Re: NEWS FLASH! Hardware wallets still aren't secure, and they never will be.
So you expect that a thief knows what a cryptocurrency hardwallet is, but doesn't know what a paper wallet is? Or that it's easier to "hide" a paper wallet than a "usb stick"? 
It's much easier to hide something if the thief doesn't know what to look for. I'm not going to get into it, but taking off a piece of something and etched the inside, then adding it back on is a hell of a lot less obvious than a usb in a safe or in your sock drawer. Hiding a hardware wallet or usb just makes it all that more obvious when the thief finds it. If they stumble across your private key but have no idea they've even found it, that's when you've done things properly.
"Countless"? Stop being so dramatic. Sure, there have been some issues identified by several different parties of several hardware wallet devices. To my knowledge, all of the identified issues have either been patched and/or are able to be mitigated. And it's not like there have never been any issues with "paper wallets". I'm sure we're all aware of issues like this: https://blockonomi.com/security-vulnerabilities-walletgenerator/
You seem to be taking this very personally. I'm starting to wonder why that is. I'm simply educating users of this forum on a free way to be their own bank. That's why we're all here actually. Is something wrong with that? I don't need a device that i didn't create in my house to hold my cryptocurrency and neither do you. You can create something of your own for free (or I suppose one could argue that it costs time and some paper/ink/materials).
Anyway, paper wallets cannot have issues if you use your own entropy and proper security. They're only as good as the person setting them up, which you can say about literally anything. If I owned a hardware wallet and a paper wallet, I would put all of my funds in the paper wallet unless I needed to spend them. I'm not looking into your link because it's just going to be the same bullshit FUD that's on the bitcoin wiki. Some crap about idiots setting up change addresses wrong, other crap about paper burning or water damage blah blah blah.. again, if you aren't going to bother to learn how to properly secure your funds then you will eventually lose them. I'm fully aware of the attacks that could take place on paper wallets. I'm not too worried about my dice being rigged, someone busting in and performing a cold boot attack or certain radio waves that my laptop may or may not give off. It's never going to be a zero chance that your funds are hacked, but paper wallets are substantially more secure than hardware wallets. The way I generate them anyway. If you go and generate a paper wallet online with bitaddress then you're better off just using a hot wallet or hardware wallet.
You don't need a 37 character password to make it "secure" per se... the 37 character BIP39 passphrase is suggested to make it as secure as having an "unknown" 12/24 word seed. Which, as we know, is generally measured in terms of "millions of millions of years" for brute-forcing. I can't find any firm numbers on the the time/effort required to bruteforce say an 8 or 16 character BIP39 passphrase. The PDF referenced by Ledger claims a 50% reduction in CPU intensive calculations, so does anyone have any references to calcs on how long a 16 char BIP39 passphrase would take to bruteforce?
In any case, saying that a private key written/printed on paper is more secure that a hardware wallet, assuming someone has physical access to both is somewhat disingenuous.
I guess the key takeaway is that NOTHING is 100% secure. As long as you know the risks inherent in the system you are using and take steps to mitigate such risks, then hardware wallets are no better or worse overall than paper wallets.
In any case, saying that a private key written/printed on paper is more secure that a hardware wallet, assuming someone has physical access to both is somewhat disingenuous.
I guess the key takeaway is that NOTHING is 100% secure. As long as you know the risks inherent in the system you are using and take steps to mitigate such risks, then hardware wallets are no better or worse overall than paper wallets.
Everybody knows that the people setting these passwords will use the tried and true dog name and year of birth or their favourite grandchild or whatever other crap people use now. If you're protecting your hardware wallet with a password that wasn't randomly generated (good luck typing that 37 character randomly generated string of nonsense btw) then you're completely screwing yourself out of the somewhat half decent security that these overpriced USBs offered in the first place.
I'll give you a god password to memorize. Don't worry, it's safe because I don't know where you live. Go ahead. It's super easy to memorize. Just read it over 10x and I'm sure you'll have it. Either that or you could... Write it down. Oh or better yet, you could add it to your password manager. But then you're relying on your master password, which again wouldn't make sense to use a randomly generated password and you're back at square one. You have an unsecure hardware wallet with the password writen down. Or you memorized Molly1989AuntieSueLovesToBake (congrats) and it'll be so easy to crack your password. Not brute force. Who needs brute force when there are so many better/easier ways to crack it.
Code:
(N]Pq?.kHwO/mF@f2V- 7E)Uk0Ih#,}8rE_+g
Good luck and be your own bank.
Saying that "Hardware wallets still aren't secure, and they never will be." because a physical stolen device can be hacked is a bit sensationalist, isnt it?
What are the chances that a hacker come into my house, search and find my ledger and steal it? This is highly unlikely to happen, especially if you are a discrete person about your btc holdings.
Hardware wallets are still safe enough, especially for newbies.
What are the chances that a hacker come into my house, search and find my ledger and steal it? This is highly unlikely to happen, especially if you are a discrete person about your btc holdings.
Hardware wallets are still safe enough, especially for newbies.
Well lucky for those thieves they know what to look for when they break in now don't they? Binance was also safe for newbies. So was blockchain.info/com. Being idiot proof is the opposite of safe. If I wanted your version of safe I'd use my debit card through PayPal because that way if I'm watching an infomercial and buy some $99 knives that can cut through a tin roof at least I can get my money back.
LOL
Paper wallet are much more complex to be really safe. Not everyone is able to properly airgap a computer , and the risks involved in case of a mistake are very high.
Paper wallet are much more complex to be really safe. Not everyone is able to properly airgap a computer , and the risks involved in case of a mistake are very high.
Complex = not safe. Got it.
I bet I can teach even you how to properly air-gap a computer. It'll take 10 mins out of your day and you'll have a very useful tool for lots of other things in life.
The risks of making a mistake are the same (don't lose your private keys). What is higher risk with paper wallets? I'm not hashing out my pubkey by hand here. It's the exact same process anyone would use to generate a private key but it's air gapped. Okay, that and I use my own entropy source, but again, super easy to learn.
Only true if you specifically mention the usage of encrypted private key (see BIP 38) with strong passphrase.
100% agree.