Cryptocurrency Hardware Wallets Can Get Hacked Too (wired.com) 23
An anonymous reader writes: Whether you think cryptocurrency is a scam or a salvation, those digital coins can store real-world value. The safest place to keep them is in what's known as a "hardware wallet," a device like a USB drive that stores your currency and private keys locally, without connecting to the internet. But "safest" doesn't mean "perfect," which new research into two popular hardware wallets reinforces all too well. Researchers from Ledger -- a firm that makes hardware wallets itself -- have demonstrated attacks against products from manufacturers Coinkite and Shapeshift that could have allowed an attacker to figure out the PIN that protects those wallets. The vulnerabilities have been fixed, and both hacks would have required physical access to the devices, which minimizes the danger to begin with. But Ledger argues that it's still worth holding hardware wallets to the highest standards, just as you would a closet safe. Shapeshift's fix can be found here. Meanwhile, Coinkite's Coldcard Mk2 flaw has been fixed in the company's current Coldcard model Mk3, which started shipping in October.
Who knew (Score:1)
Re: (Score:2)
Ummm.... no. The safest place to keep them is in multiple locations, encrypted.
If the only place you've stored your crypto is on a single hardware device, then eventually you're going to have no more crypto. Hardware failure alone is more likely than proper encryption being broken in one of your multiple disparate locations.
Re: (Score:2)
I have some $20 bills in my (physical) wallet (Score:2, Funny)
Pre-emptive strike on the whole "carrying cash is dangerous, AAAH!" genre of comments; save your keystrokes. I don't live in a crime-ridden area where you have to worry about being mugged.
Re: (Score:2)
Re: (Score:3)
All of these attack types on hardware wallets require physical access to them for the hacks to work, so I'm not sure what you're on about. I can tell you that a hardware wallet is a heck of lot safer than some raw $20 that anyone can steal and spend. Keep your tree money and don't forget to clean up after your horse on your way out.
Re:I have some $20 bills in my (physical) wallet (Score:4, Informative)
Haha, no not upset just having some fun. I highly recommend you check out some youtube videos by Andreas Antonapoulos, especially one titled "Introduction to Bitcoin". It might give you the big picture you might be looking for.
Good luck!
Re: I have some $20 bills in my (physical) wallet (Score:1)
Re: (Score:2)
Then, I wasn't kidding about the criminal-use aspect. It's become the currency-of-choice for criminal activities. For that reason alone I'd rather just steer clear of it.
I honestly did look at it when Bitcoin first started up
Re: (Score:2)
Moreso than cash? You got a source on that? Probably not
I honestly did look at it when Bitcoin first started up
So you haven't even thought about it in practically a decade? Nothing more than an armchair neckbeard. Not even authentic
Re: (Score:2)
Do you *never* read the news at all? Not even here?
Two examples:
1. 'Dark web' dealings
2. Ransomware
So you haven't even thought about it in practically a decade?..
LOL define 'think about it'. I read about it all the time. I have no interest in getting involved with it. Why should I? No reason to.
Now go troll someone else, you're boring.
Re: (Score:2)
What news would that be? Slashdot is a dying news aggregation site. You can hardly use that as a source of information. So... you don't have a source. Got it.
I read about it all the time. I have no interest in getting involved with it. Why should I? No reason to
From those sources you can't cite? Like I said, you aren't even on Comic Book Guy level of neckbeard. You are just a poser.
Now go troll someone else, you're boring.
Clearly I'm not boring enough to ignore.
Don't wrestle with a pig (Score:2)
Have you ever heard the expression "don't wrestle with a pig. You both get all muddy and the pig likes it"?
I appreciate your attempt at intelligent conversation.
It seems that attempt is one-sided today.
Re: (Score:2)
Re: (Score:3)
They better, because otherwise what's the point of a hardware wallet?
And it's not really a hardware wallet - the wallet is still software based as it's part of the cryptocurrency network. All it records is movement of things between wallets, after all. The hardware wallet instead records the private keys associated with the wallet - the goal is to keep those private keys offline so even if your PC or phone is
Slashdot unaccessable from Chrome on windows (Score:2)
The "We value your privacy" dialog does not respond to mouse clicks.
open console and do this.
for( var x in document.querySelectorAll("a")) { if( x.text == "I ACCEPT") c.click()}
Any usb stored crypto ever reported stolen? (Score:4, Informative)
I've never heard of such happening. Lost USB stick, yes, but stolen and crypto stolen, no.
No need to worry! (Score:1)
I was browsing a website [snipon.com] and saw the ad of a bitcoin hardware wallet. I quickly browsed some of the top bitcoin hardware wallets available in the market. This video [youtube.com] on youtube helped me out to pick my bitcoin wallet. After reading the post by Wired I did extensive research to find out the truth behind bitcoin hardware hacking. There are very few cases related to a vulnerable bitcoin hardware wallet.