And you're just completely ignoring the fact that I was talking about a dedicated device
Discussion
If you're just going to strawman the conversation I have no interest in continuing it
I don’t see how a dedicated device changes anything we’ve discussed. If it’s a smart phone, it still has wireless antennas. It’s still capable of Internet connection. It’s not a cold wallet.
Because a dedicated device doesn't access email
And your example depends on accessing email
It was just one example. If your device has a wireless antenna, even if you’re not using it, even if your screen tells you it’s off, I am still capable of hacking you.
So you're claiming that an adversary can:
One identify that Bitcoin exists on the device
two figure out when the device is active
three remotely connect to the device
four exploit the device to extract the secure Keys
without user interaction
that is an extremely heavy lift and verges on magical thinking
Yep. Everything you said there is accurate. Welcome to the scary world of cyber security.
Yeah it's all technically possible
But it's never happened
And the people that we're talking about here (signal sig plebs) are unlikely to fall under targeted attack
This is just "internet professional thinks that Internet Security is Lacking because theoretical technical reasons"
Ever wonder why people use faraday bags at tech conventions? If there’s a wireless signal coming to your device and there’s hackers around, they will win.
And nobody's talking about taking your signing device to a hacking convention
come on man
"someone could theoretically gain access" is hand waving
We're talking about a random person having a dedicated phone in their home under their personal control
And *maybe* they turn it on occasionally to sign a transaction
You have not indicated ANY practical way to compromise such a device
Just "insecure because scary reasons"
I can agree that maybe this isn't advice that you want the general newbie to hear
But you're not indicating any actual problems with the advice itself
Security is about removing as many vulnerabilities as possible. So just because you can’t find a person testifying about their hacked device doesn’t mean it isn’t something to be avoided. Especially when it costs far less to buy a hww than a smartphone anyways.
BTC security needs to be easy and clear cut. What you’re advocating for is not. Many of us will never see it as a good idea for people to treat a smartphone as cold storage. But it’s your money.
I’m a little lost with what is your argument at this point. That you’re right and everyone else is wrong?
HWW security is better than smartphones. Smartphones aren’t cold storage by definition. Not sure how I can make it any clearer for you.
I literally said it in the 1st post you replied to
and what Im saying is EXTREME clear-cut.
so far all youve said is
"hww more secure against theoretical attacks nobody has ever heard of"
which is true.
just saying for your average pleb it doesnt matter.
Very short sided man. Security matters for everyone.
The founder of Trezor started HWW’s because his coin was hacked. You apparently think people using graphene is an equal recommendation to a hardware wallet and you’re wrong. Sorry, I know it’s not fun to hear 🤷🏻♂️
These attacks aren’t theoretical. Cybersec professionals are building tools to stop very real possibilities to help people like you secure generational wealth and you’re dismissing their work as unnecessary.
I love graphene devices as much as anyone. But they are designed for general purpose privacy. Not long term savings. No computers are designed for such a purpose, which is why the hww industry now exists.
Maybe the real problem here is using the term cold storage. It means something specific and you’re using it to describe a suitable setup for yourself, but it’s not the same. It’s certainly not easy to use cold storage for the average person.
Nothing wrong with using hot wallets. I use them too. But “cold storage” should never be a smartphone-diy recommendation.
I think this is as clearly as I can make my point. So I’m moving on with my Saturday, good luck man.
Im fine if we dont call it "cold storage". i dont particularly care if we call it that or not.
ill also close by pointing out you have not indicated any security vulnerabilities in my suggestion.
although i agree with your point its more vulnerable to 1 in a million type attacks that average plebs are extremely unlikely to be targets for.
https://letmegooglethat.com/?q=Pixel+graphene+cve+vulnerability+history
Graphene is best around. But nobody is invincible.
agreed 👍