since i am a noob in the technical stuff, can anyone here say something more about the device?
Stuff such as a Lightning signer seems necessary for the long term. Air-gapped lightning funds aren't possible with the current model.
I think that it works very similarly to LND's
remote signing which has been around for quite some time now. I haven't seen any hardware wallet implementation of it, though.
I don't get the security model on any of these options, though. If the node computer is compromised, it can send malicious requests to the signer and the signer will just do what is instructed. How is this any different than having the 'signer' portion as just a local program (
lightning-cli)?
The strength of hardware wallets is that an attacker doesn't have access to the keys, as your hardware wallet is unplugged and needs manual input. That's the whole point.
If I have my hardware wallet plugged in while browsing Bitcointalk and a transaction pops up on its screen, asking me to confirm it, I won't do it, since I know it wasn't me who initiated the transaction. But the 'Lightning signers'
would do exactly that (as they're designed to do exactly that; it's required functionality for a Lightning node).