Oddbean new post about | logout
 Where did you get all of this? 
 I hacked them :) I'm the cover thumbnail for the wallet fail talk. Obviously because my throw back glasses 😎

My day job is a hardware penetration tester. With a colleague, we've done probably the most paid hww audits. For example, foundation et. Al. 

https://youtu.be/Y1OBIGslgGM? 
 I say day job but it's just me, myself, and I running the shop 😀 
 Hacker as a full time job 🤩
Is there some hww that you couldn't break into? 
 So basically all of them do the thing they claim which is, they separate the key from your main computer/tablet/phone. Most of them are pretty good we've only found minor issues since we gave that talk.

In that sense, I'd like to think the industry learned a bit from us. With the exception of tamper stickers. They are worthless.

But none of them solve the really hard problems of can I truly verify and trust this hardware. And some of them do shady things with licenses and cloud servers and what not.

So in conclusion, despite me earning money from the industry, I think people don't need a hww. I think a laptop running tails with persistent is fine for most people. Boot into tails, do your thing and disappear. Tails has had more eyes on that software than any hww code base. But nothings perfect.

Honestly, this is where nostr:nprofile1qqs09jtvjlmyrxjn37zv70a89csegcz7rpyqjmnw29cveedhv7vagqqpr4mhxue69uhkummnw3ezucnfw33k76twv4ezuum0vd5kzmp0xmkjg2 kinda wins. I don't use it personally but it's the embedded version of what I just described. And it's an actual open source project, not a product.

I could audit it but it's like, it doesn't store anything. So I could verify it does that but at worst case it is a malicious signer. But that's the same threat to all hww, every vendor could push a (unintentional) malicious update.

Some hww vendors also just shit on each other all the time. It's honestly a bit exhausting.

I get a bit sad tbh because I'm in all these chats about how to do self custody and it's all these cults of people saying Coke is better than pepsi.

So I'm a bit disillusioned with bitcoin hardware at the moment. I'm hoping to make some actually fun electronic project instead of watching people cheer for their favorite vendor.

Anyway, long rant. But this is kinda why I'm doing bitpunk.fm at the moment to find my spark again ⚡️ 
 Meine Rede schon seit Jahren 😀
nostr:nevent1qqs2qhdfvcm22np57q6uq27exemmw3htx06x6zkysq0ex79l89rap0cpz3mhxue69uhhyetvv9ujumn0wd68ytnzvupzqn22kum797a44u8aty95kl5vdlnk6wsz49u3aala4nmqr709p7kcqvzqqqqqqytkgfy2 
 @SeedSigner is slick 
 I totally agree, thanks for your post 
 Sorry to hear that you are disillusioned. 

IMO the current state of hardware wallets is actually great (if you can put the bickering aside).

There are many design directions being explored by teams with different priorities making products that target different users and use cases.  
 👌 
 This is true. I don't mind the fragmention actually or I should say the diversity of options. 

Actually I forgot to say, because I was in a rant mindset, that there is a project I'm excited about. Satoshi Labs Tropic Square company that is making it's own chip.

There are many details here, but overall, I think they are taking a risk and pushing a larger industry forward.

I think ultimately are a very personal choice and technically, they all mostly solve the one issue of key separation. But because they are a physical product you can buy, they get shilled to no end on podcasts, youtube, etc...

So that's the kind of stuff that drives me nuts.

I think, being in security, I tend to always see the negative things -- how to break this or how that will fail. I'm also a bit cynical person in general sometimes. A sincere thank you for bringing a positive reminder. 
 I give HWWs to my orange pills as a tangible "bitcoin thing in their hands" with the requisite disclaimer that it can't be trusted, but neither can a lone generic PC by itself, so 2 is better than one to disperse risk (plus the ceremony of signing offline can be cute & informative)

For me personally though, they're a novelty.  I use #qubes for bitcoin stuff on a spare laptop, and keep the seeds in keepass in an offline appvm.  The signing ceremony on qubes os is mundane, but effectively the same as an airgap HWW signing.

nostr:nevent1qqs2qhdfvcm22np57q6uq27exemmw3htx06x6zkysq0ex79l89rap0cpz4mhxue69uhhyetvv9ujumn0wd68ytnzvuhsygzdf2mn0chmkkhsl4vskjm733h7wmf6q25hj8hhlkk0vq0eu586mqpsgqqqqqqsy6h8l6 
 The irony is that hardware wallets really don't play well at all with the USB stack on #QubesOS 🤣 
 Ha :) yeah, I can't remember the qubes hypervisor at the moment but yes. I had many a issue with usb in just virtual box.

But yeah, qubes is also good.

You have a good point about the physical object. I can see that helping. Sometimes I'm a bit too close to the problem. Thanks for the persepective.