Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Speculation
Merits 1 from 1 user
Re: Wall Observer BTC/USD - Bitcoin price movement tracking & discussion
by
bitserve
on 31/12/2018, 11:23:18 UTC
⭐ Merited by Toxic2040 (1)
Quote from: Totscha on December 31, 2018, 10:43:21 AM
Quote from: Ibian on December 31, 2018, 10:27:29 AM
Quote from: AlcoHoDL on December 31, 2018, 10:10:12 AM
Quote from: JimboToronto on December 31, 2018, 01:43:23 AM
Proof of keys? I control my own keys thank you.

Trusted third parties? Isn't that an oxymoron?

I haven't had any coins on an exchange since MtGox. Luckily that mistake only cost me 50BTC. Never again.

Closest thing I have to a trusted third party is my Trezor which I somehow got talked into using against my better judgment. Luckily I only have 5BTC on it. I stopped using it last year after having it for less than half a year.

Obviously cold ("paper" wallet) storage is much more secure. Only I have control over the keys and they're never exposed to the internet except when I sweep a wallet into Mycelium to transfer coins and that's only small amounts for short periods of time.  

This is why it's good to spread your stash between dozens or hundreds of small wallets. My biggest single wallet has a little over 30 coins in it (from pulling out what I had at Cavirtex after being Goxed) but I'm almost scared to sweep it to split it into smaller wallets because that would entail risking that many coins at once by exposing them to the internet.

I suppose I should empty my Trezor on Genesis Block Day as a way to assert ownership of my keys instead of trusting Trezor. Then again why wait until Jan. 3?

Jimbo, rest assured. With a TREZOR, you control the keys. Your seed words are the keys. It's just a different form of storage. On paper, you are storing them using ink. With a TREZOR, they are just electrons in a FLASH memory chip. They are both stored locally. No one else but you has control over them. And TREZOR has the added bonus of protecting your keys in case it's stolen (can't easily read those electrons unless you have the PIN). If your paper wallet gets stolen, your coins are gone (they're just a QR code sweep away)...
Yes, if trezor is as secure as advertised. Do we know this?

This is how much we know: https://www.youtube.com/watch?v=Y1OBIGslgGM

Basically:
The seed and PIN (sic!) can be extracted from a Trezor device. Not simply, but it is doable.

But... If you put a passphrase on the seed, the hacker can do shit...

I discuss the whole content of that video in this thread: https://bitcointalk.org/index.php?topic=5090244.msg48978949#msg48978949

It is in spanish, but if there is some interest I could translate it.

TLDR: All those potential attack vectors requiere physical access to the device among other things. And even if all requirements would be met (which is already enough negligence on the user part) there are also additional countermeasures for additional security (ie. passphrase).