Fragen zur kalten Brieftasche
- Dieses Thema hat 4 Antworten und 1 Teilnehmer, und wurde zuletzt aktualisiert vor 2 Monaten, 3 Wochen von
.
-
Beiträge
-
-
Was ist so besonders an einer speziellen Cold Wallet wie einer Ledger Wallet? Soweit ich weiß, besteht nach der Erstellung einer Schlüsselphrase für die Wallet immer noch das Risiko, dass man seine Münzen verliert oder sie gestohlen werden, wenn jemand die Schlüsselphrasen herausfindet. Ich nehme an, Ledger fungiert nicht als Hardware-Token für MFA oder irgendetwas, da, wenn Sie es verlieren, können Sie einfach ein anderes Ledger kaufen und die Schlüsselphrasen eingeben, um die Daten wiederherzustellen.
Wenn ich ein zusätzliches Offline-Telefon mit einer Wallet-App habe und das Telefon nur mit dem Netzwerk verbinde, um Token zu senden oder zu bestätigen, dass ich Token erhalten habe, ist das dann nicht dasselbe wie eine dedizierte Cold Wallet? Welchen zusätzlichen Schutz bietet mir etwas wie Ledger?
Nach dem, was ich gesehen habe, werden den meisten Nutzern ihre Münzen durch Social Engineering gestohlen, hauptsächlich durch zufällige NFT-Drops. Verhindern Cold Wallets zufällige NFT Drops?
Danke für jede Antwort, die ich bekomme. Immer noch neu in Krypto und will lernen, wie ich meine Münzen besser schützen kann.
-
> If I had an extra offline phone with a wallet app and only connected the phone to the network to send tokens or confirm that l’ve received tokens then isn’t that the same as a dedicated cold wallet?
This assumes that a phone is as hard to hack as a ledger is. Most in security will say this assumption is false.
> What extra protection do I get from something like ledger?
Term is “attack surface”. Android is millions of lines of code riddled with networking. Any problem in any of that code can expose you to a hack. Ledger, Trezor, Coldcard, are all small dedicated devices with very small set of code and no networking. So the “attack surface” is smaller.
> From what I’ve seen, most users that have their coins stolen is due to social engineering, mainly from random NFT drops. Do cold wallets prevent random NFT drops?
100% The weakest link is ALWAYS the user. You can have a software wallet with a super-human user that is more secure than a hardware wallet owned by a moron. But in the law of averages, the average hardware wallet with the averagely competent user is safer than an Android / iPhone.
-
1) A wallet app will expose your recovery phrase. If someone gets acess to your phone (whether it be remote control or physical access), they can request your recovery phrase within the app. A Ledger device will display the recovery phrase only once during the initial setup and never again. So, even if others get access to your Ledger, they cannot extract the recovery phrase.
2) A wallet app is software, and software can be manipulated by malicious code. The app can show one thing, but sign/confirm another thing. With a hardware wallet like Ledger Nano, even with malicious software in use, the display of the hardware wallet will show the actual raw transaction details. So, if you check/verify the information on the screen, you can prevent an attack on your wallet by malicious code.
– To continue on this: you can plug-in a hardware wallet on a computer infested with malware and virusses, and your crypto still will be safe. You can keep making transactions safely, as everything regarding the signing of the transactions happen on the device. Imagine the same scenario with a software wallet…
3) A Ledger device has passphrase support, and I haven’t seen any wallet app that has it. A passphrase is basically an extra layer of security – a 25th word on top of the 24 words. This passphrase will create its own set of addresses, so even if your recovery phrase (24 words) are breached, your crypto (that is tied to the 24 words + 25th word) is still safe.
-
To send crypto on a Ledger you have to physically push buttons. The private keys are on a secure element separate from the primary OS. There is no way to use software from a connected device to simulate the button push. Other wallets use different methods but the concept is the same.
While hot wallets for the most part are pretty secure, theoretically compromised software might be able to get to your keys.
-
Hey, a dedicated hardware wallet like Ledger provides a higher level of security compared to a software wallet on an offline phone. The key difference lies in how the private keys are handled. With a Ledger device, your private keys never leave the device and all transactions are verified within the device itself, in an isolated, secure environment. This means even when you connect your Ledger device to a computer or smartphone to make transactions, your private keys are never exposed to these potentially vulnerable environments.
On the other hand, a software wallet on an offline phone still requires the private keys to interact with the software to sign transactions. This means that if the phone is compromised, your private keys could potentially be exposed.
As for your question about NFT drops, Ledger devices or any hardware wallets do not inherently prevent random NFT drops. This is because your address is public information, and scammers send these in bulk randomly, you just have to ignore and hide any unsolicited NFT you might receive without your consent!
[https://support.ledger.com/hc/en-us/articles/6857182078749-How-to-handle-malicious-or-unknown-NFTs?support=true](https://support.ledger.com/hc/en-us/articles/6857182078749-How-to-handle-malicious-or-unknown-NFTs?support=true)Remember, the most secure practice is to never share your recovery phrase with anyone and to be aware of social engineering scams. Always verify the source of any crypto or NFT you receive and follow best safety practices: [https://support.ledger.com/hc/en-us/articles/6747982542749-Best-safety-practices-Ledger?docs=true](https://support.ledger.com/hc/en-us/articles/6747982542749-Best-safety-practices-Ledger?docs=true)
Hopefully this better clarifies
-
- Du musst angemeldet sein, um auf dieses Thema antworten zu können.
