As Bitcoin continues to grow, I think we are going to have bigger issues with these things. I hope that we can get a manufacturer to release an innovative device that bring next generation security. I mean, they can always keep a simpler devices as their main productproducts to tailor for average userusers who may not want or need that level of security. They would avoid limiting or hurting their primary sources of revenue this way.

Open source chips would be a good thing, but I think at the current state of things we are unlikely to see devices with such any time soon. The problem primarily lies in the trade off between usability and security. One example that I can think of is that multisignature wallets aren't used nearly enough. Multisig must be very standardized, with cross-device compatibility and good UI. Having security that is obscure and hard to use by the average person is pointless.

In that sense, you can imagine a 2 out of 3 multi-signature setup that uses 3 different hardware devices by 3 different manufacturers who use 3 different chips. It is extremely unlikely that an hack would happen in this scenario, especially not one that was not exposed before a second hardware device is compromised. Why? Given how hard this is, a successful compromise of 1 brand would likely be used and public before a second one would occur.  Clearly the usability of such a setup is terrible compared to something fast as a browser extension. However, for long-term cold storage does it really matter if you need 5 minutes to create a transaction knowing how much security you have in your setup? For me it does not matter at all, and it wouldn't hurt most people if their patience was improved.

When it comes to your small or every day wallet, I think you should use it with the expectation that you can be hacked because there are so many ways for this to happen. Unless of course, your daily wallet is also a hardware wallet. Then that is a whole different story.

As Bitcoin continues to grow, I think we are going to have bigger issues with these things. I hope that we can get a manufacturer to release an innovative device that bring next generation security. I mean, they can always keep a simpler devices as their main product to tailor for average user who may not want or need that level of security. They would avoid limiting or hurting their primary sources of revenue this way.

Open source chips would be a good thing, but I think at the current state of things we are unlikely to see devices with such any time soon. The problem primarily lies in the trade off between usability and security. One example that I can think of is that multisignature wallets aren't used nearly enough. Multisig must be mostvery standardized, with cross-device compatibility and good UI. Having security that is obscure and hard to use by the average person is pointless.

In that sense, you can imagine a 2 out of 3 multi-signature setup that uses 3 different hardware devices by 3 different manufacturers who use 3 different chips. It is extremely unlikely that an hack would happen in this scenario, especially not one that was not exposed before a second hardware device is compromised. Why? Given how hard this is, a successful compromise of 1 brand would likely be executedused and public before a second one would occur.  Clearly the usability of such a setup is terrible compared to something fast as a browser extension. However, for long-term cold storage does it really matter if you need 5 minutes to create a transaction knowing how much security you have in your setup? For me it does not matter at all, and it wouldn't hurt most people if their patience was improved.

When it comes to your small or every day wallet, I think you should use it with the expectation that you can be hacked because there are so many ways for this to happen. Unless of course, your daily wallet is also a hardware wallet. Then that is a whole different story.

Open source chips would be a good thing, but I think at the current state of things we are unlikely to see devices with such any time soon. The problem primarily lies in the trade off between usability and security. One example that I can think of is that multisignature wallets aren't used nearly enough. Multisig must be most standardized, with cross-device compatibility and good UI. Having security that is obscure and hard to use by the average person is pointless.

In that sense, you can imagine a 2 out of 3 multi-signature setup that uses 3 different hardware devices by 3 different manufacturers who use 3 different chips. It is extremely unlikely that an hack would happen in this scenario, especially not one that was not exposed before a second hardware device is compromised. Why? Given how hard this is, a successful compromise of 1 brand would likely be executed before a second one would occur.  Clearly the usability of such a setup is terrible compared to something fast as a browser extension. However, for long-term cold storage does it really matter if you need 5 minutes to create a transaction knowing how much security you have?

When it comes to your small or every day wallet, I think you should use it with the expectation that you can be hacked because there are so many ways for this to happen. Unless of course, your daily wallet is also a hardware wallet. Then that is a different story.