Superceding paper with Nano S

[zenkert]

1 minute ago, Tinyaccount said:

You can trade with a cold wallet without it ever going online.  So like I say...   for convenience of operation at other computers it's good,  but otherwise no better and certainly no more secure than a paper wallet.  

Right! But why use differnet computers? Beats me.

[Pluto]

haha, well my bank account got hacked once, though nothing happened because i had 2 factor enabled, but the notification via email of an attempted access had my heart pounding.. so i suppose my paranoia is justified.

[Pluto]

Just now, zenkert said:

Right! But why use differnet computers? Beats me.

suppose a tsunami comes and all you could grab is your recovery sheet

[zenkert]

39 minutes ago, Lando said:

I am a little worried though. What happens if that **** fails? 

As long as you have your Ripple adress and your Secret Key, you are safer than Fort Knox.
You can restore and move your XRP anywhere.

Edited December 17, 2017 by zenkert

[zenkert]

1 minute ago, Jackdarippler said:

suppose a tsunami comes and all you could grab is your recovery sheet

Well, that would be enough, wouldn´t it.

[Pluto]

Just now, zenkert said:

Well, that would be enough, wouldn´t it.

alright i see your point

[John_Buh]

39 minutes ago, Sosovoo said:

As a IT professional myself, I highly recommend a Nano S for XRP storage.

Side note,  I was laid off by IBM 2 years ago. I cant support XLM/Stellar for anything. If people only knew how crappy the state of IBM really is. 

 

I'm an IT engineer and I concur with how IBM has fallen apart.

[John_Buh]

Do indeed invest in the Nano S - it gives peace of mind at a decent price.

[AdamM]

1 hour ago, Lando said:

I've just ordered a Nano S. 
     
I am a little worried though. What happens if that **** fails? 
   
I'd like to hear from people who have held coins on their Nano S for the past year, and get some feedback from zerpers on the product from an XRP perspective.  

 

 

I've got 2 nanos, tested them to hell and back... on both devices I setup and wiped them, re entering the 24 word recovery seed restored the wallet with the same wallet addresses created.  You can only have 4 wallets installed at any time but you can delete them and add them back and they will be the same as before.  Only thing I don't like is the lack of support for more altcoins.  With the money they are making, you would have thought they be adding more an more to the list at a greater rate than they are currently.

For peace of mind though, I don't mind spending a few dollars on this as I know no matter what (loss or theft) I can always restore them again with another nano.  That's also why I have 2, hot spare ready if required.  I keep the 24 word recovery on a veracrypt usb with a 12 word password, got a copy of the USB at another address where the second nano is.

[Guest]

Another thing against it I just thought of is secret key vs recovery phrase.

Someone was asking about holders in future times cashing out.  I replied without realising he has said ledger...   so I said bank will just let you type in secret key and funds will be available.  

There will be lots of future options for using secret key but ledger wallets will need to do a transfer to an account not just natively use their Ripple Wallet.  

Not a biggee but thought I'd throw it in...  

Really I'm not against them but I strongly disagree with those many folks who say it's the only or it's the best option.  

[at3n]

Warning: extreme paranoia ahead 

@Badger, I went through a similar thought process to you before buying a hardware wallet.

The following are my reasons for choosing hardware over paper:

(BTW, I'm assuming here that the paper wallet would include code to sign any transactions in an offline environment, and then you would transfer the signed transaction to an online machine to submit. So no need to rely on online services or exchanges.)

1. Convenience - of course it's much easier to use a hardware wallet than a paper wallet. The day you want to sell, maybe your coin is crashing and losing 5% value every minute, speed could be important.
2. If you trust the hardware wallet manufacturer, the security risks of coin theft are as minimal as with a paper wallet. Using a paper wallet, you still need to trust the developer of the software that signs the transactions, however that is implemented, unless you write the code from scratch.
3. You can send transactions with a hardware wallet without retrieving the secret from its secure storage. The secret never leaves the Nano, all you need to remember is your (hopefully 8-digit) PIN. A paper wallet requires you to temporarily expose the secret to a potentially insecure environment (physically) every time you use it. As a result of all this, if you have a Nano, and you left the paper backup in say a bank vault, then your day-to-day wallet is by default using two factors of authentication (something you have [the nano] and something you know [the PIN]). On the other hand, if you have a paper wallet hidden in your house, a thief just needs to find that and they're happy.
4. It provides a different way of storing your secret. The Nano is resilient to different physical threats than paper. If you have a paper wallet and have a paper backup of that wallet, they have the same threats to their physical security (water damage, being mistaken for scrap paper, ink fading...), whereas an unplugged nano is unlikely to be destroyed by any of these methods. Nanos have other weaknesses that paper does not have (electromagnetic damage, power surges, crushing...). So using a nano with a paper backup to spread the risk is extremely sensible, to me.

I'll concede that for skilled IT people who can verify software down to the network socket level (or write their own), and who can set up a good multi-device environment and excellent physical security for their keys, then there may be some security benefit there. For most people that's unattainable.

@zenkert, regarding [hardware or paper] vs software wallets, come on, there is no comparison when it comes to security. There are just so many ways that computing devices can be compromised, in the long run you can't expect to keep up with the bad guys. By using a software wallet, you're pretty much saying that you trust every single piece of software on your computer. Even if the software wallet takes precautions to protect its data (in storage and memory), I would bet that given enough time, a very good programmer could defeat any of them (tricking the user could play a big part in this, and users are all too easily tricked). As crypto goes more and more mainstream, I expect that there will be a big increase in attacks specifically targeting software wallets - a very dangerous game to play when it's your money at risk - and this is not like bank savings that can be refunded when they're hacked, as you know.

I understand that many people will be put off by the price, and that everyone's circumstances are different, but I would say that most crypto investors think that their chosen coins will significantly increase in price, and hence even a modest initial investment would soon make $67 seem very small. I would say to those people to put their money where their mouth is and buy a hardware wallet!

Edited December 18, 2017 by at3n
Re-wording for clarity

[Guest]

Sorry @at3n but you are incorrect on a couple of those point about paper wallets.  

Firstly if you are in a situation of needing to sell at speed you are better off  if you don't.   Wait for the inevitable rise again.  

Secondly you do NOT need to expose the cold wallet Pc to online.  You can create and sign a transaction offline totally then move it via USB key ((or better...   QR code) to a online wallet which imports and sends the tran.  No exposure required.  

Just filling you in on those couple of misunderstandings.  

[at3n]

3 minutes ago, Tinyaccount said:

Sorry @at3n but you are incorrect on a couple of those point about paper wallets.

I respectfully disgaree 

4 minutes ago, Tinyaccount said:

Firstly if you are in a situation of needing to sell at speed you are better off  if you don't.   Wait for the inevitable rise again.

That's somewhat outside the scope of the question, I'm not meaning to advise to sell in the event of a crash, but if someone wants to do so, they have the right to, and execution speed is relevant in that case.

5 minutes ago, Tinyaccount said:

Secondly you do NOT need to expose the cold wallet Pc to online.  You can create and sign a transaction offline totally then move it via USB key ((or better...   QR code) to a online wallet which imports and sends the tran.  No exposure required.

Absolutely agree, and I mention that in my post (4th line). But I'm advising to consider the software used to sign the transaction on the offline PC. Who wrote it? Did they write it well? How do you know that the signed transaction will actually do what you expect it to? You can verify the signed transaction with some other software before submitting, but is the software you use for verification trusted... etc. etc. What I'm saying is that you need to trust it, just like you need to trust the hardware wallet. So I'm saying that the level of trust required for each is pretty much the same - at a very paranoid level.

[Guest]

3 hours ago, at3n said:

But I'm advising to consider the software used to sign the transaction on the offline PC. Who wrote it? Did they write it well? How do you know that the signed transaction will actually do what you expect it to?

The cold Pc can have malware on it and it's not a problem.  It never connects to the internet so the malware is thwarted.  You know the wallet works because part of the initial setup was receive then send a small amount back to prove the key works.  Additionally between receive and test send you delete wallet and reinstate from secret key to prove the key and wallet work.  

 

So thanks for the respectful disagree but I stand by my statement that you were incorrect when you said you have to bring cold wallet online and it's risky.  

As far as trusting the software....   it's proved it can do the job and it's air gapped so it can't do anything malicious.  

I will concede the speed of sale thing...   but that's a very very edge case and truly in those situations you are almost always better to wait it out.  

[ZX81_1k]

Thanks for your input, guys. I'm cautious down to the trust in the original paper wallet key production. I used a website www.ripplepaperwallet.com but I'm trusting the developer isn't just generating addresses/keys from a pre-prepared list. If he uses a weak password on the domain DNS then it could be hacked and pointed to a fake key generator. If he uses a weak password on his email account or his recovery address for his email has a weak password then the DNS control password could be reset and controlled by a hacker. A weak link will always be found if a system is poked enough. 

@Tinyaccount The suggestion to keep a cold PC is relatively safe, granted, but I can't really justify the cost when I could get a device specific to the task for just £60.

@at3n, you said about the risk of losing the paper copy... Most wouldn't think it likely but I bought a half dozen coins back in 2013 and only 4 of the paper wallets remain, 2 have just disappeared yet they were all kept together. I can only assume they got mixed up with the kids scribbling paper at some point in the last 4 years and chucked out.

There's really no protection against being an idiot after years of kid-induced sleep deprivation and a moment of stupidity is the most likely point of failure. No-one is immune to that.