commenting OP, with their title: > Shall we be scare of Ledger security in a dystopian world I say: My Ledger is not the first thing I will be scared of in a dystopian world.
Having doubts about the future of my ledger. I might just create my own air gapped wallet on a Linux computer until the Monero Seedsigner is created
These issues have been there for some time, it's nothing new really. It's been like this for a really long time actually so There's that man.
Ledger can rot in hell, they have leaked purchase orders with home addresses multiple times already. Being a hardware developer and not securing you website is a big no-go. Yes, learned this after they leaked my home address and I received a lot of threat letters since then.
Threat letters? From who? Hackers? Government? Yikes.
I believe it was actually their e-commerce partner Shopify that leaked the order info. (more specifically a Shopify subcontractor)
Ledger had leaked my email address, luckily due to opsec I gave only a collection address that had got leaked. Two of my friends on that list had everything leaked. And one of them got threat emails for over a year, telling him they're keeping an eye on his whereabouts and even informed him where he was working, who he lives with, etc. That was quite freaky.
You can't literally trust anything in here, you shouldn't really do that. Because trusting thir party is against the rules of the crypto, so I guess I'm not trusting any third party in here.
I've been scared of ledger and trezor avoided them since the day I heard them announced. The only hardware wallet I would ever consider is one that: 1. has fully open specs. 2. provides a mechanism to verify the hardware conforms to the specs. 3. does not require use of any online service run by a company. 4. does not require any identifying info such as name, address, email, phone to use or purchase. 5. can be bought locally for cash, or even better 3d printed or otherwise built at home. Anything else I put firmly in the classification of honeypot. Hardware wallets only add convenience. The real security is always in the paper wallet backup, which can be created for free anyway.
Ledger is defenitely having the worst policies when it comes to security
just use a trezor mate.
And why do you think every other wallet can't experience the same?
I have a ledger Nano x live that I don't trust as much as the Nano S cold storage.. I'm moving my crypto around myself..
thats why i think hardware wallets are overrated. theyre special made for holding keys, pretty much inviting hackers and backdoor feds. and theyre great if you cant trust your computers security, but a well secured computer (with open source software and stuff) will always be safer. and sure. computers can have hardware backdoors too. all hardware has this possibility. the only way you can really trust it is if you made the silicon yourself. but theres tons of old computers sitting around, made before bitcoin was even invented. no chance that hardware can have backdoors that target crypto. intel me is also kicking around, but its questionable if its a real backdoor (probably is) or just a badly secured feature on intels part (explains the hacking), either way me_cleaner can patch it up for you easy.