What's all this hype around "hardware wallets"?

[Zerping]

Those are just glorified usb sticks. Aren't they? All they do is store your encrypted private key. So what the heck? Why are they even a thing?

Just put your private key into encrypted 7zip and copy to any usb drive. Voila, that's a hardware wallet.

EDIT: removed the word "nonsense" from the title, seems like that was a bit too harsh

Edited December 31, 2017 by Zerping

[Sukrim]

15 minutes ago, Zerping said:

Those are just glorified usb sticks. Aren't they?

No. Read up on secure elements.

Edited December 31, 2017 by Sukrim

[John_Buh]

33 minutes ago, Zerping said:

Those are just glorified usb sticks. Aren't they? All they do is store your encrypted private key. So what the heck? Why are they even a thing?

Just put your private key into encrypted 7zip and copy to any usb drive. Voila, that's a hardware wallet.

OMG no - it's a totally different thing.  You really have to do some research.  A child of 4 can pull a private key off a USB stick.

[Zerping]

4 minutes ago, XRP_FER_ME said:

OMG no - it's a totally different thing.  You really have to do some research.  A child of 4 can pull a private key off a USB stick.

you forgot to read: "encrypted 7zip"

that is AES 256 encryption

Edited December 31, 2017 by Zerping

[Zerping]

31 minutes ago, Sukrim said:

No. Read up on secure elements.

I did. But it still seems to me that the only relevant feature is that the private key is encrypted. What am i missing?

Edited December 31, 2017 by Zerping

[John_Buh]

9 minutes ago, Zerping said:

you forgot to read: "encrypted 7zip"

that is AES 256 encryption

Yes, sorry - make that a child of 9.

[Zerping]

1 minute ago, XRP_FER_ME said:

Yes, sorry - make that a child of 9.

Wow can we have a serious conversation? Do you know what AES is?

"Fifty supercomputers that could check a billion billion (1018) AES keys per second (if such a device could ever be made) would, in theory, require about 3×1051 years to exhaust the 256-bit key space."

[Sukrim]

3 minutes ago, Zerping said:

I did. But it still seems to me that the only relevant feature is that the private key is encrypted. What am i missing?

That the relevant operations take place outside of your general computing platform. If you do this stuff using 7zip, your key will land in your RAM sooner or later - next to your browser, your resident malware and whatnot. If you use dedicated hardware, only your transaction (which will be public a few seconds later anyways) is going to end up in RAM.

[John_Buh]

Just now, Zerping said:

Wow can we have a serious conversation? Do you know what AES is?

"Fifty supercomputers that could check a billion billion (1018) AES keys per second (if such a device could ever be made) would, in theory, require about 3×1051 years to exhaust the 256-bit key space."

You know what - I think you just want to be right.  So go ahead and put your private key on

a USB stick.  Best wishes for a Happy New Year.

[Zerping]

Just now, XRP_FER_ME said:

You know what - I think you just want to be right.  So go ahead and put your private key on

a USB stick.  Best wishes for a Happy New Year.

thanks

[Zerping]

1 minute ago, Sukrim said:

That the relevant operations take place outside of your general computing platform. If you do this stuff using 7zip, your key will land in your RAM sooner or later - next to your browser, your resident malware and whatnot. If you use dedicated hardware, only your transaction (which will be public a few seconds later anyways) is going to end up in RAM.

Oooh so the key never leaves the HW wallet device? So can you recommend one that does not need to be connected to a PC to do transactions?

[Zerping]

Nevermind, i misunderstood. So, it needs to be still connected because it can't send the transaction by itself?

And the signing of the transaction is done on the HW wallet device, right?

Edited December 31, 2017 by Zerping

[ohsomofo]

The downside of simply encrypting your private key and putting in on a USB key is that you have to clean up the unencrypted files securely anytime you decrypt the key to use or import it. Deleting files doesn’t do this and operating systems and applications often use temporary files that can leave your key exposed.

And what about the system you access it from. If there’s any malware on the system your key can be compromised.

It also means you’re probably using a software wallet. You then have to trust that wallet will properly protect your key when not in use. Regardless at some point it will be unencrypted in memory or possibly left on disk.

A hardware wallet never leaks your private key from the device and all signing of transactions takes place on the device so even if your system is compromised, your key remains safe.

Hardware wallets are the most secure option available and are worth the cost. It all comes down to how much security you want and how much you trust the integrity of your system. If you plan to invest more in crypto than the cost of a hardware wallet then get a hardware wallet.

[Zerping]

Ok, now i understand, thank you guys.

[stuffie]

I think encrypting your private key with a trusted (online) encryption application like 7zip, keepass or lastpass is secure enough. But you have to take into account that the developer/publisher can read it's content if they want to. There is no way to be sure that an application written by another then yourself is secure. Same applies to hardware devices where there is allways some software needed to read it.

Writing down you secret key on a paper is also considered secure, if you store it safely.