Thoughts on Trezor Safe 5?

is it the best money can buy right now?

file.png - 768x768, 208.16K

It’s what I use. Its software is fully open source which is the most important aspect imo. The secure enclave chip is also a nice addition since it prevents physical hacking if someone steals the trezor. Also it allows you to enter your passphrase with the touchscreen, for a hidden wallet, so you’re not exposed to keyloggers.

sounds based, but the open source thing is a double edged sword.

Ur a fucking retard just use ur phone. If I saw ur Trevor I would smash it then nobody gets the coins

This. There are 2 groups in the USA that can crack Trezor or Ledger w or wo secure element, Combine that with celibtrite and magnetic forensics who can do phones with ease and ur fucked.

Village idiots of crypto.

proprietary firmware

oof

arxiv.org/pdf/1903.08102

That was from 2019. I don't expect you to understand so maybe ask chatgpt to translate it for a 12 year old.

Orgs now using electron microscopes coupled with micro EMP's to corrupt the ALU of the microprocessor and in turn comrpomise the state model of the bootloader, allowing them to drop the chip from RDP 2 to RDP 1 and eventually 0, facilitating a scan of memoryh.

god the state of this board.

good morning saars

words words words. you're wrong about this.

inb4 you're just retarded

I have a PhD in Electrical Engineering.

You sound like a complete twat

appeal to authority

pssh not an argument kid

222.png - 508x553, 123.4K

Ur a fucking retard just use ur phone. If I saw ur Trevor I would smash it then nobody gets the coins

you are a raging retard
you dumb nigger.

just make a seed backup.

just use u r phone lamao *gets troyaned*

what a nig.

yes, that is why trezor is NOT tamper-proof if someone steals it from you.

use the additional passphrase, and do that from a secure computer.

also use multisignature

tourists and newbies, do not listen to this. pen and paper OR get a 50 dollar new android phone that has NEVER had a sim card in it and has never been on the internet.

What if you generate a seed phrase on a hardware wallet and then reset it. Is it still at risk from someone physically accessing your device?

get a 50 dollar new android phone that has NEVER had a sim card in it and has never been on the internet.

I can see how that helps with spyware viewing your screen but how does that help if the seed phrase is phoned home on a closed source wallet?

The best is actually a multisig wallet like Gnosis Safe or Vultisig, an attacker needs to compromise N of M seed phrases which is very unlikely, you can do a mixture of hot and cold wallets as your signers.

Why?

Stupid paranoid faggot retard

Me use grug wallet made of shiny rock. It fireproof. Me like.

No

Correct

dont hate to burst your bubble but i am very much right on this. 2 companies in the US and 1 in switzerland. twitter twats and bitcointalk bros are cute, but the real ballers in this game are not publishing their findings. if you have a PhD then why act like a petulant child? Read the paper. crypto hardware devices, w or wo a secure element, are a retarded way to store anyting of significant value. go through the datasheet on the STM32F2 and STM32F4 microprocessor, specifically when the bootloader kicks in and look at the state model around checking what run level it is as. bottom line: all bets are off when you have the device on your physical. possession. of all people you should know this.

angry much?

What if you generate a seed phrase on a hardware wallet and then reset it. Is it still at risk from someone physically accessing your device?

if youre arguing you can read data directly off he secure silicon then no youre not all clear

go through the datasheet on the STM32F2 and STM32F4 microprocessor

irrelevant when the encryption key is on the secure element

Cold Card is the best. Bonus points for only supporting BTC and no shitcoins.

If you're not in a fully disconnected wallet, you might as well just use your phone like a boomer in a hacker movie that leaves their password next to their computer.

having open source code for all to see increases the visibility of the source for BOTH white hats and black hats i.e. BOTH good engineers and malicious engineers can see the code.

Correct me if I'm wrong, but can't you just get a hot wallet from Metamask or whatever, write down the key, deposit your crypto, and then delete the account from your browser? How is that different from a cold wallet?

8.jpg - 224x224, 10.31K

2019

The newer models are resistent to this stuff. Does anyone have any proof of the newer models being hackable?

The fact that you do ANY transactions on a used computer even if you only add the wallet again, makes it temoprarily unsafe to transact with. You could be hacked without knowing. If you want to do it that way, I recommend a raspberry pi or something, on a freshly installed SD card. This should give you the same level of safety as a hardware wallet.

What if I have a PC that I only use to transact crypto and has 0 downloads or activity on it?

there are levels of opsec you need to consider.

[hardware]get hardware wallet. trezor,ledger etc. i think trezor is better because you can create hidden wallets. ie on top of your seed phrase, you can create multiple wallets by entering different passwords.

[onchain] create multisig wallet. deploy your keys around. either people or just yourself. this will protect you from stupid onchain hacks(permit2 etc) and also if hardware wallet stolen,broken etc, you still have other access points.

[onchain] dont sign any unknown contract, dont approve anything unknown, use rabby wallet. it shows you the popularity of the dapp. dont sign anything not popular.

[onchain] revoke accesses frequently using rabby wallet approve tab. i usually left curve, uniswap, cowswap approvals but i revoke others.

[developer] dont deploy contracts using real account if you are developer. just dont use those keys for any development.

[social] dont talk about your crypto. always say you had 1k usd, you only have 0.001 btc etc. use trezor hidden wallets and put 1k usd into it. if you get attacked, people will just release you after taking your 1k usd.

- [onchain] dont create dummy footprints on blockchain. either use railgun or cex to hide your other wallets. wallet1->cex[binance]->wallet2 will break link chain between wallet1->wallet2. if you are real-pro, use railgun.

[physical] store your hardware wallets in different places. rent new place if your address in any cex system. ie cex can be hacked. ledger user database hacked and people got death threats through mail/email etc. some people recommend fake-emails/fake-phone numbers for cex as well.

- [onchain] my limit is 50k usd per wallet. anything can happen. multisig wallets can go missing, you can get hacked etc. just use different unlinked wallets to store crypto.
using offline pc and trezor is not much different from each other. if someone can break

my trezor didn't accept my PIN after like a year or so of not using it. Yes, the pin was correct. I had it written down and memorized. I read it happened to other people before. Had to do a recovery with the seed phrase or some shit. Was not a good feeling.
But trezor is kind of the topdog with this technology, don't know what the fuck happened and why it happened.

Pretty much the same as the Pi in this case.

cont.
if someone can break into your house, they can extract information. that is why you need levels of opsec. dont brag, dont sign, dont approve, dont install, dont say anything about crypto on social, dont share it[share it with loved ones if they can keep their mount shut, i told my sister and she told her whole school how good trader i am etc for bragging. can you believe it?], dont allow people to track your onchain activity. dont post anything social about crypto. people worry about voltage glitch bugs and get hacked onchain. %99.999 people get hacked onchain. dont worry about voltage glitches etc. they are just acedemics and requires access to device. assume that if someone can access to device, its gone already without multisig and per-wallet-usd limit.

cont.

dont take pictures of seed phrases. don't store them online. i used metal plate to store it but i cant go through airport security now because i think if metal plate goes through xray, they can read it. i mixed the order using algorithm but it doesnt make things as complicated as i need. multiple papers+fire resistant safe maybe better. dont know. but just dont picture of seed phrase.

i am more worried about not making it now. if i make it and if i hacked afterwards. oh, thats hell.

I don't use hardware wallets cause criminals will just kidnap and $5 wrench attack you to get your seed phrase if they find a hardware wallet on you.

If I was a criminal I would infact make it my job catching idiots with hardware wallets and then making them give up their keys by torture.

You'd have to be a clueless retard to get "hacked without knowing"

True, yet it happens all the time.

The proof on /biz

just trust me bro.

87265197.jpg - 1920x1077, 501.95K

limit 50k USD per wallet

Price 100x

Need to make and manage 100x more wallets

Or do you just cash out because all the smart contract chains are just degen gambling?

Read the paper. crypto hardware devices, w or wo a secure element, are a retarded way to store anyting of significant value.

so you use what instead?