Do they claim their hardware to be unhackable!?
More or less they were claiming that it's unhackable, and that's my only issue with them.
https://www.ledger.fr/2015/03/27/how-to-protect-hardware-wallets-against-tampering/There is absolutely no way that an attacker could replace the firmware and make it pass attestation, without knowing the Ledger private key.
This claim was proven false now.
Nevertheless in my opinion I still think a hardware wallet is more secure than any other wallets when used safely.
Just that hardware wallets do have security issues does not make any other type of wallet which have MORE security issues suddenly better.
My ranking of wallets in terms of security would be the following
- Hardware wallets
If you don't take them outside of your home and attacker don't get physical access they are pretty safe -> with physical access as proven now it might not be safe - Paper wallets
If they are kept hidden in a secret place -> but with physical access by an attacker -> no security at all.
If people carry them around I consider them worse than any mobile wallets (they do at least have a pin to secure the wallet). - Airgapped PCs
Pretty safe as long as an attacker don't get pyhsical access. I consider them worse than a hardware wallet because a PC/MAC/whatever even if not connected to the big world has a much bigger attack vector than a hardware wallet if getting pyhsical access. - Any local hot wallets on PC/MAC
With spyware or other malicious software these wallets can be easily compromised. No physical access necessary - Any mobile wallets
The security of such wallets is usually quite bad. Usually very short pin-codes are used to secure the wallet. As it's easy to lose them an attacker can get physical access to it. - Online wallets where you control the private keys
- Online wallets where you don't control the private keys
Did I miss any type of wallet?Beside of my listed ranking anyone can (and should) improve the security by combining several methods above and use multi signature addresses. In this case it is not possible to steal funds if just one of the methods is compromised.
Would be interested if someone has a different ranking than me.
You indeed did forget the most important and still the most secure: Bitcoin Core and all the other open source software where you download the entire blockchain and where you can encrypt the wallet.
Just a few additions:
Paper Wallets can be encrypted, which makes it more secure than cash, but still is open to a regular robbing with weapon use (Tell the password or die), but the main problem I think is that it can be destroyed very easy.
An encrypted wallet.dat fie can be renamed into Michael_Jackson-Earthsong.mp3 and you carry it around (or send it around). Place another unchanged and unencrypted wallet.dat file with a low amount for plausible deniabiity. There are other plausible deniability solutions like hidden partitions etc. Multiple backups make a file pretty much undestroyable.
I never trusted hardware wallets, from my research, airgapped old laptops runnig some linux distro are the best way for cold storage. You must learn how to bring raw transactions from your airgapped computer into an online node, I haven't learned how to do this yet, I will eventually get into it. Unfortunately Core has no improved support for this like Armory does, so you must need to craft the transaction manually, presigned, then move this hash into the node to broadcast it... use a QR code or something so you can avoid USB surface attack.