bitpunkfm on Nostr: So basically all of them do the thing they claim which is, they separate the key from ...
So basically all of them do the thing they claim which is, they separate the key from your main computer/tablet/phone. Most of them are pretty good we've only found minor issues since we gave that talk.
In that sense, I'd like to think the industry learned a bit from us. With the exception of tamper stickers. They are worthless.
But none of them solve the really hard problems of can I truly verify and trust this hardware. And some of them do shady things with licenses and cloud servers and what not.
So in conclusion, despite me earning money from the industry, I think people don't need a hww. I think a laptop running tails with persistent is fine for most people. Boot into tails, do your thing and disappear. Tails has had more eyes on that software than any hww code base. But nothings perfect.
Honestly, this is where SeedSigner (nprofile…kjg2) kinda wins. I don't use it personally but it's the embedded version of what I just described. And it's an actual open source project, not a product.
I could audit it but it's like, it doesn't store anything. So I could verify it does that but at worst case it is a malicious signer. But that's the same threat to all hww, every vendor could push a (unintentional) malicious update.
Some hww vendors also just shit on each other all the time. It's honestly a bit exhausting.
I get a bit sad tbh because I'm in all these chats about how to do self custody and it's all these cults of people saying Coke is better than pepsi.
So I'm a bit disillusioned with bitcoin hardware at the moment. I'm hoping to make some actually fun electronic project instead of watching people cheer for their favorite vendor.
Anyway, long rant. But this is kinda why I'm doing bitpunk.fm at the moment to find my spark again ⚡️
In that sense, I'd like to think the industry learned a bit from us. With the exception of tamper stickers. They are worthless.
But none of them solve the really hard problems of can I truly verify and trust this hardware. And some of them do shady things with licenses and cloud servers and what not.
So in conclusion, despite me earning money from the industry, I think people don't need a hww. I think a laptop running tails with persistent is fine for most people. Boot into tails, do your thing and disappear. Tails has had more eyes on that software than any hww code base. But nothings perfect.
Honestly, this is where SeedSigner (nprofile…kjg2) kinda wins. I don't use it personally but it's the embedded version of what I just described. And it's an actual open source project, not a product.
I could audit it but it's like, it doesn't store anything. So I could verify it does that but at worst case it is a malicious signer. But that's the same threat to all hww, every vendor could push a (unintentional) malicious update.
Some hww vendors also just shit on each other all the time. It's honestly a bit exhausting.
I get a bit sad tbh because I'm in all these chats about how to do self custody and it's all these cults of people saying Coke is better than pepsi.
So I'm a bit disillusioned with bitcoin hardware at the moment. I'm hoping to make some actually fun electronic project instead of watching people cheer for their favorite vendor.
Anyway, long rant. But this is kinda why I'm doing bitpunk.fm at the moment to find my spark again ⚡️