Nostr Web Client

I like the seed XOR feature. What do you think makes it the "worse end of HWW security" and what do you think is better?

semisol 2mo ago 💬 2

That feature is basically the same as 2-of-2 or passphrases, and the problems with 2-of-2 have been pretty well documented by now.

I did my own research and architecturally it is significantly flawed. There are many weak points where you could be getting a backdoored device. The used secure elements are weak and outdated.

“Don’t trust, verify” goes much deeper than reading some marketing claims about “ultra secure” from the vendor and I see too many people falling for it. New Trezor for example is “quantum ready” but any device within the last 15 years is as well.

Personally I’d recommend something like a SeedSigner with a proper multisig and a BitBox maybe.

Reply to this note

Please Login to reply.

Discussion

semisol 2mo ago

If you are wondering almost all the large influencers have financial interest in Coinkite or another HWW company so they would shill you something even when it is lies or misleading.

Marc 2mo ago

I use a geographically distributed 3-of-5 multisig + seed XOR and Smanir Secret Sharing as a secondary backup in case the banks get shut down again.

During lockdown, I couldn't access my Trezor for 3 months and that made me re-evaluate everything.

I agree that seed XOR together is a bad idea.

I'm currently playing with time locks using Miniscript, but only with small amounts so far because I'm not 100% confortable with it yet.

Marc 2mo ago

Does the BitBox have an air-gapped mode?

Cykros 2mo ago 💬 3

They prefer to write articles about why airgaps aren't as useful as we think.

Stinks of "filters don't do anything."

Airgaps aren't a be all and end all. But they are one element of a solid security strategy, and writing it off is exactly why I'm not a Bitbox customer.

SeedSigner ("the man") 2mo ago

I believe they have written off air gapping as “security theater”.

JackTheMimic 2mo ago

It literally isn't though. Data flow control is not some "nice to have" feature. You, as a human, literally don't know what information is being sent over NFC, Bluetooth, and USB. Unless you use a highly sophisticated hub that is essentially a clone for data passthrough.

I am still waiting on Semisol to give the non "trust me bro" explanation on why these devices are insecure WITHIN their use parameters. Secure elements without a broadcast mechanism, without code that (absent authorization from the owner) diseminates the secret, or a cryptographic flaw making it trivial to brute force, WHAT exactly is nostr:nprofile1qqs99d9qw67th0wr5xh05de4s9k0wjvnkxudkgptq8yg83vtulad30gpz9mhxue69uhkummnw3ezumrpdejz7qgkwaehxw309askwemj9ehx7um5wghxcctwvshsz9thwden5te0wfjkccte9ejxzmt4wvhxjme0e68ksk referring to?

Marc 2mo ago 💬 1

Nothing is perfect. If the NSA wanted my sats, they could probably break my air-gapped wallets, but I prefer air gapped hardware.

Shug 2mo ago

u32Luke 2mo ago 💬 2

nostr:nprofile1qqs99d9qw67th0wr5xh05de4s9k0wjvnkxudkgptq8yg83vtulad30gpz9mhxue69uhkummnw3ezumrpdejz7qgkwaehxw309askwemj9ehx7um5wghxcctwvshsz9thwden5te0wfjkccte9ejxzmt4wvhxjme0e68ksk do you have thoughts on javacards? e.g. satochip

semisol 2mo ago

In terms of DX, I do not like it.

In terms of security, it's pretty good. I cannot comment on any specific applets like Satochip but the underlying JCOS is solid.

u32Luke 2mo ago

Thx 👍

J.A.D.I.P 2mo ago

It shouldn't take all the things that Coldcard has in order to secure your bitcoin. It seems like they create features, then tubers all say it's the best. That device is the super advanced version for people that want to be cool. There's gotta be a better way for beginners.