Ist es sicherer, keinen Trezor zu verwenden, als ihn zu benutzen?
- Dieses Thema hat 9 Antworten und 1 Teilnehmer, und wurde zuletzt aktualisiert vor 1 Jahr, 10 Monaten von
.
-
Beiträge
-
-
Hallo zusammen. Ich schreibe einen Artikel über diese Themen, über die ich größtenteils nicht Bescheid weiß. Ich habe vor kurzem über diese Hardware-Geldbörsen gelesen, und diese Gedanken kommen mir in den Sinn:
Wäre es nicht sicherer, einen jungfräulichen Computer zu benutzen und dort Metamask zu installieren, als sein gesamtes Bargeld einem Gerät anzuvertrauen, das nur noch mehr Schichten hinzufügt, die anfällig dafür sind, zu versagen und alles zu verlieren? Ganz zu schweigen von dem Risiko, einen manipulierten Trezor gekauft zu haben (ja, offizielle Website, Holo-Siegel, und so weiter und so fort. Aber trotzdem – im Grunde vertraue ich mein Geld einem Gerät an, das von außen kommt und von Fremden gebaut wurde, im Gegensatz zu etwas wie Metamask, dessen Installation zu “100%” garantiert legal und sicher ist, und dessen Seed sich nur in meinem Besitz befindet, nicht in der Obhut von etwas, das wiederum außerhalb meines Wissens von Leuten gebaut wurde, die nicht ich sind).
Darüber hinaus bin ich davon überzeugt, dass die Einrichtung eines völlig neuen PCs mit Metamask sicherer wäre als der Kauf eines Trezor, da der Kauf eines neuen PCs keinen Verdacht erregen würde, während ich beim Kauf eines Trezor massive Bedenken sehe, da jedes einzelne dieser Geräte aus einem bestimmten Grund gekauft wird: zur Aufbewahrung beträchtlicher Geldbeträge.So bin ich zu der Überzeugung gelangt, dass der Besitz eines Trezor und seine Benutzung tatsächlich riskanter ist als der Nichtbesitz und die Nichtbenutzung. Ich kam zu der Überzeugung, dass es sicherer wäre, einen nagelneuen Computer zu kaufen und ihn ausschließlich für Transaktionen zu verwenden, als den Trezor zu benutzen, oder?
Ich habe inzwischen so viele Threads über Ausfälle und verschwundenes Bargeld gesehen, dass ich fest davon überzeugt bin, dass es überhaupt nicht hilfreich ist, diese komplizierte Schicht von Ausfallmöglichkeiten hinzuzufügen.
All diese Standpunkte stammen natürlich von Internet-Angriffen. Ich spreche nicht von physischen Angriffen.
-
NO. Using a Trezor is always more secure than not using one.
​
>Wouldn’t using a virgin computer and installing Metamask there be safer than trusting all your cash into a device that just adds more layers prone to fail and lose everything?
No. Using Trezor with Metamask is not an extra layer. It is still 1 layer of protection. Either you use Metamask alone, and you have to remember your Metamask seed phrase … or you use Trezor with Metamask and you have to remember your Trezor seed phrase. Either way, you have to remember 1 seed phrase in order not to lose funds. I don’t see the extra layers prone to failure that you speak of.
​
>Not to mention there’s always the risk of having bought a tampered Trezor all along (yes, official website, holo seal, yadda yadda. But still – I am basically trusting my money onto a device that came from outside, built by strangers, as opposed to something like Metamask whose installation is like “100%” guaranteed legit and safe, and its seed is only on my posession, not being in custody of, again, something that was built outside of my knowledge, by people that aren’t me).
No. Metamask is not “100% guaranteed safe” any more than Trezor is 100% guaranteed safe. They are BOTH built by people you don’t know, strangers. They are both open source so you can see the code. The seed is only in your possession, for both methods. Regarding the device being tampered with… your PC could also be tampered with. Your PC could have a keylogger in it, in the hardware even. Legitimate standard computer hardware has known to have been tampered with along transit. PC’s can get viruses. Even if it doesn’t get a virus, it is not more secure than a Trezor.
​
>I am convinced that setting up a whole new PC with Metamask would be safer than Trezor inasmuch as buying a new PC would raise no suspicion, whereas I see a massive concern when buying a Trezor, inasmuch as every single of these devices bought is bought for a reason: storing quite sizable amounts of money.
This depends on where you are in the world. But, a lot of things you do could hint at your wealth. Renting a safety security box. Having a nice house/car. Buying a safe. etc… You can also do things to more anonymously obtain a Trezor if that really is a concern. But this point really has nothing to do with the security aspect of a Trezor.
​
>I came to believe that actually purchasing a sepparate brand new computer and using it exclusively to operate transactions would be safter than using Trezor, wouldn’t it?
No. A PC can have viruses/keyloggers installed on it. A Trezor cannot. It simply doesn’t have the capability. A Trezor verifies all of its firmware when you plug it in. A computer cannot verify the validity of all the software on itself when you turn it on.
I’m not saying that it is always unsafe to use Metamask without a Trezor, if you really know what you are doing, but it is definitely not the case that using a Trezor would be less secure.
-
I mean sure assuming the makers of Trezor are all evil and just waiting for the right time to steal everyone’s money then ye you right. But that’s probably not true and someone who actually speaks “nerd” could explain why.
But if that isn’t true, then Trezor is amazing because you actually have to have the physical device to do ANYTHING to your assets and even when you plug it in to your device no one can access from a remote area because the passcode you’ve set can only be input properly if you can see the actual trezor device’s screen.
I’ve had one for over a year and i love mine, it def makes me feel like my assets are safe 🤷♂️
-
Not a Trezor specific issue.
Using hardware wallets plus a BIP39 passphrase for hot wallets is best practice, by far!
Putting seeds and privkeys in any device connected to the internet is STUPID.
Few users know how to use air-gapped amnesiac Linux live boot machines, and that is the only alternative.
-
What I think the definitive simple answer comes down to is this – if you lose your funds on a hardware wallet, YOU fucked up. No one can take your funds unless you get phished or someone steals your Trezor. That’s it, and to be frank, you have to be pretty foolish to get phished.
A hot wallet, that is not the case. You can store your seed properly, practice safe browsing, etc… but you can still be a victim of hacking, malware, keylogger, etc. Also, phishing scams are just as, if not more prevelant on hot wallets.
Op, I think you made this thread because there are a lot of posts on this sub about people losing their funds. While that’s true, everyone of them is a bit naive and those same people could just as easily get phished on a hot wallet.
-
Ill answer all your questions.
1) new computer, only metamask. Windows, its very very easy for malware or viruses to be downloaded. And don’t trust your Anti-virus most are garbage.
2) Tampered trezor? You won’t be able to install the trezor software if tampered, Im pretty sure. Atleast thats how it works with ledger, tampered = it fails the device genuine check. Can any trezor expert confirm?
3) Trusting money with a device created by a stranger. With this argument you can’t trust any wallet. Every single crypto wallet is designed by a stranger. Unless you yourself build your own crypto wallet and for this you need to know programming. If you dont and you pay someone to do it, again you’re trusting someone else because you never know how he can code the wallet application.
4) Sizable amounts of money? This is subjective and depends from person to person. For me a sizable amount of money is 1000$ and I would buy a hardware wallet. But some of my friends consider 100k as sizable amounts.
5) Lastly you buy a good hardware wallet like ledger/trezor to keep your seed phrase offline and sign transactions in an offline and secure environment. Which you can not do with PC and metamask. Metamask stores your seed phrase within the computer/online. Any computer expert/hacker should be able to access that information
6) Trezor cannot be hacked if updated, ik there was a glitch abuse before
7) You say many people got scammed with Trezor? Thats because they’re too f**king dumb to research crypto before investing in it and purchasing a hardware wallet ( no offense guys if u got scammed I feel bad for u, losing even 1$ is painful but when we say crypto means you’re your own bank please research and understand the importance of seed phrase and private keys ) -
-
-
No.if you get your trezor direct from Satoshi labs, confirm it, set up a hidden wallet behind a complex passphrase, nobody but you can move your coins. The passphrase adds a lot of security. Then when you connect to metamask set up the account so that it points to your trezor. Nobody can move your coins unless they have your trezor and your passphrse. And your passphrase of course is not kept on your computer or email or in any electronic format that someone can hack.
You can still do this all on a separate computer if that makes you feel more secure. -
-
- Du musst angemeldet sein, um auf dieses Thema antworten zu können.
